#FactCheck: Viral video of Unrest in Kenya is being falsely linked with J&K

Introduction

Data Breaches have taken over cyberspace as one of the rising issues, these data breaches result in personal data making its way toward cybercriminals who use this data for no good. As netizens, it's our digital responsibility to be cognizant of our data and the data of one's organization. The increase in internet and technology penetration has made people move to cyberspace at a rapid pace, however, awareness regarding the same needs to be inculcated to maximise the data safety of netizens. The recent AIIMS cyber breach has got many organisations worried about their cyber safety and security. According to the HIPPA Journal, 66% of healthcare organizations reported ransomware attacks on them. Data management and security is the prime aspect of clients all across the industry and is now growing into a concern for many. The data is primarily classified into three broad terms-

• Personal Identified Information (PII) - Any representation of information that permits the identity of an individual to whom the information applies to be reasonably inferred by either direct or indirect means.
• Non-Public Information (NPI) - The personal information of an individual that is not and should not be available to the public. This includes Social Security Numbers, bank information, other personal identifiable financial information, and certain transactions with financial institutions.
• Material Non-Public Information (MNPI) - Data relating to a company that has not been made public but could have an impact on its share price. It is against the law for holders of nonpublic material information to use the information to their advantage in trading stocks.

This classification of data allows the industry to manage and secure data effectively and efficiently and at the same time, this allows the user to understand the uses of their data and its intensity in case of breach of data. Organisations process data that is a combination of the above-mentioned classifications and hence in instances of data breach this becomes a critical aspect. Coming back to the AIIMS data breach, it is a known fact that AIIMS is also an educational and research institution. So, one might assume that the reason for any attack on AIIMS could be either to exfiltrate patient data or could be to obtain hands-on the R & D data including research-related intellectual properties. If we postulate the latter, we could also imagine that other educational institutes of higher learning such as IITs, IISc, ISI, IISERs, IIITs, NITs, and some of the significant state universities could also be targeted. In 2021, the Ministry of Home Affairs through the Ministry of Education sent a directive to IITs and many other institutes to take certain steps related to cyber security measures and to create SoPs to establish efficient data management practices. The following sectors are critical in terms of data protection-

• Health sector
• Financial sector
• Education sector
• Automobile sector

These sectors are generally targeted by bad actors and often data breach from these sectors result in cyber crimes as the data is soon made available on Darkweb. These institutions need to practice compliance like any other corporate house as the end user here is the netizen and his/her data is of utmost importance in terms of protection.Organisations in today's time need to be in coherence to the advancement in cyberspace to find out keen shortcomings and vulnerabilities they may face and subsequently create safeguards for the same. The AIIMS breach is an example to learn from so that we can protect other organisations from such cyber attacks. To showcase strong and impenetrable cyber security every organisation should be able to answer these questions-

• Do you have a centralized cyber asset inventory?
• Do you have human resources that are trained to model possible cyber threats and cyber risk assessment?
• Have you ever undertaken a business continuity and resilience study of your institutional digitalized business processes?
• Do you have a formal vulnerability management system that enumerates vulnerabilities in your cyber assets and a patch management system that patches freshly discovered vulnerabilities?
• Do you have a formal configuration assessment and management system that checks the configuration of all your cyber assets and security tools (firewalls, antivirus management, proxy services) regularly to ensure they are most securely configured?
• Do have a segmented network such that your most critical assets (servers, databases, HPC resources, etc.) are in a separate network that is access-controlled and only people with proper permission can access?
• Do you have a cyber security policy that spells out the policies regarding the usage of cyber assets, protection of cyber assets, monitoring of cyber assets, authentication and access control policies, and asset lifecycle management strategies?
• Do you have a business continuity and cyber crisis management plan in place which is regularly exercised like fire drills so that in cases of exigencies such plans can easily be followed, and all stakeholders are properly trained to do their part during such emergencies?
• Do you have multi-factor authentication for all users implemented?
• Do you have a supply chain security policy for applications that are supplied by vendors? Do you have a vendor access policy that disallows providing network access to vendors for configuration, updates, etc?
• Do you have regular penetration testing of the cyberinfrastructure of the organization with proper red-teaming?
• Do you have a bug-bounty program for students who could report vulnerabilities they discover in your cyber infrastructure and get rewarded?
• Do you have an endpoint security monitoring tool mandatory for all critical endpoints such as database servers, application servers, and other important cyber assets?
• Do have a continuous network monitoring and alert generation tool installed?
• Do you have a comprehensive cyber security strategy that is reflected in your cyber security policy document?
• Do you regularly receive cyber security incidents (including small, medium, or high severity incidents, network scanning, etc) updates from your cyber security team in order to ensure that top management is aware of the situation on the ground?
• Do you have regular cyber security skills training for your cyber security team and your IT/OT engineers and employees?
• Do your top management show adequate support, and hold the cyber security team accountable on a regular basis?
• Do you have a proper and vetted backup and restoration policy and practice?

If any organisation has definite answers to these questions, it is safe to say that they have strong cyber security, these questions should not be taken as a comparison but as a checklist by various organisations to be up to date in regard to the technical measures and policies related to cyber security. Having a strong cyber security posture does not drive the cyber security risk to zero but it helps to reduce the risk and improves the fighting chance. Further, if a proper risk assessment is regularly carried out and high-risk cyber assets are properly protected, then the damages resulting from cyber attacks can be contained to a large extent.

Introduction

Misinformation regarding health is sensitive and can have far-reaching consequences. These include its effect on personal medical decisions taken by individuals, lack of trust in conventional medicine, delay in seeking treatments, and even loss of life. The fast-paced nature and influx of information on social media can aggravate the situation further. Recently, a report titled Health Misinformation Vectors in India was presented at the Health of India Summit, 2024. It provided certain key insights into health-related misinformation circulating online.

The Health Misinformation Vectors in India Report

The analysis was conducted by the doctors at First Check, a global health fact-checking initiative alongside DataLEADS, a Delhi-based digital media and technology company. The report covers health-related social media content that was posted online from October 2023 to November 2024. It mentions that among all the health scares, misinformation regarding reproductive health, cancer, vaccines, and lifestyle diseases such as diabetes and obesity is the most prominent type that is spread through social media. Misinformation regarding reproductive health includes illegal abortion methods that often go unchecked and even tips on conceiving a male child, among other things. 

In order to combat this misinformation, the report encourages stricter regulations regarding health-related content on digital media, inculcating technology for health literacy and misinformation management in public health curricula and recommending tech platforms to work on algorithms that prioritise credible information and fact-checks. Doctors state that people affected by life-threatening diseases are particularly vulnerable to such misinformation, as they are desperate to seek options for treatment for themselves and their family members to have a chance at life. In a diverse society, with the lack of clear and credible information, limited access to or awareness about tools that cross-check content, and low digital literacy, people gravitate towards alternate sources of information which also fosters a sense of disengagement among the public overall. The diseases mentioned in the report, which are prone to misinformation, are life-altering and require attention from healthcare professionals. 

CyberPeace Outlook

Globally, there are cases of medically-unqualified social media influencers who disperse false/mis- information regarding various health matters. The topics covered are mostly associated with stigma and are still undergoing research. This gap allows for misinformation to be fostered. An example is misinformation regarding PCOS( Polycystic Ovary Syndrome) which is circulating online.

In the midst of all of this, YouTube has released a new feature that aligns with combating health misinformation, trying to bridge the gap between healthcare professionals and Indians who look for trustworthy health-related information online. The initiative includes a feature that allows doctors, nurses, and other healthcare professionals to sign up for a health information source license. This would help by labeling all their informative videos, as addressed- from a healthcare professional. Earlier, this feature was available only for health organisations including a health source information panel and health content shelves, but this step broadens the scope for verification of licenses of individual healthcare professionals. 

As digital literacy continues to grow, methods of seeking credible information, especially regarding sensitive topics such as health, require a combined effort on the part of all the stakeholders involved. We need a robust strategy for battling health-related misinformation online, including more awareness programmes and proactive participation from the consumers as well as medical professionals regarding such content.

References

1. https://timesofindia.indiatimes.com/india/misinformation-about-cancer-reproductive-health-is-widespread-in-india-impacting-medical-decisions-says-report/articleshow/115931612.cms
2. https://www.ndtv.com/india-news/cancer-misinformation-prevalent-in-india-trust-in-medicine-crucial-report-7165458
3. https://www.newindian.in/ai-driven-health-misinformation-poses-threat-to-indias-public-health-report/
4. https://www.etvbharat.com/en/!health/youtube-latest-initiative-combat-health-misinformation-india-enn24121002361
5. https://blog.google/intl/en-in/products/platforms/new-ways-for-registered-healthcare-professionals-in-india-to-reach-people-on-youtube/
6. https://www.bbc.com/news/articles/ckgz2p0999yo

‍Introduction 

The enactment of the Online Gaming (Promotion and Regulation) Act, 2025 has a significant impact, resulting in considerable changes to the structure of the Indian gaming industry. The ban on Real-Money Games (RMG), including fantasy sports, rummy, and poker, aims to curb addiction, illegal betting and most importantly, financial exploitation.

However, this decision sent ripples throughout the industry, resulting in players, companies and their investors re-strategising their plans to move forward. This approach, however, is a sharp contrast to how other nations, including the UK, Singapore and others, regulate online gaming. This, as a result, has also raised doubts about the ban and calls into question whether this is the right move.

‍

Industry in Flux - The resultant Fallout

‍

• MPL’s Layoffs: The Mobile Premiere League has so far laid off nearly 60 per cent of its workforce, with the CEO of the company openly admitting that the company is no longer able to make money in India.
• Dream11’s Lost Revenue: Having seen a position of being a market leader, the company has now witnessed its 95 per cent revenue wiped out, resulting in raised alarms among investors.
• A23’s Legal Move: The company chose to move the Karnataka High Court under the argument that the ban also ends up unfairly criminalising skill-based games that were earlier classified differently from gambling by the courts.

‍

The new face of eSports: With RMGs outlawed, the focus is now on esports, including casual mobile gaming, console/PC gaming, and creating new opportunities and also leaving a void for RMG revenue companies.

‍

Regulations Around the World - & India

‍

India has adopted a prohibition model, whereas many other countries have developed regulatory frameworks that allow sectoral expansion under monitoring.

‍

United Kingdom:

• Online gaming is regulated by the UK Gambling Commission.
• RMGs are legal but subject to strict licensing, age verification and advertising rules.
• Self-exclusion schemes are a must, offered by operators along with tools to prevent gambling addictions.

‍

United States

• State-driven regulations that vary from state to state.
• States including Nevada and New Jersey allow casinos both online and offline, while other states prohibit them completely.
• Regulation for skill-based fantasy games is fragmented but generally legal.

‍

China

• Great focus on controlling and restricting gaming addictions among minors.
• Time limits are enforced for players under 18 (usually as little as 3 hours per week).
• Gambling has been deemed illegal; however, esports and casual gaming operate within China’s regulated gaming ecosystem, subject to certain compliance.

‍

Singapore

• The Remote Gambling Act regulates chance-based games, while other eSports and skill-based games operate out of its jurisdiction and are regulated separately.
• Online gambling isn't completely banned, but is operated under restrictions.
• Only Licensed operators under strict controls are allowed by the government to operate to avoid and prevent black-market alternatives.

‍

Australia

• Regulates under the Interactive Gambling Act.
• Sports betting and certain licensed operators are allowed, while most of the other online gambling services are prohibited.
• Restrictions on advertising and real-time interventions allow emphasis on harm minimisation.

‍

India’s Approach  - Comparison

The Online Gaming (Promotion and Regulation) Act, 2025 introduces a prohibition model for real money games. This differs from jurisdictions such as the UK and US, which have implemented regulatory frameworks to oversee the sector. In India, earlier legal interpretations distinguished between games of skill and games of chance. The new legislation provides a single treatment for both categories, which marks a departure from previous judicial pronouncements. 

‍

Conclusion

At present, India’s gaming sector is navigating layoffs, court cases, and a pivot towards esports post the RMG ban. Keeping in mind that the intent of said ban is the protection of citizens, the industry also argues that regulation, instead of prohibition, offers a sustainable approach to the issues. On the other hand, on the global scale, most nations prefer controlled and licensed models that ensure consumer safety and work on preserving both jobs and revenues. However, India’s step is diverging from such a model. The lack of safeguards and engagement in the real money gaming industry led to a prohibition model, underscoring that in sensitive digital sectors, early regulatory alignment is essential.

‍

References

• India online gaming ban: Global rules & regulation bill 2025
• Level up or game over? Decoding India’s gaming industry post RMG ban
• MPL lays off 350 employees after GST rules, RMG crackdown
• India’s Dream11 hit by online gaming ban, revenue slumps
• Online gaming ban: A23 moves Karnataka HC against government decision
• UK Gambling Commission – Licensing and Regulations
• Fantasy Sports & Gambling Law – State by State
• China’s gaming restrictions for minors
• Singapore Remote Gambling Act – Ministry of Home Affairs
• Australian Communications and Media Authority – Interactive Gambling Act
  
  

‍