eGovernance in India

Improving eGovernance in INDIA

eProcurement Case Background

Posted by egovindia on June 27, 2006

 eProcurement Case Background

1. October 2000
Information Technology Act 2000 was passed. Use of 128 Bit SSL & Digital
Certificate made mandatory for ecommerce activities. As per IT ACT 2000 for
any electronic document to be legally valid, it should be digitally signed by
Digital Certificate issued by any Liscensed Certifyign Agency (CA) approve by
Controller of Certifying Agency (CCA).

2. September 2001
Government of Andhra Pradesh (GoAP) Core implementation committee was
formed to implement eProcurement and PWC (Price water house coopers was
appointed as consultant). They were paid Rs. 1.75 Cr for 5 projects, approx Rs. 35Lakh/Project as consultancy fee. Ref. pwc hired as consultant.pdf.

3. Feb 2002
CCA granted license to Safescrypt on 5th February, 2002, India’s first CA.
SAFESCRYPT Ltd, a Satyam Infoway company affiliated with VeriSign Inc,
issued the country’s first digital signature certificate to the Minister for
Communications and IT & Parliamentary Affairs, Mr Pramod Mahajan, at an
official ceremony here on Wednesday.
SafeScrypt is the first Indian company to get a certifying authority licence for
digital signature from the Controller of Certifying Authorities (CCA). The
company received this licence earlier this week.

4. In Feb 2002,
Department of Public Relation, Madhya Pradesh floated a tender for eTendering,
eProcurement which categorically specified that IT ACT 2000 needs to be
complied and Digital Certificate/SSL/PKI should be used to ensure secrecy of
price bid. No MNC consultant appointed to draft tender document. 5 Companies
participate in the same including Applitech Tenercity.com I Pvt. Ltd (Tendercity),
NexTenders, ITI/Antares, CNet, etc.

5. May 2002
Sometime in May 2002, GoAP floated a Tender for eProcurement software more
specifically eTendering and Reverse Auction engine by Govt. of AP. No mention
of PKI/SSL/Digital Certificate � what was Rs. 35 Lakh paid to then to PWC?

6. Mid 2002
Out of many bidders who had submitted the tender a consortium comprising of
C1 India Pvt. Ltd., Microsoft & Antares System Ltd & Compaq had submitted the
bid. Other bidders included companies like Wipro and consortium of Boradvision
and TCS. Consortium head by C1 India Pvt. Ltd (C1) won the tender. GoAP
approves rate of Rs.4500/Tender (GoAP Pays) & 0.24% of the Tender Value
(winning bidder pays to C1 India Directly)

7. In June 2002,
GoAP enters into a secret agreement with C1 India to do a pilot project and not
the consortium which had won the contract? WHY?

8. On 29 th Jan 2003,
www.eprocurement.gov.in launched without compliance to IT ACT 2000, Digital
Certificate, PKI. GoAP gives lame excuse that since Digital Certificates are not
available, hence the same was not integrated in spite of the fact that first Digital
Certificate was issued to Shri. Promod Mahajan as early as Feb 2002.
What started as a Pilot Project for nine months, gets extended for another 9
month unilaterally in spite of the fact that system did not comply to IT ACT
2000.

9. Jan 2003
C1 India gets a 128 bit SSL Certificate from Verisign for
www.eprocurement.gov.in domain? WHY?
1.) .gov.in domain belongs to only government organizations, how come the same was issued to a private company.
2.) 128 Bit SSL was procured from a US Company, whereas IT Act mandates that it should be procured only from liscensed CA. Why was the same not procured from TCS, Safescrypt.
3.) TCS, Safescrypt would have never issued a 128 Bit SSL certificate to C1 India Pvt. Ltd, as .gov.in domain belongs to only Govt. departments. A US company issued the same without any verification, because they were interested in dollars.

10. March 2003
PWD, Chhattisgarh floats a tender for eTendering with Department of Public
Relations, Madhya Pradesh specifications.
Tendercity, C1 India, Wipro, Antares/ITI, Nex Tener & other 3 companies
participated in the tender. Tender gets awarded to NexTender, a mumbai based
company in spite of Tendercity Being the lowest Bidder.

11. April 2003
C1 quotes to PWD, Chhattisgarh Rs. 1000/Tender as fix service charge
irrespective of Tender Value & No fee to be paid by PWD, Chhattisgarh?
Tendercity shares the same information with GoAP. GoAP calls for a steering
committee and yet no action is taken to revise fee being paid to C1 India i.e.
Rs. 4500/Tender (GoAP pays) & 0.24% of Tender Value (winning bidder pays)

12. July 2003
The first lawsuit under Indian cyber law, Antares Systems Ltd, the Bangalore-
based IT firm, has filed a case against an e-governance project in the Delhi High
Court for alleged infringement of intellectual property rights (IPRs) and unfair
competition. The case has been filed against C1 India Pvt Ltd, a subsidiary of
Nasdaq-listed CommerceOne. The Government of Andhra Pradesh and Principal
Secretary, Department of IT and Communications, AP have been arraigned as
parties.
Antares has urged the Delhi HC that C1 India and the AP Government be
restrained from infringing its copyright in its e-tendering software product
Tenderwizard and from relying upon, in any manner whatsoever, the features of
Tenderwizard, said the company’s Senior Vice-President, Mr R. Kamath.

13. July 2003
India’s First Digitally Singed eTender was enabled by Tendercity for Madhya
Pradesh Poorva Kshetra Vidyut Vitran Company Ltd, Madhya Pradesh Electrictiy
Board, MP (MPPKVVCL, MPSEB,MP). 10 Digital Certificates (TCS) were
issued to contractors across India.

14. December, 2003
Northern Railway floats a Tender for eTendering. C1 India, Wipro/NexTender,
Antares, HCL, Tendercity Participated in the tender. Tender awarded to
HCL/Boradvision Consortium. Rate approved Less than Rs.1500/Tender. GoAP
takes no action and does not revise the service fee it pays to C1 India.

15. Feb 2004
Tendercity writes letter to IT Secretary, GoAP, and Principle Secretary GoAP and bring to their notice that PKI compliance is not there on eprocurement.gov.in and that the eTendering services available at a very competitive rates in open market. No Action taken by the GoAP Officers.

16. Mid 2004
On PWC recommendations, JV option was dropped (JV between eTendering
service provider and Government of AP) and eProcurement services was
continued to be used in ASP model
Why did PWD suggested not to go ahead with JV option? probably because in
case of JV Government of AP would have made a lot of money? Total fee
reimbursed by GoAP & Various Bidder to C1 India in last 3 years is in tune of
Crores of Rupees. If GoAP had procured the software, it would have costed
Rs. 0, because that what C1/PWC quoted to NIC, in December 2004 for
eTendering Software.

17. July 2004
GoAP steering committee meets in October, 2004. Price bid revised to as follows w.e.f. 1 st April 2004 as follows
– GoAP pays nothing � i.e. Rs. 4,500/Tender waived off
– For Tender<50 Cr � each participating bidder pays 0.04% of Tender value or
Rs.10,000/Tender as processing fee, which ever is higher.
– For Tender>50 Cr � each participating bidder pays 0.04% of Tender value or
Rs.25,000/Tender as processing fee, which ever is higher.
– Still the same is very very high compared to open market rates. GoAP Continues with C1 India, when the contract though an illegal contract.
– GoAP accepts non compliance of IT ACT 2002 and yet gives C1 India 6 month
period to make their product PKI enabled, by March 2005. Why, was the project
not scrapped in then and then itself till the PKI compliance was not complete.

18. December 2004
PWC Partners with C1 India for NIC tender for eTendering.
Having played a instrumental role in causing great exchequer loss of GoAP, by
recommending ASP Mode, C1 India reward PWC with partnership for NIC
Tender. C1 ditched PWC (presumably) by quoting Rs.0 as software price to
NIC.

19. 1st April 2005
Digital certificates made mandatory from April 2005. Digital certificate are used
only of Authentication purpose at time of Login. Only price bids are digitally
signed and leaving room for service provider to tamper with technical bids,
document uploaded, etc.

20. Mid 2005
Tendercity alleges of eProcurement scam in one of the reply it filed in Delhi
High Court. The same document is shared with various AP departments, but no
action is taken.

21. 24 thNovember 2005,
Tendercity demonstrate to IT Secretary Shri Narsing Roa, the loopholes and
security defects in www.eprocuremnet.gov.in in person in his chamber. IT
Secretary assures that proper action will be taken against the culprits.
Tendercity gets an invitation from HUDA for demonstration of security loopholes
in the system but the same is postponed by CE after a brief 5 minute meeting.
Reason for postponement not specified. Subsequent meeting doe not take place.

22. 3rdDecember, 2005
Tendercity demonstrates to Principle Secretary & MD APTS the security
loopholes in www.eprocuremnet.gov.in and ideal security features that should be
enabled. Principle Secretary IT&C promise to take the appropriate action.

23. 5th December, 2005
GoAP accepts vide their email dated 5 th December, 2005 that
1.) www.eprocurement.gov.in is property of GoAP
2.) GoAP sees no harm if a 128 Bit SSL Certificate has be procured from USA
instead from a licensed CA as per CCA norms and that too by C1 India. In
layman terms it means a private company owns www.eprocurement.gov.in
3.) GoAP accepts that till December 2005, price bid submitted by 10,000 of
contractors 9800 eTender enabled so far reached the server in readable fashion
without any encryption, but that OK. It’s public money and it can go down the
drain.
4.) GoAP accepts that only C1 India can access the Price bid of contractors, as
they are the system administrator and super Admin of the website. Since no
government office has access to database, and generally they are corrupt the
system is secure. As per GoAP, private company which has been given the
custody of Rs.32,000 Cr. worth of eTender price bid security are trustworthy and
walking gods.
5.) GoAP states that C1 India does not access the readable price bid of all
contractors that is there in Database, and which can be accessed by C1 India
anytime from anywhere. GoAP goes on record that since not a single case of
tampering has been raised, there is nothing wrong with present system and they
have full faith on C1 India. They have full faith on PWC, so what if they partner
with C1 India for other government departments.
6.) GoAP does not care about Antares software being illegally used, since the
matter is sub-judice.
7.) GoAP has accepted that the system was so insecure, that had they told the
contactors and public at large about the security loopholes, no contractor would
have submitted the bid and hence all contractors, public, government officers
were kept in dark about the security loophole.
8.) GoAP has accepted that Detached Signature and Server Side encryption are
international practice as per their MNC consultant PWC, so what if C1 India get
the privilege to access the price bid of each and every contractors.

24. 10 th December, 2005
To cover things up, IT Secretary gives a clean chit to Service provider � C1 India
by means of issuing unsigned certificate making a claim that there is nothing
wrong with the system.
__________________________________

 

Please read this article.

The E-governance Muddle

http://www.dqindia.com/content/search/showarticle.asp?artid=74532

What was expected to bring transparency in government transactions has got mired in a slew of allegations. Dataquest probes the charges made by an IAS officer against his own clan…

Shubhendu Parth
Friday, September 02, 2005

If any of you need any more information, please write to me.

Thanks

Sincereley

V. M. Kumaraswamy, MBA

Advertisements

One Response to “eProcurement Case Background”

  1. […] eProcurement Case Background […]

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: