Access To Knowledge (A2K)

Exposing Data: Art Slash Activism

praskrishna — 2011-12-29T13:31:12Z

Tactical Tech and the Centre for Internet and Society (CIS) organised a public discussion on the intersection of Art and Activism at the CIS office in Bangalore on 28 November 2011. Videos of the event are now online. Ward Smith (Lecturer, University of California, LA), Stephanie Hankey and Marek Tuszinsky (Co-founders, Tactical Technology Collective), Ayisha Abraham (Film maker, Srishti School of Art Design) and Zainab Bawa (Research Fellow, Centre for Internet and Society) spoke in this event.

In the information societies that we live in, data is the new currency. While data – objective enumerations of life – has been around as the basis of providing evidence in research, practice and art, there is a renewed attention on data as the digital technologies start mediating our everyday lives. Digitization (like electronification in earlier times) is a process by which messy, chaotic, everyday life can be sorted, classified, arranged and built into clean taxonomies that flatten the experiential and privilege the objective. In many ways, the process of ubiquitous digitization goes back to the Cartesian dualism of the immaterial mind over the emergent materiality of the body. Historically, different disciplines and practices within the social and natural sciences, humanities, arts, development work, and governmentality, etc. have established protocols to create robust, rigorous, efficient and reliable data that can be used as evidence for thought and action. These protocols are not permanent and are often questioned within the disciplinary framework but especially with interdisciplinary dialogues where conflicting methodologies and reading practices often render the same data sets unintelligible to each other.

With the rise of the digital, these disciplines and practices start new negotiations with the world of databases, networks and archives. There is a growing anxiety that data, which was supposed to be an objective representation of reality, is increasingly becoming opaque in how it is structured. There is also an increasing awareness that the work that we make the —‘idea of data’— is not transparent. The Exposing Data Project came as a response to these anxieties, as we seek to unpack the processes, methodologies, challenges and implications of living in a data-rich, data-based world mediated by digital and internet technologies through a cross-disciplinary multi-sectoral dialogue.

Exposing Data is a curated practice of bringing together differently located researchers, academics, practitioners, policy actors, artists and public interlocutors to tease out the tensions and conflicts that digital data brings to their own practice and thought, especially when talking to people who are ‘not like us’.

For its first conversation titled ‘Art Slash Activism’, we decided to look at the tensions that often split communities and practices across historically drawn battle lines. There has been a huge tension between artists and activists, who, even though they often use same kind of data sets, are often at logger-heads when it comes to using that data for their practice. Artists, especially those dealing with public and community art projects, often work in the same spaces and communities as the activists, in making strong political statements and working towards a progressive liberal ideology. Activism has depended on artistic expressions – especially those around free speech, censorship, surveillance, human rights, etc. – in order to not only find peer support but also to oppose authoritarian forces that often seek to quell artistic voices. And yet, within the larger communities, the idea of political art – art that makes direct political statements – or activism as an art form – activism that takes the form of cultural production and overt subversion – often emerges as problematic. ‘Art Slash Activism’ brought together four people, identified (reluctantly, because they wear so many different hats) as an academic, as a researcher, as an activist and as an artist, who all straddle these chasms in their own work, to unpack the tensions through the lens of digital data.

Zainab Bawa, who is a research fellow at the Centre for Internet and Society, working on a monograph that deals with politics of transparency in Indian e-governance systems, set out the terms of the debate as she questioned the very meaning of the word ‘data’. Zainab, by looking at case-studies of land-record digitization in the country, started to look at how the word ‘data’, despite its apparent transparency and objectivity, is actually an opaque concept that eclipsed the politics of data formation – what gets identified as data? What gets discarded as noise? Who gets to identify something as data? What happens to things which are not data? What happens to people who cannot be identified through data? What are the systems of rationality that we inherit to talk of data?

Video of Zainab Bawa Talk

These questions persisted through the different conversations but were brought into plain site when Ayisha Abraham, a film and video artist who also teaches at the Sristhi School of Art Design, showed us a digitally restored piece of an old film that disintegrated even as it was being saved. Heidegger in his Basic Writings had proposed that “Art assumes that the truth that discloses itself in the work can never be derived from outside.” Ayisha built on this idea to look at material historicity and physical presence of data to question the easy availability of data that has been established for data in art practices. When does data come into being? What precedes data? What happens to data when it decays beyond belief? How do we restructure reality in the absence of data? She mapped the role of affective restructuring, historical reconstruction and creative fictions in our everyday life when we deal with realities which cannot be supported by data.

Video of Ayisha Abraham Talk

Ward Smith added a layer of complication in his questioning of the established cause-effect relationship that data has with Reality. Within activism as well as in development and policy work, there is an imagination that data always followed reality – that it is a distilled set of abstractions based on experiences, information, knowledge, analyses, etc. However, Ward presented us with a case-study that shows that data is not benign. It doesn’t exist in a vacuum. Often, the creation of data sets and databases leads to construction of alternative and new material realities. Even within existing realities, the introduction of a data set or an attempt to account for the reality using data, produces new and evolved forms of reality. Drawing partly from the discussions within digital taxanomies and partly from conversations in quantum philosophy (remember Schrodinger’s Cat?) Ward showed how data realities need to be unpacked to reveal what lies underneath.

Video of Ward Smith Talk

Marek Tuszinsky rounded up the conversations by introducing us to different ways of looking at data. Drawing from a rich ethnographic and experience data set at the Tactical Technology Collective, Marek questioned how our relationships and reading practices – looking at data side-ways, for example – influences the shape, form, structure and meaning of the data under consideration. What came up was a compendium questions around data ethics, data values, our own strategies and reflectivity in dealing with a data-mediated and data-informed world. What are the kinds of imperatives that lead us to produce data? What methodologies do we deploy to render data intelligible? What kind of data manipulations do we engage in, in order to make it comprehensible to digital systems of archives and storage?

Video of Marek Tuzinsky Talk

What are the politics of exclusion, inclusion and making invisible of data sets?

The conversation further opened up to the other participants in the conversation to crystalise around three areas of concern:

Data Decay

An audience member pointed out that one is always confronted with the physical decay of data. While old film is an incredibly fragile medium, it has survived over 70 years to become a part of Ayisha’s work. A digital format, on the other hand, would likely become inaccessible within six years due to format changes and problems with compatibility. The discussion shifted to the temporary aspect of data. The digitization of data allows one to illuminate it in significant ways by adding new components and blowing up details of focus. Such options are not available in analogue form.

However, the fact that digital media has a limited lifespan is something that one must consider. Are we depicting data for immediate attention and action, or for future reference? How far down the timeline of history do we want our records to stretch? Regardless of whether the producers of the film that turned out to be a hidden treasure for Ayisha asked these questions, the persistence of the film 70 years later served to illuminate an important moment in history and spoke of lives and stories the knowledge of which is still of interest and inspiration in our time. The future accessibility of data can be seen as our legacy and the inheritance of the generations to come.

Data Realities / Subjects

At the same time, can we be sure of the factual nature of recovered and existing data? It is important to ask who commissioned the source of information, who collected the data, who depicted and disseminated it? When asking “who”, one should also ask what their motives were, what resources they had and what settings they were working in. These are only several factors that influence the accuracy, message and understanding of the presented data.

Data has political power, being used as a catalyst and a justifying factor for various policies and interventions. However, data that is collected and presented by policy makers, research organizations, NGO’s, and other institutions may not reflect the realities as they are experienced by the population represented by the data. Researchers may be asking the wrong questions, or seeking answers in the wrong places, as it was the case in the Atlanta homeless programs discussed in Ward’s presentation. Inaccurate or incomplete data can confuse cause and effect, as well as become the cause in and of itself by feeding into stereotypes and creating faulty convictions that shape conventional views and social action.

Data Values

The importance of deconstructing the nature of how data is presented was remarked on by an audience member. The question posed was how, in the process of data collection and presentation, one can make data more reflective of reality as it is experienced by the studied population through incorporating grassroots efforts to create a community-based ownership of data.

To tackle this question, Marek brought up the example of mapping out the Kibera slum in Kenya. An open source approach was used in the project, where locals actively participated in the process of mapping. However, as Marek pointed out, it was still an intervention from outside the community. Somebody funded the project, someone gave the equipment, and they followed a certain methodology for reasons of their own. A completely unbiased and neutral representation of the slum was not possible due to the various agendas and perspectives of the parties involved, the dominant agenda being that of the project funders. Complete objectivity, even when efforts are made, is impossible.

Is it really more data that we need then? Even though information exists, it may not be accurate and not everyone within the society has an equal reach to it. A worker from a village lacking in literacy skills has significantly less access to data than a PHD student from a renowned university, even though they both navigate within the same system. Access to data stems farther than what is put up on a website or a file that can be picked up from a government office. More important than having access to open data, Zainab believes that one should look for relationships and systems where there is responsiveness and responsibility of negotiating.

However, what came clear from the discussion is that there are existent infrastructures that enable researchers and activists in their quest for information and its fair representation. People, in their interactions with each other, in the institutions and ad hoc organizations we develop, take part in creating these enabling infrastructures. Being embedded in the system within which one is collecting information allows one to understand and manoeuvre the necessary avenues. Questions of data collection, representation, and dissemination are multidisciplinary, spanning across issues that touch all members of our society. From land property records, old abandoned film, government statistics, classifications, and artists’ quest for truth, data takes many forms and defines our lives in ways we cannot always control. Through revaluation and questioning of these processes we gain a better understanding of what shapes societal views, government action, and how we can take control and use data to illuminate the unseen and wheel social change.

This has been the first of our experiments at creating dialogues around Exposing Data. We invite people interested in these questions, to not only participate in the future conversations, but also help us draw upon different disciplines, questions and concerns around the subject of Data. The next conversation seeks to address the question of “Whose data is it anyway?” and we hope that the momentum of talk carries on.

Nishant Shah
Maya Ganesh
Yelena Gulkhandanyan

For more details visit https://cis-india.org/internet-governance/art-slash-activism

Exposing Data: Art Slash Activism

yelena — 2013-03-01T05:44:23Z

Tactical Tech and the Centre for Internet and Society (CIS) invite you to the first round of discussions on the intersection of Art and Activism at CIS office in Bangalore on 28 November 2011. Ward Smith (Lecturer, University of California, LA), Stephanie Hankey and Marek Tuszynski (Co-founders, Tactical Technology Collective), Ayisha Abraham (Film maker, Srishti School of Art Design) and Zainab Bawa (Research Fellow, Centre for Internet and Society) are leading the conversations.

The Exposing Data Project

An NGO sets up a database to track elected representatives’ participation in the Parliament, the spending for their constituency, and keeping a track of their political mandates and promises.

A geographer tracks the movements of US Government satellites and visualises their paths to form curious visuals of ‘State secrets’.

A photographer travels to an island in the Pacific Ocean to take pictures of the plastic debris found in the stomach of a Laysan albatross carcass.

Each of these examples is about how data that serves as evidence can be collected and visualised in different formats. The NGO can output its data as infographics, the geographer creates non-cartographic maps and the photographer’s images serve as testimony to increased pollution levels. We live in database times. Never before in human history have we consumed, produced and shared as much data as we do now in bits and bytes through our digital devices, coded as images and graphs and spreadsheets. The power to do so has allowed individuals and communities around the world to expose and reveal things that have been invisibilised and obscured, robbed of language and articulation.

At the same time, the visual immediacy of such data sets and the ability to manipulate it to construct new ways of looking at our reality, often hides the fact that the production and use of data as evidence is not benign or neutral. While data itself claims a certain objective fact value, the politics involved in identifying something as data are subject to strong power confluences.

The Centre for Internet and Society and Tactical Technology Collective, Bangalore, propose the Exposing Data Project as a series of conversations between people working across art, activism, politics, information science, cartography, geography, social sciences, humanities and technology science to share, learn, discuss, debate and explore processes, methods, challenges and implications of what it means to live in a data-rich world.

Art Slash Activism

The first round of discussions will be looking at the intersections of Art and Activism, but without falling into the usual traps of looking at art as the vehicle of activism or activism as a form of art. Hence, instead of Art and Activism, we are looking at Art Slash Activism exploring how data visualisation, data representation, and new forms of data mapping re-articulate what it means to be political.

The event will bring together professionals such as Ward Smith (Lecturer, University of California, LA), Stephanie Hankey and Marek Tuszynski (Co-founders, Tactical Technology Collective), Ayisha Abraham (Filmmaker, Srishti School of Art Design) and Zainab Bawa (Research Fellow, Centre for Internet and Society). Rather than being a seminar to instil practical knowledge, the aim of Art Slash Activism is to engage participants in a curated conversation on the use of data as evidence and its dissemination through visual depiction as a catalyst for change. We are seeking a variety of perspectives when answering questions such as whether data can have a universal reach through visual presentation; how we can utilize various forms of representation to spread awareness; and what happens when information cannot be represented as data.

Art Slash Activism is a multidisciplinary learning experience that will involve members of the art community, open data activists, designers, and others active in the processes of social change in a creative, playful and innovative manner that will result in textual and visual documentation which will serve as a knowledge corpus for researchers and practitioners interested in these questions.

Bio of the Speakers

Zainab Bawa
Zainab is a PhD scholar at the Centre for the Study of Culture and Society (CSCS), Bangalore. Zainab primarily works as an independent researcher on issues of governance, politics, property and how technology is embedded in state-citizen interactions and society. In the course of her work, she is associated with the Centre for Internet and Society and the Centre de Sciences Humaines - New Delhi. Zainab is also a designated partner at HasGeek Media LLP, Bangalore.

Ayisha Abraham
Ayisha Abraham lives and works in Bangalore as an installation artist and short filmmaker. She works at the Srishti School of Art, Design, Technology, as a visual arts consultant and is a member of the BAR1 (Bengaluru Artists Residency).

Stephanie Hankey
CO-founder & executive director, Stephanie has been working to strengthen the use of technology by civil society in the global South since 1998, initially working with the Open Society Institute establishing their Technology Support for Civil Society Program, before co-founding Tactical Tech in 2003. Stephanie has a background in information design, was editor-in-chief of Pulp and worked as a creative director and producer for a number of London-based multimedia companies. She has a Masters in Information and Interaction Design from the Royal College of Art London, and a certificate in Campaigning and Lobbying from NCVO.

Marek Tuszynski
Co-founder & director of programmes & technology, Marek has been working to help advocates use technology since 1995. In the mid-nineties he co-founded the International Network of Contemporary Art Centres and worked with others to create a television programme about independent culture in Poland. He was director of the Stefan Batory Foundation’s Internet programme (Warsaw), sat on the board of Klon/Jawor (a research and infrastructure NGO) and The Second Hand Bank. Marek worked as a consultant to many funding agencies focusing on information and communication strategies for civil society in Central Asia.

Ward Smith
Ward Smith is a librarian who works with academics, activists and artists to design and implement information systems that aid in the development and documentation of their work. He has recently worked with the Atlanta Task Force for the Homeless, the Arts, Computation, Engineering program at UC Irvine, the Southern California Library, the 2009 Digital Arts and Culture Conference, and rhizome.org.

This event is free and open to everyone. However, we would appreciate a confirmation of attendance ahead of time so as to ensure that your space is reserved. To confirm your attendance please write to: yelena.gyulkhandanyan@gmail.com

VIDEOS

For more details visit https://cis-india.org/internet-governance/art-activism

Explore money apps but watch your data

praskrishna — 2017-06-08T12:46:11Z

Financial apps may appear to be free but before you install them, read their privacy policies to know what you may be signing away.

The article by Shaikh Zoaib Saleem was published in Livemint on June 8, 2017. Pranesh Prakash was quoted.

With the increasing usage of smartphones and other smart devices, our use of and dependence on mobile applications also increases. These apps, while being installed on your device, ask for a lot of permissions. Most users do not take a detailed look at all the permissions being granted to any particular app’s publisher. Moreover, even fewer users look at the privacy policies and terms of use of apps, which detail how the publisher intends to utilize the data you share.

In most cases, the data collected is analysed and used for targeted marketing campaigns by the apps’ publishers, based on the users’ profiles and habits. Read more about it here: bit.ly/2q3ByA3. While this phenomena is spread across the board for all categories of apps, we take a look at the privacy policies and terms of use of the top 10 Android financial apps in India (top 10 as of June 1, according to App Annie, a mobile apps market research company based in California). The 10 apps are: PhonePe, BHIM, SBI Anywhere Personal, Kotak – 811 and Mobile Banking, JioMoney Wallet, Money View Money Manager, State Bank Buddy, Bank Balance Check, All Bank Balance Enquiry, iMobile by ICICI Bank.

Collecting information

The common theme across privacy policies of these apps is that the information is collected to enhance customer experience while using an app, respond to customer complaints and resolve disputes. Another theme is tracking consumer behaviour. For instance, PhonePe, in its privacy policy states, “We may automatically track certain information about you based upon your behaviour on our app. We use this information to do internal research on our users’ demographics, interests, and behaviour to better understand, protect and serve our users. This information is compiled and analysed on an aggregated basis.”

Similarly, the privacy policy of BHIM app says, “…once you give us your personal information, you are not anonymous to us. We may automatically track certain information about you based upon your behaviour on our app to the extent we deem fit.” It further adds that if you choose to transact on the app, then “we collect information about your transaction behaviour.” All the apps collect some or the other information like device IDs and location.

Sharing Information

The information gathered by the apps is not just used by these companies themselves, but also shared with third parties, subsidiaries, parent companies and agents of the companies. iMobile by ICICI Bank, for instance, in its privacy policy states that the bank will limit the collection and use of customer information only on a need-to-know basis to deliver better service to the customers. “ICICI Bank may use and share the information provided by the customers with its affiliates and third parties for providing services and any service-related activities such as collecting subscription fees for such services, and notifying or contacting the customers regarding any problem with, or the expiration of, such services. In this regard, it may be necessary to disclose the customer information to one or more agents and contractors of ICICI Bank and their sub-contractors, but such agents, contractors, and sub-contractors will be required to agree to use the information obtained from ICICI Bank only for these purposes,” the policy reads.

Similarly, PhonePe in its privacy policy has said that the company may share personal information with its other corporate entities and affiliates. “We and our affiliates will share/sell some or all of your personal information with another business entity should we (or our assets) plan to merge with, or be acquired by that business entity, or re-organization, amalgamation, restructuring of business. Should such a transaction occur that other business entity (or the new combined entity) will be required to follow this privacy policy with respect to your personal information,” it reads.

While installing, the Kotak app seeks your “irrevocable consent” to its privacy policy, which, among others things, states: “We may disclose the customer information to third parties for following, among other purposes, and will make reasonable efforts to bind them to obligation to keep the same secure and confidential and an obligation to use the information for the purpose for which the same is disclosed, and you hereby give your irrevocable consent for the same.”

JioMoney Wallet, while disclosing upfront that the publishing company and its affiliates do not sell or rent personal information to any third-party entities, also adds that the company “engages a number of vendors, consultants, contractors and takes support of our group companies or affiliates. We may provide our partners access to or share your personal information to enable them to provide the services subscribed by you.” Terms and conditions of the BHIM app state: “For the protection of both the parties, and as a tool to correct misunderstandings, the user understands, agrees and authorises NPCI, at its discretion, and without further prior notice to the user, to monitor and record any or all telephone conversations between the user(s) and NPCI only.”

It is imperative to note that most of these apps announce it upfront in their privacy policies that the policy could change anytime without prior information to the users. At the same time, it should be noted that sharing of some data is required for proper functioning of many apps. While most app publishers may not misuse the data being gathered, you should know exactly what data is being used.

Pranesh Prakash, policy director at the Centre for Internet and Society said that their research outputs show that laws to deal with misuse of personal data are very weak in India. “We need a strong privacy law to address these issues, of which we have proposed a citizens’ draft. Clearly, the prevailing situation shows that the industry is not taking enough initiative on self-regulation. At the same time, even the government isn’t taking much interest in consumer protection.”

For more details visit https://cis-india.org/internet-governance/news/livemint-june-8-2017-shaikh-zoaib-saleem-explore-money-apps-but-watch-your-data

Experts' committee moots law to protect privacy

praskrishna — 2012-10-22T10:18:34Z

In its report submitted to the Planning Commission on Thursday, the first ever experts’ group to identify the privacy issues and prepare a report to facilitate authoring of the privacy bill, has said that existing laws have created an ‘unclear regulatory regime’ which allows a state to be intrusive.

Saikat Datta's article was published in DNA on October 19, 2012

The report has been prepared by experts led by justice AP Shah, former chief justice of the Delhi high court.

In its exceptions to the proposed law on privacy, the experts’ group has recommended that national security, public order and disclosures made in ‘public interest’ will be exempted from the limitations of privacy. Several members of the group unsuccessfully argued to bring in the Intelligence agencies which are empowered to legally tap phones, intercept emails and conduct surveillance on citizens under the ambit of the Privacy Act.

The report, a copy of which is available with DNA, recognises that there are major differences in the existing laws that permit intrusive phone-tapping or surveillance of private citizens by the government.The group feels that “these differences have created an unclear regulatory regime that is inconsistent, non-transparent, and prone to misuse and does not provide remedy or compensation to aggrieved individuals.”

Therefore, the group has recommended that when the government conducts any intrusive surveillance like phone tapping, it must adhere to the principles of proportionality, legality and remain within the boundaries of a democratic state.

“The limitation (on tapping phones, etc) should be in proportion to the harm that has been caused or will be caused,” the report states.

Interestingly, the report also exempts the disclosure of personal or private information for journalistic or historical and scientific purposes from being curbed under the proposed Privacy Act. Interestingly, this will give journalists a legal cover from being hauled up under the proposed privacy laws when they file stories.

The government is keen to enact a privacy law quickly because of two major issues. The fallout of the leakage of the tapes of Niira Radia speaking to industry heads like Ratan Tata which led to a renewed clamour for a comprehensive Privacy Act. Ironically, anything related to phone-tapping has now been left out of the provisions of such an Act.

The other reason was the pressure from the industry that is keen to get business from abroad that deals with sensitive personal data. In the absence of any personal data protection laws, Indian companies were not getting any business from European or American firms. With this law, India can look forward to getting substantial business that involves personal data.

With this framework in mind the experts’ group has recommended that notice be given to any individual from whom personal information will be sought. With intrusive government projects like the UID or the NATGRID, the group was worried that this kind of massive data in the hands of the government could turn this into a police state.

It has also mandated that the choice and consent of the individual must be taken before collecting this information. Also, there has to be a limitation on collecting this information and anything that has been collected will use the data for only a limited purpose. A data controller should be appointed to collect, maintain and use the data under strict stipulations.

Therefore, the data controller will be made accountable for any lapse in handling or disclosure of the data. To ensure that this kind of control can be exercised, the group has suggested the appointment of privacy commissioners who will adjudicate on any matter of illegal disclosures and mete out server punishment.

Recommendations

National security, public order and disclosures made in ‘public interest’ will be exempted from the limitations of privacy
The limitation (on tapping phones, etc) should be in proportion to the harm caused or will be caused
Disclosure of personal or private information for journalistic or historical and scientific purposes should be exempted from being curbed under the proposed Act
Notice be given to individual from whom information has to be sought
A data controller should be appointed to collect, maintain and use the data
Privacy commissioners who will adjudicate on any matter of illegal disclosures be appointed

Note: The Centre for Internet & Society was part of the expert committee even though not explicitly mentioned.

For more details visit https://cis-india.org/news/dna-india-october-19-2012-saikat-datta-experts-committee-moots-law-to-protect-privacy

Experts stress on need for enhanced security

praskrishna — 2017-05-20T06:13:19Z

With more and more people falling prey to phishing scams, experts believe that lack of adequate security features in online payment systems will only increase the number of such cases in the coming days. While admitting that the rise in such crimes would be hard to stop or control, cyber security consultants also blame the lack of preparedness before taking the digital economy route as a cause for such problems.

The article was published in the New Indian Express on May 6, 2017. Pranesh Prakash was quoted.

Speaking to Express, Dr A Nagarathna of the Advanced Centre on Cyber Law and Forensics, National Law School of India University, said that apart from the push for digital payment solutions, the merger of various State Bank entities also provided chances for criminals to exploit gullible people.

“People tend to give away critical information since cyber criminals seem so convincing. But they should remember that banks never collect such information over phone,” she said.

The cyber security features of banks and e-wallets are also questionable. Banks and e-wallet service providers should be held accountable for such crimes, so that they make an effort to ensure necessary safety measures, she said.

Pranesh Prakash, Policy Director at the Centre for Internet and Society, noted that there were security concerns with e-wallets. “Many e-wallet apps compromise on security in favour of convenience, but, at the same time, have terms of service that hold customers liable for financial losses. There have been many reports of criminals working with rogue telecom company employees to clone SIM cards and steal money via UPI and BHIM,” he said.

He also criticised the use of biometrics as the only factor for authorising payments to merchants using Aadhaar Pay. He noted, “Your fingerprints cannot be changed, unlike a PIN. So, if a merchant clones your fingerprint, you cannot revoke it or replace it the way you can with a debit card and a PIN.”

Another activist said the recommendations of Watal Committee, which looked into digital payments, should be implemented. “As of now, the law does not focus on the need for consumer protection in digital payments. The Payment and Settlement Systems Act, 2007, needs to be updated,” he said.

For more details visit https://cis-india.org/internet-governance/news/new-indian-express-may-6-2017-experts-stress-on-need-for-enhanced-security

Experts debate on UID and rights

radha — 2011-04-02T12:32:54Z

Bangalore, Apr 16, DHNS: A debate on ‘UID and Fundamental Rights’ organised by several city-based organisations, discussed the social, ethical issues, economic and legal issues that accompanies the UID.

Noted law researcher Usha Ramanathan said that according to available information, UID would tap into National Population Registry and gather data and biometrics of the whole population. “UID by itself would not result in profiling, but will act as a bridge between silos of information that will help profile the individual,” she noted.

She also said that lack of answers for issues that were raised six months ago were disturbing. “It is not just about privacy, but the power of the state as the UID will be feeding off many registers,” she added.

Speaking on the economics side of it, R Ramkumar from the Tata Institute for Social Sciences, Mumbai, said claims of financial inclusion or elimination of corruption in Public Distribution System and the rural employment guarantee scheme was not enough justification. “Service delivery cannot justify the violation of freedom. It is a misplaced emphasis on benefits of technology,” he remarked.

He criticised the government’s thinking that technology could substitute social transformation, commenting that technology could only aid social development in the presence of conducive circumstances and it would be erroneous to assume a linear relationship between development of technology and development of society.

Col Thomas Mathews of the Citizens Action Forum said that UID could not prevent corruption as technology has to be used by people and new ways would be devised to deprive deserving people of the services.

Link to the original article

For more details visit https://cis-india.org/news/experts-debate-on-uid-and-rights

Expert Committee meeting on 25th November, 2013

praskrishna — 2013-11-19T10:41:27Z

A meeting of the Expert Committee has been scheduled for 25th November, 2013 at 11.00 a.m. in R.No. 714 (7th Floor), Group Meeting Room, DBT, New Delhi to discuss the draft 'Human DNA Profiling Bill 2012' under the Chairmanship of Dr. T. S. Rao, Sr. Adviser, DBT.

This was communicated by Dr. Alka Sharma, Director/Scientist, Ministry of Science & Technology, Government of India to the following individuals:

Raghbir
RK Gupta
Murali Krishna Kumar
Sunil Abraham
Amar Jesani
Usha Ramanathan
Kamal Kumar
Dr. N. Madhusudan Reddy

For more details visit https://cis-india.org/news/expert-committee-meeting-november-25-2013

Expel or not? That is the question

praskrishna — 2011-04-02T12:48:28Z

The decision of an international school to expel 14 students for their alleged ‘promiscuous’ behaviour has led to much debate and discussion.

The International School Bangalore (TISB) said the students were caught in ‘compromising positions’ on several occasions. They did not heed the school’s repeated warnings to desist from such behaviour, school authorities said.

The authorities said they had enough ‘evidence’, collected from social networking sites, to support their claim. The students would not be allowed on the campus anymore. They would, however, be allowed to take the exam in May, the authorities said.

The students have denied the charges. Many boarding institutions said that policing students was not the right approach.

Some of the widely used measures to keep a check on students include monitoring social networking sites, banning laptops on campuses, not allowing students to lock room doors, having security guards patrol campuses and insisting on house masters accompanying students to any part of the campus or hostel after school hours.

“There is no point in expelling students for such an activity,” M Srinivasan, principal, GEAR School, said. “If the students had been indulging in such activities often, what were the school authorities doing till now? There is no point making rules if you cannot enforce them. Clearly, there was a lacuna in the system,” he said.

Many schools said they keep a tab on the online activities of students. “The IT department at the school tracks the Facebook accounts of students,” Bishwajeet Bhattacharya, public relations officer, Trio World School, said. “Trio also has a presence on Facebook. The administration has appointed officials to monitor what is being posted online regarding Trio,” he said. The officials also look for objectionable materials.

Authorities, however, admitted that it was difficult to check all the online activities. “It is impossible to monitor all the social networking sites. You can use evidence from online sites, but why go to that extreme? The children are on your campus, their behaviour on campus is what you should be concerned about,” Srinivasan said.

“At the hostel, dorm wardens conduct room checks every hour,” Chenraj Jain, chairman, Jain Group of Institutions, said. “We don’t police the students. Instead, we adopt a more holistic approach,” he said.

The grey area

The International School Bangalore (TISB) said it had expelled the 14 students after collecting “enough evidence”
from social networking sites about their inappropriate behaviour. The question is: does online content have
legal validity?

Experts believe it falls in the grey area. “India does not have any specific law that restricts users from joining social networking sites just because they are below a certain age,” Sunil Abraham, executive director of the Centre for Internet and Society, Bangalore, said. “Many other countries have such laws,” he said.

“If the pictures said to be posted by the students were legal (devoid of vulgarity) and were just posted on a personal profile and not on a college group, then the school was not right in expelling them,” he said. “Students are entitled to privacy and schools shouldn’t be intruding into their privacy. If the school had used snooping software to monitor the students’ online activities, then that is also wrong,” he said. “It’s a different story if one of their classmates had forwarded the pictures to the teacher,” he added.

For link to the original story

For more details visit https://cis-india.org/news/expel-or-not

Expect anti-net censorship echo in house

praskrishna — 2012-04-25T11:07:43Z

For the anti-Internet censorship movement in the country, hope is now in sight. Their fight against the intermediary provisions (section 79) of the IT laws, according to which, an intermediary (website, domain owner) would have to take off content that a third party (or complainant) finds ‘objectionable,’ without any room for appeal, has now garnered the attention of the government itself. What is at stake is our fundamental rights, warns CPM Member of Parliament P Rajeeve, who was perhaps the first at the government level to realise that there was a gaping hole in the provision, and took up the matter in the Rajya Sabha.

This blog post by Arpan Daniel Varghese was published in IBN Live on April 25, 2012

“A discussion on the annulment of the IT Act 2011 itself is likely to figure in the budget session of the Parliament on April 24. I am trying to mobilise other MPs. We have decided to convene a meeting of organizations, representatives of political parties and MPs to discuss this issue in detail,” says MP Rajeeve.

Noted Twitteratti and former Minister of State for External Affairs Shashi Tharoor too is concerned, particularly about the onus this places on Internet Service Providers.

“If a newspaper publishes something, you go after the newspaper, not the delivery boy. Yes, you can ask the delivery boy to stop delivering the newspaper, but that is such an extreme step that few democracies would contemplate. But what we are trying to do seems to go unacceptably far in this direction and needs further reconsideration,” Tharoor says, adding that he too is planning to raise the issue in the Lok Sabha.

Both Alok Dixit from ‘Save Your Voice’ and Sunil Abraham, the executive director of the Centre for Internet And Society (CIS), say they are speaking to MPs and others in the government and trying to initiate an motion in the Rajya Sabha against the intermediary provisions. And support has been pouring in from all quarters, be it cyber space or through the pan-India protests, including the recent one at the Marina Beach in Chennai that ‘Save Your Voice’ has been holding.

Alok, Sunil and scores of activists across the country are now pinning their hopes on the annulment motion introduced by MP Rajeeve, which is likely to be taken up during the second half of the Parliament session on Tuesday.
The main hassle, however, is ignorance. “People don’t even know about the laws. They are not aware of their rights. So, the kind of support we are getting is quite less,” says Alok.

The legal fraternity and the administration too face the same roadblock, agrees Kerala High Court advocate Jacob. “This is a new area and people are just learning the theoretical side of it. There are not many cases. Trained professionals are not there to train the legal fraternity itself,” he rues.

The fundamental question is, according to Sunil, “why should freedom of speech and expression be any different on the Internet?”
“Remember, this is the same Internet which brought out Kolaveri and structured the Anna movement. So, it affects you,” Alok signs off.

Read the original here

For more details visit https://cis-india.org/news/anti-net-censorship-echo-in-house

Examining the Constitutionality of the Ban on Broadcast of News by Private FM and Community Radio Stations

Gurshabad Grover, Torsha Sarkar, Rajashri Seal and Neil Trivedi — 2019-09-27T16:36:46Z

Gurshabad Grover and Torsha Sarkar along with Rajashri Seal and Neil Trivedi co-authored a paper that examined the constitutionality of the government prohibition on the broadcast of news against private and community FM channels.

In the article, the authors also mapped chronologically the history of the development of community and private radio channels in India. As part of the legal analysis, the authors examined the prohibition on the touchstones of existing Indian jurisprudence on media freedom and speech rights. Finally, they also utilized some key points made by the Additional Solicitor General in the Shreya Singhal case, to propose an alternative regulatory framework that would address both the interests of the radio channels and the government.

In 1995, the Supreme Court declared airwaves to be public property in the seminal case of The Secretary, Ministry of Information and Broadcasting v Cricket Association of Bengal, and created the stepping stones for liberalization of broadcasting media from government monopoly. Despite this, community radio and private FM channels, in their nearly two decades of existence, have been unable to broadcast their own news content because of the Government’s persisting prohibition on the same.In this paper, we document the historical developments surrounding the issue, and analyse the constitutional validity of this prohibition on the touchstone of the existing jurisprudence on free speech and media freedom. Additionally, we also propose an alternative regulatory framework which would assuage the government’s apprehensions regarding radicalisation through radio spaces, as well as ensure that the autonomy of these stations is not curtailed.

Click to download the full paper by NLUD Journal of Legal Studies here.

For more details visit https://cis-india.org/internet-governance/blog/nlud-journal-of-legal-studies-september-27-2019-gurshabad-grover-torsha-sarkar-rajashri-seal-neil-trivedi-examining-the-constitutionality-of-ban-on-broadcast-of-news-by-private-fm-and-community-radio-stations

EVMs: How transparent is the Indian election process?

praskrishna — 2017-03-17T01:57:19Z

Electronic Voting Machines (EVMs) have become a bone of contention after the results of the Assembly elections in five states were declared last Saturday and the BSP president Mayawati alleged tampering. The Congress party and the Aam Aadmi Party (AAP) have called for a probe into her allegation. Social media too is abuzz with messages and videos showing how the machines can be allegedly manipulated to sway the votes in favour of a particular candidate.

The article by Smriti Sharma Vasudeva was published in the Statesman on March 14, 2017. Pranesh Prakash was quoted.

Overnight, several videos on Whatsapp have surfaced wherein people can be seen explaining the "mechanism" on how to alter the votes polled for a candidate in another candidate's favour. Several similar posts and articles are doing the rounds on Facebook.

BBC added fuel to the fire when it shared a 2010 article on how 'US "Scientists" hack India Electronic Machines' . The article details how scientists at a US university say they have developed a technique to hack into Indian electronic voting machines. While the article was posted on the BBC website a day after the election results were declared, it drew considerable flak from users on Facebook who criticised the website for its 'irresponsible' act of sharing an article with a "click bait" headline just to grab eyeballs.

Amid all this frenzy, the Election Commission of India has issued statements clarifying how the entire process is transparent and fool proof and tampering with the EVMs is a far-fetched thing given the checks and balances in place. For instance, the EVMs undergo the process of randomisation wherein which machine will go to which constituency and to which booth is not known to anyone till the last moment. Similarly, before the polling starts, mock polling takes place in the presence of representatives of all the political parties and then each of these machines are tested and a satisfactory report is generated and only after that polling begins.

However, all these checks and balances still do not ensure a fool proof system if experts are to be believed.

Pranesh Prakash, Policy Director for The Centre for Internet and Society, a non-profit organisation that undertakes interdisciplinary research on internet and digital technologies from policy and academic perspectives, said: "The Electronic Voting Machines used in India are the simplest, with no large operating system requirements and are not networked. Thus, from a software design perspective, these are really good and the chances of these being tampered with are bleaker. However it doesn't mean these are fool proof. Most of the developed countries do not trust these machines and these are definitely not secure enough for democratic elections.

"While there are many advantages of using EVMs in the electoral process over the traditional ballot papers, still there are many ways in which one can tamper with these machines without any technical ingenuity. The best way is to make use of the EVMs and ensure that the Voter Verified Paper Audit Trail (VVPAT) are effectively utilised to make it an overall effective system".

Recently, the Supreme Court had mandated that VVPAT machines should be used in all the polls and thus the Election Commission had installed VVPAT machines in several constituencies. However, not sure of the efficacy of this system, the Election Commission had itself raised apprehensions regarding performance of the paper-trail machine, which gives a receipt to the voter, verifying the vote went in favour of the candidate against whose name the button was pressed on the electronic voting machine.a

For more details visit https://cis-india.org/internet-governance/news/the-statesman-smriti-sharma-vasudeva-march-14-2017-evms-how-transparent-is-the-indian-election-process

Every Town had its Jio Dara

Ayswarya Murthy — 2017-12-21T16:24:52Z

Strap: In the hills of Darjeeling, residents facing an indefinite internet shutdown were thrown an unexpected lifeline in the form of 'Jio dara', a feeble signal from Sikkim towers that nevertheless kept a small line of communication open between the besieged towns in the region and the rest of the world.

Bangalore, Karnataka: Alvin Lama writes rock music is his downtime, and these days his songs are rather politically charged. The 100-day internet shutdown in Darjeeling during the Gorkaland agitation in 2017 inspired his latest single, titled Jio Dara. In Lama’s song, he tells his listeners, “Come let’s go to Jio Dara” where they can be free from the prison of internet shutdown to send and receive messages from the outside world. “I am using that window of access to tell people about our struggle. It has a bit of an anti-administration message,” he says.


View from Carmichael Ground, a Jio Dara spot (Picture Courtesy: Nisha Chettri, Caffeine and Copies)

Jio Dara (‘dara’ meaning ‘hillock’), also alternatively called ‘Reliance gully’, was not always a specific place but a small window of opportunity during which a weak 2G signal could be accessed in the hills. Towns like Darjeeling and Kalimpong lie very close to the border of West Bengal, separated from their northern neighbour Sikkim by the river Rangeet; and often in the hills along the river bank, phones pick faint signals from the mobile phone towers in Sikkim. For a population that was completely shut off from the outside world, even this thin, fragile lifeline was precious. “I was not here during the agitation but somehow would get information about what was happening in the hills from my family and friends through the Jio Dara,” Alvin says.

Alvin, also founder director & CEO of the Good Shepard Institute of Hospitality Management, is not the only musician to immortalise Jio Dara in song. Young student Saif Ali Khan and his friends also wrote and composed their own ode to this happy accident. “It was really born out of boredom,” he says. “My brother, my friends and I were sitting around the campus and chatting. Classes were cancelled due to the strike and our education was on hold. And we overhead a couple talking about where they were going to go for their date. Of course, we should go to Jio Dara, the girl said, and that led to an argument.”

This sparked off their Jio Dara song which was written, composed and recorded by Khan and his friends under their Firfiray Productions. A satirical take on the internet shutdown and how it has affected the lives of the students in Darjeeling, the song plays out like a dialogue between two lovers and serves as a light-hearted look at a situation that was anything but.

For three months between June and September, the administration had shut down internet access in Darjeeling and in its surrounding hills. This prevented the outside world from hearing the voices of the Gorkhaland protesters but information still trickled out, as it is wont to do, through various sources, one of these being the Jio Dara.

How did this work? Reliance Jio had not long ago made a big splash in India’s telecom market with cheap unlimited data packs and lifetime validity deals, and many had switched to Jio to take advantage of this. This was what eventually gave Jio users the edge, helping them tap into the signal from the towers across the border. While it isn't clear whether signals from other networks were also available in these spots (information varies from they were no other networks at all to there were some but they were even weaker than Jio), what's certain is that without the free internet that Jio subscribers enjoyed, access to the internet through other networks was not feasible after a point because recharging your number at the local mobile shop wasn't an option anymore.

These hotspots used to vary, according to Lama. “The signal would be strong today, but next day one might have to move a few hundred metres up or down till they connected with the network. So, you would go searching in the hills till you get a signal and then the word would spread,” he says. People in Darjeeling were lucky in that their Jio Dara was inside town near the mall in Chowrasta, but it was not as convenient in Kalimpong. One had to travel a couple of kilometres from the city centre to Carmichael grounds, sometimes go even further up the hill towards areas that were facing Sikkim. “People would get to know through word-of-mouth and the number of people there would snowball,” Lama tells us. People, young and old, would come to log in, even though the connection was patchy and slow, to talk about the events of the day, upload pictures, connect with family and friends and basically tell the world what really was happening in Darjeeling.

It became an unofficial symbol of resistance. Each town had its very own Jio Dara and it transcended merely a physical location to become an idea. “Our habits changed after June 18, when the government undemocratically blocked the internet service in the hills,” writes Nisha Chettri, a journalist with the Statesman, in her blog ‘Caffeine and Copies’. Carmichael Ground in Kalimpong invariably became a meeting spot for all sorts of occasions – birthdays, dates, get-togethers. She says that some Jio users even shared their mobile hotspot with others so that everyone could use the internet.

Local journalists would file their stories and upload their pictures side by side with ordinary citizens updating their social media statuses. It helped journalists like the Telegraph’s Passan Yolmo to maintain a line of communication with his publishers. Most evenings he would connect to the Jio Dara to send across photographs from the day, as many as the feeble 2G connection would allow.

“I don’t know who first found this spot behind Chowrasta,” says Khan. Perched in the centre of the city and at a higher elevation than the rest, Chowrasta is a popular tourist destination in Darjeeling; so it couldn’t have been long before people stumbled onto this secret. “I accidentally discovered it one day when I walked past it and suddenly my phone started pinging and I received a bunch of texts on WhatsApp. I checked my phone and realised I was connected to Sikkim’s Jio network.”

Ayswarya Murthy is a Bangalore-based journalist and a member of 101Reporters.com, a pan-India network of grassroots reporters.

Shutdown stories are the output of a collaboration between 101 Reporters and CIS with support from Facebook.

For more details visit https://cis-india.org/internet-governance/blog/every-town-had-its-jio-dara

Event Report on Intermediary Liability and Gender Based Violence

akriti — 2018-12-21T07:16:41Z

This report is a summary of the proceedings of the Roundtable Conference organized by the Centre for Internet and Society (CIS) at the Digital Citizen Summit, an annual summit organized by the Digital Empowerment Foundation. It was conducted at the India International Centre in New Delhi on November 1, 2018 from 11.30 a.m. to 12.30 p.m.

With inputs and edited by Ambika Tandon. Click here to download the PDF

Introduction

Background

The topic of discussion was intermediary liability and Gender Based Violence (GBV), the debate on GBV globally and in India evolving to include myriad forms of violence in online spaces in the past few years. This ranges from violence native to the digital, such as identity theft, and extensions of traditional forms of violence, such as online harassment, cyberbullying, and cyberstalking^[1]. Given the extent of personal data available online, cyber attacks have led to a variety of financial and personal harms.^[2] Studies have explored the extent of psychological and even physical harm to victims, which has been found to have similar effects to violence in the physical world^[3]. Despite this, technologically-facilitated violence is often ignored or trivialised. When present, redressal mechanisms are often inadequate, further exacerbating the effects of violence on victims.

TheRoundtable explored ways of how intermediaries can help tackle gender based violence and discussed attempts at making the Internet a safer place for women which can ultimately help make it a gender equal environment. It also analyzed the key concerns of privacy and security leading the conversation to how we can demand more from platforms for our protection and how best to regulate them.

The roundtable had four female and one male participants from various civil society organisations working on rights in the digital space.

Roundtable Discussion

Online Abuse

The discussion commenced with the acknowledgement of it being well documented that women and sexual minorities face a disproportionate level of violence in the digital space, as an extension/reproduction of physical space. GBV exists on a continuum from the physical, verbal, and technologically enabled, either partially or fully, with overflowing boundaries and deep interconnections between different kinds of violence. Some forms of traditional violence such as harassment, stalking, bullying, sex trafficking, extend themselves into the digital realm while other forms are uniquely tech enabled like doxxing and morphing of imagery. Due to this considerations of anonymity, privacy, and consent, need to be re-thought in the context of tech enabled GBV. These come into play in a situation where the technological realm has largely been corporatised and functions under the imperative of treating the user and their data as the final product.

It was noted early on that GBV online can be a misnomer because it can be across a number of spaces and, the participants concentrated on laying down the specific contours of tech mediated or tech enabled violence. One of the discussants stated that the term GBV is a not a useful one since it does not encompass everything that is talked about when referring to online abuse. The phenomenon that gets the most traction is trolling on social media or abuse on social media. This is partly because it is the most visible people who are affected by it, and also since often, it is the most difficult to treat under law. In a 2012 study by the Internet Democracy Project focusing on online verbal abuse in social media, every woman they interviewed started by asserting that she is not a victim. The challenge with using the GBV framework is that it positions the woman as a victim. Other incidents on social media such as verbal abuse where there are rape threats or death threats, especially when there is an indication that the perpetrator is aware of the physical location of the victim, need to be treated differently from say online trolling.

Further, certain forms of violence, such as occurrences of ‘revenge porn’ or the non-consensual sharing of intimate images, including rape videos are easier to fit within the description of GBV. It is important to make these distinctions because the remedies then should be commensurate with perceived harm. It is not appropriate to club all of these together since the criminal threshold for each act is different. Whereas being called a “slut” or a “bitch” would not be enough for someone to be arrested, if a woman is called that repetitively by a large number of people the commensurate harm could be quite significant. Thus, using GBV as a broad term for all forms of violence ends up invisiblising certain forms of violence and prevents a more nuanced treatment of the discussion.

In response to this, a participant highlighted the normalisation of gendered hate speech, to the extent of lack of recognition as a form of hate speech. This lacunae in our law stems from the fact that we inherited our hate speech laws from a colonial era where it was based on the grounds of incitement of violence, more so physical violence. As a result, we do not take the International Covenant on Civil and Political Rights (ICCPR) standard of incitement to discrimination. If the law was based on an incitement to discriminate point of view then acts of trolling could come under hate speech. Even in the United Kingdom where there is higher sentencing for gender based crime as compared to other markers of identity such as race, gender does not fall under the parameters of hate speech. This can also be attributed to the threshold at which criminalization kicks in for such acts.

A significant aspect of online verbal abuse pointed out by a participant was that it does not affect all women equally. In a study, the Twitter accounts of 12 publicly visible women across the political spectrum were looked at for 2 weeks in early December, 2017. They were filtered against keywords and analyzed for abusive content. One Muslim woman in the study had extremely high levels of abuse, being consistently addressed as “Jihad man, Jihad didi or Jihad biwi”. According to the participant, she is also the least likely to get justice through the criminal system for such vitriol and as such, this disparity in the likelihood of facing online abuse and accessing official redressal mechanisms should be recognized. Another discussant reaffirmed the importance of making a distinction between online abuse against someone as opposed to gender based violence online where the threat itself is gendered.

In a small ethnographic study with the Bangalore police undertaken by one of the participants, the police were asked for their opinion on the following situation: A women voluntarily providers photos of herself in a relationship and once the relationship is over, the man distributes it. Is there a cause for redressal?

Policemen responded that since she gave it voluntarily in the first instance, the burden of the consequences is now on her. So even in a feminist framework of consent and agency where we have laws for actions of voyeurism and publishing photos of private parts, it is not being recognized by institutional response mechanisms.

Intermediary Liability

Private communications based intermediaries can be understood to be of two types: those that enable the carriage/transmission of communications and provide access to the internet, and those that host third party content. The latter have emerged as platforms that are central to the exercising of voice, the exchange of information and knowledge, and even the mobilisation of social movements. The norms and regulations around what constitutes gender based violence in this realm is then shaped not only by state regulations, but content moderation standards of these intermediaries. Further, the kinds of preventive tools and tools providing redressal are controlled by these platforms. More than before, we are looking deeper into the role of these companies that function as intermediaries and control access to third party content without performing editorial functions.

In the Intermediary Liability framework in the United States formulated in the 1990s, the intermediaries that were envisioned were not the intermediaries we have now. With time, the intermediary today is able to access and possess your data while urging a certain kind of behaviour from you. There is then an intermediary design duty which is not currently accounted for by the law. Moreover, the law practices a one size fits all regime whereas what could be more suitable is having approached tailored as per the offence. So for child pornography, a ‘removal when uploaded’ action using artificial intelligence or machine learning is appropriate but a notice and takedown approach is better for other kinds of content takedown.

Globally, another facet is that of safe harbour provisions for platforms. When intermediaries such as Google and Facebook were established, they were thought of as neutral pipes since they were not creating the content but only facilitating access. However, as they have scaled and as their role in ecosystem has increased, they are now one of the intervention points for governments as gatekeepers of free speech. One needs to be careful in asking for an expansion of the role and responsibilities of platforms because then complementary to that we will also have to see that the frameworks regulating them need to be revisited. Additionally, would a similar standard be applicable to larger and smaller intermediaries, or do we need layers of distinction between their responsibilities? Internet platforms such as the GAFA (Google, Apple, Facebook and Amazon) yield exceptional power to dictate what discourse takes place and this translates into the the online and offline divide disappearing. Do we then hold these four intermediaries to a separate and higher standard? If not, then all small players will be held to stringent rules disadvantaging their functioning and ultimately, stifling innovation. Thus, regulation is definitely needed but instead of a uniform one, one that’s layered and tailor-made to different situations and platform visibility levels could be more useful.

Some participants shared the opinion that because these intermediaries are based in foreign countries and have primary legal obligations there, the insulation plays out in the citizen’s benefit. It lends itself a layer of freedom of speech and expression that is not present in the substantive law, rule of law framework or the institutional culture in India.

Child pornography is an area where platforms are taking a lot of responsibility. Google has spoken about how they have been using machine learning algorithms to block 40% of such content and Microsoft is also working on a similar process. If we argue for more intervention from platforms, we simultaneously also need to look at their machine learning algorithms. Concerns of how these algorithms are being deployed and further, being incorporated into the framework of controlling child pornography are relevant since there is not much accountability and transparency regarding the same.

Another fraction that has emerged from recent events is the divide between traditional form of media and new media. Taking the example of rape victims and sexual harassment claims, there are strict rules regarding the kinds of details that can be disclosed and the manner in which this is to be done. In the Kathua rape case, for instance, the Delhi High Court sent a notice to Twitter and Facebook for revealing details because there are norms around this even though they have not been applicable to platforms. Hence, there are certain regulations that apply to old media that have now escaped in the frameworks applicable to the new media and at some level that gap needs to be bridged.

Role of Law

One of the participants brought up the question; what is the proper role of the law and does it come first or last? In case of the latter, the burden then falls upon the kind of standard setting that we do as a society. The role of platforms as an entity in mediating the online environment was discussed, given the concerns that have been highlighted about this environment, especially for women. The third thing to be considered is whether we run the risk of enforcing patriarchal behaviour by doubling down on the either of the two aforementioned factors. If legal standards are made too harsh they may end up reinforcing a power structure that is essentially dominated by upper caste men who comprise a majority of staff within law enforcement and the judiciary. Even though the subordinate judiciary do have mahila courts now, the application of the law seems to reify the position of the woman as the victim. This also brings up the question of who can become a victim within such frameworks, where selective bias such as elements of chastity come to play as court functions are undertaken.

An assessment of the way criminal law in India is used to stifle free speech was carried out in 2013 and repeated in 2018, illustrating how censorship law is used to stifle voices of minorities and people critical of the political establishment. Even though it is perhaps time to revisit the earlier conceptualizations of intermediaries as neutral pipes, it is concerning to look at the the court cases regarding safe harbour in India. Many of them are carried out with the ostensible objective of protecting women's rights. In Kamlesh Vaswani V Union of India, the petition claims that porn is a threat to Indian women and culture, ignoring the reality that many women watch porn as well. Pornhub releases figures on viewership every year, and of the entirety of Indian subscribers one third are women. This is not taken into account in such petitions. In Prajwala V Union of India, an NGO sent the Supreme Court a letter raising concerns about videos of sexual violence being distributed on the internet. The letter sought to bring attention to the existence of such videos, as well as their rampant circulation on online platforms. At some point in the proceedings, the Court wanted the intermediaries to use keywords to take down content and keeping aside poor implementation, the rationale behind such a move is problematic in itself. For instance, if you choose sex as one of those words then all sexual education will disappear from the Internet. There are many problems with court encouraged filtering systems like one where a system automatically tells you when a rape video goes up. The question arises of how will you distinguish between a video that was consensually made depicting sexual activities and a rape video. The narrow minded responses to the Sabu Mathew and Prajwala cases originate in the conservative culture regarding sexual activity prevalent in India.

In a research project undertaken by one of the participants in the course of their work, they made a suggestion to include gender, sexuality and disability as grounds for hate speech while working with women’s rights activists and civil society organisations. This suggestion was not well received as they vehemently opposed more regulation. In their opinion, the laws that India has in place are not being upheld and creating new laws will not change if the implementation of legislation is flawed. For instance, even though the Supreme Court stuck down S.66A, Internet Freedom Foundation has earlier provided instances of its continued usage by police officers to file complaints.^{^[4]} Hate speech laws can be used to both ends, even though unlike in the US they do not determine whose speech they want to protect. Consequently, in the US a white supremacist gets as much protection as a Black Lives Matter activist but in India, that is not the case. The latest Law Commission Report on hate speech in India tries to make progress by incorporating the ICCPR view of incitement to discriminate and include dignity in the harms. It specifically speaks about hate speech against women saying that it does not always end up in violence but does result in a harm to dignity and standing in society. Often, protectionist forms of speech such as hate speech often end up hurting the people it aims to protect by reinforcing stereotypes.

Point of View undertook a study where they looked at the use of S.67 in the Information Technology (IT) Act which criminalizes obscene speech when you use a medium covered by the IT, in which they found that the section was used to criminalize political speech. In many censorship cases, the people who those provisions benefit are the ones in power.^{^[5]} For instance in S.67, obscenity provisions do not protect women's rights, they protect morality of society. Even though these are done in the name of protecting women, when a woman herself decides that she wants to publish a revealing picture of herself online, it is disallowed by the law. That kind of control of sexuality is part of a larger patriarchal framework which does not support women's rights or recognise her sexuality. However, under Indian law, there are quite a few robust provisions for image based abuse, and there is some recognition of women in particular being vulnerable to it. S.66A of the IT Act specifically recognizes that it is a criminal activity to share images of someone’s private parts without their consent. This then also encompasses instances of ‘revenge porn’. That provision has been in place in India since 2008, in contrast to the US where half the states still do not have such a provision. Certain kinds of vulnerability have adequate recognition in the law, thus one should be wary of calls of censorship and lowering the standards for criminalizing speech.

Non-legal interventions

This section centres around the discussions of redressal mechanisms that can be used to address some of the forms of violence which do not emanate from the law. All of the participants emphasized the importance of creating safe spaces through non-legal interventions. It was debated whether there is a need to always approach the law or if it is possible to categorize forms of online violence according to the gravity of the violation committed. These can be in the form of community solutions where law is treated as the last resort. For instance, there was support for using community tools such as ‘feminist trollback’ where humor can be used to troll the trolls. Trolls feed on the fear of being trolled, so the harm can be mitigated by using community initiatives wherein the target can respond to the trolls with the help of other people in the community. It was reiterated that non technical and legal interventions are needed not only from the perspective of power relations within these spaces but also access to the spaces in the first place. Accordingly, the government should work on initiatives that get more women online and focus on policies that makes smartphones and data services more accessible. This would also be a good method to increase the safety of women and benefit from the strength in numbers.

In cases of the non-consensual sharing of intimate images, law can be the primary forum but in cases of trolling and other social media abuse, the question was raised - should we enhance the role of the intermediary platforms? Being the first point of intervention, their responsibility should be more than it currently is. However this would require them to act in the nature of police or judiciary and necessitate an examination of their algorithms. A large proportion of the designers of such algorithms are white males, which increases the possibility of their biases against women of colour for instance, to feed into the algorithms and reinforce a power structure that lacks accountability.

Participants questioned the lack of privacy in design with the example in mind being of how registrars do not make domain owner details private by default. Users have to pay an additional fee for not exposing their details to public and the notion of having to pay for privacy is unsettling. There is no information being provided during the purchasing of the domain name about the privacy feature as well. It was acknowledged that for audit and law enforcement purposes it is imperative to have the information of the owner of a domain name and their details since in cases of websites selling fake medicines, arms or hosting child pornography. Thus, it boils down to the kind of information necessary for law enforcement. Global domain name rules also impact privacy on the national level. The process of ascertaining the suitability and necessity of different kinds of information excludes ordinary citizens since all the consultations take place between the regulatory authority and the state. This makes it difficult for citizens to participate and contribute to this space without government approval.

Issues were flagged against community standards in that the violence that occurs to women is also because the harms are not equal for all. Further, some users are targeted specifically because of the community they come from or the views they have. Often also because, they represent a ‘type’ of a woman that does not adhere to the ‘ideal’ of a woman held by the perpetrator. Unfortunately community standards do not recognise differential harms towards certain communities in India or globally. Twitter, for example, regularly engages in shadow banning and targets people who do not conform to the moral views prevalent in that society where the platform is engaging in censorship. We know these instances occur only when our community members notice and notify us of the same. There is a certain amount of labor that the community has already put in flagging instances of these violations to the intermediary which also needs recognition. In this situation, Twitter is disproportionately handling how it engages with the two entities in question. Community standards could thus become a double edged sword without adding additional protections for certain disadvantaged communities.

Conclusion

Currently, intermediaries are considered neutral pipes through which content flows and hence have no liability as long as they do not perform editorial functions. This has also been useful in ensuring that the freedom of speech is not harmed. However, given their potential ability to remedy this problem, as well as the fact that intermediaries sometimes benefit financially from such activities, it is important to look at the intermediaries’ responsibility in addressing these instances of violence. Governments across the world have taken different approaches to this question^{^[6]}. Models, such as in the US, where intermediaries have been solely responsible to institute redressal mechanisms have proven to be ineffectual. On the other hand, in Thailand, where intermediaries are held primarily liable for content, the monitoring of content has led to several free speech harms.

People are increasingly looking at other forms of social intervention to combat online abuse since technological and legal ones do not completely address and resolve the myriad issues emanating from this umbrella term. There is also a need to make the law gender sensitive as well as improving the execution of laws at ground level, possibly through sensitisation of law enforcement authorities. Gender based violence as a catchall phrase does not do justice to the full spectrum of experiences that victims face, especially women and sexual minorities. Often these do not attract criminal punishment given the restricted framework of the current law and need to be seen through the prism of hate speech to strengthen these provisions.

Some actions within GBV receive more attention than others and as a consequence, these are the ones platforms and governments are most concerned with regulating. Considerations of free speech and censorship and the role of intermediaries in being the flag bearers of either has translated into growing calls for greater responsibility to be taken by these players. The roundtable raised some key concerns regarding revisiting intermediary liability within the context of the scale of the platforms, their content moderation policies and machine learning algorithms.

^{^[1]} See Khalil Goga, “How to tackle gender-based violence online”, World Economic Forum, 18 February 2015, <https://www.weforum.org/agenda/2015/02/how-to-tackle-gender-based-violence-online/>. See also Shiromi Pinto, “What is online violence and abuse against women?”, 20 November 2017, Amnest International, <https://www.amnesty.org/en/latest/campaigns/2017/11/what-is-online-violence-and-abuse-against-women/>.

^{^[2]} Nidhi Tandon, et. al., “Cyber Violence Against Women and Girls: A worldwide wake up call”, UN Broadband Commission for Digital Development Working Group on Broadband and Gender, <http://www.unesco.org/new/fileadmin/MULTIMEDIA/HQ/CI/CI/images/wsis/GenderReport2015FINAL.pdf>

^{^[3]} See Azmina Dhrodia, “Unsocial Media: The Real Toll of Online Abuse against Women”, Amnesty Global Insights Blog, <https://medium.com/amnesty-insights/unsocial-media-the-real-toll-of-online-abuse-against-women-37134ddab3f4>

^{^[4]} See Abhinav Sekhri and Apar Gupta, “Section 66A and other legal zombies”, Internet Freedom Foundation Blog, <https://internetfreedom.in/66a-zombie/?

^{^[5]} See Bishakha Datta “Guavas and Genitals”, Point of View <https://itforchange.net/e-vaw/wp-content/uploads/2018/01/Smita_Vanniyar.pdf>

^{^[6]} ‘Examining Technology-Mediated Violence Against Women Through a Feminist Framework: Towards appropriate legal-institutional responses in India’, Gurumurthy et al., January 2018.

For more details visit https://cis-india.org/internet-governance/blog/intermediary-liability-and-gender-based-violence

Even years later, Twitter doesn't delete your direct messages

Zack Whittaker and Natasha Lomas — 2019-02-18T14:17:54Z

When does “delete” really mean delete? Not always, or even at all, if you’re Twitter .

The blog post by Zack Whittaker and Natasha Lomas was published in Tech Crunch on February 15, 2019. Karan Saini was quoted.

Twitter retains direct messages for years, including messages you and others have deleted, but also data sent to and from accounts that have been deactivated and suspended, according to security researcher Karan Saini.

Saini found years-old messages in a file from an archive of his data obtained through the website from accounts that were no longer on Twitter. He also reported a similar bug, found a year earlier but not disclosed until now, that allowed him to use a since-deprecated API to retrieve direct messages even after a message was deleted from both the sender and the recipient — though, the bug wasn’t able to retrieve messages from suspended accounts.

Saini told TechCrunch that he had “concerns” that the data was retained by Twitter for so long.

Direct messages once let users “unsend” messages from someone else’s inbox, simply by deleting it from their own. Twitter changed this years ago, and now only allows a user to delete messages from their account. “Others in the conversation will still be able to see direct messages or conversations that you have deleted,” Twitter says in a help page. Twitter also says in its privacy policy that anyone wanting to leave the service can have their account “deactivated and then deleted.” After a 30-day grace period, the account disappears, along with its data.

But, in our tests, we could recover direct messages from years ago — including old messages that had since been lost to suspended or deleted accounts. By downloading your account’s data, it’s possible to download all of the data Twitter stores on you.

A conversation, dated March 2016, with a suspended Twitter account was still retrievable today (Image: TechCrunch)

Saini says this is a “functional bug” rather than a security flaw, but argued that the bug allows anyone a “clear bypass” of Twitter mechanisms to prevent accessed to suspended or deactivated accounts.

But it’s also a privacy matter, and a reminder that “delete” doesn’t mean delete — especially with your direct messages. That can open up users, particularly high-risk accounts like journalist and activists, to government data demands that call for data from years earlier.

That’s despite Twitter’s claim that once an account has been deactivated, there is “a very brief period in which we may be able to access account information, including tweets,” to law enforcement.

A Twitter spokesperson said the company was “looking into this further to ensure we have considered the entire scope of the issue.”

Retaining direct messages for years may put the company in a legal grey area ground amid Europe’s new data protection laws, which allows users to demand that a company deletes their data.

Neil Brown, a telecoms, tech and internet lawyer at U.K. law firm Decoded Legal, said there’s “no formality at all” to how a user can ask for their data to be deleted. Any request from a user to delete their data that’s directly communicated to the company “is a valid exercise” of a user’s rights, he said.

Companies can be fined up to four percent of their annual turnover for violating GDPR rules.

“A delete button is perhaps a different matter, as it is not obvious that ‘delete’ means the same as ‘exercise my right of erasure’,” said Brown. Given that there’s no case law yet under the new General Data Protection Regulation regime, it will be up to the courts to decide, he said.

When asked if Twitter thinks that consent to retain direct messages is withdrawn when a message or account is deleted, Twitter’s spokesperson had “nothing further” to add.

For more details visit https://cis-india.org/internet-governance/news/zack-whittaker-natasha-lomas-february-15-2019-tech-crunch-even-years-later-twitter-doesnt-delete-your-direct-messages

European Union Draft Report Admonishes Mass Surveillance, Calls for Stricter Data Protection and Privacy Laws

divij — 2014-09-30T08:52:45Z

Ever since the release of the “Snowden files”, the secret documents evidencing the massive scale of surveillance undertaken by America’s National Security Agency and publically released by whistle-blower Edward Snowden, surveillance in the digital age has come to the fore of the global debate on internet governance and privacy.

The Committee on Civil Liberties, Justice and Home Affairs of the European Parliament in its draft report on global surveillance has issued a scathing indictment of the activities of the NSA and its counterparts in other member nations and is a welcome stance taken by an international body that is crucial to the fight against surveillance.

The "European Parliament Draft Report on the US NSA surveillance programme, surveillance bodies in various Member States and their impact on EU citizens’ fundamental rights and on transatlantic cooperation in Justice and Home Affairs" released on the 8^th of January, 2014, comprehensively details and critiques the mass surveillance being undertaken by government agencies in the USA as well as within the EU, from a human rights and privacy perspective. The report examines the extent to which surveillance systems are employed by the USA and EU member-states, and declares these systems in their current avatars to be unlawful and in breach of international obligations and fundamental constitutional rights including "the freedom of expression, of the press, of thought, of conscience, of religion and of association, private life, data protection, as well as the right to an effective remedy, the presumption of innocence and the right to a fair trial and non-discrimination".

Furthermore, the report points to the erosion of trust between the EU and the US as well as amongst member states as an outcome of such secret surveillance, and criticises and calls for a suspension of the data-sharing and transfer agreements like the Terrorist Finance Tracking Program (TFTP), which share personal information about EU citizens with the United States, after examining the inadequacy of the US Safe Harbour Privacy principles in ensuring the security of such information.

After considering the secret and unregulated nature of these programmes, the report points to the need of restricting surveillance systems and criticizes the lack of adequate data protection laws and privacy laws which adhere to basic principles such as necessity, proportionality and legality.. It also questions the underlying motives of these programmes as mere security-tools and points to the possible existence of political and economic motives behind their deployment. Recognizing the pitfalls of surveillance and the terrible potential for misuse, the report "condemns in the strongest possible terms the vast, systemic, blanket collection of the personal data of innocent people, often comprising intimate personal information; emphasises that the systems of mass, indiscriminate surveillance by intelligence services constitute a serious interference with the fundamental rights of citizens; stresses that privacy is not a luxury right, but that it is the foundation stone of a free and democratic society; points out, furthermore, that mass surveillance has potentially severe effects on the freedom of the press, thought and speech, as well as a significant potential for abuse of the information gathered against political adversaries."

Amongst the recommendations in the 51-page report are calls for a prohibition of mass surveillance and bulk data collection, and an overhaul of the existing systems of data-protection across the European Union and in the US to recognize and strengthen the right to privacy of their citizens, as well as the implementation of democratic oversight mechanisms to check security and intelligence agencies. It also calls for a review of data-transfer programmes and ensuring that standards of privacy and other fundamental rights under the European constitution are met. The committee sets out a 7-point plan of action, termed the European Digital Habeus Corpus for Protecting Privacy, including adopting the Data Protection Package, suspending data transfers to the US until a more comprehensive data protection regime is through an Umbrella Agreement, enhancing fundamental freedoms of expression and speech, particularly for whistleblowers, developing a European Strategy for IT independence and developing the EU as a reference player for democratic and neutral governance of the internet.

Though this draft report has no binding legal value as yet, the scathing criticism has assisted in calling to the attention of the global community the complex issues of internet governance and privacy and surveillance, and generated debate and discourse around the need for an overhaul of the current system. The recent decision of the US government to ‘democratize’ the internet by handing control of the DNS root zone to an international body, and thereby relinquishing a large part of its means of controlling the internet, is just one example of the systemic change that this debate is generating.

For more details visit https://cis-india.org/internet-governance/blog/european-union-draft-report-admonishes-mass-surveillance