We are anonymous, we are legion

Myanmar Digital Rights Forum proposes a path away from 66(d)

praskrishna — 2017-01-10T15:09:21Z

More than 55 representatives from technology companies, government, media and civil society organizations gathered at the innovation lab Phandeeyar to participate in the Myanmar Digital Rights Forum this morning. The two-day event was organized to address critical digital rights challenges in Myanmar.

This was published by Coconuts Yangon on December 14, 2016. Sunil Abraham was quoted.

Nica Dumlao from the Philippine Internet Freedom Alliance speaks at the forum. Photo: Phandeeyar

Over the last two years, Myanmar has experienced a connectivity revolution; tens of millions of people have hopped onto the web all at once. However, recent events have highlighted how vulnerable people in Myanmar are when communicating and sharing information online.

Daw Ei Myat Noe Khin, a Phandeeyar associate and co-organizer of the event, explained: “Myanmar’s laws and regulations were changed to enable millions of people to get connected. However, not nearly enough has been done to protect the rights of these users. Urgent legislative action is needed to ensure that the rights and freedoms that the Myanmar people now enjoy offline are also protected when they are using the internet.”

Rights groups and media organizations have noted the threats to freedom of speech posed by the arrest under Article 66(d) of Myanmar’s Telecommunications Law of journalists and ordinary citizens for Facebook posts.

Nay Phone Latt, the former political prisoner and free speech activist who now serves in the Yangon Region parliament, called for changes to Myanmar’s laws, which are now being used to sue people for as actions as little as leaving a comment on social media.

“Even though I am now an MP, my opinion on free speech has not changed,” he said.

He also called on Union-level lawmakers to attend similar forums and ultimately improve the laws relating to digital rights.

However, Article 66(d) is only one of many issues that need to be addressed. According to speakers at the forum, other critical issues include information privacy, the right to information, online hate speech, cyberbullying, revenge porn and phishing scams.

Vicky Bowman, director of Myanmar Center for Responsible Business, recounted the story from a few years ago of an NGO leader who gave away $80,000 of his organization’s money when he was duped by a phishing scam online.

“Are Myanmar people aware of digital rights? I don’t think so. They’re excited about SIM cards and gadgets, but they’re probably not reading the terms and conditions.”

There is still a lot to worry about in the realm of digital rights in Myanmar, she said.

In this challenging environment, the forum’s attendees are working to develop specific policy recommendations, strategies and campaigns to ensure digital rights to the people of Myanmar.

“The benefits of connectivity won’t be realized if people are scared to use the internet. The objective of the Myanmar Digital Rights Forum is to raise awareness about the importance of these issues and to develop concrete plans to address them,” said Daw Htaike Htaike Aung, executive director of Myanmar ICT for Development Organization (MIDO).

Some speakers offered the experiences of other countries as models for what Myanmar might be able to do to protect internet users. Sunil Abraham, the executive director of the Bangalore-based Center for Internet and Society, urged against thinking of companies and governments as monoliths. There are people in government, he said, who do have the rights of citizens in mind. He also advised digital rights campaigners to pursue change on all sides of the political spectrum, just as free-software activists found support in India’s communist and nationalist parties.

Ms Cheekay Cinco, a program manager for Engage Media, said: “This is not a Myanmar problem. Hyper-connectivity in the region has led to greater criminalization of online activities. Over the years, spaces in Southeast Asia have been created to talk about these issues. We can only spark development and change when these spaces continue to flourish and have participation from different sectors.”

For more details visit https://cis-india.org/internet-governance/news/coconuts-yangon-december-14-2016-myanmar-digital-rights-forum-proposes-a-path-away-from-66d

New Media, personalisation and the role of algorithms

amber — 2017-01-16T07:20:52Z

In his much acclaimed book, The Filter Bubble, Eli Pariser explains how personalisation of services on the web works and laments that they are creating individual bubbles for each user, which run counter to the idea of the Internet as an inherently open place. While Pariser’s book looks at the practices of various large companies providing online services, he briefly touches upon the role of new media such as search engines and social media portals in new curation. Building upon Pariser’s unexplored argument, this article looks at the impact of algorithmic decision-making and Big Data in the context of news reporting and curation.

Everything which bars freedom and fullness of communication sets up barriers that divide human beings into sets and cliques, into antagonistic sects and factions, and thereby undermines the democratic way of life. —John Dewey

Eli Pariser, in his book, The Filter Bubble,[1] refers to the scholarship by Walter Lippmann and John Dewey as integral to the evolution of the understanding of the democratic and ethical duties of the Fourth Estate. Lippmann was disillusioned by the role of newspapers in propaganda for the First World War. He responded with three books in quick succession — Liberty and the News,[2] Public Opinion[3] and The Phantom Public.[4] Lippmann brought attention the fact that the process of news-reporting was conducted through privately determined and unexamined standards. The failure of the Fourth Estate to perform its democratic functions, was, in the opinion of Lippmann, one of the prime factors responsible for the public not being an informed and rational entity. John Dewey, while rejecting Lippmann’s arguments that matters of public policy can only be determined by inside experts with training and education, did acknowledge the his critique of the media.

Pariser points to the creation of a wall between editorial decisionmaking and advertiser interests, as the eventual result of the Lippmann and Dewey debate. While accepting that this division between the financial and reporting sides of media houses has not been always observed, Pariser emphasises that the fact that the standard exists is important.[5] Unlike traditional media, the new media which relies on algorithmic decision-making for personalisation is not subject to the same standards which try to mitigate the influence of commercial interests on editorial decisions while performing many of the same functions as the traditional media.[6]

How personalisation algorithms work

Kevin Slavin, at his famous talk in the TEDGLobal Conference, characterised algorithms as “maths that computers use to decide stuff” and that it was infiltrating every aspect of our lives.[7] According to Slavin’s view, algorithms can be seen as control technologies and shape our world constantly through media and information systems, dynamically modifying content and function through these programmed routines. Search engines and social media platforms perpetually rank user-generated content through algorithms.[8]

Personalisation technologies have various advantages. It translates into more relevant content, which for service providers means more clicks and revenue and for consumer, less time spent on finding the content.[9] However, it also leads to privacy compromise, lack of control and reduced individual capability.[10] Search engines like Google use the famous PageRank algorithm, which combined with geographical location and previous searches yields most relevant search results.[11] PageRank algorithm uses various real time variables dependent on both voluntary and involuntary user inputs. These variables include number of clicks, number of occurrences of the key terms and number of references by other credible pages etc. This data in turn determines the order of pages in search results and influences the way we perceive, understand and analyse information.[12] Maps showing real time traffic information retrieve data from laser and infrared sensors alongside the road and from information from devices of users. Once this real time data is combined with historical trends, these maps recommend rout to every user, hence influencing the traffic patterns.[13]

Even though this phenomenon of personalization may appears to be new, it has been prevalent in the society for ages.[14] The history of mass media culture clearly shows personalization has always been a method to increase market, market reach and customer satisfaction.[15] Newspapers have sections dedicated to special topics, radio and TV have channels dedicated to different interest groups, age groups and consumers.[16] These personalised sections in a newspaper and personalised channels on radio and television don’t just provide greater satisfaction to the readers or listeners or consumers, they also provide targeted advertisement space for the advertisers and content developers. However, digital footprints and mass collection of data have made this phenomenon much more granular and detailed. Geographical location of an individual can tell a lot about their community, their culture and other important traits local to a community.[17] This data further assists in personalisation. Current developments in technology not only help in better collection of data about personal preferences but also help in better personalisation.

Pariser mentions three ways in which the personalization technologies of this day are different from those of the past. First, for the very first time, individuals are alone in the filter bubble. While in traditional forms of personalisation, there were various individuals who shared the same frame of reference, now there is a separate sets of filters governing the dissemination of content to each individual.[18] Second, the personalisation technologies are entirely invisible now, and there is little that consumers can do to control or modify them.[19] Third, often the decision to be subject to these personalisation technologies is not an informed choice. A good example of this would be an individual’s geographical location.[20]

The neutrality of New Media?

More and more, we have noticed personalisation technologies having an impact on how we consume news on the Internet. Google News, Facebook’s News Feed which tries to put together a dynamic feed for both personal and global stories, and Twitter’s trending hashtag feature, have brought forward these services are key drivers of an emerging news ecosystem. Initially, this new media was hailed as a natural consequence of the Internet which would enable greater public participation, allow journalists to find more stories and engage with the readers directly. An illustration of the same could be seen in the way Internet based news media and social networking websites behaved in the aftermath of Israel’s attacks on a United Nations run school in Gaza strip. While much of the international Internet media covered the story, Israel’s home media did not cover the story. The only exception to this was the liberal Israeli news website Ha’aretz.[21] Network graph details of Twitter, for a few days immediately after the incident clearly show the social media manifestation of the event in the personalised cyberspace. It is clearly visible that when most of the word was re-tweeting news of this heinous act of Israel, Israeli’s hardly re-tweeted this news. In fact they were busty re-tweeting the news of rocket attacks on Israel.[22]

The use of social media in newsmaking was hailed by many scholars as symptomatic of the decentralisation characteristic of the Internet. It has been seen as movement towards greater grassroots participation by negating the ‘gatekeeping’ role traditionally played by editors. Thomas Poell and José van Dijck punch holes in theory of social media and other online technologies as mere facilitators of user participation and translators of user preferences through Big Data analytics.[23] They quote T. Gillespie’s work which talks of the narrative of these online services as platforms which are “open, neutral, egalitarian and progressive support for activity.”[24]

Pedro Domingos calls the overwhelming number of choices as the defining problem of the information age, and machine learning and data analytics as the largest part of this solution.[25] The primary function of algorithmic decision making in the context of consumption of content is to narrow down the choices. Domingos is more optimistic about the impact of these technologies, and he says “last step of the decision is usually still for humans to make, but learners intelligently reduce the choices to something a human can manage.”[26] On the other hand, Pariser is more circumspect about the coercive result of machine learning algorithms. Whichever way we lean, we have to accept that a large part of personalisation algorithms is to select and prioritize content by categorising it on the basis of relevance and popularity.

Poell and van Dijck call this a new knowledge logic which in effect replaces human judgement (as, earlier exercised by editors) to some kind of proxy decisionmaking based on data. Their main thesis is that there is little evidence to suggest that the latter is more democratic than former and creates new problems of its own. They go on to compare the practices of various services including Facebook’s new graph and Twitter’s trending topic, and conclude that they prioritise breaking news stories over other kinds of content.[27] For instance, the algorithm for the trending topics depends not on the volume but the velocity of the tweets with the hashtag or term. It could be argued that given this predilection, the algorithms will rarely prefer complex content. If we go by Lippmann and Dewey’s idea that the role of the Fourth Estate is to inform public debate and accountability of those in positions of power, this aspect of Big Data algorithms does not correspond with this role.

Quantified Audience

Another aspect of use of Big Data and algorithms in New Media that requires attention is that the networked infrastructure enables a quantified audience. C W Anderson who has studied newsroom practices in the US looked at role played by audience quantification and rationalization in shifting newswork practices. He concluded that more and more, journalists are less autonomous in their news decisions and increasingly reliant on audience metrics as a supplement to news judgment.[28] Poell and van Dijck review the the practices by some leading publications such a New York Times, L.A. Times and Huffington Post, and degree to which audience metrics dictates editorial decisions. While New York Times seems to prioritise content on their social media portals based on expectation of spike in user traffic, L.A. Times goes one step further by developing content specifically aimed towards promoting greater social participation. Neither of these practices though compare to the reliance on SEO and SMO strategies of web-born news providers like Huffington Post. They have traffic editors who trawl the Internet for trending topics and popular search terms, the feedback from them dictates the content creation.[29]

Conclusion

The above factors demonstrate that the idea of New Media leading to the Fourth Estate performing its democratic functions does not take into account the actual practices. This idea is based on the erroneous assumption that technology, in general and algorithms, in particular are neutral. While the emergence of New Media might have reduced the gatekeeping role played by the editors, its strong prioritisation of content that will be popular reduce the validity of arguments that it leads to more informed public discussion. As Pariser said, the traditional media scores over the New Media inasmuch as there is an existence of a standard of division between editorial decisionmaking and advertiser interest. While this standard is flouted by media houses all the time, it exists as a metric to aspire to and measure service providers against. The New Media performs many of the same functions and maybe it is time to evolve some principles and ethical standards that take into account the need for it to perform these democratic functions.

Endnotes

^{^[1]} Eli Pariser, The Filter Bubble: What the Internet is hiding from you (The Penguin Press, New York, 2011)

[2] Walter Lippmann, Liberty and News (Harcourt, Brace and Howe, New York 1920) available athttps://archive.org/details/libertyandnews01lippgoog

^{^[3]} Walter Lippmann, Public Opinion (Harcourt, Brace and Howe, New York 1920) available at http://xroads.virginia.edu/~Hyper2/CDFinal/Lippman/cover.html

^{^[4]} Walter Lippmann, The Phantom Public (Transaction Publishers, New York, 1925)

^{^[5]} Supra Note 1 at 35.

^{^[6]} Supra Note 1 at 36.

^{^[7]} https://www.ted.com/talks/kevin_slavin_how_algorithms_shape_our_world/transcript?language=en

^{^[8]} Fenwick McKelvey, “Algorithmic Media Need Democratic Methods: Why Publics Matter”, available at http://www.fenwickmckelvey.com/wp-content/uploads/2014/11/2746-9231-1-PB.pdf.

^{^[9]} http://mashable.com/2011/06/03/filters-eli-pariser/#9tIHrpa_9Eq1

^{^[10]} Helen Ashman, Tim Brailsford, Alexandra Cristea, Quan Z Sheng, Craig Stewart, Elaine Torns and Vincent Wade, “The ethical and social implications of personalization technologies for e-learning” available at http://www.sciencedirect.com/science/article/pii/S0378720614000524.

^{^[11]} Sergey Brin and Lawrence Page, “The Anatomy of a Large-Scale Hypertextual Web Search Engine” available at http://infolab.stanford.edu/pub/papers/google.pdf.

^{^[12]} Ian Rogers, “The Google Pagerank Algorithm and How It Works” available at http://www.cs.princeton.edu/~chazelle/courses/BIB/pagerank.htm.

^{^[13]} Trygve Olson and Terry Nelson, “The Internet’s Impact on Political Parties and Campaigns”, available at http://www.kas.de/wf/doc/kas_19706-544-2-30.pdf?100526130942.

^{^[14]} Ian Witten, “Bias, privacy and and personalisation on the web”, available at http://www.cs.waikato.ac.nz/~ihw/papers/07-IHW-Bias,privacyonweb.pdf.

^{^[15]} Supra Note 1 at 10.

^{^[16]} https://www.americanpressinstitute.org/publications/reports/survey-research/social-demographic-differences-news-habits-attitudes/

^{^[17]} Charles Heatwole, “Culture: A Geographical Perspective” available at http://www.p12.nysed.gov/ciai/socst/grade3/geograph.html.

^{^[18]} Supra Note 1 at 10.

^{^[19]} Id.

^{^[20]} Supra Note 1 at 11.

^{^[21]} Paul Mason, “Why Israel is losing the social media war over Gaza?” available at http://blogs.channel4.com/paul-mason-blog/impact-social-media-israelgaza-conflict/1182.

^{^[22]} Gilad Lotan, Israel, Gaza, War & Data: Social Networks and the Art of Personalizing Propaganda available at www.huffingtonpost.com/entry/israel-gaza-war-social-networks-data_b_5658557.html

^{^[23]} Thomas Poell and José van Dijck, “Social Media and Journalistic Independence” in Media Independence: Working with Freedom or Working for Free?, edited by James Bennett & Niki Strange. (Routledge, London, 2015)

^{^[24]} T Gillespie, “The politics of ‘platforms,” in New Media & Society (Volume 12, Issue 3).

^{^[25]} Pedro Domingos, The Master Algorithm: How the quest for the ultimate learning machine will re-make the world (Basic Books, New York, 2015) at 38.

^{^[26]} Ibid at 40.

^{^[27]} Supra Note 23.

^{^[28]} C W Anderson, Between creative and quantified audiences: Web metrics and changing patterns of newswork in local US newsrooms, available at https://www.academia.edu/10937194/Between_Creative_And_Quantified_Audiences_Web_Metrics_and_Changing_Patterns_of_Newswork_in_Local_U.S._Newsrooms

^{^[29]} Supra Note 23.

For more details visit https://cis-india.org/internet-governance/new-media-personalisation-and-the-role-of-algorithms

December 2016 Newsletter

praskrishna — 2017-01-28T12:02:23Z

Welcome to the December 2016 newsletter of the Centre for Internet and Society (CIS).

Dear readers,

Wishing you a happy and prosperous New Year. As the New Year unfolds we are glad to bring you developments from the last month of the year gone by for your reference. Thank you for reading the Centre for Internet and Society's (CIS) December 2016 newsletter.

Previous issues of the newsletters can be accessed here.

Highlights
Telugu Theatre scholar Pranay Raj Vangari created a record by completing a challenge that is famous worldwide in Wikimedia community - "100 Days-100 Articles". Rohini Lakshané attended the 25th session of the World Intellectual Property Organization Standing Committee on the Law of Patents held in Geneva from December 12 - 15, 2016 and made a statement on Future Work. She also submitted a statement on the Assessment of Inventive Step to Secretariat for the WIPO Standing Committee for the Law of Patents, Twenty Fifth Session. CIS submitted inputs to the Working Group on Enhanced Cooperation on Public Policy Issues Pertaining to the Internet (WGEC) on 15 December 2016. The WGEC sought inputs on two questions that will guide the next meeting of the Working Group which is scheduled to take place on the 26-27 January 2017. Udbhav Tiwari wrote an article on the technical, legal and jurisdictional issues around the recent Twitter and email hacks claimed by the ‘Legion Crew’, and what can targeted entities do to better protect themselves. Amber Sinha wrote a blog entry that focuses on network management, in general, and deep packet inspection, in particular and how it impacts the privacy of users. CIS is pleased to bring you the second title of the CIS Papers series. This report by P.P. Sneha comes out of an extended research project supported by the Kusuma Trust. The study undertook a detailed mapping of digital practices in arts and humanities scholarship, both emerging and established, in India. Zeenab Aneez wrote a report that examines the digital transition underway at three leading newspapers in India, the Dainik Jagran in Hindi, English-language Hindustan Times, and Malayala Manorama in Malayalam. Our focus is on how they are changing their newsroom organisation and journalistic work to expand their digital presence and adapt to a changing media environment. CIS made a submission on the Consultation Note on Model for Nation-wide Interoperable and Scalable Public Wi-Fi Networks published by the TRAI on November 15, 2016. Our analysis of the solution proposed in the Note, in brief, is that there is no need of a solution for non-existing interoperability problem for authentication and payment services for accessing public Wi-Fi networks.

CIS in the news:

Lack of clarity about cashless and online transactions makes digital payments more worrisome (Neha Alawadhi; Economic Times; December 1, 2016).
Changing the typographic landscape of a country: one letter at a time (Pooja Saxena; Storyweaver; December 1, 2016).
No laws in India to protect customers if they lose money during digital transactions (Alnoor Peermohamed; Business Standard; December 2, 2016).
Fake Narendra Modi apps aplenty, but it’s up to users to protect themselves (Indian Express; December 2, 2016). Also see Nandini Yadav's blog post in BGR on December 3, 2016.
Your digital wallet can be a ‘pickpocket’ (The Hindu; December 5, 2016).
Most popular smartphone apps inaccessible to disabled: Study (ET Telecom; December 7, 2016).
English gottila,job illa (Regina Gurung; Indian Express; December 7, 2016).
Bumpy road ahead for RFID Tags in vehicles (Smriti Sharma Vasudeva; Statesman; December 7, 2016).
India's Tech Policy Entrepreneurs (Rohin Dharmakumar; The Ken; December 8, 2016).
Vijay Mallya cries foul after his Twitter and email accounts are hacked (Alnoor Peermohamed; Business Standard; December 10, 2016).
విజ్ఞాన నిధి వికీపీడియా.. (Namaste Telangana; December 11, 2016).
వికీపీడియాతో విజ్ఞాన విప్లవం (Andhra Bhoomi; December 11, 2016).
Wikipedia is a Newspaper (Namaste Telangana; December 11, 2016).
Wikipedian Pavan Santhosh says Telugu Wikipedians are creating Knowledge revolution (in Telugu) (Andhra Jyoti; December 12, 2016).
Wikipedia Event in Mangalore (Vijaya Karnataka; December 18, 2016).
With power, phone and internet services affected, Chennai is still recovering from Cyclone Vardah (Vinita Govindarajan and Sruthisagar Yamunan; Scroll.in; December 20, 2016).

पीजी जूलॉजी विभाग में एक दिवसीय समागम का आयोजन (Hindustan, December 20, 2016).

How private companies are using Aadhaar to try to deliver better services (but there's a catch) (M. Rajshekhar; Scroll.in; December 22, 2016).
‘IT hub’ K’taka ranks No 12 in e-deals (Christin Philip Mathew; New Indian Express; December 27, 2016).
India’s ruling party takes online abuse to a professional level (Samanth Subramanian; December 31, 2016).

CIS members published the following articles:

Digital native: The View from My Bubble (Nishant Shah; Indian Express; December 4, 2016).
Indian Newspapers' Digital Transition (Zeenab Azeez; Reuters Institute for the Study of Journalism; December 9, 2016).
The Digital Protection of Traditional Knowledge: Questions Raised by the Traditional Knowledge Digital Library in India (Sunil Abraham and Vidushi Marda; GIS Watch; December 9, 2016)
The Curious Case of Poor Security in the Indian Twitterverse (Udbhav Tiwari; The Wire; December 17, 2016).
Pranay Raj record in 100 days-100 articles (Pavan Santhosh; Andhra Jyoti; December 17, 2016).
Digital Native: People Like Us (Nishant Shah; Indian Express; December 18, 2016).
వంద రోజులు.. వంద వ్యాసాలు - తెలుగు వికీపీడియాలో మోత్కూరు యువకుని రికార్డు (100 Days...100 Articles: Wikipedian from Motkur created record in Telugu Wikipedia) (Pavan Santhosh; Andhra Jyoti; December 18, 2016).

Jobs

CIS is seeking applications for:

-------------------------------------
Accessibility & Inclusion
-------------------------------------
India has an estimated 70 million persons with disabilities who don't have access to read printed materials due to some form of physical, sensory, cognitive or other disability. As part of our endeavour to make available accessible content for persons with disabilities, we are developing a text-to-speech software in 15 languages with support from the Hans Foundation. The progress made so far in the project can be accessed here.

Event Co-organized

International Accessibility Summit of Shaastra 2017 (Organized by CIS and IIT, Madaras; December 31 - January 3, 2017). Nirmita Narasimhan was a panel moderator.

Participation in Event

Best Practices in Digital Accessibility (Organized by IIM, Bangalore; December 19, 2016). Nirmita Narasimhan was a panelist.

-----------------------------------
Access to Knowledge
-----------------------------------
Our Access to Knowledge programme currently consists of two projects. The Pervasive Technologies project, conducted under a grant from the International Development Research Centre (IDRC), aims to conduct research on the complex interplay between low-cost pervasive technologies and intellectual property, in order to encourage the proliferation and development of such technologies as a social good. The Wikipedia project, which is under a grant from the Wikimedia Foundation, is for the growth of Indic language communities and projects by designing community collaborations and partnerships that recruit and cultivate new editors and explore innovative approaches to building projects.

►Copyright and Patent

Statements

25th Session of the WIPO SCP: Statement on Assessment of Inventive Step (Rohini Lakshané; December 15, 2016).
25th Session of the WIPO SCP: Statement on Future work (Rohini Lakshané; December 16, 2016).

Participation in Event

7th Emerging Markets Finance Conference (Organized by Finance Research Group in association with Vanderbilt Law School; Mumbai; December 15, 2016). Anubha Sinha was a panelist.

►Wikipedia

As part of the project grant from the Wikimedia Foundation we have reached out to more than 3500 people across India by organizing more than 100 outreach events and catalysed the release of encyclopaedic and other content under the Creative Commons (CC-BY-3.0) license in four Indian languages (21 books in Telugu, 13 in Odia, 4 volumes of encyclopaedia in Konkani and 6 volumes in Kannada, and 1 book on Odia language history in English).

Blog Entries

Freedom in Feb — an awareness increasing campaign (Tito Dutta; December 8, 2016).
A Shortcut to Freedom (Tito Dutta; December 14, 2016).
Marathi Wikipedia Edit-a-thon in Kolhapur (Subodh Kulkarni; December 16, 2016).
Ongoing Proof-reading Effort by ALC Student Wikimedians in Telugu Wikisource (Pavan Santosh and Ting-Yi Chang; December 30, 2016).

►Openness

Our work in the Openness programme focuses on open data, especially open government data, open access, open education resources, open knowledge in Indic languages, open media, and open technologies and standards - hardware and software. We approach openness as a cross-cutting principle for knowledge production and distribution, and not as a thing-in-itself.

Submission

Comments on the Draft National Policy on Software Products (Anubha Sinha, Rohini Lakshané, and Udbhav Tiwari; December 11, 2016).

-----------------------------------
Internet Governance
-----------------------------------

As part of its research on privacy and free speech, CIS is engaged with two different projects. The first one (under a grant from Privacy International and IDRC) is on surveillance and freedom of expression (SAFEGUARDS). The second one (under a grant from MacArthur Foundation) is on restrictions that the Indian government has placed on freedom of expression online.

►Privacy

Blog Entries

Privacy and Security Implications of Public Wi-Fi - A Case Study (Vanya Rakesh; December 9, 2016).
Habeas Data in India (Vipul Kharbanda and edited by Elonnai Hickok; December 10, 2016).
Workshop Report - UIDAI and Welfare Services: Exclusion and Countermeasures (Vanya Rakesh; December 14, 2016).
Enlarging the Small Print: A Study on Designing Effective Privacy Notices for Mobile Applications (Meera Manoj; December 14, 2016).
Protection of Privacy in Mobile Phone Apps (Hitabhilash Mohanty and Edited by Leilah Elmokadem; December 15, 2016).
ISO/IEC JTC 1 SC 27 Working Group Meetings - A Summary (Vanya Rakesh; December 16, 2016).
Deep Packet Inspection: How it Works and its Impact on Privacy (Amber Sinha; December 16, 2016).

Participation in Events

Industry Consultation Panel on Data Retention - DSCI (Organized by Data Security Council of India; New Delhi; November 23, 2016). This was mirrored on the website on December 6, 2016. Udbhav Tiwari was a panelist.
11th DSCI-NASSCOM Annual Information Security Summit 2016 (Organized by DSCI and NASSCOM; December 14, 2016). Udbhav Tiwari was a panelist.
Workshop on Center for IT and Society (Organized by IIT, Delhi; December 20, 2016). Amber Sinha attended the event.

►Free Speech & Expression

Blog Entries

ISIS and Recruitment using Social Media – Roundtable Report (Vidushi Marda, Aditya Tejus, Megha Nambiar and Japreet Grewal; December 15, 2016).
Inputs to the Working Group on Enhanced Cooperation on Public Policy Issues Pertaining to the Internet (WGEC) (Sunil Abraham and Vidushi Marda, with inputs from Pranesh Prakash; December 17, 2016).

Participation in Event

Myanmar Digital Rights Forum (Organized by Phandeeyar, You Can Do IT, Engage Media and Myanmar Centre for Responsible Business with support from the Embassy of Sweden; December 14 - 15, 2016). Sunil Abraham was a speaker.

►Big Data

Participation in Events

"Decoding the Digital" (Organized by Centre for IT and Public Policy at IIIT; Bangalore; December 12 - 14, 2016). Vanya Rakesh attended the event.
The EU and Free Flows of Data - Data Protection, Trade and Law Enforcement (Organized by the Department of European Studies; Bangalore; December 14, 2016). Ameila Andersdotter gave a talk.

Blog Entry

The Technology behind Big Data (Geethanjali Jujjavarapu and Udbhav Tiwari; December 1, 2016).

►Cyber Security

Blog Entries

Developer team fixed vulnerabilities in Honorable PM's app and API (Bhavyanshu Parasher; December 4, 2016).
Incident Response Requirements in Indian Law (Vipul Kharbanda; December 28, 2016).
Mapping of India’s Cyber Security-Related Bilateral Agreements (Leilah Elmokadem and Saumyaa Naidu; December 29, 2016).
Mapping of Sections in India’s MLAT Agreements (Leilah Elmokadem and Saumyaa Naidu; December 31, 2016).

Event Organized

Multistakeholder Consultation on Encryption (Organized by CIS with ORF and Takshashila Institution; TERI, Bangalore; December 17, 2016).

-----------------------------------
Telecom
-----------------------------------
CIS is involved in promoting access and accessibility to telecommunications services and resources, and has provided inputs to ongoing policy discussions and consultation papers published by TRAI. It has prepared reports on unlicensed spectrum and accessibility of mobile phones for persons with disabilities and also works with the USOF to include funding projects for persons with disabilities in its mandate:

Submission

CIS Submission to TRAI Consultation Note on Model for Nation-wide Interoperable and Scalable Public Wi-Fi Networks (Japreet Grewal, Pranesh Prakash, Sharath Chandra, Sumandro Chattapadhyay, Sunil Abraham, and Udbhav Tiwari, with expert comments from Amelia Andersdotter; December 12, 2016).

-----------------------------------
Researchers at Work
-----------------------------------
The Researchers at Work (RAW) programme is an interdisciplinary research initiative driven by an emerging need to understand the reconfigurations of social practices and structures through the Internet and digital media technologies, and vice versa. It aims to produce local and contextual accounts of interactions, negotiations, and resolutions between the Internet, and socio-material and geo-political processes:

Research Paper

Mapping Digital Humanities in India (P.P. Sneha; December 30, 2016).

-----------------------------------
About CIS
-----------------------------------
The Centre for Internet and Society (CIS) is a non-profit organisation that undertakes interdisciplinary research on internet and digital technologies from policy and academic perspectives. The areas of focus include digital accessibility for persons with disabilities, access to knowledge, intellectual property rights, openness (including open data, free and open source software, open standards, open access, open educational resources, and open video), internet governance, telecommunication reform, digital privacy, and cyber-security. The academic research at CIS seeks to understand the reconfigurations of social and cultural processes and structures as mediated through the internet and digital media technologies.

► Follow us elsewhere

Twitter: http://twitter.com/cis_india
Twitter - Access to Knowledge: https://twitter.com/CISA2K
Twitter - Information Policy: https://twitter.com/CIS_InfoPolicy
Facebook - Access to Knowledge: https://www.facebook.com/cisa2k
E-Mail - Access to Knowledge: a2k@cis-india.org
E-Mail - Researchers at Work: raw@cis-india.org
List - Researchers at Work: https://lists.ghserv.net/mailman/listinfo/researchers

► Support Us

Please help us defend consumer and citizen rights on the Internet! Write a cheque in favour of 'The Centre for Internet and Society' and mail it to us at No. 194, 2nd 'C' Cross, Domlur, 2nd Stage, Bengaluru - 5600 71.

► Request for Collaboration

We invite researchers, practitioners, artists, and theoreticians, both organisationally and as individuals, to engage with us on topics related internet and society, and improve our collective understanding of this field. To discuss such possibilities, please write to Sunil Abraham, Executive Director, at sunil@cis-india.org (for policy research), or Sumandro Chattapadhyay, Research Director, at sumandro@cis-india.org (for academic research), with an indication of the form and the content of the collaboration you might be interested in. To discuss collaborations on Indic language Wikipedia projects, write to Tanveer Hasan, Programme Officer, at tanveer@cis-india.org.

CIS is grateful to its primary donor the Kusuma Trust founded by Anurag Dikshit and Soma Pujari, philanthropists of Indian origin for its core funding and support for most of its projects. CIS is also grateful to its other donors, Wikimedia Foundation, Ford Foundation, Privacy International, UK, Hans Foundation, MacArthur Foundation, and IDRC for funding its various projects.

For more details visit https://cis-india.org/about/newsletters/december-2016-newsletter

Mapping of Sections in India’s MLAT Agreements

Leilah Elmokadem and Saumyaa Naidu — 2016-12-31T06:52:46Z

This set of infographics by Leilah Elmokadem and Saumyaa Naidu maps out and compares the various sections that exist in the 39 MLATs (mutual legal assistance treaty) between India and other countries. An MLAT is an agreement between two or more countries, drafted for the purpose of gathering and exchanging information in an effort to enforce public or criminal laws.

Download: Infographic (PDF) and data (XLSX)

We have found that India’s 39 MLAT documents are worded, formatted and sectioned differently. At the same time, many of the same sections exist across several MLATs. This diagram lists the sections found in the MLAT documents and indicates the treaties in which they were included or not included. To keep the list of sections concise and to more easily pinpoint the key differences between the agreements, we have merged sections that are synonymous in meaning but were worded slightly differently. For example: we would combine “Entry into force and termination” with “Ratification and termination” or “Expenses” with “Costs”.

At the same time, some sections that seemed quite similar and possible to merge were kept separate due to potential key differences that could be overlooked as a result. For example: “Limitation on use” vs. “Limitation on compliance” or “Serving of documents” vs. “Provision of (publicly available) documents/records/objects” remained separate for further analysis and comparison.

These differences in sectioning can be analysed to facilitate a thorough comparison between the effectiveness, efficiency, applicability and enforceability of the various provisions across the MLATs. The purpose of this initial mapping is to provide an overall picture of which sections exist in which MLAT documents. There will be further analysis of these sections to produce a more holistic content-based comparison of the MLATs.

Aggregated Analysis of Sections of MLAT Agreements

For more details visit https://cis-india.org/internet-governance/blog/india-mlat-agreements-sections-map-dec-2016

India’s ruling party takes online abuse to a professional level

praskrishna — 2016-12-31T02:19:14Z

Indian prime minister Narendra Modi’s Bharatiya Janata Party (BJP) employs an army of trolls to harass and intimidate critics through social media, a new book claims.

The article by Samanth Subramanian was published in the National on December 31, 2016. Pranesh Prakash was quoted.

I Am a Troll: Inside the Secret World of the BJP’s Digital Army, by the journalist Swati Chaturvedi, alleges that the party’s social media warriors carry out organised harassment, threatening critics of the BJP with assault, sexual violence and even murder.

Although other parties also have social media units, the BJP’s is particularly well organised and vociferous, Chaturvedi wrote.

The BJP social media cell is active on Twitter and Facebook, as well as in the comments sections of articles on news websites, Chaturvedi found. Some of the abusive PRO-BJP Twitter handles are still followed by Mr Modi’s official Twitter account.

I Am a Troll is based largely upon the account of Sadhavi Khosla, now an activist but formerly a volunteer for two years in the BJP’s social media cell, which went into top gear during the parliamentary elections in 2014 when Mr Modi beat the incumbent Congress party led by Sonia Gandhi and her son Rahul.

Mr Modi campaigned on a platform of fervent nationalism, drawing upon the BJP’s Hindu chauvinist credentials to attract votes. His party’s social media cell responded accordingly.

"It was a never-ending drip feed of hate and bigotry against the minorities, the Gandhi family, journalists on the hit list, liberals, anyone perceived as anti-Modi," Ms Khosla told Chaturvedi.

The BJP has responded to the claims made in the book by accusing Ms Khosla of political bias, saying she "supports the Congress [and] has all reasons to publish unsubstantiated claims". -In fact, she has never revealed her own political leanings, or even whether she has any.

Arvind Gupta, the head of the BJP’s information technology cell, denies the party encouraged trolling or that Ms Khosla had been a member of any BJP unit.

By way of evidence, Ms Khosla shared with Chaturvedi screenshots of instructions that were purportedly sent by Mr Gupta to the operators of the social media cell. "If there was even an unfavourable mention of [Modi] anywhere, Gupta’s digital tracking tools would pick it up and the pack of hyena-like trolls would descend," Ms Khosla said.

One specific campaign cited in I Am a Troll took place in November last year, after the actor Aamir Khan, speaking as the chief guest at a journalism awards ceremony, remarked upon the growing intolerance in India. "There is a growing sense of disquiet and despondency," he said.

Ms Khosla said the BJP’s social media cell was instructed to launch an all-out attack on Khan. She and her colleagues were also asked to spread a petition calling upon SnapDeal, a shopping website, to drop Khan as its brand ambassador.

"I realised that my hero had become a ‘Muslim’," Ms Khosla said in the book. "For me he had just been an Indian actor. I felt like my country was changing."

SnapDeal cut its ties with Khan in February. Ms Khosla, who said she had been growing increasingly uncomfortable with the social media cell’s tactics, quit not long after.

"I simply could not follow directions anymore when I saw rape threats made against female journalists," she said. "Every day some new person was a target and they would attack like a swarm of bees with vile sexual innuendoes, slander, rape and death threats."

Chaturvedi’s book calls for social media companies and police agencies to take such threats more seriously.

"In the United States, which is a beacon for free speech laws, thousands are arrested each year — and the courts uphold these allegations as ‘actionable’ — based on complaints from people who have received violent threats on social media," she wrote.

"Hate speech, targeted harassment, threats of rape with graphic details of assault, incitement to violence — all this is ‘actionable’ too but our police does not act."

Pranesh Prakash, the policy director at the Centre for internet and Society, a Bengaluru-based non-profit organisation, noted that although there are no Indian laws specifically against abusive online behaviour, the general laws that deal with verbal assault cover online cases as well.

"But I’m not sure how much these cases can be taken forward, given jurisdictional problems," Mr Prakash told The National.

When a person complains to police about online abuse, "the first step would be to establish against whom the case is being made, and doing that is difficult", he said.

Since most social media companies are based in the US, police agencies would have to approach India’s foreign ministry which could then invoke a bilateral treaty to gain this information.

"This can take several months if not longer," Mr Prakash said. "And most police stations are not equipped to handle such treaty-based cases."

"Even if the police takes such complaints seriously — and it’s not always clear that they do — there’s no easy way to proceed."

For more details visit https://cis-india.org/internet-governance/news/the-national-december-31-2016-samanth-subramanian-indias-ruling-party-takes-online-abuse-to-a-professional-level

Mapping of India’s Cyber Security-Related Bilateral Agreements

Leilah Elmokadem and Saumyaa Naidu — 2017-04-27T15:14:55Z

With the rapid spread of cloud computing and the growth of cyber spaces, large masses of information are now easily transmittable transnationally, necessitating the ratification of new agreements and cooperation efforts amongst states in order to secure cyber spaces and regulate exchanges of information. In an attempt to understand the nature and extent of current international collaborative efforts in cyber security, we have compiled the following data regarding India’s cyber security-related bilateral agreements. The intention of this exercise is to offer a dynamic visualization that demonstrates which countries India has collaborated with on cyber security efforts and initiatives. This is an ongoing map that we will be updating as our research continues.

Download: Infographic (PDF) and data (XLSX)

The data used for the info-graphic consists of India’s MLATs, cyber security-related MoUs and Joint Statements, and Cyber Frameworks. An MLAT is an agreement between two or more countries, drafted for the purpose of gathering and exchanging information in an effort to enforce public or criminal laws. A MoU (Memorandum of Understanding) is a nonbinding agreement between two or more states outlining the terms and details of an understanding, including each party’s requirements and responsibility; it is often the first stage in the formation of a formal contract. For the purpose of this research, we have grouped Joint Statements with MoUs, as they both generally entail the informal agreement between two states to strengthen cooperation on certain issues. Lastly, a Cyber Framework consists of standards, guidelines and practices to promote protection of critical infrastructure. The data accounts for agreements centered on cyber security as well as any agreements mentioning cooperation efforts in Cyber Security, information security or cybercrime.

The Mapping of India’s Cybersecurity-related bilateral agreement has been updated on April 12, 2017 with the following changes:

A new MoU was signed between Australia and India in April 2017, focusing on combating terrorism and civil aviation security. Cybersecurity cooperation is mentioned in the MoU[1].
A new MoU was signed between Bangladesh and India in April 2017. The Indian Computer Emergency Response Team (CERT-In), Indian Ministry of Electronics and Information Technology and the ICT Division of Bangladesh are the signing parties of the MoU. The agreement focuses on Cooperation in the area of Cyber Security[2].
A preexisting MoU between France and India was added to the mapping, signed in January of 2016. Officials of both countries agreed to intensify cooperation between the Indian and French security forces in the fields of homeland security, cyber security, Special Forces and intelligence sharing to fight against criminal networks and tackle the common threat of terrorism[3].
A new MoU was signed between Indonesia and India in March 2017. It focuses on enhancing cooperation in cyber security and intelligence sharing[4].
A new MoU was signed between Kenya and India in January 2017, with “cyber security” mentioned as one of the key areas of cooperation[5].
A preexisting MoU between Malaysia and India was added to the mapping, signed in November of 2015. Both sides agreed to promote cooperation and the exchange of information regarding cyber security incident management, technology cooperation and cyber attacks, prevalent policies and best practices and mutual response to cyber security incidents[6].
A preexisting MoU between Mauritius and India, signed July 2016, was added to the mapping. This is a non-governmental MoU. Leading bourse BSE signed an agreement with Stock Exchange of Mauritius (SEM) for collaboration in areas including cyber security[7].
A new joint statement between India and Portugal was signed in March 2017. The two countries agreed to set up an institutional mechanism to collaborate in the areas of electronic manufacturing, ITeS, startups, cyber security and e-governance.[8]
A preexisting MoU, signed between Qatar and India in December of 2016, was added to the mapping. The agreement was regarding a protocol on technical cooperation in cyberspace and combatting cybercrime[9].
A new MoU was signed between Serbia and India in January 2017, focusing on cooperation in the field of IT, Electronics. The MoU itself does not explicitly mention cybersecurity. However, the MoU calls for cooperation and exchanges in capacity building institutions, which should entail cyber security strengthening[10].
A preexisting MoU between Singapore and India was added to the mapping. The MoU was signed in January 2016, focusing on the establishment of a formal framework for professional dialogue, CERT-CERT related cooperation for operational readiness and response, collaboration on cyber security technology and research related to smart technologies, exchange of best practices, and professional exchanges of human resource development[11].
A new joint statement was signed between UAE and India in January 2017, following up on their previous Technical Cooperation MoU signed in February 2016. To further deepen cooperation in this area, they agreed to set up joint Research & Development Centres of Excellence[12].
A preexisting MoU has been included in the mapping, signed in May of 2016. CERT-In agreed with the UK Ministry of Cabinet Office to promote close cooperation between both countries in the exchange in knowledge and experience in detection, resolution and prevention of security related incidents[13].
A new MoU between India and the US was signed in March 2017. CERT-In and CERT-US signed a MoU agreeing to promote closer co-operation and exchange of information pertaining to cyber security in accordance with relevant laws, rules and regulations and on the basis of equality, reciprocity and mutual benefit[14].
A new MoU was signed between Vietnam and India in January 2017, agreeing to promote closer cooperation for exchange of knowledge and experience in detection, resolution and prevention of cyber security incidents between both countries[15].

NOTE: Some preexisting MoUs were added as we were initially only including the most recent agreements in the mapping. Upon adding newly signed MoUs, we decided to also keep the preexisting ones and revisit the other entries to include any preexisting MoUs that were initially excluded due to not being the most-recent. In this respect, the visualization will be adjusted to indicate the number of MoUs per country.

[1]http://www.dnaindia.com/india/report-india-australia-sign-mous-on-combating-terrorism-civil-aviation-security-2393843

[2]http://www.theindependentbd.com/arcprint/details/89237/2017-04-09

[3]http://www.thehindu.com/news/resources/Full-text-of-Joint-Statement-issued-by-India-France/article14019524.ece

[4]http://indianexpress.com/article/india/indianhome-ministry-indonesian-ministry-of-security-and-coordination/

[5]https://telanganatoday.news/india-kenya-focus-defence-security-cooperation-pm

[6]http://economictimes.indiatimes.com/news/economy/foreign-trade/india-and-malaysia-sign-3-mous-including-cyber-security/articleshow/49891897.cms

[7]http://indiatoday.intoday.in/story/bse-mauritius-stock-exchange-tie-up-to-promote-financial-mkts/1/723635.html

[8]http://www.tribuneindia.com/news/business/india-portugal-to-collaborate-in-ites-cyber-security/373666.html

[9]http://naradanews.com/2016/12/india-qatar-sign-agreements-on-visa-cybersecurity-investments/

[10]http://ehub.newsforce.in/cabinet-approves-mou-india-serbia-cooperation-field-electronics/

[11]http://www.businesstimes.com.sg/government-economy/singapore-and-india-strengthen-cooperation-on-cyber-security

[12]http://mea.gov.in/bilateral-documents.htm?dtl/27969/India++UAE+Joint+Statement+during+State+visit+of+Crown+Prince+of+Abu+Dhabi+to+India+January+2426+2017

[13]http://www.bestcurrentaffairs.com/india-uk-mou-cyber-security/

[14]http://www.dqindia.com/india-cert-signs-an-mou-with-us-cert/

[15]http://pib.nic.in/newsite/PrintRelease.aspx?relid=157458

For more details visit https://cis-india.org/internet-governance/blog/india-cyber-security-bilateral-agreements-map-dec-2016

Rankathon on Digital Rights (Delhi, January 08)

amber — 2016-12-29T07:10:09Z

Please join us on Sunday, January 08, at the CIS office in Hauz Khas, Delhi, for a rankathon to visualise, and contribute to the findings of the Ranking Digital Rights study, and critique the underlying methodology. The event will begin at 10:00 in the morning and participants can focus on one or more of three kinds of tasks: 1) visualising the CIS and Ranking Digital Rights data, 2) evaluating additional companies using the RDR methodology, and 3) evaluating the RDR methodology and its suitability for independent use.

Download: Invitation (PDF)

The Ranking Digital Rights Corporate Responsibility Index is a project hosted by the Open Technology Institute at New America Foundation that aims to rank Information and Communications Technology (ICTs) companies with respect to their Governance, Freedom of Expression, and Privacy practices. The inaugural Corporate Accountability Index, released in November 2015, evaluated 16 companies based on the project’s methodology that included 31 indicators in total.

visualising the CIS and Ranking Digital Rights data,
evaluating additional companies using the RDR methodology, and
evaluating the RDR methodology and its suitability for independent use.

The event is open to all but the venue has limited space. The participants are requested to RSVP by sending an email to nisha@cis-india.org. The final date for registering for the event is January 04.

All visualisations and other outputs produced at the event will be published under open licenses. All participants are expected to bring their own laptop or any other items needed for their work. CIS will offer data, help with understanding how the Ranking Digital Rights methodology work, refreshments, and any other support as needed.

We are also organising a discussion event on Saturday, January 07, at the India Islamic Cultural Centre, Delhi, to present our findings on digital rights practices of 8 Indian ICT companies, followed by an open structured discussion on the methodology of the Ranking Digital Rights study. Please find more details about this here.

We look forward to your participation and contribution to the discussion. Please support us by sharing this invitation with your colleagues and networks.

For more details visit https://cis-india.org/internet-governance/events/rankathon-on-digital-rights-delhi-jan-08-2017

Discussion on Ranking Digital Rights in India (Delhi, January 07)

amber — 2016-12-29T07:07:34Z

Towards developing an understanding of how Indian ICT companies are recognising and upholding digital rights of their users, and to raise public awareness about the same, the Center for Internet and Society (CIS), with the support of Privacy International, has studied 8 Indian ICT companies, using the same methodology as the 2015 Corporate Accountability Index, to gain greater insight into company practices and initiate public dialogues. Please join us on Saturday, January 07, at the India Islamic Cultural Centre, New Delhi, for a presentation of our findings followed by an open structured discussion on the methodology and implications of the study.

Download: Invitation and agenda (PDF)

Please join us on Saturday, January 07, at the India Islamic Cultural Centre, New Delhi, for a presentation of our findings followed by an open structured discussion on the methodology and implications of the Ranking Digital Rights study. We will begin at 10:30 am with a round of tea and coffee.

The event is open to all but the venue has limited space. The participants are requested to RSVP by sending an email to nisha@cis-india.org.

To further encourage programmers, researchers, journalists, students, and users in general to use and contribute to the findings of the Ranking Digital Rights study, and critique the underlying methodology, we are also organising a “rankathon” on Sunday, January 08, at the CIS office in Delhi. More details can be found here.

We look forward to your participation and contribution to the discussion. Please support us by sharing this invitation with your colleagues and networks.

Agenda

10:30-11:00	Coffee and Tea
11:00-11:15	Introduction
11:15-13:00	Presentation of the Findings and Discussion Divij Joshi and Aditya Singh Chawla
13:00-14:00	Lunch
14:00-15:00	Open Discussion #1: Parameters of Evaluation The RDR methodology was based upon evaluating commitments to uphold human rights through their services – in particular towards their commitment to users’ freedom of expression and privacy. Are there other parameters that may be considered in the Indian context?
15:00-16:00	Open Discussion #2: Towards Protecting Digital Rights What steps can be taken by the government, civil society, and industry in India to create an environment that recognizes and protects users digital rights? What are the relevant legal, political, and economic factors to take into consideration towards this? What are steps that other, multinational ICT companies have taken? Would these be realistic for Indian companies to implement?
16:00-16:30	Conclusion
16:30-17:00	Coffee and Tea

For more details visit https://cis-india.org/internet-governance/events/discussion-on-ranking-digital-rights-in-india-delhi-jan-07-2017

‘IT hub’ K’taka ranks No 12 in e-deals

praskrishna — 2016-12-28T01:54:33Z

Karnataka may be dubbed the ‘IT hub’ of the country but when it comes to e-governance transactions, the state clearly has a long way to go. Statistics from Union government web portal Electronic Transaction Aggregation and Analysis Layer (etaal), which manages e-transactions undertaken by e-governance projects, suggests that Karnataka ranks 12th in the country with just 5.66 crore e-transactions this year as of Monday.

The article by Christin Mathew Philip was published in the New Indian Express on December 27, 2016. Sunil Abraham was quoted.

Among the states with maximum number of e-transactions this year so far are Andhra Pradesh, topping the list with 101 crore e-transactions followed by Telangana (80.35 crore e- transactions) and Kerala (75.30 crore e-transactions).

Karnataka’s poor standing on the e-governance transactions front can largely be attributed to a low number of e-services - 86 - in sharp contrast to Andhra Pradesh’s 250. The e-services include registration of births and deaths, land record registration, utility, bill payments and other government related services.

This clearly underlines the fact that Karnataka needs to include more government services online and also create more awareness among the people about the existing e-governance projects to achieve ‘digital India’ and cashless payment system.

When contacted, Karnataka’s IT minister Priyank Kharge said: “Karnataka is a pioneer in e-governance projects, which includes Bhoomi, Khajane and Mobile-One. Mobile-One is offering nearly 4,500 services, both government and private services at the finger tip. All these initiatives have become the model for other states.”

Statistics from Union government web portal Electronic Transaction Aggregation and Analysis Layer (etaal), which manages e-transactions undertaken by e-governance projects, suggests that Karnataka ranks 12th in the country.

Commenting on this, IT Minister Priyank Kharge said, “The Centre has also recently ranked Karnataka at No.13 in ease of doing business in the country. I don’t know how they are coming up with such rankings without considering the merit.”

Sunil Abraham, executive director of the Centre for Internet Society, a Bengaluru based-research organisation, said: “The government should make e-services friendly to the citizens and also make it more transparent.” He said implementation of proposed Electronic Service Delivery Bill, which will make it mandatory for every government organisation to deliver public services online at a stipulated period, will bring more accountability and attract more people to use government e-services.

For more details visit https://cis-india.org/internet-governance/news/new-indian-express-december-27-2016-christin-philip-mathew-it-hub-karnataka-ranks-12-in-e-deals

Incident Response Requirements in Indian Law

vipul — 2016-12-28T01:19:28Z

Cyber incidents have serious consequences for societies, nations, and those who are victimised by them. The theft, exploitation, exposure or otherwise damage of private, financial, or other sensitive personal or commercial data and cyber attacks that damage computer systems are capable of causing lasting harm.

A recent example of such an attack that we have seen from India is the recent data breach involving an alleged 3.2 million debit cards in India.^[1] In the case of this hack the payment processing networks such as National Payments Corporation of India, Visa and Mastercard, informed the banks regarding the leaks, based on which the banks started the process of blocking and then reissuing the compromised cards. It has also been reported that the banks failed to report this incident to the Computer Emergency Response Team of India (CERT-In) even though they are required by law to do so.^[2] Such risks are increasingly faced by consumers, businesses, and governments. A person who is a victim of a cyber incident usually looks to receive assistance from the service provider and government agencies, which are prepared to investigate the incident, mitigate its consequences, and help prevent future incidents. It is essential for an effective response to cyber incidents that authorities have as much knowledge regarding the incident as possible and have that knowledge as soon as possible. It is also critical that this information is communicated to the public. This underlines the importance of reporting cyber incidents as a tool in making the internet and digital infrastructure secure.. Like any other crime, an Internet-based crime should be reported to those law enforcement authorities assigned to tackle it at a local, state, national, or international level, depending on the nature and scope of the criminal act. This is the first in a series of blog posts highlighting the importance of incident reporting in the Indian regulatory context with a view to highlight the Indian regulations dealing with incident reporting and the ultimate objective of having a more robust incident reporting environment in India.

Incident Reporting under CERT Rules

In India, section 70-B of the Information Technology Act, 2000 (the “IT Act”) gives the Central Government the power to appoint an agency of the government to be called the Indian Computer Emergency Response Team. In pursuance of the said provision the Central Government issued the Information Technology (The Indian Computer Emergency Response Team and Manner of Performing Functions and Duties) Rules, 2013 (the “CERT Rules”) which provide the location and manner of functioning of the Indian Computer Emergency Response Team (CERT-In). Rule 12 of the CERT Rules gives every person, company or organisation the option to report cyber security incidents to the CERT-In. It also places an obligation on them to mandatorily report the following kinds of incidents as early as possible:

Targeted scanning/probing of critical networks/systems;
Compromise of critical systems/information;
Unauthorized access of IT systems/data;
Defacement of website or intrusion into a website and unauthorized changes such as inserting malicious code, links to external websites, etc.;
Malicious code attacks such as spreading of virus/worm/Trojan/botnets/spyware;
Attacks on servers such as database, mail, and DNS and network devices such as routers;
Identity theft, spoofing and phishing attacks;
Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks;
Attacks on critical infrastructure, SCADA systems and wireless networks;
Attacks on applications such as e-governance, e-commerce, etc.

The CERT Rules also impose an obligation on service providers, intermediaries, data centres and body corporates to report cyber incidents within a reasonable time so that CERT-In may have scope for timely action. This mandatory obligation of reporting incidents casts a fairly wide net in terms of private sector entities, however it is notable that prima facie the provision does not impose any obligation on government entities to report cyber incidents unless they come under any of the expressions “service providers”, “data centres”, “intermediaries” or “body corporate”. This would mean that if the data kept with the Registrar General & Census Commissioner of India is hacked in a cyber incident, then there is no statutory obligation under the CERT Rules on it to report the incident. It is pertinent to mention here that although there is no obligation on a government department under law to report such an incident, such an obligation may be contained in its internal rules and guidelines, etc. which are not readily available.

It is pertinent to note that although the CERT Rules provide for a mandatory obligation to report the cyber incidents listed therein, the Rules themselves do not provide for any penalty for non compliance. However this does not mean that there are no consequences for non compliance, it just means that we have to look to the parent legislation i.e. the IT Act for the appropriate penalties for non compliance. Section 70B(6) gives the CERT-In the power to call for information and give directions for the purpose of carrying out its functions. Section 70B(7) provides that any service provider, intermediary, data center, body corporate or person who fails to provide the information called for or comply with the direction under sub-section (6), shall be liable to imprisonment for a period up to 1 (one) year or fine of up to 1 (one) lakh or both.

It is possible to argue here that sub-section (6) only talks about calls for information by CERT-In and the obligation under Rule 12 of the CERT Rules is an obligation placed by the central government and not CERT-In. It can also be argued that sub-section (6) is only meant for specific requests made by CERT-In for information and sub-section (7) only penalises those who do not respond to these specific requests. However, even if these arguments were to be accepted and we were to conclude that a violation of the obligation imposed under Rule 12 would not attract the penalty stipulated under sub-section (7) of section 70B, that does not mean that Rule 12 would be left toothless. Section 44(b) of the IT Act provides that where any person is required under any of the Rules or Regulations under the IT Act to furnish any information within a particular time and such person fails to do so, s/he may be liable to pay a penalty of upto Rs. 5,000/- for every day such failure continues. Further section 45 provides for a further penalty of Rs.25,000/- for any contravention of any of the rules or regulations under the Act for which no other penalty has been provided.

Incident Reporting under Intermediary Guidelines

Section 2(1)(w) of the IT Act defined the term “intermediary” in the following manner;

“intermediary” with respect to any particular electronic record, means any person who on behalf of another person receives, stores or transmits that record or provides any service with respect to that record and includes telecom service providers, network service providers, internet service providers, web hosting service providers, search engines, online payment sites, online-auction sites, online market places and cyber cafes.

Rule 3(9) of the Information Technology (Intermediaries Guidelines) Rules, 2011 (the “Intermediary Guidelines”) also imposes an obligation on any intermediary to report any cyber incident and share information related to cyber security incidents with the CERT-In. Since neither the Intermediary Guidelines not the IT Act specifically provide for any penalty for non conformity with Rule 3(9) therefore any enforcement action against an intermediary failing to report a cyber security incident would have to be taken under section 45 of the IT Act containing a penalty of Rs. 25,000/-.

Incident Reporting under the Unified License

Clause 39.10(i) of the Unified License Agreement obliges the telecom company to create facilities for the monitoring of all intrusions, attacks and frauds on its technical facilities and provide reports on the same to the Department of Telecom (DoT). Further clause 39.11(ii) provides that for any breach or inadequate compliance with the terms of the license, the telecom company shall be liable to pay a penalty amount of Rs. 50 crores (Rs. 50,00,00,000) per breach.

Conclusion

It is clear from the above discussion that there is a legal obligation service providers to report cyber incidents to the CERT-In. Presently, the penalty prescribed under Indian law may not be enough to incentivise companies to adopt comprehensive and consistent incident response programmes. , except in cases of telecom companies under the Unified License Agreement. A fine of Rs. 25,000/- appears to be inconsequential when compared to the possible dangers and damages that may be caused due to a security breach of data containing, for example, credit card details.. Further, it is also imperative that apart from the obligation to report the cyber incident to the appropriate authorities (CERT-In) there should also be a legal obligation to report it to the data subjects whose data is stolen or is put at risk due to the said breach. A provision requiring notice to the data subjects could go a long way in ensuring that service providers, intermediaries, data centres and body corporates implement the best data security practices since a breach would then be known by general consumers leading to a flurry of bad publicity which could negatively impact the business of the data controller, and for a business entity an economic stimulus may be an effective way to ensure compliance.

As we continue to research incident response, the questions and areas we are exploring include the ecosystem of incidence response including what is reported, how, and when, appropriate incentives to companies and governments to report incidents, various forms of penalties, the role of cross border sharing of information and jurisdiction and best practices for incident reporting and citizen awareness.

Published under Creative Commons License CC BY-SA. Anyone can distribute, remix, tweak, and build upon this document, even for commercial purposes, as long as they credit the creator of this document and license their new creations under the terms identical to the license governing this document

^[1] http://www.huffingtonpost.in/2016/10/21/atm-card-hack-what-banks-are-saying-about-india-s-biggest-data/

^[2] http://tech.economictimes.indiatimes.com/news/internet/cert-in-had-warned-banks-on-oct-7-about-expected-targeted-attacks-from-pakistan/54991025

For more details visit https://cis-india.org/internet-governance/blog/incident-response-requirements-in-indian-law

Workshop on Center for IT and Society

praskrishna — 2016-12-23T14:05:00Z

This workshop was held at IIT, Delhi on December 20, 2016. Amber Sinha attended the workshop. The meeting focused on the curriculum and the way forward, especially with respect to the industry requirements.

Session 1 (11:00 - 13:00*): Quick recap of the earlier workshop. Description and focus area of the center. Feedback about the interdisciplinary program in IT and Social Sciences.
Session 2 (14:00 - 16:00)*: Discussion on industry requirement and absorption criterion.

For more details visit https://cis-india.org/internet-governance/news/workshop-on-center-for-it-and-society

How private companies are using Aadhaar to try to deliver better services (but there's a catch)

praskrishna — 2016-12-23T02:04:59Z

They are gathering more information on you.

The article by M. Rajshekhar was published in Scroll.in on December 22, 2016. Sunil Abraham was quoted.

In 2006, Ajay Trehan set up AuthBridge, a background verification company in Gurgaon. That was a time when business process outsourcing was booming. Global companies like Citibank were relocating back-office functions to India. Outfits like AuthBridge sprang up in response to help these companies find qualified staffers. They vetted applicants by running identity checks, verifying education and employment records, doing reference checks and more.

Ten years later, AuthBridge’s client profile has changed. With rising insecurity over crimes in India’s cities, like the December 2012 gangrape in Delhi, or the rape of a young woman in an Uber taxi in 2014, local companies – sizeably from e-commerce and businesses with delivery services – have also started vetting employees and partners to check if they have any criminal history. “Now, we have about 700-800 clients,” said Trehan. “Of them, just 20%-30% are foreign companies.”

AuthBridge’s verification process has changed too. Earlier, its employees used to physically verify the credentials of an applicant by travelling to her school or college, meeting her previous employer, vetting her identity papers with the government department that issued them, and so on.

Now they simply run a query on an electronic database.

Aadhaar enters the private sector

Aadhaar, as India’s Unique Identity Project is called, aims to give a 12-digit unique identity number to all residents by collecting their fingerprint and iris scans. As of September, its database, maintained by the Unique Identity Authority of India, held the names, addresses and biometric information of more than 105 crore people.

The project was created by the United Progressive Alliance government in 2009 to reduce leakages in the country’s welfare programmes.

But, quietly, a range of private sector companies have started using it. This includes verification firms like Authbridge, banks like HDFC, telecommunications companies like Reliance Jio, among others.

So far, most discussions on Aadhaar have focused on its utility for welfare delivery and the risk of government surveillance. But as private sector companies incorporate Aadhaar into their systems, fresh questions and concerns are emerging about what this means. A recent tweet by a journalist that went viral encapsulated these concerns.

To understand the rewards and risks of the use of Aadhaar by private companies, here is a detailed look at how they are using it.

Five ways of using Aadhaar

The first way in which companies are using Aadhaar is pure authentication. This is how Authbridge uses Aadhaar. It sends a name and Aadhaar number to the Unique Identity Authority’s server, which responds to say whether they have matched.

Apart from background verification companies, Aadhaar-based authentication can also be used by employers. “A factory hiring women or a security agency hiring guards and wanting to be sure these people are who they claim to be,” said Pramod Varma, the chief architect and technology advisor for the Aadhaar project.

It could also be used by regulated entities with strong Know Your Customer or KYC norms like banks or telecommunications companies. In the old days of branch-based banking, KYC was not a problem, said Varma, since “the bank manager knew all his customers”. But now, KYC is much harder since banks have moved to “core banking with millions of accounts in the server”. Instant Aadhaar-authentication, he said, is useful for verifying customers.

The second is authentication plus. Here, at the time of authentication, a company also downloads the customer’s data from the Aadhaar database. This is what companies like Reliance Jio are doing.

When a customer provides his Aadhaar number to the company, the company not only runs a query on the Aadhaar database to verify the name and number, it also downloads other information about the customer held on the server, like address, date of birth and gender.

This data can be used to electronically fill out the Know Your Customer forms, replacing what is right now a manual process, said Anupam Varghese, the head (products) of Eko India Financial Services, a financial services startup in the phone banking and remittances segment.

It is a disruptive proposition that companies find useful. In India, the cost of enrolling customers is so high, said Abhishek Sinha, the founder of Eko, that it prices a set of financial products beyond the reach of most Indians. “Authenticating a credit card customer and vetting her identity papers will cost anywhere between Rs 150-Rs 200,” he said. A company can recover that investment only if the customer racks up at least Rs 10,000 on the card, assuming a 2% margin on card transactions.

With its instant authentication and automatic form filling, Aadhaar-based electronic Know Your Customer, said Sinha, slashes those costs and makes it easier for companies to offer financial products which become viable even with a smaller volume of transactions. This allows the growth of financial products for less affluent customer segments.

Subsequently, these companies might pad up those databases by adding their own data. This is a third model of using Aadhaar: authentication plus private database.

For instance, TrustID, a mobile app which claims it can verify “your maid, driver, electrician, tutor, tenant and all service professionals” using Aadhaar, wants users to rate the services of the people they eventually employ. In effect, it is creating a private database.

Others, like Eko, are adding financial transaction histories to the Aadhaar data.

While these three uses are built around Aadhaar-based authentication, the remaining three uses – database sharing, data broking, deduplication – pivot around use of just the Aadhaar number. They are based on recent changes in how companies use customer data.

The customer data boom

Customer data has acquired centrality for several Indian companies, particularly startups in e-commerce and financial services.

In some sectors, Varma said, “the cost of switching [between rival companies] is very low,” which heightens the need for customisation. “The better you can serve, they more sticky you get for a customer.” In other sectors, said Varghese, competition chips away at margins. Which is another reason to try and come up with better services and products.

This is where data can help.

In a conversation in October, Nandan Nilekani, software entrepreneur and the first chairperson of the Unique Identity Authority of India, explained why. “Companies like Ola compete with global companies like Uber which have a tremendous advantage in that they have more data – more customers globally – and better algorithms,” he said. If Ola has 5 million customers, Uber has 100 million. Which means Uber’s algorithms – thanks to pattern recognition and machine learning – will be more accurate.

For all these reasons, said Varma, companies in a handful of business verticals are trying to create “a 360 degree view of their customer”.

What has enabled this is a couple of technological trends. The ability to store and process data, said Nilekani, has gone up enormously in the last 15 years. At the same time, data itself has proliferated as electronic devices like mobile phones create records of voice, photos, messages and the locations of customers.

“All this is realtime data. So, on scale, speed and frequency, we have seen a jump,” said Nilekani.

This rising appetite for data is resulting in a couple of novel outcomes.

Enter, the sharing of customer data

Indian companies have begun sharing databases.

A good example is an experimental partnership between Eko, the banking and remittances company, and Capital Float, a financial services startup which gives short term loans.

The two companies worked out an arrangement where Eko shared a part of its database about its distributors with Capital Float. This shared information contained aggregated and anonymised information on distributors and their working capital positions, said Varghese. Capital Float evaluated the database and came back with a list of distributors it could lend to. Eko, then, forwarded these offers to the distributors. After taking their consent, data about the distributors who were interested in the loans was shared with Capital Float.

On the surface, this is a counter-intuitive development: if customer data holds the key to competitive advantage, companies should closely safeguard their data.

But as it turns out, there are strong reasons to share data.

Both Eko and Capital Float, for instance, are small, specialised players in the financial services market which is dominated by banks. Data sharing is one way to compete with banks by offering complementary services to customers.

It is not clear how endemic data-sharing will get. According to Varma, it will be used selectively. “I cannot see organisations sharing databases at will,” he said. “They will be shared only if they can be used to offer an additional service to the client.”

But a programmer who works at iSpirt, a product software evangelising association based in Bangalore, and who did not want to be identified, said the trend will grow. In the financial sector, as new players like mobile wallet companies acquire more customers, banks that refuse to share data will miss out on emergent markets, he said. “Keeping everything behind closed doors – not participating in data exchanges – is now harmful,” he said.

Sunil Abraham, who heads the Centre For Internet and Society, foresees the rise of another kind of data-sharing – by companies that aggregate customer data from multiple sources and market that to clients. These could be data brokers like US-based Acziom, he said. These could also be more specialised firms like medical transcription companies, which simultaneously serve hospitals, insurance and pharmaceutical companies.

The question is: what does all this have to do with Aadhaar?

The utility of Aadhaar

Aadhaar makes it easier to compare and combine diverse databases.

This is what India’s microfinance companies are doing. As Scroll.in reported recently, Microfinance Institutions Network, an association of microlenders, has told its member companies to seed the Aadhaar numbers of their borrowers into their databases. By searching the databases for the Aadhaar number of a prospective borrower, it will be possible to identify if she has already taken too many loans.

This is a scenario Nilekani bristles at. “You do not need Aadhaar for that,” he said. “You can triangulate databases using email or phone number or name.”

But the iSpirt programmer said, “With Aadhaar, the level of certainty is higher than what you would get by using name, phone number or email.” Between databases, the spelling of names might vary. Phone numbers change, especially in a country like India where prepaid mobile connections outnumber postpaid connections. Only a small part of the country’s population uses email. With Aadhaar, said the programmer, it gets easier to correlate databases.

Aadhaar, added Varma, can also be used to clean up databases. Banks, he said, can use the Aadhaar number to create better customer profiles by identifying all accounts owned by a person. This is the fifth use – deduplication.

What it all means

The implications are obvious. A lot of companies already had databases about their customers. Now, as Nilekani said, technology is allowing the collection of ever greater amounts of information about us. The sharing of databases means companies will have ever more detailed customer profiles.

In a sense, we are entering a future where multiple databases – including several that we are not even aware of – will contain information about us. A hospital and an insurance company might share their records. Or intermediary companies, which service both of them, might create their own databases.

This information will materially affect our lives. As already happens online, companies will increasingly base their products on algorithms that parse data about our behaviour and then offer a customised price – which could be geared to serve or exploit us.

These algorithms, as Propublica reported, can be opaque.

In a sense, much of this is a familiar trajectory. The United States too, as the iSpirt programmer said, “saw a lot of irresponsible data sharing without enough control for civilians”.

That is where India is heading as well. As Scroll noted in its article about TrustID, when the company creates scores for the workers who use its app, they might not always be aware of that rating – or be in a position to challenge that rating.

There are large questions here. Who owns the data about you in a company’s database? Take your information in, say, Ola’s database – the address from where you get picked up or dropped, the phone number, the places you visit most often. Is the data owned by you, Ola or the driver? Should you have a say if a company wants to share this data? If you grant permission, how does one ensure it is used correctly?

Right now, as the next story in this series will show, this is a poorly regulated landscape.

This is the third part in a series on the expansion of Aadhaar and the concerns around it. The first two parts can be read here.

We welcome your comments at letters@scroll.in.

For more details visit https://cis-india.org/internet-governance/news/scroll-m-rajshekhar-how-private-companies-are-using-aadhaar-to-deliver-better-services-but-theres-a-catch

The EU and Free Flows of Data - Data Protection, Trade and Law Enforcement

praskrishna — 2016-12-22T16:01:52Z

Amelia Andersdotter, Cofounder of Dataskydd.net, Distinguished Fellow, Centre for Internet and Society and former Member of the European Parliament gave a talk on December 14, 2016 at the Department of European Studies in Manipal.

Download the brochure

For more details visit https://cis-india.org/internet-governance/news/the-eu-and-free-flows-of-data-data-protection-trade-and-law-enforcement

With power, phone and internet services affected, Chennai is still recovering from Cyclone Vardah

praskrishna — 2016-12-20T16:50:27Z

Nearly a week after Cyclone Vardah rattled the city, bringing normal life to a halt for a few days, Chennai is still reeling from the aftershock of the powerful storm.

The blog post by Vinita Govindarajan and Sruthisagar Yamunan was published by Scroll.in on December 20, 2016 quoted Udbhav Tiwari

With powerful winds that blew up to the speed of 120 kmph, around one lakh trees were estimated to have have been uprooted across the city by the cyclone, causing a loss of almost one-fourth of the city’s foliage, reported The Hindu. Many of these trees fell on transmission lines, damaging them severely and cutting power supply to scores of residential areas.

Employees of Chennai’s city corporation and electricity board were seen hard at work throughout the week, clearing the streets of fallen trees and repairing electricity lines. But with frequent power cuts and sporadic phone and internet signals, the city is still on the long route to restoration.

A senior official of the Tamil Nadu Electricity Board said that their personnel have been working every hour to ensure that normalcy returns to the city as soon as possible. “We have restored power to over 80% of Chennai,” he said. “The rest is also get intermittent power. By Monday morning, the whole city would be covered.”

Slow business

For Senthil Kumar, who runs a tiffin business in East Tambaram in South Chennai, there was no power from Monday, when the cyclone stuck, till Saturday morning. “For three days after the cyclone, we couldn’t open our shop,” he said. “On Friday, we decided to get the food prepared outside and bring it here. We served dosas and idlis without chutney and only sambhar. We’ve lost a week’s business. But you can’t blame the government. They have done well to restore everything so quickly.”

Local businesses depending on internet and phone lines to receive orders were also deeply affected. Moremilaga, a hyperlocal startup that delivers homemade food to customers across the city, said that even though they did not receive their usual number of orders over phone and internet, they managed to surprise their regular customers with packets of food.

“Many of the people who we give food to are elderly people,” said Ragini Murali, who is in-charge of the start-up’s operations. “We felt really bad that we could not give them food for a day because they cannot cook on their own or buy from a store. They depend on our food and were very relieved when we delivered food even when they could not reach us.”

Business is slowly coming back to normal except that now Moremilaga is receiving only 20% of its orders through internet, whereas earlier it was 50%, said Viji Ganesh, the founder of the enterprise.

Maligai Kadai, an online grocery delivery business in Chennai, was shut from Monday through Wednesday. Satish Sundaram, founder of Maligai Kadai, said that the online store hardly received any orders this week because of internet problems across the city. But he said that even delivery of orders placed prior to the storm was a problem.

“We couldn’t do anything,” said Sundaram. “We had to postpone the delivery of orders placed on Sunday because many of our customers left the city immediately after the storm. In other cases, we could not reach our customers on phone to find out if their area was accessible. If the roads were blocked with fallen trees, we would have to come back all the way.”

Why no internet?

Five days after the storm, communication signals were still erratic. Airtel subscribers across the country received messages that the cyclone in Chennai had affected one of their undersea network cables which in turn might slow down internet speeds. Subscribers to BSNL, Vodafone and other telecommunication operators were also facing similar difficulties.

The reason for this slow speed, explained Udbhav Tiwari, a policy officer at The Centre for Internet and Society, was that operators were having to reroute their traffic to other undersea cables that travel using longer, convoluted routes.

“The data takes long to travel, since it does not travel efficiently enough,” he said. “So if you search for something on the internet, it will open only after a minute because the packet had to travel the other three-fourth of the world to reach you instead of the shortest route.”

Undersea cables, Tiwari explained, are usually owned by a combination of telecom companies as well as companies whose sole job is to lay these cables and rent them to individuals who will run their traffic through them.

These companies map out a route decided by demand between certain key points, hire a ship that trawls the ocean sea floor and lays and maintains cables, he said.

For the entirety of Asia, the Singaporean and Japanese region are the main hubs for internet exchange, Tiwari said, since they are considered reliable and commercially viable.

“Undersea cables almost always end in big cites,“ Tiwari said, “because of the infrastructure required to operate them. On the eastern side of India, Chennai is one of the best places to set up an end point for an undersea cable since it is a metropolitan city and closer to hubs like Japan and Singapore.”

If one of these lines near Chennai are broken, he said, it is very likely that the data would slow down because they have to find alternative routes.

“A severe cyclone or tsunami definitely has the potential to disturb or snap these sea cables,” Tiwari said. “But if maintenance is not carried out on them regularly enough, they can break for far more mundane reasons such as high water pressure, rust, debris falling from other ships or even sea animals.”

For more details visit https://cis-india.org/internet-governance/news/scroll-in-vinita-govindarajan-shrutisagar-yamunan-with-power-phone-and-internet-services-affected-chennai-is-still-recovering-from-cyclone-vardah

"Decoding the Digital"- Winter School at IIIT Bangalore

praskrishna — 2016-12-17T01:39:20Z

The Centre for IT and Public Policy at IIIT Bangalore organized a winter school from December 12 to 14, 2016 at the IIIT campus on Decoding the Digital, where the theme for the same was Smart Cities and Social Media. Vanya Rakesh participated in it.

The event involved lectures, interactive discussions, film screenings and group activities on topics ranging from smart communities, smart phones, intelligent transportation, big data, privacy, surveillance, etc. For more inflo, click here

For more details visit https://cis-india.org/internet-governance/news/decoding-the-digital-winter-school-at-iiit-bangalore