Internet Governance Blog
A host of social networks find us more connected than ever before, but leave us groping for words in the digital space.
The United Nations adopted the resolution on the right to privacy recently. It recognised privacy as a human right, integral to the right to free expression, and also declared that mass surveillance could have negative impacts on human rights.
On October 19, 2013, the Centre for Internet and Society (CIS) in collaboration with the Federation for Indian Chambers of Commerce and Industry, the Data Security Council of India, and Privacy International held a “Privacy Round-table” in New Delhi at the FICCI Federation House.
In this article, Maria Xynou looks at state and corporate surveillance in India and analyzes why our "choice" to hand over our personal data can potentially be more harmful than traditional, top-down, state surveillance. Read this article and perhaps reconsider your "choice" to use social networking sites, such as Facebook.
CIS presents the trailer of its documentary film DesiSec: Cybersecurity & Civil Society in India
CIS interviews Namita Malhotra, researcher and lawyer at Alternative Law Forum, Bangalore, as part of the Cybersecurity Series.
The Working Group on Enhanced Cooperation circulated a questionnaire to collect the views and positions of the stakeholders on the various aspects of enhanced cooperation. India's response to the questionnaire is documented below for archival purposes.
Maria Xynou recently interviewed Caspar Bowden, an internationally renowned privacy advocate and former Chief Privacy Adviser at Microsoft. Read this exciting interview and gain an insight on India's UID and CMS schemes, on the export of surveillance technologies, on how we can protect our data in light of mass surveillance and much much more!
We need to think of privacy in different ways — not only as something that happens between people, but between you and corporations.
Lawyers, researchers, journalists and activists gathered on Sunday, October 27, 2013 at the Bangalore International Centre in response to India’s country report on Mapping Digital Media, which examines citizen’s access to quality news and information across different industries, and impacts on media freedoms as a result of digitisation. Respondents examined themes related to regulation, journalism and activism, and engaging discussions took place among attendees.
In this article, Maria Xynou looks at WikiLeaks' latest Spy Files and examines the legality of India's surveillance technologies, as well as their potential connection with India's Central Monitoring System (CMS) and implications on human rights.
Big Brother is watching, across cyberspace and international borders. Meanwhile, the Indian government has few safeguards in theory and fewer in practice. There’s no telling how prevalent or extensive Indian surveillance really is.
An Interview with Jacob Kohnstamm, Dutch Data Protection Authority and Chairman of the Article 29 Working Party— by Elonnai Hickok — last modified Oct 25, 2013 04:50 AM
The Centre for Internet and Society interviewed Jacob Kohnstamm, Dutch Data Protection Authority and Chairman of the Article 29 Working Party.
Maria Xynou recently interviewed Berlin's Data Protection and Freedom of Information Commissioner: Dr. Alexander Dix. View this interview and gain an insight on recommendations for better data protection in India!
Open Letter to Members of the European Parliament of the Civil Liberties, Justice and Home Affairs Committee— by Elonnai Hickok — last modified Oct 23, 2013 05:00 AM
An open letter was sent to the Members of the European Parliament of the Civil Liberties, Justice and Home Affairs Committee on the proposed EU Regulation. The letter was apart of an initiative that Privacy International and a number of other NGO's are undertaking.
CIS is logging all tweets with the words "igf2013", "igf13", "igf", "bestbits", and "genderit" during the Intenet Governance Forum going on in the Bali this week, and making it available in downloadable files.
The Centre for Internet and Society recently interviewed Anne Roth from the Tactical Technology Collective in Berlin. View this interview and gain an insight on why we should all "have something to hide"!
Maria Xynou recently interviewed Bruce Schneier on privacy and surveillance. View this interview and gain an insight on why we should all "have something to hide"!
CIS interviews Anja Kovacs, researcher and activist, and director of the Internet Democracy, Project as part of the Cybersecurity Series.
Maria Xynou interviewed Emma Carr, the Deputy Director of Big Brother Watch, on privacy and surveillance. View this interview and gain an insight on why we should all "have something to hide"!
Recently, a long government process to draft a law to permit the collection, processing, profiling, use and storage of human DNA is nearing conclusion. There are several concerns with this government effort. Below, we present broad-level issues to be kept in mind while dealing with DNA law.
The Centre for Internet and Society has started the first Privacy Watch in India! Check out our map which includes data on the UID, NPR and CCTNS schemes, as well as on the installation of CCTV cameras and the use of drones throughout the country.
This short note speaks to legal issues arising from the proposed Human DNA Profiling Bill, 2012 ("DBT Bill") that was circulated drafted under the aegis of the Department of Biotechnology of the Ministry of Science and Technology, Government of India, which seeks to collect human DNA samples, profile them and store them. These comments are made clause-by-clause against the DBT Bill.
An Analysis of the Cases Filed under Section 46 of the Information Technology Act, 2000 for Adjudication in the State of Maharashtra— by Bhairav Acharya — last modified Oct 01, 2013 03:29 PM
This is a brief review of some of the cases related to privacy filed under section 46 of the Information Technology Act, 2000 ("the Act") seeking adjudication for alleged contraventions of the Act in the State of Maharashtra.
On September 20, the Centre for Internet and Society held a roundtable meeting with Betsy Broder, Counsel for International Consumer Protection, and Sarah Schroeder, Attorney, Bureau of Consumer Protection, Federal Trade Commission (FTC), United States. The meeting took place at the Imperial, Janpath, New Delhi and discussed both the U.S framework to privacy and potential frameworks and challenges to privacy in India.
The Centre for Internet and Society has been researching privacy in India since 2010 with the objective of raising public awareness around privacy, completing in depth research, and driving a privacy legislation in India. As part of this work, we drafted the Privacy (Protection) Bill, 2013.
Cyber security in India is still a nascent field without an organised law and policy framework. Several actors participate in and are affected by India's still inchoate cyber security regime. The National Cyber Security Policy (NCSP) presented the government and other stakeholders with an opportune moment to understand existing legal limitations before devising a future framework. Unfortunately, the NCSP's poor drafting and meaningless provisions do not advance the field.
The Centre for Internet and Society (CIS) along with the International Coalition has called upon governments across the globe to protect privacy.
The following are some model questions to be raised in the Parliament regarding the lack of transparency in the central monitoring system.
The Centre for Internet & Society ("CIS"), the Federation of Indian Chambers of Commerce and Industry ("FICCI"), the Data Security Council of India ("DSCI") and Privacy International are, in partnership, conducting a series of national privacy roundtable meetings across India from April to October 2013. The roundtable meetings are designed to elicit comments on the draft Privacy (Protection) Bill, 2013 – a proposed law to establish a regime to protect privacy in India.
Transparency Reports are a step towards greater accountability but how efficacious are they really?
CIS interviews Lawrence Liang, researcher and lawyer, and co-founder of Alternative Law Forum, Bangalore, as part of the Cybersecurity Series.
Suresh Ramasubramanian is the ICS Quality Representative - IBM SmartCloud at IBM. We from the Centre for Internet and Society conducted an interview on cybersecurity and issues in the Cloud.
In 2013 the Centre for Internet and Society (CIS) drafted the Privacy Protection Bill as a citizens' version of a privacy legislation for India. Since April 2013, CIS has been holding Privacy Roundtables in collaboration with Federation of Indian Chambers of Commerce and Industry (FICCI) and DSCI, with the objective of gaining public feedback to the Privacy Protection Bill and other possible frameworks for privacy in India. The following is a report on the Sixth Privacy Roundtable held in New Delhi on August 24, 2013.
We have shared it with our friends. We have watched it with our lovers. We have discussed it with our children and talked about it with our partners. It is in our bedrooms, hidden in sock drawers. It is in our laptops, in a folder marked "Miscellaneous". It is in our cellphones and tablets, protected under passwords. It is the biggest reason why people have learned to clean their browsing history and cookies from their browsers.
More surveillance than absolutely necessary actually undermines the security objective.
In this article, Maria Xynou argues that metadata is anything but harmless, especially since FinFisher — one of the world's most controversial types of spyware — uses metadata to target individuals.
On August 1, 2013, I took part in a web meeting, organized and hosted by Tim Davies of the World Wide Web foundation. The meeting, titled “Ethical issues in Open Data,” had an agenda focused around privacy considerations in the context of the open data movement.
Twenty-two year old Saket Modi is the CEO and co-founder of Lucideus, a leading cyber security company in India which claims to have worked with 4 out of 5 top global e-commerce companies, 4 out of 10 top IT companies in the world, and 3 out of 5 top banks of the Asia Pacific.
CIS interviews Saikat Datta, Resident Editor of DNA, Delhi, as part of the Cybersecurity Series.
July has been a busy month for cyber security in India. Beginning with the release of the country’s first National Cyber Security Policy on July 2 and followed just this past week by a set of guidelines for the protection of national critical information infrastructure (CII) developed under the direction of the National Technical Research Organization (NTRO), India has made respectable progress in its thinking on national cyber security.
For some time now there has been a need to update understandings of existing human rights law to reflect modern surveillance technologies and techniques.
Earlier this month, the Department of Electronics and Information Technology released India’s first National Cyber Security Policy. Years in the making, the Policy sets high goals for cyber security in India and covers a wide range of topics, from institutional frameworks for emergency response to indigenous capacity building.
There has long been speculation over the permanency of our online presence. Posting about excessively-personal details, commenting in a way which is later embarrassing, being caught in unflattering public photos; to our chagrin, all of these unfortunate situations often persist on the web, and can continue to haunt us in future years.
This report entails an overview of the discussions and recommendations of the fifth Privacy Round Table in Calcutta, on 13th July 2013.
CIS interviews Jeff Moss, Chief Security Officer for ICANN, as part of the Cybersecurity Series.
Reflecting upon the state of freedom of speech and expression in India, in the wake of the shut-down of the political satire website narendramodiplans.com.
An effective cyber-security policy must keep up with the rapid evolution of technology, and must never become obsolete. The standard-setting and review bodies will therefore need to be very nimble, says Chinmayi Arun.
The Confederation of Indian Industries (CII) organized a conference on facing cyber threats and challenges at Hotel Hilton in Chennai on July 13, 2013. Kovey Coles attended this conference and shares a summary of the event in this blog post.
The DSCI Best Practices Meet 2013 was organized on July 12, 2013 at Hyatt Regency, Anna Salai in Chennai. Kovey Coles attended the meet and shares a summary of the happenings in this blog post.
Maria Xynou recently interviewed Mr. Reijo Aarnio, the Finnish Data Protection Ombudsman, at the CIS' 5th Privacy Round Table. View this interview and gain an insight on recommendations for better data protection in India!
CIS interviews Jochem de Groot, former policy advisor to the Netherlands government, as part of the Cybersecurity Series
In response to criticisms of the Centralized Monitoring System, India’s new surveillance program, the government could contend that merely having the capability to engage in mass surveillance won’t mean that it will. Officials will argue that they will still abide by the law and will ensure that each instance of interception will be authorized.
When the Indian government announced it would start a Centralized Monitoring System in 2009 to monitor telecommunications in the country, the public seemed unconcerned. When the government announced that the system, also known as C.M.S., commenced in April, the news didn’t receive much attention.
The cyberspace is a modern construct of communication and today, a large part of human activity takes place in cyberspace. It has become the universal platform where business is executed, discourse is conducted and personal information is exchanged. However, the underbelly of the internet is also seen to host activities and persons who are motivated by nefarious intent.
The danger of mass surveillance in India is for real. The absence of a regulating law is damning for Indians who want to protect their privacy against the juggernaut of state and private surveillance.
CIS interviews Marietje Schaake, member of the European parliament, as part of the Cybersecurity Series
Is it too much to ask for transparency in data surveillance? On occasion, companies like Microsoft, Facebook, and the other silicon valley giants would say no. When customers join these services, each company provides their own privacy statement which assures customers of the safety and transparency that accompanies their personal data.
In 2013 CIS drafted the Privacy Protection Bill as a citizens' version of a privacy legislation for India. Since April 2013, CIS has been holding Privacy Roundtables in collaboration with FICCI and DSCI, with the objective of gaining public feedback to the Privacy Protection Bill and other possible frameworks for privacy in India.
In this blog post, Kovey Coles writes about the activities of the Securities Exchange Board of India (SEBI), discusses the importance of call data records (CDRs), and throws light on the significant transition in governmental leniency towards access to private records.
Blanket surveillance of the kind envisaged by India's Centralized Monitoring System achieves little, but blatantly violates the citizen's right to privacy; Snehashish Ghosh explores why it may be dangerous and looks at potential safeguards against such intrusion.
The Centre for Internet and Society (CIS) has sent this open letter to the Society of Indian Automobile Manufacturers (SIAM) to urge them not to intall RFID tags in vehicles in India.
The domestic surveillance regime in India lacks adequate safeguards.
This report entails an overview of the discussions and recommendations of the fourth Privacy Round Table in Mumbai, on 15th June 2013.
Maria Xynou recently interviewed Masashi Crete-Nishihata and Jakub Dalek from the Citizen Lab on internet filtering in India. View this interview and gain an insight on Netsweeper and FinFisher!
Maria Xynou recently interviewed Mr. Billy Hawkes, the Irish Data Protection Commissioner, at the CIS´ 4th Privacy Round Table meeting. View this interview and gain an insight on recommendations for data protection in India!
India shouldn't be granted the status of "data secure nation" by Europe until it enacts a suitable privacy legislation, points out the Centre for Internet and Society in this open letter.
Nishant Shah's review of Schmidt and Cohen's book was published in the Indian Express on June 14, 2013.
Explosive would be just the word to describe the revelations by National Security Agency (NSA) whistleblower Edward Snowden.
As of last week, it is officially confirmed that the metadata of everyone´s communications is under the NSA´s microscope. In fact, the leaked data shows that India is one of the countries which is under NSA surveillance the most!
CIS interviews Christopher Soghoian, cybersecurity researcher and activist, as part of the Cybersecurity Series
When people are insulted or humiliated on the Internet and decide to take legal action, their cases often follow a similar trajectory.
With the growing importance of forensic data in law enforcement and research, many countries have recognized the need to regulate the collection and use of forensic data and maintain DNA databases. Across the world around 60 countries maintain DNA databases which are generally regulated by specific legislations. Srinivas Atreya provides a broad overview of the important provisions of four different legislations which can be compared and contrasted with the Indian draft bill.
This report entails an overview of the discussions and recommendations of the third Privacy Round Table meeting in Chennai, on 18th May 2013.
The Centre for Internet & Society (CIS) is inviting applications for the Google Policy Fellowship programme. Google is providing a USD 7,500 stipend to the India Fellow, who will be selected by July 1, 2013.
Maria Xynou is conducting research on surveillance technology companies operating in India. So far, 76 companies have been detected which are currently producing and selling different types of surveillance technology. This post entails primary data on the first ever investigation of the surveillance industry in India. Check it out!
Jadine Lannon has performed a clause-by-clause comparison of the Draft 69B Rules and official 69B Rules under Section 69B in order to better understand how the two are similar and how they differ. Notes have been included on some changes we deemed to be important.
Jadine Lannon has performed a clause-by-clause comparison of the Draft 69 Rules and official 69 Rules under Section 69B in order to better understand how the two are similar and how they differ. Very brief notes have been included on some changes we deemed to be important.
Jadine Lannon has performed a clause-by-clause comparison of the 419A Rules of the Indian Telegraph Act, 1885 and the 69 Rules under Section 69 of the Information Technology (Amendment) Act, 2008 in order to better understand how the two are similar and how they differ. Though they are from different Acts entirely, the Rules are very similar. Notes have been included on some changes we deemed to be important.
Jadine Lannon has performed a clause-by-clause comparison of the 69A draft rules and 69A rules for Section 69A of the IT Act in order to better understand how the two differ. While there has been reshuffling of the clauses in the official rules, the content itself has not changed significantly. Notes have been included on some changes we deemed to be important.
This post entails a report on the second Privacy Round Table meeting which took place on 20th April 2013.
This report entails an overview of the discussions and recommendations of the first Privacy Round Table meeting in New Delhi, on 13th April 2013.
In this post, Maria Xynou looks at India´s Central Monitoring System (CMS) project and examines whether it can target individuals´ communications data, regardless of whether they are involved in illegal activity.
Social networks track our world but not relationships. We live in a world where things happen. And yet, with the presence of digital objects, the things that happen have increased in intensity and volume.
Bhairav Acharya on behalf of the Centre for Internet and Society prepared the following comments on the Information Technology (Electronic Services Delivery) Rules, 2011. These were submitted to the Committee on Subordinate Legislation of the 15th Lok Sabha. These were submitted to the Committee on Subordinate Legislation of the 15th Lok Sabha.
On February 27, 2013, the Centre for Internet and Society conducted a workshop on the Working Group on Internet Governance report, titled "WGIG+8: Stock-Taking, Mapping, and Going Forward" at the World Summit on the Information Society (WSIS) + 10 meeting at Fontenoy Building, conference room # 7, UNESCO Headquarters, Paris from 9.30 a.m. to 11.00 a.m.
Comments on the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011— by Bhairav Acharya — last modified Jul 12, 2013 12:13 PM
Bhairav Acharya on behalf of the Centre for Internet and Society prepared the following comments on the Sensitive Personal Data Rules. These were submitted to the Committee on Subordinate Legislation of the 15th Lok Sabha.
Bhairav Acharya on behalf of the Centre for Internet and Society submitted the following comments on the Information Technology (Guidelines for Cyber Cafe Rules), 2011.
The pending amendments to the Indian Penal Code, if passed in their current format, would be a huge boost for individual physical privacy by criminalising stalking and sexually-tinted voyeurism and removing the ambiguities in Indian law which threaten the privacy and dignity of individuals.
The invasiveness of individual identification coupled with the fallibility of managing big data which biometric identification presents poses a huge risk to individual privacy in India.
March 2013 being the 28th birthday of the first ever registered Internet domain as well as the exigent launch of the Trademark Clearing House disguised as a milestone in rights protection by the Internet Corporation for Assigned Names and Numbers (ICANN) for it’s new gTLD program, Sharath Chandra Ram, dissects the transitory role of ICANN from being a technical outfit to the Boardroom Big Brother of Internet Governance.
In this post, the Centre for Internet and Society presents Microsoft´s report on law enforcement requests, with a focus on data requested by Indian law enforcement agencies.
The Centre for Internet and Society welcomes the report by the Standing Committee on Subordinate Legislation, in which it has lambasted the government and has recommended that the government amend the Rules it passed in April 2011 under section 79 of the Information Technology Act.
In this post, Maria Xynou looks at red light cameras, RFID tags and black boxes used to monitor vehicles in India.
The Centre for Internet and Society has been researching privacy in India since 2010 with the objective of raising public awareness around privacy, completing in depth research, and driving a privacy legislation in India. As part of this work, Bhairav Acharya has drafted the Privacy (Protection) Bill 2013.
Jeremy Gruber from the Council for Responsible Genetics, US provides an analysis of the Human DNA Profiling Bill, 2012. He says that India’s updated 2012 Human DNA Profiling Bill offers largely superficial changes from its predecessor, the Draft DNA Profiling Bill, 2007.
Workshop on the Unique Identity Number (UID), the National Population Register (NPR) and Governance: What will happen to our data?— by Maria Xynou — last modified Jul 12, 2013 03:28 PM
On March 2nd, 2013, the Centre for Internet and Society and the Say No to UID campaign organized a workshop to discuss the present state of the UID and NPR schemes. Some of the questions which were addressed included ´How do the UID and NPR impact citizenship´, ´Why and how is national security linked to UID/NPR´, and ´What is the relationship between UID and Big Data´.
In this post, Maria Xynou looks at some of DARPA´s artificial intelligence surveillance technologies in regards to the right to privacy and their potential future use in India.
In this post, Maria Xynou gives us a comparison of the Draft DNA Profiling Bill 2007 and the Draft Human DNA Profiling Bill 2012.
On March 1st, 2013, the Centre for Internet and Society organized a workshop which analysed the April 2012 draft Human DNA Profiling Bill and its potential implications on human rights in India.
This post examines the UID, NPR and Governance as it exists in India. The background note gives a summary of what is the NPR, the legal grounding of NPR, its objectives, and the information which could be collected under the NPR. The post also throws light on the UID, its objectives, process of enrollment in UID, how UID is being adopted by different states in India, and finally the differences and controversies in UID and NPR.
In 2007 the Draft Human DNA Profiling Bill was piloted by the Centre for DNA Fingerprinting and Diagnostics, with the objective of regulating the use of DNA for forensic and other purposes. In February 2012 another draft of the Bill was leaked. The February 2012 Bill was drafted by the Department of Biotechnology. Another working draft of the Bill was created in April 2012. The most recent version of the Bill seeks to create DNA databases at the state, regional, and national level.
An event at the Centre for Internet & Society (CIS) was organized on January 23, 2013. The all star team at CIS was awesome at organizing this event for Bitcoin. Live streaming, mainstream newspaper coverage and Twitter based Q&A made this the first Bitcoin event in India that leveraged these mediums of information transfer.
IIPM is proving adept at the tactical use of lawsuits to stifle criticism, despite safeguards. THE DEPARTMENT of Telecommunications, on 14 February, issued orders to block certain web pages critical of the Indian Institute of Planning and Management (IIPM).
For CIS's research on indicators of female economic empowerment in the IT industry in India, we have sent formal request for participation in a short survey to the six largest IT companies based in India. A copy of the letter of request and survey as well as some details of the request for data can be found in this post.
CIS has begun a brief research project which will examine indicators of female economic empowerment in the IT industry in India. Though the gathering of quantitative and qualitative data from the six largest publicly-traded Indian software companies, we hope to provide insight into state of female employment in one of the most important and rapidly growing economic sectors in the country.
Do you think robotic aeroplanes monitoring us are scary enough? Wait until you read about DARPA´s new innovative and subtle way to keep us all under the microscope! This blog post presents a new reality of drones which is depicted in none other than animal and insect-like robots, equipped with cameras and other surveillance technologies.
This is the fourth in a series of posts mapping global surveillance challenges discussed at EFF's State Surveillance and Human Rights Camp in Rio de Janeiro, Brazil. This article has been co-written with Elonnai Hickok — Centre for Internet and Society India, and a speaker at EFF's Camp.
The Centre for Internet & Society sponsored Colonel Mathew Thomas to hold a workshop at the fourth National Right to Information (RTI) organized by the National Campaign for People's Right to Information, held in Hyderabad from February 15 to 18, 2013.
The use of law to bully people into silence, called ‘heckler’s veto’, is not unique to India, writes Chinmayi Arun in this op-ed published in Business Line on February 15, 2013.
The Department of Telecommunications (DoT) in its order dated February 14, 2013 has issued directions to the Internet Service Providers (ISPs) to block seventy eight URLs. The block order has been issued as a result of a court order. Snehashish Ghosh does a preliminary analysis of the list of websites blocked as per the DoT order.
A Comparison of Indian Legislation to Draft International Principles on Surveillance of Communications— by Elonnai Hickok — last modified Jul 12, 2013 03:40 PM
This blog post is a comparison of the relevant Indian legislations allowing governmental access to communications and the Draft International Principles on Surveillance of Communications. The principles, first drafted in October 2012 and developed subsequently seeks to establish an international standard for surveillance of communications in the context of human rights.
As part of its privacy research, the Centre for Internet and Society has been researching upon data retention mandates from the Government of India and data retention practices by service providers. Globally, data retention has become a contested practice with regards to privacy, as many governments require service providers to retain more data for extensive time periods, for security purposes. Many argue that the scope of the retention is becoming disproportional to the purpose of investigating crimes.
This piece discusses the five major questions that have been the subject of debate after the World Conference on International Telecommunications 2012 (WCIT). The politics surrounding the WCIT are not discussed here but it must be kept in mind that they have played a significant role in the outcome of the conference and in some of the debates about it.
For most ordinary Netizens, everyday speech on social media has as much impact as graffiti in a toilet, and therefore employing the 'principle of equivalence' will result in overregulation of new media.
The social Web has been an ominous space at the start of 2013. It has been awash with horror, pain and grief. The recent gang rape and death of a medical student in Delhi prevents one from being too optimistic about the year to come. My live feeds on various social networks are filled with rue and rage at the gruesome incident and the seeming depravity of our society.
These principles were developed by Privacy International and the Electronic Frontier Foundation and seek to define an international standard for the surveillance of communications. The Centre for Internet and Society has been contributing feedback to the principles.
This is a statement on the violent attack on blogger Asif Mohiuddin by the participants to the Third South Asian Meeting on the Internet and Freedom of Expression that took place in Dhaka, Bangladesh, on January 14–15, 2013.
The Government of India has taken our advice and reconstituted the Cyber Regulations Advisory Commitee. But there is no representation of Internet users, citizens, and consumers — only government and industry interests.
In March 2012, Dr Bruno Latour and his team from the Sciences Po Media Lab organized a workshop that assembled a selected group of researchers from India to explore methods of Controversy Mapping. It was hosted by Dr J. Srinivasan, Director of the Divecha Centre for Climate Change at the Indian Institute of Science, Bangalore, India.
On December 13 and 14, 2012, the Electronic Frontier Foundation organized the Surveillance and Human Rights Camp held in Rio de Janeiro, Brazil. The meeting examined trends in surveillance, reasons for state surveillance, surveillance tactics that governments are using, and safeguards that can be put in place to protect against unlawful or disproportionate surveillance.
Our present is the future that our past had imagined. Around the same time last year, I remember taking stock of the technologies that we live with and wondering what 2012 would bring in.
A symposium on Internet Driven Developments: Structural Changes and Tipping Points was held in Cambridge, Massachusetts at Harvard University from December 6 to 8, 2012. The symposium was sponsored by the Ford Foundation and the MacArthur Foundation and was hosted by the Berkman Center for Internet & Society. In this blog post, I summarize the discussions that took place over the two days and add my own personal reflections on the issues.
The World Conference on International Telecommunication showed that countries are not yet ready to arrive at a consensus on regulation and control of the Internet
The International Telecommunication Union’s World Conference on International Telecommunications (WCIT-12) is currently under way in Dubai, after a gap of 25 years. At this conference, the Inter-national Telecommunication Regulations — a binding treaty containing high-level principles — are to be revised.
The threat of a ‘UN takeover’ of the Internet through the WCIT is non-existent. However, that does not mean that activists have been crying themselves hoarse in vain.
Why is there a constant brouhaha in India about online censorship? What must be done to address this?
Comments on the Proposed Rule 138A of the Central Motor Vehicle Rules, 1989 Concerning Radio Frequency Identification Tags— by Bhairav Acharya — last modified Dec 04, 2012 03:32 PM
The Centre for Internet & Society gave its comments on the proposed Rule 138A of the Central Motor Vehicle Rules, 1989. The comments were made in response to Notification GSR 738(E) published in the Gazette of India on October 3, 2012.
In this blog post Snehashish Ghosh summarizes the facts of a few cases where Section 66-A, Information Technology Act, 2000, has been mentioned or discussed.
We are archiving copies of the live-transcripts from the World Conference on International Telecommunications, 2012 (WCIT-12) which is being held in Dubai from 3–14 December, 2012.
Unless you have been hiding under a rock, you have been a witness to the maelstrom of events that accompanied the death of the political leader Bal Thackeray.
Section 66A of the Information Technology (IT) Act criminalizes “causing annoyance or inconvenience” online, among other things. A conviction for such an offence can attract a prison sentence of as many as three years.
Section 66A of the Information Technology Act, which prescribes 'punishment for sending offensive messages through communication service, etc.' is widely held by lawyers and legal academics to be unconstitutional. In this post Pranesh Prakash explores why that section is unconstitutional, how it came to be, the state of the law elsewhere, and how we can move forward.
Seriously flawed and dodgily drafted provisions in the IT Act provide the state a stick to beat its citizens with.
Earlier this year, ISPs such as Airtel and MTNL blocked a number of domain sites including BuyDomains, Fabulous Domains and Sedo.co.uk. Whereas the Indian Government and courts have previously issued orders blocking websites, these actions have generally been attributed to issues such as posting of inflammatory content or piracy of copyrighted material. However, the reasoning behind blocking domain marketplaces such as the above mentioned sites is not clear.
Two girls have been arbitrarily and unlawfully arrested for making comments about the late Shiv Sena supremo Bal Thackeray's death. Pranesh Prakash explores the legal angles to the arrests.
Will The International Telecommunication Regulations (ITRs) Impact Internet Governance? A Multistakeholder Perspective— by Pranesh Prakash — last modified Dec 10, 2012 04:40 AM
Pranesh Prakash made a presentation at the India Internet Governance Conference (IIGC) held at the FICCI, Federation House, Tansen Marg, New Delhi on October 4 and 5, 2012. The event was organised by the Ministry of Communications & Information Technology, FICCI and Internet Society. CIS was one of the supporting organisations.
Statement of Civil Society Members and Groups Participating in the "Best Bits" pre-IGF meeting at Baku in 2012— by Pranesh Prakash — last modified Dec 07, 2012 08:06 AM
The Centre for Internet & Society was one of the signatories for this submission made to the ITU on November 16, 2012.
In January 2012 Justice A.P. Shah formed a committee consisting of a group of experts to contribute to and create a report of recommendations for a privacy legislation in India. The committee met a total of seven times from January to September 2012. The Centre for Internet and Society (CIS) was a member of the committee creating the report. This blog post is CIS’s attempt to answer questions that have arisen from media coverage on the report, based on our understanding.
The following is the text of the submission made by the Government of India to the World Conference of International Telecommunications, Dubai on November 3, 2012. This is the final version of a draft that was circulated earlier.
Given below are the responses from the representatives of civil society in India (The Society for Knowledge Commons, Centre for Internet & Society, The Delhi Science Forum, Free Software Movement of India, Internet Democracy Project and Media for Change) to the Government of India's proposals for the upcoming WCIT meeting, in December 2012, in Dubai.
Submission by Indian Civil Society Organisations on Proposals for the Future ITRs and Related Processes— by Pranesh Prakash — last modified Dec 07, 2012 08:00 AM
The Centre for Internet & Society was one of the signatories of this submission which was sent in November 2012, in response to the International Telecommunication Union's call for public comments in relation to the revision of International Telecommunication Regulations that are to take place at the ITU's World Conference on International Telecommunications in Dubai from December 3 to 14, 2012.
DNA profile databases can be useful tools in solving crime, but given that the DNA profile of a person can reveal very personal information about the individual, including medical history, family history and so on, a more comprehensive legislation regulating the collection, use, analysis and storage of DNA samples needs included in the draft Human DNA Profiling Bill.
CCTVs in India are increasingly being employed by private organizations and the government in India as a way to increase security and prevent/ deter crime from taking place. When the government mandates the use of CCTV’s for this purpose, it often does so by means of a blunt policy mandate, requiring the installation of CCTV systems, but without any further clarification as to who should oversee the use of the cameras, what bodies should have access to the records, how access should be granted or obtained, and how long the recordings should be retained.
On September 27, 2012, the Centre for Internet and Society hosted a public talk at the Indian International Centre focused on the draft DNA Profiling Bill. Presenting at the meeting were international experts Dr. Helen Wallace, director of GeneWatch UK and Jeremy Gruber, president and executive director of the Council for Responsible Genetics US, and Dr. Anupuma Raina, senior scientist at AIIMs.
Pranesh Prakash does preliminary analysis on a leaked list of the websites blocked from August 18, 2012 till August 21, 2012 by the Indian government.
On June 30, 2012, Privacy India in partnership with the Indian Network for People living with HIV/AIDS, Centre for Internet & Society, IDRC, Society in Action Group, with support from London-based Privacy International, held a public discussion on "Medical Privacy" at the Yashwantrao Chavan Academy of Development Administration.
Cyber-laws in India are severely flawed, with neither lawyers nor technologists being able to understand them, and the Cyber-Law Group in DEIT being incapable of framing fair, just, and informed laws and policies. Pranesh Prakash suggests they learn from the DEIT's Internet Governance Division, and Brazil, and adopt multi-stakeholderism as a core principle of Internet policy-making.
Rajya Sabha MP, Shri P. Rajeev has moved a motion that the much-criticised Intermediary Guidelines Rules be annulled.
Without getting into questions of what should and should not be unlawful speech, Pranesh Prakash chooses to take a look at how Indian law promotes arbitrary removal and blocking of websites, website content, and online services, and how it makes it much easier than getting offline printed speech removed.
We are maintaining a rolling blog with press references to the row created by the proposal by the Union Minister for Communications and Information Technology to pre-screen user-generated Internet content.
This is the statement made by India at the 66th session of the United Nations General Assembly, in which its proposal for the UN Committee for Internet-Related Policy was presented.
In this blog post, Pranesh Prakash briefly analyses the DIT's response to an RTI request on website blocking alongside the most recent edition of Google's Transparency Report, and what it tells us about the online censorship regime in India.
The sixth annual meeting of the Internet Governance Forum was held from 27 to 30 September 2011 at the United Nations Office in Nairobi, Kenya. Sunil Abraham participated in six workshops: Privacy, Security, and Access to Rights: A Technical and Policy Analyses, Use of Digital Technologies for Civic Engagement and Political Change: Lessons Learned and Way Forward, The Impact of Regulation: FOSS and Enterprise, Proprietary Influences in Free and Open Source Software: Lessons to Open and Universal Internet Standards, Access and Diversity of Broadband Internet Access and Putting Users First: How Can Privacy be Protected in Today’s Complex Mobile Ecosystem?
Design Public, a high-level conclave on innovation, took place in Bangalore at the National Gallery for Modern Art on October 14, 2011. The event was organized by the Centre for Knowledge Societies in collaboration with the Centre for Internet and Society, the Centre for Law and Policy Research, Mint, and others. The conclave brought together industry experts, scholars, and activists to create a dialogue about design and innovation in the public interest. This blog post captures the developments as it happened on this day.
The Standing Committee on Finance Branch, Lok Sabha Secretariat has responded to the suggestions offered by CIS on the National Identification Authority of India, Bill 2010 and has requested it to mail its views by 14 October 2011.
Sahana Sarkar on behalf of the Centre for Internet and Society (CIS) had sent in a Right to Information application on 30 June 2011 to Ashish Kumar, Central Public Information Officer, UIDAI. The UIDAI sent in its reply. Through the seventh open letter, Hans attempts to characterize in an abstract way the replies that CIS managed to elicit and makes some elementary observations.
UID enrolment is in full swing, providing an official identification to millions of Indians, yet there are numerous unanswered questions. A public talk on UID was held at the Institute of Science, Bangalore on September 6, 2011. Usha Ramanathan, an independent law researcher on jurisprudence, poverty and rights, discussed the questions that plague the UID project and the veil of silence enveloping the answers.
Law student at the National University of Juridical Sciences, and intern for Privacy India, Srishti Goyal compares, contrasts, and critiques the Whole Body Imaging practices found in the US, the UK, and Australia, and makes recommendations for an Indian regime.
Basic Closed Circuit Television (CCTV) Infrastructure is used to observe movements from a central room, and consists of one or more video cameras that transmit video and audio images to a set of monitors or video recorders.
Would you make duplicates of your house keys and hand them over to the local police authority? And if so, would you feel safe? Naturally, one would protest this invasion of privacy. Similarly, would it be justified for the government to have a copy of the private key to intercept and decrypt communications? This is the idea behind key escrow; it enables government ‘wiretapping’.
Isn’t it interesting that authorities ask you about your identity and you end up showing your proof of existence! Isn’t this breaching into one’s personal life? Why so much transparency only from the public side? Why can’t the government be equally transparent to the public?, asks Shilpa Narani.
DNA fingerprinting has become the most precise and technologically advanced method for identifying crimes such as murder, kidnapping, robbery and rape. Police and judicial authorities and in some cases even private parties retain this in their records, writes Shilpa in this blog post.
Looking at the larger picture of national security versus consumer privacy, Sahana Sarkar says that though consumer privacy is important in the world of digital technology, individuals must put aside some of their civil liberties when it comes to the question of national security, as it is necessary to prevent societal damage.
The need for video surveillance has grown in this technologically driven era as a mode of law enforcement. Video Surveillance is very useful to governments and law enforcement to maintain social control, recognize and monitor threats, and prevent/investigate criminal activity. In this regard it is pertinent to highlight that not only are governments using this system, but residential communities in certain areas are also using this system to create a safer environment.
On June 23, a public seminar on “Privacy Matters” was held at the Don Bosco Institute in Karhulli, Guwahati. It was organised by IDRC, Society in Action Group, IDEA Chirang, an NGO initiative working with grassroots initiatives in Assam, Privacy India and CIS and was attended by RTI activists and grass roots NGO representatives from across the North Eastern region: Manipur, Arunachal Pradesh, Tripura, Nagaland, Assam and Sikkim. The event focused on the challenges and concerns of privacy in India.
Earlier this year, in February 2011, Rajeev Chandrasekhar introduced the Right to Privacy Bill, 2010 in the Rajya Sabha. The Bill is meant to “provide protection to the privacy of persons including those who are in public life”. Though the Bill states that its objective is to protect individuals’ fundamental right to privacy, the focus of the Bill is on the protection against the use of electronic/digital recording devices in public spaces without consent and for the purpose of blackmail or commercial use.
In her research, Sonal Makhija, a Bangalore-based lawyer, tries to delineate the emerging privacy concerns in India and the existing media norms and guidelines on the right to privacy. The research examines the existing media norms (governed by Press Council of India, the Cable Television Networks (Regulation) Act, 1995 and the Code of Ethics drafted by the News Broadcasting Standard Authority), the constitutional protection guaranteed to an individual’s right to privacy upheld by the courts, and the reasons the State employs to justify the invasion of privacy. The paper further records, both domestic and international, inclusions and exceptions with respect to the infringement of privacy.
How do you know yourself to be different from others? What defines the daily life that you live and the knowledge you produce in the span of this life? Is all that information yours or are you a mere stakeholder on behalf of the State whose subject you are? What does privacy really mean? In a society that is increasingly relying on information to identify people, collecting and archiving ‘personal’ details of your lives, your name, age, passport details, ration card number, call records etc, how private is your tweet, status update, text message or simply, your restaurant bill?
Today, as I am sure many of you have experienced, Internet scams are widespread and very deceptive. As part of my research into privacy and the Internet, I decided to follow a scam and attempt to fully understand how Internet scams work, and what privacy implications they have for Internet users. Though there are many different types of scams that take place over the Internet —identity scams, housing scams, banking scams— just to name a few. I decided to look in depth at the lottery scam.
The passing of the Right to Information Act, 2005 was seen as giving an empowering tool in the hands of the citizens of India, six years post its implementation, loopholes have surfaced with misuse of the many fundamental concepts, which have yet not been defined to allow for a consistent pattern of decisions. Among many problems that emerge with the Act, a major problem is defining the extent to which an individual has access to other people’s information. While most of us tend to think that asking for other people’s phone numbers, personal details like passport number or IT returns are private and would be kept so, under the RTI Act and as seen in the Central Information Commission (CIC) decisions, all of these details can be availed of by someone who doesn’t know you at all!
The blanket surveillance the Centre seeks is not going to make India more secure, writes Sunil Abraham in this article published in Mail Today on June 21, 2011.
Copyright can function contradictorily, as both the vehicle for the preservation of privacy as well as its abuse, writes Prashant Iyengar. The research examines the various ways in which privacy has been implicated in the shifting terrain of copyright enforcement in India and concludes by examining the notion of the private that emerges from a tapestry view of the relevant sections of Copyright Act.
THE NATGRID, aiming to link databases of 21 departments and ministries for better counter-terror measures, adopts blunt policy approach, subjecting every citizen to the same level of blanket surveillance, instead of a targeted approach that intelligently focuses on geographic or demographic areas that are currently important, writes Sunil Abraham in this article published by Mail Today on June 9, 2011.
Over the past few days various newspapers have reported the imminent introduction in Parliament, during the upcoming Monsoon session, of a Right to Privacy Bill. Since the text of this bill has not yet been made accessible to the public, this post attempts to grope its way – through guesswork – towards a picture of what the Bill might look like from a combined reading of all the newspaper accounts, writes Prashant Iyengar in this blog post which was posted on the Privacy India website on June 8, 2011.
The new rules under the IT Act are an assault on our freedom, says Sunil Abraham in this article published in Pragati on June 8, 2011.
Technologies are not just agents of politics, there is politics in their design, writes Nishant Shah in this article published in Down to Earth in the Issue of June 15, 2011.
English might be the language of the online world, but it’s time other languages had their say, writes Nishant Shah. The article was published in the Indian Express on June 5, 2011.
Prashant Iyengar on how in the eyes of the law, the internet giant is like the homeless in India. This article was published by Tehelka on June 4, 2011.
Vijayashankar, an eminent cyber law expert answers Elonnai Hickok’s questions on bloggers' rights, freedom of expression and privacy in this e-mail interview conducted on May 19, 2011.
The government is massively expanding its surveillance power over law-abiding citizens and businesses, says Sunil Abraham in this article published by the Deccan Herald on June 1, 2011.
The uproar surrounding India's Internet Control Rules makes clear that in the Internet age, as before, the active chilling of freedom of expression by the state is unacceptable in a democracy. Yet if India's old censorship regimes are to be maintained in this new context, the state will have little choice but to do just that. Are we ready to rethink the ways in which we deal with free speech and censorship as a society? Asks Anja Kovacs in this article, published in Caravan, 1 June 2011.
While regulation of the Internet is a necessity, the Department of IT, through recent Rules under the IT Act, is guilty of over-regulation. This over-regulation is not only a bad idea, but is unconstitutional, and gravely endangers freedom of speech and privacy online.
The digital revolution has helped make NGOs and civil society more influential, independent and transparent, writes Nishant Shah in this article published in the Indian Express on Sunday, May 15, 2011.
The press statement issued on May 11 by the Department of Information Technology (DIT) on the furore over the newly-issued rules on 'intermediary due diligence' is misleading and is, in places, plainly false. We are presenting a point-by-point rebuttal of the DIT's claims.
In his research article, Prashant Iyengar examines the limits to privacy for individuals in light of the provisions of the Constitution of India, public interest, security of state and maintenance of law and order. The article attempts to build a catalogue of all these justifications and arrive at a classification of all such frequently used terms invoked in statutes and upheld by courts to deprive persons of their privacy.
How do we imagine privacy? How is privacy being built into technological systems? On April 16th,The Center for Internet and Society hosted Privacy by Design, an Open Space meant to answer these questions and more around the topic of privacy. Below is a summary of the conversations and dialogs from the event.
Pranesh Prakash of CIS asked David Sohn of CDT a few pointed questions on the emerging hot topic of 'Internet neutrality', and received very useful responses. Those questions and Mr. Sohn's responses are documented in this blog post.
In 2007 a bill known as the Draft DNA Profiling Bill was piloted by the Centre for DNA Fingerprinting and Diagnostics, an autonomous organization funded by the Department of Biotechnology, Ministry of Science and Technology, Government of India. The below is a background to DNA collection/analysis in India, and a critique of the Bill a from a privacy perspective.
On February 20th I had the opportunity to speak with Shubha Chacko on privacy and sex workers. Ms. Chacko is an activist who works for Aneka, an NGO based in Bangalore, which fights for the human rights of sexual minorities. In my interview with Ms. Chacko I tried to understand how privacy impacts the lives of sex workers in India. The below is an account of our conversation.
Online anonymity is vital for creativity and entrepreneurship on the Web, writes Sunil Abraham. The article was published in the Hindu on April 18, 2011.
India has a long history of censorship that it justifies in the name of national security. But new laws governing the Internet are unreasonable and — given the multitude of online voices — poorly thought out, argues Anja Kovacs in this article published in the Sunday Guardian on 17 April 2011.
Iraq Delegation to Visit India for Study of E-Governance in Indian Cities ― Meetings in Bangalore and Delhi— by Prasad Krishna — last modified Aug 02, 2011 07:13 AM
An Iraqi Government delegation headed by HE Mr. Abdul Kareem Al-Samarai, Minister of Science & Technology, Government of Iraq will be in India on a e-governance tour. The study tour is organised by the United Nations Development Programme (UNDP) and the Economic and Social Commission for Western Asia (ESCWA).
How do the provisions of the Information Technology Act measure up to the challenges of privacy infringement? Does it provide an adequate and useful safeguard for our electronic privacy? Prashant Iyengar gives a comprehensive analysis on whether and how the Act fulfils the challenges and needs through a series of FAQs while drawing upon real life examples.
For the first time in India, we have a list of websites that are blocked by order of the Indian government. This data was received from the Department of Information Technology in response to an RTI that CIS filed. Pranesh Prakash of CIS analyzes the implications of these blocks, as well as the shortcomings of the DIT's response.
The following note looks briefly at different sides of the privacy debate, and asks the question whether a Data Protection law is enough privacy protection for India.
The following post briefly looks at different surveillance technologies, and the growing use of the them in India.
The below note looks at different types of encryption, varying practices of encryption in India, and the relationship between encryption, data security, and national security.
On 26 March 2011, civil society, lawyers, judges, students and NGO’s, gathered together at the Ahmedabad Management Association to take part in 'Privacy Matters' – a public conference organised by Privacy India in partnership with IDRC and Research Foundation for Governance in India (RFGI) — to discuss the challenges of privacy in India, with an emphasis on national security and privacy. The conference was opened by Prashant Iyengar, head researcher at Privacy India and Kanan Drhu, director of RFGI. Mr. Iyengar explained Privacy India’s mandate to raise awareness of privacy, spark civil action, and promote democratic dialogue around privacy challenges and violations in India. RFGI is a think tank established in 2009 which aims to research, promote, and implement various reforms to improve the legal and political process in Gujarat and across India. ‘Privacy Matters – Ahmedabad’ is the third conference out of the eight that Privacy India will be hosting across India. The next conference will take place in Hyderabad on 9 April 2011. It will focus on human rights and privacy.
We at PrivacyIndia/CIS are delighted by the recent order issued by the News Broadcasting Standards Authority(NBSA) which slapped a 1 lakh rupee fine on the news channel TV9 for airing an extremely incendiary and invasive programme titled "Gay Culture rampant in Hyderabad".
The note below is a perspective piece on biometrics. On March 11th I traveled down to the Philippines, and had a chance to experience the possible convenience of biometric based identification.
The Draft Electronic Delivery of Services Bill, 2011 (“Bill”) is a Bill to provide for delivery of government services manadatorily through electronic means by phasing out manual delivery of services. It is heartening to note that the Bill shifts the approach to electronic delivery of services by Government agencies to one as part of the citizens' right to service delivery through electronic means rather than a luxury or benefit doled out by the Government. The Bill introduces bodies exclusively accountable for ensuring that electronic delivery of services by the Government at the state and central levels. While this is a welcome move on the part of the Government there are a few comments we, at the Centre for Internet and Society, have on the present version of the Bill:
In pursuance of the Office Memorandum issued by the DIT dated March 4, 2011, the e-Governance Group of the DIT, convened on March 23, 2011, the first meeting of an exclusive group to propose guidelines for government presence on social networking and social media sites. The Centre for Internet and Society being one of the invitees to the meeting, has submitted its recommendations for a Policy for the Government's presence in social networking and social media sites.
In our research we have found that most government databases are incrementally designed in response to developments and improvements that need to be incorporated from time to time. This method of architecting a system leads to a poorly designed database with many privacy risks such as: inaccurate data, incomplete data, inappropriate disclosure of data, inappropriate access to data, and inappropriate security over data. To address these privacy concerns it is important to analyze the problem that is being addressed from the perspective of potential and planned interoperability with other government databases. Below is a list of problems and recommendations concerning privacy, concerning government databases.
In recent weeks, an increasing number of incidents have come to light on government-ordered blocking of websites. In one case involving Zone-H.org, it is clear who has ordered the block (a Delhi district court judge, as an interim order), even though the block itself is open to constitutional challenge. In all others cases, including the TypePad case, it is unclear who has ordered the block and why. We at CIS have sent in two right to information requests to find out.
On February 7th 2011, the Department of Information Technology, MCIT published draft rules on its website (The Information Technology (Due diligence observed by intermediaries guidelines) Rules, 2011) in exercise of the powers conferred by Section 87(2)(zg), read with Section 79(2) of the Information Technology Act, 2000. Comments were invited from the public before February 25th 2011. Accordingly, Privacy India and Centre for Internet and Society, Bangalore have prepared the following para-wise comments for the Ministry’s consideration.
On February 7th 2011, the Department of Information Technology, MCIT published draft rules on its website (The Information Technology (Guidelines for Cyber Cafe) Rules, 2011) in exercise of the powers conferred by Section 87(2) (zg), read with Section 79(2) of the Information Technology Act, 2000. Comments were invited from the public before February 25th 2011. Accordingly, Privacy India and Centre for Internet and Society, Bangalore have prepared the following para wise comments for the Ministry’s consideration.
On February 7th 2011, the Department of Information Technology, MCIT published draft rules on its website (The Information Technology (Reasonable security practices and procedures and sensitive personal information) Rules, 2011) in exercise of the powers conferred by Section 87(2)(ob), read with Section 43A of the Information Technology Act, 2000. Comments were invited from the public before February 25th 2011. Accordingly, Privacy India and Centre for Internet and Society, Bangalore have prepared the following para-wise comments for the Ministry’s consideration.
For the ardent followers of free and open Internet and for those who love to debate on technology, media law and Internet-related policy issues, there is some good news. The Centre for Internet and Society, India is conducting a Google Policy Fellowship program this summer!
Since official documentation from the UIDAI is very limited, we assume that data pertaining to transactions would comprise of the Aadhaar number, identifier of the authenticating device, date-time stamp, and approval/rejection/error code. Recording and maintaining of data pertaining to transactions is very important because it increases transparency and accountability through an audit trail. However, storage of such sensitive data creates many privacy risks, because more often than not metadata gives you as much intelligence as raw data.
The objective of the UID project is to provide identity infrastructure that is not susceptible to fraud or error. This note highlights parts of the operational design of the project, which are flawed. We plead that each point be taken into consideration and that the design be suitably revised.
This note presents the aspects of the UID project, which have not been considered or incorporated into the UID’s budget. The costs include re-enrollment, loss in human time, and the cost of the audit function.
This note points out the weaknesses inherent in biometrics and the pitfalls in using them. It recommends procedural safeguards that should be adopted by the UID in order to make the use of biometrics more secure and inclusive.
This note explores the three connections between finance and security and demonstrates the cost implications of operating a centrally designed identity management system as proposed by the UID. In doing so, it shows how the monitoring, storing, and securing of transactional data in a centralized database fall short of meeting the project's objectives of authentication, and thus is an additional cost. Further, it is argued that the blanket monitoring of the transaction database is not an effective method of detecting fraud, and is an expensive component of the project.
On February 5th the 'Privacy Matters" conference was held at the TERI Regional Center in Bangalore. The event was a full day and centered around issues of privacy including: privacy rights of minorities, privacy and open government data, and privacy and identity.
In the below note, Deva Prasad, LLM Candidate at NLSIU, explores the challenges that the UID project faces from a legal perspective.
A one-day conference on Privacy Matters was held on Sunday, 23 January 2011 at the National University of Juridical Sciences (NUJS) Law School in Kolkata. This was the first of a series of eleven conferences on ‘privacy’ that Privacy India is scheduled to host in different Indian cities from January to June this year. Members of Parliament, Sri Manoj Bhattacharya from the Revolutionary Socialist Party (RSP) and Sri Nilotpal Basu from the Communist Party of India (Marxist) CPI (M) spoke in the conference. Students, the civil society and lawyers also participated in it.
The "Privacy Matters" conference is taking place on Sunday January 23rd, at NUJS Law school at 10:30. It is a full day event that will discuss the challenges and concerns of privacy in India. Below is the agenda for the event. We look forward to your participation and attendance.
This article by Justice S Muralidhar was published in the Indian Journal of Law and Technology, Volume 6, 2010. It explores in detail the jurisdiction of courts when dealing with disputes arising from commercial transactions on the Internet.
The UID Bill has been placed to the Finance Committee for review and approval. Through a series of open letters to the Finance Committee, civil society is asking the committee to take into consideration and change certain aspects of the Bill and the project. The below note compares the SCOSTA standard with the Aadhaar biometric standard, and explains why we believe the SCOSTA standard should replace the Aadhaar biometric standard for the authentication process in the UID scheme.
On December 17th the Campaign for No UID held a press conference and public meeting in Bangalore. Below is a summary and analysis of the events.
The recent disclosures from Wikileaks have shown that the right to information, whistle-blowing, and privacy are interconnected. This note looks at the different ways in which the three are related, as well as looking at the benefits and drawbacks to Wikileaks in terms of privacy.
Privacy India is inviting individuals to author short papers focused on Unique Identity (UID) and Privacy. Selected candidates will have their papers published on the CIS website, and their transportation and accommodation provided for the “Privacy Matters” conference being held in Kolkata on 22 January 2010.
The Ratan Tata case has raised many important questions pertaining to privacy. This note looks at a few of those questions, and the debate that centers around them.
On 23 November 2010 a public meeting was held for the UID in Bangalore. The speakers included B.K Chandrashekar, former Chairman of the Karnataka Legislature Council, Mr. Vidyashankar, Principal Secretary to Government of e-commerce, Sunil Abraham, Executive Director of Centre for Internet and Society, Jude D’Souza, Technology Specialist and Mathew Thomas, Retired Army Officer.
On 2 and 3 December 2010, the DSCI Information Security Summit 2010 took place in the Trident Hotel, Chennai. The two day summit included a broad spectrum of speakers/panels and topics, ranging from Securing Data & Systems to how to leverage the Cloud. The key speakers were Mr. Gulshan Rai, Director General, CERT-In, DIT, Mr. Rajeev Kapoor, Joint Secretary, DoPT, Govt. of India, Mr. Vakul Sharma, Advocate, Supreme Court of India and Dr. Kamlesh Bajaj, CEO, DSCI. Elonnai Hickok attended the summit.
The final draft of the UID Bill that will be submitted to the Lok Sabha was made public on 8 November 2010. If the Bill is approved by Parliament, it will become a legal legislation in India. The following note contains Civil Society's response to the final draft of the Bill.
In a typical sense, when people think of themselves as consumers, they just think about what they purchase, how they purchase and how they use their purchase. But while doing this exercise we are always exchanging personally identifiable information, and thus our privacy is always at risk. In this blog post, Elonnai Hickok and Prashant Iyengar through a series of questions look through the whole concept of consumer privacy at the national and international levels. By placing a special emphasis on Indian context, this post details the potential avenues of consumer privacy in India and states the important elements that should be kept in mind when trying to find at an effective protective regime for consumer privacy.
All of you often come across unsolicited and annoying telemarketing calls/ SMS's, prank calls, pestering calls for payment, etc. Do we have any safeguards against them? This blog post takes a look at the various rules and regulations under Indian law to guard our privacy and confidentiality.
Banking is one of the most risky sectors as far as privacy is concerned due to the highly sensitive and personal nature of information which is often exchanged, recorded and retained. Although India has RBI guidelines and legislations to protect data, this blog post looks at the extent of those protections, and what are the areas that still need to be addressed.
A group of officers was created to develop a framework for a privacy legislation that would balance the need for privacy protection, security, sectoral interests, and respond to the domain legislation on the subject. Shri Rahul Matthan of Tri Legal Services prepared an approach paper for the legal framework for a proposed legislation on privacy. The approach paper is now being circulated for seeking opinions of the group of officers and is also being placed on the website of the Department of Personnel and Training for seeking public views on the subject. The Privacy India team at C.I.S responded to the approach paper and has called for the need for a more detailed study of statutory enforcement models and mechanisms in the creation of a privacy legislation.
On 10 November 2010, I attended an American Bar Association online conference on 'Regulating Privacy Across Borders in the Digital Age: An Emerging Global Consensus or Vive la Difference'. The panalists addressed many important global privacy challenges and spoke about the changes the EU directive is looking to take.
A look into the questions that arise in concern to privacy and cloud computing, and how open source plays into the picture.
Security versus Privacy...it is a question that the world is facing today when it comes to using the Whole Body Imaging technology to screen a traveller visually in airports and other places. By giving real life examples from different parts of the world Elonnai Hickok points out that even if the Government of India eventually decides to advocate the tight security measures with some restrictions then such measures need to balanced against concerns raised for personal freedom. She further argues that privacy is not just data protection but something which must be viewed holistically and contextually when assessing new policies.
In this interview for Russian Cyberspace, set up with the help of Sunil Abraham (Executive Director at the Centre for Internet and Society in Bangalore, India), computer software professional Victor Diaconu explains the nature of Internet use, state control and the development of blogging and social media platforms in Moldova. Victor works at Computaris in Chisinau. He is Moldova educated, and has travelled to several western countries (including lengthy stays to US, UK) to learn about and understand what there is to be done in Moldova. Sudha Rajagopalan interviewed Victor Diaconu.
On Tuesday, 7 September 2010, Ashok Dalwai, the Deputy Director General of the Unique Identification of India (UIDAI), gave a lecture at the Indian Institute for Science in Bangalore. Representing the UID Authority, his presentation explained the vision of the project and focused on the challenges involved in demographic and biometric identification, the technology adopted, and the enrolment process. Elonnai Hickok gives a report of his presentation in this blog post.
On 13 September, the day before the fifth Internet Governance Forum opens, CIS is coorganising in Vilnius a meeting on Internet governance and human rights. One of the main aims of this meeting is to call attention to the crucial, yet in Internet governance often neglected, indivisibility of rights. In this blog post, Anja Kovacs uses this lens to illustrate how it can broaden as well reinvigorate our understanding of what remains one of the most pressing issues in Internet governance in developing countries to this day: that of access to the Internet.
Elonnai Hickok examines privacy in the context of India’s legal provisions on cybercrime. She picks up the relevant provisions of the Information Technology Act as amended in 2008 dealing with cyber crimes and provides a fair analysis of the pros and cons of the amended Act.
India's Copyright Act was established in 1957, and is in the process of being placed before the Parliament in 2010. The provisions in the proposed Bill will work to make the Act WIPO Copyright Treaty (WCT) compliant. When looking at privacy in the context of copyright four key questions arise, says Elonnai Hickock as she analyses privacy in the context of the Indian Copyright Act.
A summary of the "No UID" public meeting that took place on Aug. 25th at the Constitution Club, New Dehli.
The Unique Identification (UID) Bill is not pro-citizen. The scheme is deeply undemocratic, expensive and fraught with unforseen consequences. A public meeting on UID was held at the Constitution Club, Rafi Marg in New Delhi on 25 August, 2010. The said Bill came under scrutiny at the meeting which was organised by civil society groups from Mumbai, Bangalore and Delhi campaigning under the banner of "No UID". The speakers brought to light many concerns, unanswered questions and problems of the UID scheme.
Facebook recently launched a location-based service called Places. Privacy advocates are resenting to this new development. Sunil Abraham identifies the three prime reasons for this outcry against Facebook. The article was published in the Indian Express on 23 August, 2010.
When rogue politicians and bureaucrats are granted unrestricted access to information then the very future of democracy and free media will be in jeopardy. In an article published in the Pune Mirror on 10 August, 2010, Sunil Abraham examines this in light of the BlackBerry-to-BlackBerry messenger service that the Government of India plans to block if its makers do not allow the monitoring of messages. He says that civil society should rather resist and insist on suitable checks and balances like governmental transparency and a fair judicial oversight instead of allowing the government to intrude into the privacy and civil liberties of its citizens.
Having a standard for decentralized ID verification rather than a centralized database that would more often than not be misused by various authorities will solve ID problems, writes Liliyan in this blog entry. These blog posts to be published in a series will voice the expert opinions of researchers and critics on the UID project and present its unique shortcomings to the reader.
This post examines certain limitations of the Information Technology Act, 2000 (as amended in 2008). Malavika Jayaram points out the fact that when most countries of the world are adopting plain English instead of the conventional legal terminology for better understanding, India seems to be stuck in the old-fashioned method thereby, struggling to maintain a balance between clarity and flexibility in drafting its laws. The present Act, she says, is although an improvement over the old Act and seeks to address and improve on certain areas in the right direction but still comes up short in making necessary changes when it comes to fundamental rights and personal liberties. The new Act retains elements from the previous one making it an abnormal document and this could have been averted if there had been some attention to detail.
Malavika Jayaram and Elonnai Hickok introduce the formal submission of CIS to the proposed National Identification Authority of India (NIA) Bill, 2010, which would give every resident a unique identity. The submissions contain the detailed comments on the draft bill and the high level summary of concerns with the NIA Bill submitted to the UIDAI on 13 July, 2010.
While many citizens outside of the US and EU benefit from the data privacy provisions the Safe Harbor Program, it remains unclear how successfully the program can govern privacy practices when third-parties continue to gain more rights over personal data. Using Facebook as a site of analysis, I will attempt to shed light on the deficiencies of the framework for addressing the complexity of data flows in the online ecosystem.
Sunil Abraham examines Google's crusade against censorship in China in wake of the attacks on its servers in this article published in the Indian Express.
This report by Pranesh Prakash reflects on the question of how useful the IGF is in the light of meetings on the themes of intellectual property, freedom of speech and privacy.
Leaking corporate or government information in public interest through popular Web service providers is risky but Wikileaks.org is one option that you could try out.
This address was delivered by Dr. Anja Kovacs, as a representative of civil society, to the IGF during its closing ceremony.
A seminar held this month by the Communications and Manufacturing Association of India (CMAI) explored the role that information and communication technology can assume in the process of India's judicial reform efforts. The broad consensus among panelists was that “law is not keeping pace with technology”. However, whether technology will be harnessed to actually facilitate much needed transparency and access to the justice system, or be simply used to improve efficiency within the judicial branch still remains unclear.
An article by Prof. Subbiah Arunachalam (Distinguished Fellow, CIS) in GISW 2009 (Global Information Society Watch, 2009)
Newspapers have been reporting that IPv4 addresses will get over soon, and that we will have to shift to IPv6. In this short piece, Pranesh Prakash gives a layperson's introduction to the IPv6 Internet we will be entering into soon, and what that means for you.
Essay by Lawrence Liang, September 21, 2009 in response to - A Dialogue on ICTs, Human Development, Growth, and Poverty Reduction
The USA has ceded control of the Internet over to Icann, but only partially. (This post appeared as an article in Down to Earth, in the issue dated November 15, 2009.)
On 30 September 2009, ICANN (Internet Corporation for Assigned Names and Numbers) signed an Affirmation of Commitments (AoC) with the US Government's Department of Commerce. For those of us who are concerned that the Internet should serve the global public good, is the new arrangement a step forward? An assessment.
ಪರಿಸರ ಬರಹಗಾರ ನಾಗೇಶ್ ಹೆಗಡೆ ಅವರು ಕಂಪ್ಯೂಟರಿನ ಸ್ವಿಚ್ ಒತ್ತಿ ಪರದೆಯಲ್ಲಿ ಡಿಜಿಟಲ್ ಪುಟ ಬೆಳಗಿ "ಕೃಷಿ ಸಂಪದ" ಇ-ಮ್ಯಾಗಜೀನನ್ನು ಇಂಟರ್ನೆಟ್ ಲೋಕಕ್ಕೆ ಅರ್ಪಿಸಿದರು.
ಮೈಕೇಲ್, ಮೊಬೈಲ್ ಮತ್ತು ಗ್ರಾಮೀಣ ಅಭಿವೃದ್ಧಿ (ಮೈಕೇಲ್ ರಿಗ್ಸ್ ಭಾಷಣ) - ಚಾಮರಾಜ ಸವಡಿ
Value Added Services of Information & Communication Technology- Mobile Telephony for Farmers Benefit— by Radha Rao — last modified Aug 02, 2011 07:15 AM
Mr. G Raghunatha, State Manager, IFFCO Kisan Sanchar Ltd., Bangalore and Secretary, Institution of Agricultural Technologists, Bangalore has written an article on how ICT - Mobile Technology can be used for the farmers' benefit.
The Centre for Internet and Society is part of a broad group of civil society actors that submitted a comment on the Draft Programme Paper of the fourth Internet Governance Forum (IGF), taking place in Sharm El Sheikh, Egypt, in November 2009. The IGF is a forum for multistakeholder policy dialogue on Internet governance issues. The comment decries the complete absence of attention for Internet Rights and Principles in the agenda as it stands as of today, and this despite repeated requests from a wide range of stakeholders to make this theme a central one. All stakeholder groups were invited to submit their comments on the Draft Programme Paper of the 2009 IGF to the IGF Secretariat by 15 August.
This is a guest post by Rahul Matthan, partner in the law firm Trilegal, and widely regarded as one of the leading experts on information technology law in India. In this post, Mr. Matthan looks at the provisions in the amended Information Technology Act of interest to commerce, namely electronic signatures and data protection.
With this draft information bulletin, we briefly discuss some of the problems with the Information Technology Act, and invite your comments.
The Centre for Internet and Society commissioned an advocate, Ananth Padmanabhan, to produce a comment on the Draft Rules that have been published by the government under the Information Technology Act. In his comments, Mr. Padmanabhan highlights the problems with each of the rules and presents specific recommendations on how they can be improved. These comments were sent to the Department of Information and Technology.
The Centre for Internet and Society sent the following mail to ICANN regarding their attempt to impose their own charter for a Noncommercial Stakeholder Group (NCSG), instead of accepting the one drafted by the Noncommercial Users Constituency (NCUC).
This open letter brings up concerns of democratic deficit in internet governance worldwide, and is addressed to the UN Internet Governance Forum (IGF). It is to be delivered at the IGF's 3rd Annual Meeting at Hyderabad, India, from 3rd to 6th December, 2008. The signatories are Alternative Law Forum, Bangalore, Centre for Internet and Society, Bangalore, Delhi Science Forum, New Delhi, Free Software Foundation - India, IT for Change, Bangalore, and Knowledge Commons, New Delhi.
Nishant Shah, the Director for Research at CIS, was recently interviewed in i4D in a special section looking at Social Networking and Governance, as a lead up to the Internet Governance Forum in December, in the city of Hyderabad.