Access To Knowledge (A2K)

Divergence between the General Data Protection Regulation and the Personal Data Protection Bill, 2019

Pallavi Bedi — 2020-02-21T11:08:50Z

Our note on the divergence between the General Data Protection Regulation and the Personal Data Protection Bill can be downloaded as a PDF here.

The European Union’s General Data Protection Regulation (GDPR), replacing the 1995 EU Data Protection Directive came into effect in May 2018. It harmonises the data protection regulations across the European Union. In India, the Ministry of Electronics and Information Technology had constituted a Committee of Experts (chaired by Justice Srikrishna) to frame recommendations for a data protection framework in India. The Committee submitted its report and a draft Personal Data Protection Bill in July 2018 (2018 Bill). Public comments were sought on the bill till October 2018. The Central Government revised the Bill and introduced the revised version of the Personal Data Protection Bill (PDP Bill) on December 11, 2019 in the Lok Sabha.

The PDP Bill has incorporated certain aspects of the GDPR, such as requirements for notice to be given to the data principal, consent for processing of data, establishment of a data protection authority, etc. However, there are some differences and in this note we have highlighted the areas of divergence between the two. It only includes provisions which are common to the GDPR and the PDP Bill. It does not include the provisions on (i) Appellate Tribunal, (ii) Finance, Account and Audit; and (iii) Non- Personal Data.

For more details visit https://cis-india.org/internet-governance/blog/divergence-between-the-general-data-protection-regulation-and-the-personal-data-protection-bill-2019

DIT's Response to RTI on Website Blocking

pranesh — 2011-08-02T07:13:47Z

For the first time in India, we have a list of websites that are blocked by order of the Indian government. This data was received from the Department of Information Technology in response to an RTI that CIS filed. Pranesh Prakash of CIS analyzes the implications of these blocks, as well as the shortcomings of the DIT's response.

Quick Analysis of DIT's Response to the RTI

Blocked websites

The eleven websites that the DIT acknowledges are blocked in India are:

Of the eleven blocked websites, one was still accessible on a Tata Communications DSL connection. Two of the blocked websites are grassroots news organizations connected to the Independent Media Centre: IndyBay (San Francisco Bay Area IMC) and the Arizona Indymedia website. The Bloggernews.net page that is on the blocked list is in fact an article by N. Vijayashankar (Naavi) from March 12, 2010 titled "Is E2 labs right in getting zone-h.org blocked?", criticising the judicial blocking of Zone-H.org by E2 Labs (with E2 Labs being represented by lawyer Pawan Duggal). The Zone-H.org case is still going through the judicial motions in the District Court of Delhi, but E2 Labs managed to get an ex parte (i.e., without Zone-H being heard) interim order from the judge asking Designated Officer (Mr. Gulshan Rai of DIT) to block access to Zone-H.org.

As has happened in the past, the government (or the court) accidentally ordered the blocking of all of website host webs.com, instead of blocking only http://donotdial100.webs.com (which subdomain apparently hosted 'defamatory' and 'abusive' information about mafia links within the Maharashtra police and political circles).

It is interesting to note that for most of the websites on most ISPs one gets a 'request timed out' error while trying to access the blocked websites, and not a sign saying: "site blocked for XYZ reason on request dated DD-MM-YYYY received from the DIT". On Reliance broadband connections, for some of the above websites an error message appears, which states: "This site has been blocked as per instructions from Department of Telecom".

Judicial blocking

As per the response of the government, all eleven seem to have been blocked on orders received from the judiciary. While they don't state this directly, this is the conclusion one is led to since the Department admits to blocking eleven websites and also notes that there have been eleven requests for blocking from the judiciary. Normally the judiciary is often thought of as a check on the executive's penchant for banning (seen especially in the recent book banning cases in Maharashtra, for instance, where the Bombay High Court has overturned most of the government's banning orders). However, in these cases the ill-informed lower judiciary seem to be manipulated by lawyers to suppress freedom of speech and expression, even going to the extent of blocking grassroots activist news organizations like the Independent Media Centre.

Websites not blocked by DIT

The DIT also notes that the blocks on Typepad.com was not authorized by it (nor, according to the RTI response received by Nikhil Pahwa of Medianama was the Mobango.com block authorised by the DIT). Typepad.com, Mobango.com, and Clickatell.com don't seem to be blocked currently. However, as was reported by Medianama, for a while when they were being blocked, some sites and ISPs (such as Typepad.com on Bharti Airtel DSL) showed a message stating that the website was blocked on request from the Department of Telecom, which we don't believe has the authority to order blocking of websites. While we still await a response from the Department of Telecom to the RTI we filed with them on this topic, in a letter to the Hindu, the Department of Telecom has clarified that it did not order any block on Typepad.com or any of the other websites. This leaves us unsure as to who ordered these blocks. Further, it points out a lacuna in our information policy that ISPs can suo motu block websites without justifications (such as violation of terms of use), proper notice to customers, or any kind of repercussions for wrongful blocking.

Insufficient information on Committee for Examination of Requests

All requests for websites blocking (except those directly from the judiciary) must be vetted by the Committee for Examination of Requests (CER) under Rule 8(4) of the Rules under s.69A of the IT Act. Given that the DIT admits that the Designated Officer (who carries out the blocking) has received 21 requests to date, there should be at least 21 recommendations of the CER. However, the DIT has not provided us with the details of those 21 requests and the 21 recommendations. We are filing another RTI to uncover this information.

Text of the DIT's Response

Government of India
Ministry of Communications & Information Technology
Department of Information Technology
Electronics Niketan, 6 CGO Complex,
New Delhi-110003

No : 14(3)/2011-ESD

Shri Pranesh Prakash
Centre for Internet and Society
194, 2-C Cross,
Domulur Stage II,
Bangalore- 560071.

Subject: Request for information under RTI Act,

Sir,
Reference your request dated 28lh February 2011 on the above subject.
The point wise information as received from the custodian of Information is enclosed for your reference and records.

sd/-
(A.K.Kaushik)
Additional Director & CPIO
Tel: 011-24364803

Subject : RTI on website blocking requested by Shri Pranesh Prakash

(i) Did the Department order Airtel to block TypePad under S.69A of the Information Technology Act ("IT Act"), 2000 read with the Information Technology (Procedures and Safeguards for Blocking Access of Information by Public) Rules, 2009 ("Rules") or any other law for the time being in force? If so, please provide a copy of such order or orders. If not, what action, if at all, has been taken by the Department against Airtel for blocking of websites in contravention of S.69A of the IT Act?

Reply - This Department did not order Airtel to block the said site.

(ii) Has the Department ever ordered a block under s.69A of the IT Act? If so, what was the information that was ordered to be blocked?

Reply - The Department has issued directions for blocking under section 69A for the following websites:
(a) www.zone-h.org.
(b) http://donotdial100.webs.com (IP 216.52.115.50)
(c) www.bloggernews.net/124029
(d) http://www.google.co.in/#h 1 =en&source=hp& biw=1276&bih=843&=dr+babasaheb+ambedkar+ wallpaper&aq=4&aqi=g10&aql =&oq=dr+ babas& gs_rfai=&fp=e791 fe993fa412ba
(e) http://www.cinemahd.net/desktop-enhancements/wallpaper/23945- wallpapers-beautiful-girl-wallpaper.html
(f) http://www.chakpak.com/find/images/ kamasutra-hindi-movie
(g) http://www.submitlink.khatana.net/2010/09/jennifer-stano-is-engaged- to.html
(h) http://www.result.khatana.net/2010/11/im-no-panty-girl-yana-gupta- wardrobe.html.
(i) http://www.facebook.com/pages/l-Hate-Ambedkar/172025102828076
(j) www.indybay.org
(k) www.arizona.indymedia.org

(iii) How many requests for blocking of information has the Designated Officer received, and how many of those requests have been accepted and how many rejected? How many of those requests were for emergency blocking under Rule 9 of the Rules?

Reply - Designated Officer received 21 request for blocking of information. 11 websites have been blocked on the basis of orders received from court of law. One request has been rejected. For other requests, additional input/information has been sought from the Nodal Officer.

No request for emergency blocking under rule 9 of the Rules have been received.

(iv) Please provide use the present composition of the Committee for Examination of Requests constituted under Rule 7 of the Rules.

Reply - The present composition of the Committee is :
(a) Designated Officer (Group Coordinator - Cyber Law)
(b) Joint Secretary, Ministry of Home Affairs
(c) Joint Secretary, Ministry of Information and Broadcasting
(d) Additional Secretary and Ministry of Law & Justice
(e) Senior Director, Indian Computer Emergency Response Team

(v) Please provide us the dates and copies of the minutes of all meetings held by the Committee for Examination of Requests under Rule 8(4) of the Rules, and copies of their recommendations.

Reply - The Committee had met on 24-08-2010 with respect to request for blocking of website www.betfair.com.

(vi) Please provide us the present composition of the Review Committee constituted under rule 419A of the Indian Telegraph Rules, 1951.
(vii) Please provide us the dates and copies of the minutes of all meetings held by the Review Committee under Rule 14 of the Rules, and copies of all orders issued by the Review Committee.

Reply - This Department do not have details for above. The said information may be available with Department of Telecommunications.

For more details visit https://cis-india.org/internet-governance/blog/rti-response-dit-blocking

Discussion on Ranking Digital Rights in India (Delhi, January 07)

amber — 2016-12-29T07:07:34Z

Towards developing an understanding of how Indian ICT companies are recognising and upholding digital rights of their users, and to raise public awareness about the same, the Center for Internet and Society (CIS), with the support of Privacy International, has studied 8 Indian ICT companies, using the same methodology as the 2015 Corporate Accountability Index, to gain greater insight into company practices and initiate public dialogues. Please join us on Saturday, January 07, at the India Islamic Cultural Centre, New Delhi, for a presentation of our findings followed by an open structured discussion on the methodology and implications of the study.

Download: Invitation and agenda (PDF)

The Ranking Digital Rights Corporate Responsibility Index is a project hosted by the Open Technology Institute at New America Foundation that aims to rank Information and Communications Technology (ICTs) companies with respect to their Governance, Freedom of Expression, and Privacy practices. The inaugural Corporate Accountability Index, released in November 2015, evaluated 16 companies based on the project’s methodology that included 31 indicators in total.

Please join us on Saturday, January 07, at the India Islamic Cultural Centre, New Delhi, for a presentation of our findings followed by an open structured discussion on the methodology and implications of the Ranking Digital Rights study. We will begin at 10:30 am with a round of tea and coffee.

The event is open to all but the venue has limited space. The participants are requested to RSVP by sending an email to nisha@cis-india.org.

To further encourage programmers, researchers, journalists, students, and users in general to use and contribute to the findings of the Ranking Digital Rights study, and critique the underlying methodology, we are also organising a “rankathon” on Sunday, January 08, at the CIS office in Delhi. More details can be found here.

We look forward to your participation and contribution to the discussion. Please support us by sharing this invitation with your colleagues and networks.

Agenda

10:30-11:00	Coffee and Tea
11:00-11:15	Introduction
11:15-13:00	Presentation of the Findings and Discussion Divij Joshi and Aditya Singh Chawla
13:00-14:00	Lunch
14:00-15:00	Open Discussion #1: Parameters of Evaluation The RDR methodology was based upon evaluating commitments to uphold human rights through their services – in particular towards their commitment to users’ freedom of expression and privacy. Are there other parameters that may be considered in the Indian context?
15:00-16:00	Open Discussion #2: Towards Protecting Digital Rights What steps can be taken by the government, civil society, and industry in India to create an environment that recognizes and protects users digital rights? What are the relevant legal, political, and economic factors to take into consideration towards this? What are steps that other, multinational ICT companies have taken? Would these be realistic for Indian companies to implement?
16:00-16:30	Conclusion
16:30-17:00	Coffee and Tea

For more details visit https://cis-india.org/internet-governance/events/discussion-on-ranking-digital-rights-in-india-delhi-jan-07-2017

Discussion at CyFy on Technology, Policy and National Security: Building 21st Century Curricula in India’s Law Schools

Admin — 2019-10-20T07:23:11Z

Arindrajit Basu attended the session and gave comments on the course outline which included thoughts on:

Threshold of technical knowledge-comparison with WTO law
Need for India-centric approaches both in domestic and foreign policy
Possibility of executive training of senior diplomats
Need to include fintech security in the syllabus
Necessity of international law as a tool of conflict 6. Sustained collaboration between think-tanks and universities

The event was organized by Centre for Communication Governance at National Law University Delhi and Observer Research Foundation at Villa Medici, Taja Mahal Hotel, Man Singh Road, New Delhi.

For more details visit https://cis-india.org/internet-governance/news/discussion-at-cyfy-on-technology-policy-and-national-security-building-21st-century-curricula-in-india2019s-law-schools

Discrimination in the Age of Artificial Intelligence

Arindrajit Basu — 2018-10-26T14:47:57Z

The dawn of Artificial Intelligence (AI) has been celebrated by both government and industry across the globe. AI offers the potential to augment many existing bureaucratic processes and improve human capacity, if implemented in accordance with principles of the rule of law and international human rights norms. Unfortunately, AI-powered solutions have often been implemented in ways that have resulted in the automation, rather than mitigation, of existing societal inequalities.

This was originally published by Oxford Human Rights Hub on October 23, 2018

Image Credit: Sarla Catt via Flickr, used under a Creative Commons license available at https://creativecommons.org/licenses/by/2.0/

In the international human rights law context, AI solutions pose a threat to norms which prohibit discrimination. International Human Rights Law recognizes that discrimination may take place in two possible ways, directly or indirectly. Direct discrimination occurs when an individual is treated less favourably than someone else similarly situated on one of the grounds prohibited in international law, which, as per the Human Rights Committee, includes race, colour, sex, language, religion, political or other opinion, national or social origin, property, birth or other status. Indirect discrimination occurs when a policy, rule or requirement is ‘outwardly neutral’ but has a disproportionate impact on certain groups that are meant to be protected by one of the prohibited grounds of discrimination. A clear example of indirect discrimination recognized by the European Court of Human Rights arose in the case of DH&Ors v Czech Republic. The ECtHR struck down an apparently neutral set of statutory rules, which implemented a set of tests designed to evaluate the intellectual capability of children but which resulted in an excessively high proportion of minority Roma children scoring poorly and consequently being sent to special schools, possibly because the tests were blind to cultural and linguistic differences. This case acts as a useful analogy for the potential disparate impacts of AI and should serve as useful precedent for future litigation against AI-driven solutions.

Indirect discrimination by AI may occur at two stages. First is the usage of incomplete or inaccurate training data that results in the algorithm processing data that may not accurately reflect reality. Cathy O’Neil explains this using a simple example. There are two types of crimes-those that are ‘reported’ and others that are only ‘found’ if a policeman is patrolling the area. The first category includes serious crimes such as murder or rape while the second includes petty crimes such as vandalism or possession of illicit drugs in small quantities. Increased police surveillance in areas in US cities where Black or Hispanic people reside lead to more crimes being ‘found’ there. Thus, data is likely to suggest that these communities commit a higher proportion of crimes than they actually do – indirect discrimination that has been empirically been shown through research published by Pro Publica.

Discrimination may also occur at the stage of data processing, which is done through a metaphorical ‘black-box’ that accepts inputs and generates outputs without revealing to the human developer how the data was processed. This conundrum is compounded by the fact that the algorithms are often utilised to solve an amorphous problem-which attempts to break down a complex question into a simple answer. An example is the development of ‘risk profiles’ of individuals for the determination of insurance premiums. Data might show that an accident is more likely to take place in inner cities due to more densely packed populations in these areas. Racial and ethnic minorities tend to reside more in these areas, which means that algorithms could learn that minorities are more likely to get into accidents, thereby generating an outcome (‘risk profile’) that indirectly discriminates on grounds of race or ethnicity.

It would be wrong to ignore discrimination, both direct and indirect, that occurs as a result of human prejudice. The key difference between that and discrimination by AI lies in the ability of other individuals to compel the decision-maker to explain the factors that lead to the outcome in question and testing its validity against principles of human rights. The increasing amounts of discretion and, consequently, power being delegated to autonomous systems mean that principles of accountability which audit and check indirect discrimination need to be built into the design of these systems. In the absence of these principles, we risk surrendering core tenets of human rights law to the whims of an algorithmically crafted reality.

For more details visit https://cis-india.org/internet-governance/blog/oxford-human-rights-hub-arindrajit-basu-october-23-2018-discrimination-in-the-age-of-artificial-intelligence

Digitisation is making e-learning simple

praskrishna — 2012-02-28T10:05:20Z

Though the computer literacy in India is low, some companies are effectively spreading education using digital contents riding on the Internet.

This article by Shayan Ghosh was published in the Deccan Herald on February 13, 2012. Sunil Abraham was quoted in this.

The business of education is all set for a transformation in the country as the government, recently, announced that it will purchase some 100,000 low-cost Aakash tablets from Datawind, the Canadian company that has developed this equipment.

These tablets would then be distributed to schools and colleges in India, where students would get them for free. This move of going the e-way and the limitations the low cost tablet has revealed has seen a lot of criticism all over, however, the e-learning industry in India is going to be one of the biggest game changers in recent times.

E-learning service provider Tata Interactive Systems (TIS) CEO Sanjaya Sharma recalls his experiences when he began his company in 1990. “There was no e-learning then. It was computer-based training along with multimedia training that existed,” says Sharma. However, times changed slowly as TIS began getting clients. One of its first clients was the Confederation of Indian Industry (CII) with whom it did a project involving VGA monitors. This product was later sold to 32 other organisations.

Now, the company has many Fortune-500 customers to itself and is also conducting business with universities and publishers abroad. Sharma is very optimistic about the present Indian e-learning market, though he believes that it has just begun to take shape. “Adoption happened much earlier abroad, than in India,” Sharma added.
TIS is coming big on the e-learning in schools with their Tata ClassEdge, a solution for interactive teaching in schools.

Tata ClassEdge is an innovative and comprehensive educational solution from TIS, designed to help teachers deliver quality instruction, with an effective blend of classroom activities and interactive multimedia demonstrations.

For this purpose, the company would be providing its services to partially government-aided schools apart from private schools. Study estimates that there are around 80,000 government schools; 150,000 partially-funded schools and 105,000 government schools in the country. TIS is also going to reach out to government schools soon with a different pricing model within a couple of years.

Through ClassEdge, teachers will have access to lesson plans that they can use to make their classes engaging and memorable. The plans are customised for students and it provides tips to elicit student participation, including reinforcement activities for struggling learners and challenging assignments for high achievers.

Teachers can use animations to explain difficult topics. They can engage children through stories that teach. They could use interactive games to get students to interact with the medium and have fun while learning.

Sharma strongly believes that the education sector in India is going to take advantages of technology in the coming years and will improve in the process. “I definitely feel that technology should be available to every individual,” adds Sharma.
Meanwhile, another institute AVAGMAH (avagmah.com) is making good business with its online learning platform deemed for the higher education space. AVAGMAH offers UGC-recognised degrees for MBA (Global) in sales & marketing, HR management and banking & finance. The education platform is entirely online and the student must attend classes on the Internet.

“The faculty conducts a class and students sit at home, taking lessons. That was my aim and that’s what AVAGMAH offers,” says AVAGMAH Online School CEO Karthik K S. The platform for this online school was developed in 2007 and it had also won an award for innovation from Nasscom, the same year. However, the content generation took another two years and only in 2009, was AVAGMAH ready to deliver education online and commence its first batch. The institute now has more than 6,000 students to its name and the number keeps growing with each passing day.

The ease of access, they feel, is drawing people towards online education as they can log into their classes after their day’s work and have a quick session with the faculty. “Internet can reach places where prevalent education systems cannot. We have students logging in from places like Palanpur in Gujarat and also from places like Guwahati,” explained Karthik. He also says that the content can be delivered on low bandwidth Internet connections making it easier for narrowband users to access it. On the cost factor of such courses and how viable it would be for the not-so-rich sections of India, he pointed out that AVAGMAH offers two-year MBA courses for Rs 40,000 per year.

“Online education is going to drastically change the learning space in India as technology becomes more accessible,” added Karthik.

Karnataka, the state with the most developments happening in the IT space, is no doubt heralding the e-learning spree in India with various initiatives to bring this form of education to all. In the year 2009, NIIT had announced a partnership with the Government of Karnataka (Department of Social Welfare - DSW), the Karnataka Vocational Training & Skill Development Corporation Ltd (KVSTDC) and the Department of Employment and Training (DET) to provide e-learning to young under-graduates residing in DSW hostels.

The vision of this project is to enable the students in the government hostels to use their free time to enhance their skill sets by acquiring some of the soft skills and life skills that are required in most job areas, and in the process, providing the latest learning technologies at the student’s doorstep.

IT major Intel India and the Karnataka Government’s Sarva Shiksha Abhiyan, last year, launched ‘Computers on Wheels’, an e-learning pilot programme, in five districts of the state.

The pilot programme includes digital instruction materials from ‘Educomp’, an education solutions provider. The programme enables teachers to utilise a variety of learning strategies and tools to cater to the diverse learning styles and abilities of students, making education more engaging and inclusive for all. Under the ‘Computers on Wheels’ approach, netbooks are housed in a cart and can be moved between classrooms as needed.

Not only has the Internet found a newer way in traditional courses, but it has also made advances in supplementary education. Atano, a Mumbai-based company, has come up with a unique idea of providing e-books for vocational courses on its website. Imagine living cities like Meerut, Shimla, Jaipur, Guwahati, Indore, Cochin or even in the metros, one can download a supplementary e-Book at a click of a button. Supplementary education books can be downloaded on the individual’s Windows PC, Android platform, or even Mac (iPads).

Cost-effective option

Industry experts are of the opinion that this sector has a huge potential and more so, in a country where education finds it tough to reach remote places.

“The country needs e-learning as it is the best way to reach out to millions and moreover this sector is very promising,” says head of IT & ITeS Practice at KPMG, Pradeep Udhas.

He adds that not only in traditional courses, but also in vocational courses, e-learning will be the trend-setter.

Another initiative by Manipal Global Education Services, EduNxt enables interactive learning environment which includes small group mentoring, virtual classrooms, simulation, self-study content, recorded presentations and shared browsing.
Launched by Sikkim Manipal University-Distance Education in 2009, it helps all the Distance Education students through their online platform.

The university believes that it develops a sense of togetherness among the members and different stakeholders of the huge community within the platform.

The platform has functionality which provides a student to interact with 65 core faculty and 6,500 supporting faculty counselors in order to utilise the varied expertise and vast experience of this community.

“We may have progressed from just computer-based learning to technology-enabled solutions in the classroom, but the objective has remained intact, improving the learning experience by making it more engaging,” said Pearson Education Services COO Srikanth B Iyer.

Iyer adds that in their current avatar, e-learning solutions are not seen as replacements for teachers, but aids which will help teachers deliver lessons better, thereby increasing the quality of the learning experience.

However, Centre for Internet & Society Executive Director Sunil Abraham feels that learning should not be restricted to the Internet and interactive classroom sessions but should be made available on mobile phones through audio files as mobile penetration is much higher compared to Internet reach.

“Audio files can also be productive and a learning experience for people who can’t afford the Internet,” explained Abraham.

For more details visit https://cis-india.org/news/digitisation-is-making-e-learning-simple

Digital Tools Farmers Report

Sameet Panda — 2023-10-18T23:13:01Z

For more details visit https://cis-india.org/internet-governance/files/digital-tools-farmers-report

Digital Security Workshop for Journalists

praskrishna — 2015-03-08T05:25:34Z

The Centre for Internet and Society and the Mumbai Press Club are jointly organizing a workshop for journalists on February 7, 2015, from 9.30 a.m. to 1.30 p.m. at Mumbai Press Club, Azad Maidan.

Event Flier

The event would cover these topics:

Why should journalists care about digital security?
The threat model: assessing digital security risks and responses.
Security measures and solutions: alternatives to unsecure software and tools, good security practices, computer hygiene etcetera.

Event Pictures

For more details visit https://cis-india.org/internet-governance/events/digital-security-workshop-for-journalists

Digital Security Training

praskrishna — 2014-12-27T15:16:39Z

Rohini Lakshane participated as a trainer in a digital security training conducted by Front Line Defenders for the Afghan Women's Network in New Delhi in November 2014.

For more details visit https://cis-india.org/internet-governance/news/digital-security-training

Digital Security for Journalists

praskrishna — 2017-02-09T01:28:42Z

Pranesh Prakash conducted two workshops on consecutive days, February 2 and 3, 2017 in Mumbai. The first one organized by IndiaSpend was held in their office. The second one organized by a fellow with the International Center Journalists was held in the Hindustan Times office.

The workshops covered topics such as:

What are you protecting?
Whom are you protecting yourself against?
What capabilities does the adversary have?
What do you hope to achieve?
To what lengths are you willing to go?
Casual vs. Employers vs. Police vs. Intelligence Agency vs. NSA/GCHQ
Access to device vs. Access to network vs. Access to intermediaries
To what lengths are you willing to go?

For more info on the workshop training see the presentation slides here.

For more details visit https://cis-india.org/internet-governance/news/digital-security-for-journalists

Digital Rights and ISP Accountability in India: An Analysis of Policies and Practices

Anubha Sinha, Yesha Tshering Paul, and Sherina Poyyail — 2025-01-23T10:04:44Z

This report presents a comprehensive evaluation of India's four largest Internet Service Providers (ISPs)—Reliance Jio, Bharti Airtel, Vodafone-Idea (Vi), and BSNL—examining their commitment to digital rights and transparency.

Read the full report here.

India's four largest Internet Service Providers (ISPs)—Reliance Jio, Bharti Airtel, Vodafone-Idea (Vi), and BSNL collectively serve 98% of India's internet subscribers, with Jio and Airtel commanding a dominant market share of 80.87%. The assessment comes at a critical juncture in India's digital landscape, marked by a 279.34% increase in internet subscribers from 2014 to 2024, alongside issues such as proliferation of internet shutdowns.

Adapting the Ranking Digital Rights' (RDR) 2022 methodology framework for its 2022 Telco Giants Scorecard, our analysis reveals significant disparities in governance structures and commitment to digital rights across these providers. Bharti Airtel emerges as the leader in governance framework implementation, maintaining dedicated human rights policies and board-level oversight. In contrast, Vi and Jio demonstrate mixed results with limited explicit human rights commitments, while BSNL exhibits the weakest governance structure with minimal human rights considerations. Notably, all ISPs lack comprehensive human rights impact assessments for their advertising and algorithmic systems.

The evaluation of freedom of expression commitments reveals systematic inadequacies across all providers. Terms and conditions are frequently fragmented and difficult to access, while providers maintain broad discretionary powers for account suspension or termination without clear appeal processes. There is limited transparency regarding content moderation practices and government takedown requests, coupled with insufficient disclosure about algorithmic decision-making systems that affect user experiences.

Privacy practices among these ISPs show minimal evolution since previous assessments, with persistent concerns about policy accessibility and comprehension. The investigation reveals limited transparency regarding algorithmic processing of personal data, widespread sharing of user data with third parties and government agencies, and inadequate user control over personal information. None of the evaluated ISPs maintain clear data breach notification policies, raising significant concerns about user data protection.

The concentrated market power of Jio and Airtel, combined with weak digital rights commitments across the sector, raises substantial concerns about the state of user privacy and freedom of expression in India's digital landscape. The lack of transparency in website blocking and censorship, inconsistent implementation of blocking orders, limited accountability in handling government requests, insufficient protection of user rights, and inadequate grievance redressal mechanisms emerge as critical areas requiring immediate attention.

As India continues its rapid digital transformation, our findings underscore the urgent need for both regulatory intervention and voluntary industry reforms. The development of standardised transparency reporting, strengthened user rights protections, and robust accountability mechanisms will be crucial in ensuring that India's digital growth aligns with fundamental rights and democratic values.

For more details visit https://cis-india.org/internet-governance/blog/digital-rights-and-isp-accountability-in-india-an-analysis-of-policies-and-practices

Digital Native: The bigger picture

nishant — 2018-08-01T00:11:57Z

For all our sleek machines, we are slaves to the much larger Internet of Things.

The article was published in Indian Express on July 1, 2018.

There was a time, at the turn of the millennium, when we were trying to cope with the fact that we live with sapient technologies. It was new, to be thinking of cohabitation with things that speak, interact, listen, and act in tandem with us. I still remember the time when the first pagers and cellphones arrived — how difficult it was for people to figure out the social etiquette for living with these devices.

From those early days, we have come a long way. Digital things are everywhere — and we talk to them everywhere and everywhen. On a regular day, our phones are on our dining tables, our devices are buzzing with notifications silently in our pockets, and they are guiding us in our everyday practices. They are not just bringing us information but also listening to us, pre-empting our moves, doing things that we have not even imagined yet. Living with technologies is old — the new normal is living in technologies.

I was recently reminded by a research team that the cars we drive are giant super-computers with engines. That a new car on the roads has more computational processing power than the land-rover on Mars. Our cars are indeed computing devices and we sit in them, depending on a variety of computational processes to keep us safe, as we are hurled at high speeds ahead. Our smart homes, too, are slowly becoming sapient surfaces with specific functions. Microwaves that remember meal times, coffee machines that sense our proximity and start brewing or refrigerators that keep track of our expired food — they are all very basic computing devices that we are already used to.

However, our life is not just with the devices but the immense networks of other devices that they connect with. I got reminded of this very starkly on a recent trip to India, when I realised that the SIM card that I had bought the last time has been deactivated for non-use. At the same time, procuring a new SIM was going to need patience, time and Aadhaar authentication, which won’t happen at the airport. Additionally, there were no wifi hotspots to use in the middle of the night. Thus started the longest night of my life. In that four-hour digital blackout, I found myself thinking of my condition as a state of disconnectedness, of paralysis. I was surrounded by my two phones (don’t ask), my iPad, my laptop, and, armed to the teeth with charging cords and power-banks. Yet, none of them were of any use.

Once disconnected from the cloud that caters to my entertainment and the services that keep me talking, it was as if all my devices were useless. I scrolled through multiple screens and then gave up, resigning myself to looking at others with data, with malignant longing. It was with great shock that I realised that my devices are only gateway machines. Despite all the money and effort I have spent in selecting specific hardware combinations and care equipment, without their capacity to speak to other machines-servers, controllers, nodes — they are almost entirely pointless.

So used am I to instant interaction, reciprocation and feedback with my devices, I forgot that I am actually in conversation with an Internet of Things that far exceeds my immediate intimacy with my personalised screen. Somewhere in there is a powerful reminder of why data protection and security are so critical, but also fragile in the connected Web. Because we can do almost anything that we like to keep our individual devices secure, but the large networks that give them life and animate them are completely out of our control. In the face of this uncontrollable void, the best we can do is hope that things will be safe. And that illusion is not going to last long — in these moments of disconnection, one realises it. Thankfully, before the head got filled with the dark side of digital connectivity, I chanced upon an old movie I had saved on my laptop to show in a class once. It was Wall-E. I decided to just watch that film about a world where the only live thing was a robot, and in some strange way, found it very comforting.

For more details visit https://cis-india.org/raw/indian-express-july-1-2018-nishant-shah-digital-native-bigger-picture

Digital Native: How smart cities can make criminals out of denizens

nishant — 2018-08-01T00:19:23Z

People download information and share it without knowing about the intellectual property rights. On social media bullying, harassment and hate speech find easy avenues.

The article was published in Indian Express on July 15, 2018.

I first heard about smart cities in 2003. Sitting in India, it seemed to be a very strange concept being developed in the Netherlands, where the planners were trying to arm an entire city with smartness. The idea was that if we deploy enough cameras, devices that see, machines that hear, and data connectivity that envelopes the city in a seamless cloud, it might lead to more order, discipline, and control. To me that felt like a strange experiment because under all of those different imaginations of the city as a neat, organised, controlled environment, were assumptions that were alien to my Indian sensibilities.

It was strange to look at all the promises that “smartness” would deliver — it would make human life easier. It would increase safety and create order out of chaos. It would build new lifestyles that are filled with assistive technologies. In all of these, was the imagination of the city as a laboratory — controlled and efficient, as opposed to riotous and serendipitous. The cities were positioned as filled with intention, so that the interruptions of people, animals, festivals, traffic and crowds would be removed through the deployment of these digital devices and networks. What needed to be preserved was the city and its infrastructure, rather than the individuals and communities that make the city alive and exciting. We wanted our infrastructure to be smart, taking decisions on our behalf, and shaping our lives through the algorithmic protocols that they were coded to embody.

In that faraway time, these had felt like idle speculations. Fifteen years on, I have now come to realise that the biggest motivation for building smart cities was not really facilitating human movement, habitation and habits. Indeed, at the heart of the smart city project was the setting up of a massive surveillance apparatus that would clinically diagnose the unwanted people and processes in the city, and surgically remove them — with the assistance of predictive technologies that would be implemented in policing and planning these city spaces.

Smart cities were not constructed to make people’s lives easier. They were constructed because, increasingly, all the people in a city are imagined as “users”, who need to be instructed through terms of services, how they must behave and live in these city spaces. One of the biggest cultural turns in the massification of the digital web was that almost all users were imagined as potential criminals by the very virtue of them being connected. Internet service providers and regulators knew that if people are connected, they will be violating the law at some point or another, sometimes unknowingly. People download information and share it without knowing about the intellectual property rights. On social media bullying, harassment and hate speech find easy avenues. The largest traffic on the internet is for pornographic and often banned material which finds its audiences on the connected web. Spammers, viruses, hijacked machines, and, often, searches for unexpected items lead people onto the dark web where the questionable human interactions happen frequently.

The introduction of the digital terms of services was essentially to presume that the user was a potential criminal who leases hardware and software, and, platforms from proprietary companies and governments could then control and discipline the user through comprehensive surveillance practices. Construction of smart cities performs a similar function in the physical space. Instead of thinking about citizens as co-owners who shape city spaces, smart cities establish a service level agreement with its occupants, and reduces them to users. Any deviation results in punitive action or devaluation, often curbing the movement, and the rights of belonging to the city spaces.

While it is true that smart technologies can facilitate certain aspects of human life, they depend on unfettered data collection, predictive profiling, correlative algorithms and conditions of extreme invasion and control — which are all predicated on the idea that you will falter. And when you do, the technologies will be there to witness, record, archive, and punish you for the daily transgressions till you are wiped into becoming a predictable, controlled, cleaned up drone that travels in docility across the networked edges of the city. We will be assimilated. Resistance will be futile.

For more details visit https://cis-india.org/raw/indian-express-july-15-2018-nishant-shah-digital-native-the-citys-watching

Digital Native: Hashtag Along With Me

nishant — 2018-08-01T00:25:04Z

A hashtag that evolved with a movement.

The article was published in Indian Express on July 29, 2018.

Hashtags generally come with shelf lives and expiry dates. They come to life in a moment of public excitement and then slowly peter out as the attention shifts to something else. Even the most viral hashtags, which contain all the visceral power of explosive emotion, quickly get replaced by the next big thing. Hashtags have been critiqued as inefficient tools for activism. Because they absorb so much energy and attention, only to fade.

While it is true that in the rapidly overloaded information cycles of social media, hashtags might disappear in due time, maybe we need to think of their disappearance as hibernation rather than forgetting, being archived to memory rather than being lost to recall. Perhaps, it is not yet time to wash our hands of hashtag-based activism, because they do not stay in continued attention. Maybe, it is possible that even when hashtags might not be trending and garnering eyeballs, in their very presence and emergence, they transform something and catalyse actions that take incubation cycles longer than the accelerated digitalisation allows for.

Recently, this reminder came when I saw #NotGoingBack trending on Twitter. In 2013, when the Supreme Court of India overturned the Delhi High Court’s judgment reading down Section 377 of the Indian Penal Code, it was a moment of despair for human rights and queer communities that fight for their right to life and love. The judgment reinforced shame, persecution and pain that the queer community in India faced because of an arcane law that punished consenting same-sex love.

In that moment of despair, fighting against the oppression by law and in validation of #queerlivesmatter, a hashtag was born: #NotGoingBack. The hashtag referred both to the metaphorical closet that this judgement would force queer people back into, and also to a political determination of not accepting this verdict — of not going back on our commitments to build diverse, inclusive, and safe societies for all our people. #NotGoingBack captured the narratives of despair, but also the collective resolve to continue fighting for a nation that is for everyone, in 2013.

Since then, it has resurfaced at different points during moments of hope — like the NALSA judgement that legalised the rights of trans-gender people to be identified as the third gender, or, in moments of pain — when we heard of queer people killing themselves, unable to bear the social stigma of being criminalised for their right to love. The hashtag has continued to come up, when legal fights to protect queer rights and lives have proceeded, or when attention had to be drawn to the inhumane reports of murder, torture, rape and imprisonment that followed.

In July 2018, when the new bench constituted by the Supreme Court agreed to question the re-criminalisation verdict, and started hearings about the constitutional validity of this judgment, the hashtag returned in full force — and unlike the other times, it was also suffused with love, hope, and solidarity of a large community of queer, queer-allied, and queer-friendly people who supported this revision. It has been extraordinary to see how public support has changed in the five years since the hashtag made its first appearance. More and more people have realised that while this is a question of queer rights, it is also a question of human rights, and how we live and love. The 2013 verdict suggested that the people were not ready to accept queer lives. The 2018 bench has clearly opined that the role of the court is to protect the people based on constitutional rights, not to pander to populism.

And yet, what has been inspiring is that the popular response to decriminalisation has been overwhelmingly positive. To the extent that even the conservative government at the centre has indicated that it will not challenge the wisdom of the court if it decides to read down Section 377. As we await the final judgment that promises to be historic and hopeful, we cannot deny the indefatigable commitment, movement and protest that the lawyers, activists, and queer community leaders have invested in making this happen. At the same time, it is also a good indicator of how hashtags live, morph, and re-emerge across longer timelines. We need to start recognising them not only in their fruit-fly like presence but as catalysts for longer movements.

For more details visit https://cis-india.org/raw/digital-native-hashtag-along-with-me

Digital Native: Delete Facebook?

nishant — 2018-05-06T03:08:25Z

You can check out any time you like, but you can never leave.

The article was published in Indian Express on April 8, 2018.

One fine day, we all woke up and were told that Facebook sold our data to Cambridge Analytica and then they made dastardly profiles of us to target us with advertisement and political propaganda, so, we made a beeline for #DeleteFacebook. The most surprising part about the expose is how much of a non-event it is. We have been warned, at least since the Edward Snowden revelations, if not earlier, that our data is the new oil, coal and gold. It is being used as a resource, it is being mined from our everyday digital transactions, and it is precious because it can result in a massive social engineering without our consent or knowledge. Ever since Facebook started expanding its domain from being a friends-poke-friends-with-livestock website, we have been warned that the ambition of Facebook was never to connect you with your friends but to be your friend.

Time and again, we have been told that the sapient Facebook algorithm remembers everything you say and do, anticipates all your future needs, and listens to the most banal litany of your life. More than your mom, your partner or your shrink, it’s the Facebook algorithm which is interested in all your quotidian uselessness. It is not the stranger who accesses your post that should worry you. The biggest perpetrator of privacy violations on Facebook is Facebook itself. There is good reason why a company that offers its prime products for free is valuated as one of the richest corporations in the world. The product of Facebook – it has always been known – is us.

Why, then, are we suddenly taken aback at the fact that Facebook sold us? And while we are sharing our thoughts (ironically on Facebook) about deleting our profiles, the question that remains is this: How much of your digital life are you willing to erase? Because, and I am sorry if this pricks your filter bubble, Facebook’s problem is not really a Facebook problem. It is almost the entire World Wide Web, where we lost the battle for data ownership and platform openness more than two decades ago. Name one privately owned free service that you use on the internet and I will show you the section in its “terms and services” where you have surrendered your data. In fact, you can’t even find government services, tied up with their private partners, where your data is safe and stored in privacy vaults where it won’t be abused.

It is time to realise that the popular ’90s meme “All your base are belong to us” is the lived reality of our digital lives. As we forego ownership for convenience, as our governments sold our sovereignty for profits, and as digital corporations became behemoths that now have the capacity to challenge and write our constitutional and fundamental rights, we are waking up to a battle that has already been fought and resolved. A large part of our physical hardware to access the internet is privately owned. This means that almost all our PCs, tablets, phones, servers are owned and open to exploitation by private companies. Every time your phone does an automatic update or your PC goes into house-cleaning mode, you have to realise that you are being stored, somewhere in the cloud in ways that you cannot imagine.

It is tiring to hear this alarm and panic around Facebook’s data trading. Not only is it legal, it is something that has been happening for a while, most of us have been aware of it, and we have resolutely ignored it because, you know, cute cats. If somebody tells you that they are against privately owned physical property and are going to start a revolution to take away all private property and make it equally shared with the public, you would laugh at them because they are arriving at the battle scene after the war is over. This digital wokeness trend to #DeleteFacebook is the digital equivalent of that moment. If you want to fight, fight the governments and nations who can still protect us. Participate in conversations around Internet governance. Take responsibility to educate yourself about the politics of how the digital world operates. But stop trying to feel virtuous because you pulled out of a social media network, pretending that that is the end of the problem.

For more details visit https://cis-india.org/raw/indian-express-nishant-shah-april-8-2018-digital-native-delete-facebook