Centre for Internet & Society

The Curious Case of Poor Security in the Indian Twitterverse

Posted by Udbhav Tiwari at Dec 17, 2016 12:28 AM |

What are the technical, legal and jurisdictional issues around the recent Twitter and email hacks claimed by the ‘Legion Crew’, and what can targeted entities do to better protect themselves?

Read More…

Inputs to the Working Group on Enhanced Cooperation on Public Policy Issues Pertaining to the Internet (WGEC)

Posted by Sunil Abraham and Vidushi Marda, with inputs from Pranesh Prakash at Dec 17, 2016 12:20 AM |
Filed under:

The Centre for Internet & Society (CIS) submitted inputs to the Working Group on Enhanced Cooperation on Public Policy Issues Pertaining to the Internet (WGEC) on 15 December 2016. The WGEC sought inputs on two questions that will guide the next meeting of the Working Group which is scheduled to take place on the 26-27 January 2017.

Read More…

ISO/IEC JTC 1 SC 27 Working Group Meetings - A Summary

Posted by Vanya Rakesh at Dec 16, 2016 11:53 PM |

The Centre for Internet & Society attended the ISO/IEC JTC 1 SC 27 Working Group Meetings from 22 to 27 October 2016 in Abu Dhabi at Abu Dhabi National Exhibition Centre.

Read More…

Deep Packet Inspection: How it Works and its Impact on Privacy

Posted by Amber Sinha at Dec 16, 2016 11:14 PM |

In the last few years, there has been extensive debate and discussion around network neutrality in India. The online campaign in favor of Network Neutrality was led by Savetheinternet.in in India. The campaign was a spectacular success and facilitated sending over a million emails supporting the cause of network neutrality, eventually leading to ban on differential pricing. Following in the footsteps of the Shreya Singhal judgement, the fact that the issue of net neutrality has managed to attract wide public attention is an encouraging sign for a free and open Internet in India. Since the debate has been focused largely on zero rating, other kinds of network practices impacting network neutrality have yet to be comprehensively explored in the Indian context, nor their impact on other values. In this article, the author focuses on network management, in general, and deep packet inspection, in particular and how it impacts the privacy of users.

Read More…

ISIS and Recruitment using Social Media – Roundtable Report

Posted by Vidushi Marda, Aditya Tejus, Megha Nambiar and Japreet Grewal at Dec 15, 2016 06:40 PM |

The Centre for Internet and Society in collaboration with the Takshashila Institution held a roundtable discussion on “ISIS and Recruitment using Social Media” on 1 September 2016 from 5.00 p.m. to 7.30 p.m. at TERI in Bengaluru.

Read More…

Protection of Privacy in Mobile Phone Apps

Posted by Hitabhilash Mohanty and Edited by Leilah Elmokadem at Dec 15, 2016 02:18 PM |

The term “Fintech” refers to technology-based businesses that compete against, enable and/or collaborate with financial institutions. The year 2015 was a critical year for the Indian fintech industry, which saw the rise of numerous fintech start-ups, incubators and investments from the public and private sector.

Read More…

Workshop Report - UIDAI and Welfare Services: Exclusion and Countermeasures

This report presents summarised notes from a workshop organised by the Centre for Internet and Society (CIS) on Saturday, August 27, 2016, to discuss, raise awareness of, and devise countermeasures to exclusion due to implementation of UID-based verification for and distribution of welfare services.

Read More…

Enlarging the Small Print: A Study on Designing Effective Privacy Notices for Mobile Applications

Posted by Meera Manoj at Dec 14, 2016 04:30 PM |

The Word’s biggest modern lie is often wholly considered to lie in the sentence “I haveread and agreed to the Terms and Conditions.” It is a well-known fact, backed by empirical research that consumers often skip reading cumbersome privacy notices. The reasons for these range from the lengthy nature, complicated legal jargon and inopportune moments when these notices are displayed. This paper seeks to compile and analyse the different simplified designs of privacy notices that have been proposed for mobile applications that encourage consumers to make informed privacy decisions.

Read More…

CIS Submission to TRAI Consultation Note on Model for Nation-wide Interoperable and Scalable Public Wi-Fi Networks

Posted by Japreet Grewal, Pranesh Prakash, Sharath Chandra, Sumandro Chattapadhyay, Sunil Abraham, and Udbhav Tiwari, with expert comments from Amelia Andersdotter at Dec 12, 2016 01:55 PM |

​This submission presents responses by the CIS on the ​Consultation Note on Model for Nation-wide Interoperable and Scalable Public Wi-Fi Networks published by the TRAI on November 15, 2016. Our analysis of the solution proposed in the Note, in brief, is that there is no need of a solution for non-existing interoperability problem for authentication and payment services for accessing public Wi-Fi networks. The proposed solution in this Note only adds to over-regulation in this sector, and does not incentivise new investment in the sector, but only establishes UIDAI and NPCI as the monopoly service providers for authentication and payment services.

Read More…

Comments on the Draft National Policy on Software Products

Posted by Anubha Sinha, Rohini Lakshané, and Udbhav Tiwari at Dec 11, 2016 04:05 AM |

The Centre for Internet & Society submitted public comments to the Department of Electronics & Information Technology (DeitY), Ministry of Information & Communications Technology, Govt. of India on the National Policy of Software Products on December 9, 2016.

Read More…

Habeas Data in India

Posted by Vipul Kharbanda and edited by Elonnai Hickok at Dec 10, 2016 03:55 AM |

Habeas Data is a latin word which can be loosely translated to mean “have the data”. The right has been primarily conceptualized, designed, ratified, and implemented by various nation-states in the background of a shared common history of decades of torture, terror, and other repressive practices under military juntas and other fascist regimes.

Read More…

Privacy and Security Implications of Public Wi-Fi - A Case Study

Posted by Vanya Rakesh at Dec 09, 2016 02:55 AM |

Today internet is an essential necessity in everyday work and recognizing its vital role, governments across the world including the Indian government, are giving access to public Wi-Fi. However, use of public Wi-Fi brings along with it certain privacy and security risks. This research paper analyses some of these concerns, along with the privacy policies of key ISPs in India providing public Wi-Fi service in Bangalore-namely D-VoIS and Tata Docomo, as a case study to provide suitable recommendations.

Read More…

Developer team fixed vulnerabilities in Honorable PM's app and API

The official app of Narendra Modi, the Indian Prime Minister, was found to contain a security flaw in 2015 that exposed millions of people's personal data. A few days ago a very similar flaw was reported again. This post by Bhavyanshu Parasher, who found the flaw and sought to get it fixed last year, explains the technical details behind the security vulnerability.

Read More…

The Technology behind Big Data

Posted by Geethanjali Jujjavarapu and Udbhav Tiwari at Nov 30, 2016 10:40 PM |

The authors undertakes a high-level literature review of the most commonly used technological tools and processes in the big data life cycle. The big data life cycle is a conceptual construct that can be used to study the various stages that typically occur in collecting, storing and analysing big data, along with the principles that can govern these processes.

Read More…

Comments to the BIS on Smart Cities Indicators

Posted by Elonnai Hickok, Rohini Lakshané and Udbhav Tiwari at Nov 30, 2016 03:15 PM |

The Bureau of Indian Standards released the Smart Cities - Indicator on 30 September 2016. The Centre for Internet & Society (CIS) presented its views.

Read More…

Navigating the 'Reconsideration' Quagmire (A Personal Journey of Acute Confusion)

Posted by Padmini Baruah and Geetha Hariharan at Nov 30, 2016 01:48 PM |
Filed under: ,

An ​earlier analysis of ICANN’s Documentary Information Disclosure Policy already brought to light our concerns about the lack of transparency in ICANN’s internal mechanisms. Carrying my research forward, I sought to arrive at an understanding of the mechanisms used to appeal a denial of DIDP requests. In this post, I aim to provide a brief account of my experiences with the Reconsideration Request process that ICANN provides for as a tool for appeal.

Read More…

Demonetisation Survey Limits the Range of Feedback that can be Provided by the User

Posted by tiwari at Nov 24, 2016 02:50 PM |

The government has faced increasingly targeted attacks by the Opposition and the public on the merits of the demonetisation move carried out a fortnight ago. In an attempt to placate this ire and to create a feedback loop that directly engages with the public, the government has decided to conduct a mass survey to gauge public perception. The survey is hosted on the Narendra Modi mobile application that can be found on the Android and iOS app stores. This article will attempt to analyse the mobile application by looking at the design principles followed in the survey and the scope given to survey takers to express their true opinion of the demonetisation move.

Read More…

CERT-In's Proactive Mandate - A Report on the Indian Computer Emergency Response Team’s Proactive Mandate in the Indian Cyber Security Ecosystem

CERT-In's Proactive Mandate - A Report on the Indian Computer Emergency Response Team’s Proactive Mandate in the Indian Cyber Security Ecosystem

Posted by tiwari at Nov 19, 2016 04:14 AM |

CERT-IN’s proactive mandate is defined in the IT Act, 2000 as well as in the Information Technology (The Indian Computer Emergency Response Team and Manner of Performing Function and Duties ) Rules, 2013 (CERT-In Rules, 2013) both of which postdate the existence of the organisation itself, which has been operational since 2004.

Read More…

Conference on the Digitalization of the Indian Legal System

Posted by Leilah Elmokadem at Nov 16, 2016 03:34 PM |

On Legal Services Day, November 9, 2016, LegalDesk.com collaborated with iSPIRT to host a conference on the “Digitalization of the Indian Legal System”. The event invited prominent speakers to present their organizations’ work and to participate in a panel discussion followed by a Q&A period for the audience.

Read More…

Big Data in India: Benefits, Harms, and Human Rights - Workshop Report

Posted by Vidushi Marda, Akash Deep Singh and Geethanjali Jujjavarapu at Nov 14, 2016 05:45 AM |

The Centre for Internet and Society held a one-day workshop on “Big Data in India: Benefits, Harms and Human Rights” at India Habitat Centre, New Delhi on the 1st of October, 2016. This report is a compilation of the the issues discussed, ideas exchanged and challenges recognized during the workshop. The objective of the workshop was to discuss aspects of big data technologies in terms of harms, opportunities and human rights. The discussion was designed around an extensive study of current and potential future uses of big data for governance in India, that CIS has undertaken over the last year with support from the MacArthur Foundation.

Read More…

Filed under: