We are anonymous, we are legion

The Geopolitics of Information Controls: A Presentation by Masashi Crete-Nishihata

praskrishna — 2013-06-26T09:56:01Z

Masashi Crete-Nishihata will give a talk on Citizen Lab's activities and present its approach to the study of information controls through recent research and case studies. The talk will be held on June 19, 2013 at TERI Auditorium in Bangalore, 5 p.m. to 7.30 p.m.

The Citizen Lab

The Citizen Lab is an interdisciplinary research group based at the University of Toronto. It explores the intersection of
information technology, global security, and human rights through technical, policy, and legal research.

A central focus of Citizen Lab's research analyzes the prevalence, operation, and impact of information controls. Information controls can be conceptualized as actions conducted in and through the Internet and other information and communication technologies. Such controls seek to deny (as with Internet filtering), disrupt (as in denial-of-service
attacks), or monitor (such as passive or targeted surveillance) information for political ends.

Masashi Crete-Nishihata

Masashi is the research manager of the Citizen Lab at the Munk School of Global Affairs, University of Toronto. He has published work on information controls during the 2008 Russia-Georgia conflict, cyber security research ethics, cyber attacks against Burmese media groups, and the psychosocial impacts of lifelogging technologies. His research interests include technology policy, information controls, and human computer interaction.

Relevant Links

http://citizenlab.org

http://citizenlab.org/publications/

https://citizenlab.org/2013/03/you-only-click-twice-finfishers-global-proliferation-2/

Please RSVP as seats are limited.
RSVP: Purba Sarkar (purba@cis-india.org)

Video

For more details visit https://cis-india.org/internet-governance/events/geo-politics-of-information-controls

May 2013 Bulletin

praskrishna — 2013-08-13T11:51:46Z

The Centre for Internet & Society (CIS) welcomes you to the fifth issue of its newsletter for 2013. We bring you an overview of our research, report of events held by us and announcement of upcoming ones, events we participated in, and recent media coverage.

Celebrating 5 Years of CIS
CIS is now 5 years old and we just celebrated this by holding an open exhibition in our offices in Bangalore and Delhi from May 20 to 23, showcasing our work and accomplishments over the period. We had about 170 visitors from the general public coming in to our office. Renowned artists like Tara Kelton, Kiran Subbaiah, Navin Thomas, Abhishek Hazra and Sharath Chandra Ram exhibited their work. The four day event attracted press coverage: Bangalore Mirror (May 18, 2013), DNA (May 19, 2013), Hindu (May 22, 2013), Prajavani (May 23, 2013), Udayavani (May 25, 2013) and Bangalore Mirror (May 31, 2013). Download all posters that were part of the exhibition here.

Google Policy Fellowship
CIS is inviting applications for the Google Policy Fellowship programme. Google is providing a USD 7,500 stipend to the India fellow who will be selected by July 1, 2013. The Fellowship focus areas include Access to Knowledge, Openness in India, Freedom of Expression, Privacy, and Telecom. Send in your applications for the position by June 15, 2013.

Jobs
CIS invites applications for the posts of Developer (NVDA Screen Reader Project), and Programme Officer (Internet Governance). To apply send your resume to sunil@cis-india.org and pranesh@cis-india.org.

Accessibility

CIS is doing two projects in partnership with the Hans Foundation. One is to create a national resource kit of state-wise laws, policies and programmes on issues relating to persons with disabilities in India and another for developing a screen reader and text-to- speech synthesizer for Indian languages. CIS is also working with the World Blind Union and other similar organisations to develop a Treaty for the Visually Impaired helped by the WIPO:

National Resource Kit for Persons with Disabilities
Anandhi Viswanathan from CIS and Manojna Yeluri from the Centre for Law and Policy Research are working in this project. Draft chapters have been published. Feedback and comments are invited from readers for the chapters on Sikkim and Odisha:

The Sikkim Chapter (by Manojna Yeluri, May 30, 2013).
The Odisha Chapter (by Anandhi Viswanathan, May 31, 2013).

Note: All of these are early drafts and will be reviewed and updated.

Banking Accessibility

Survey on Banking Accessibility (by Vrinda Maheshwari, May 30, 2013). G3ict is a survey on accessibility of financial services in banks for persons with disabilities around the world. The survey is available here.

Event Organised

Global Accessibility Awareness Day (May 9, 2013, TERI, Southern Regional Centre, Domlur, Bangalore).

Access to Knowledge and Openness

The Wikimedia Foundation awarded CIS a two year grant of INR 26,000,000 to support and develop the growth of Indic language communities and projects by community collaborations and partnerships. This is being carried out by the Access to Knowledge team based in Delhi. CIS is also doing a project (Pervasive Technologies) on examining the relationship between production of pervasive technologies and intellectual property. CIS also promotes openness including open government data, open standards, open access, and free/libre/open source software through its Openness programme.

Access to Knowledge (Wikipedia)
Beginning from September 1, 2012, Wikimedia Foundation awarded CIS a two-year grant of INR 26,000,000 to support and develop free knowledge in India. The A2K team consists of three members based in Bangalore: T. Vishnu Vardhan, Dr. U.B. Pavanaja and Subhashish Panigrahi and one team member Nitika Tandon who is working from Delhi office. Noopur Raval, Programme Officer has left the organisation. April 24, 2013 was her last working day.

Announcements

Access to Knowledge Work Plan (April 2013 - June 2014): CIS has announced its detailed plan detailed plan with projection of outcomes and expected impact of the A2K programme activities. The document has been made in consultation with various stakeholders and keeping in mind the objectives, opportunities and challenges faced by each of the Indian language Wikimedia projects. Feel free to share any feedback.
WMF-A2K Revised Budget (draft) and Utilization (Sept 2012 - Feb 2013): In our effort to increase transparency with the working of CIS-A2K programme, we are sharing with you the A2K Programme Budget along with the Utilization for the period Sept. 2012 to February 2013. The proposed revisions to the budget along with some notes are here.
WMF-A2K Grant Budget and Utilization (Sept 2012 – February 2013): CIS has given an open disclosure of the Access to Knowledge budget to Wikimedia India and the global community.
CIS Signs MOU with TISS, Mumbai: has signed a MoU with TISS as part of which we will collaboratively work towards building Digital Knowledge Partnerships with select higher education institutions.
India Access to Knowledge IRC can be accessed here: May 13, 2013 (All Language Discussion) and May 26, 2013 (Odia Language Discussion).

Blog Entries

Odia Wikipedia: Needs Assessment (by Subhashish Panigrahi, May 11, 2013).
Access to Knowledge Work Plan: Synopsis of Feedback by Wikipedians (by Nitika Tandon, May 20, 2013).
Wikipedia Introductory Session organized for Data and India portal consultants (by Subhashish Panigrahi, May 30, 2013).

Event Organised

Kannada Wikipedia Workshop (April 29, 2013, Govinda Pai Research Centre, MGM College Udupi). Dr. U.B. Pavanaja led the workshop and gave a talk on Kannada Wikipedia

Event Participated In

Kannada IRC Meet (organised by the Wikipedia Community, May 7, 2013). Dr. U.B. Pavanaja participated in this.

Upcoming Event

Digital Humanities for Indian Higher Education (co-organised in collaboration with HEIRA-CSCS, Tumkur University, CILHE-TISS and CCS (IISc), Indian Institute of Science, Bangalore, July 13, 2013).

Press Coverage

CIS Celebrates 5 Years: A Report in Prajavani (Prajavani, May 23, 2013). Prajavani published a report of Dr. U.B. Pavanja’s talk “From Palm Leaf to Tablet – Journey of Kannada”.
CIS Celebrates 5 Years: A Report in Udayavani (Udayavani, May 25, 2013). Udayavani published a report of the evening programme hosted as part of the Centre for Internet and Society's 5 year celebrations in its Bangalore edition.

Access to Knowledge (Previously IP Reforms)
Blog Entry

On the Unfortunate Rise of the Indian SLAPP Suit (by Ujwala Uppaluri, May 27, 2013).

Openness
Research Papers

Use of Open Access Journals by Indian Researchers (by Subbiah Gunasekharan and Prof. Subbiah Arunachalam, May 27, 2013).
Use made of Open Access Journals by Indian Researchers to Publish their Findings (by Madhan Muthu and Prof. Subbiah Arunachalam, May 28, 2013).

Comments

Draft ICAR Open Access Policy (by Nehaa Chaudhari, May 28, 2013). The comments were submitted to the Indian Council for Agricultural Research.

Event Hosted

RHoK Global Event (Centre for Internet and Society, Bangalore, June 1 – 2, 2013). A report of the event would be published soon.

Internet Governance

The Internet Governance programme conducts research around the various social, technical, and political underpinnings of global and national Internet governance, and includes online privacy, freedom of speech, and Internet governance mechanisms and processes. We began two new projects earlier this year. The first one, with Privacy International, London to facilitate research and events around surveillance, and freedom of speech and expression and the second one with Citizen Lab, Munk School of Global Affairs, University of Toronto on mapping of cyber security actors in South Asia and South East Asia:

Cyber Stewards Project
Laird Brown, a strategic planner and writer with core competencies on brand analysis, public relations and resource management and Purba Sarkar who in the past worked as a strategic advisor in the field of SAP Retail are working in this project.

Video Interview

An Interview with Christopher Soghoian (May 28, 2013).

Upcoming Event

The Geopolitics of Information Controls: A Presentation by Masashi Crete-Nishihata (TERI, Bangalore, June 19, 2013).

Privacy

Comparative Analysis of DNA Profiling Legislations from Across the World (by Srinivas Atreya, May 23, 2013).

Events Co-organised

3rd Privacy Round Table meeting (co-organised with the Federation of Indian Chambers of Commerce and Industry and the Data Security Council of India, Chennai, May 18, 2013). Maria Xynou participated in this event and gives an overview of the discussions and recommendations.
Consilience – 2013 (co-organised with the Law and Technology Committee of National Law School of India University, Bangalore, May 25, 2013).

Events Participated In

ICT, Law and Innovation: Recent Developments, Challenges and Lessons Learned (organised by Bilgi University, Istanbul, May 2013). Chinmayi Arun was a speaker on the Internet Governance panel at Towards a Global Network of Internet and Society Centres.
India’s Politics of Free Expression (co-sponsored by the Asian Studies Centre, Free Speech Debate, the Oxford India Society and Ideas for India Oxbridge Exchange, May 31, 2013 at Nissan Lecture Theatre, St. Antony’s College, Oxford). Chinmayi Arun was a speaker at the Bapsybanoo Marchioness of Winchester Lectures on 'India's Politics of Free Expression'.

Upcoming Event

Privacy Round Table, Mumbai (Mayfair Banquets, Mumbai, June 15, 2013).

Blog Entry

The Surveillance Industry in India: At Least 76 Companies Aiding Our Watchers! (by Maria Xynou, May 2, 2013).

Media Coverage

Sex on-the-go (by Anand Holla, Mumbai Mirror, May 4, 2013). Pranesh Prakash is quoted.
CIS anniversary (Hindu Business Line, May 5, 2013).
Central Monitoring System to make government privy to phone calls, text messages and social media conversations (by Indu Nandakumar, May 7, 2013). Pranesh Prakash is quoted.
Messaging apps find another foe in India’s market regulator (Quartz, May 8, 2013). Elonnai Hickok is quoted.
India's Rs 400-crore Central Monitoring System to snoop on all communication (Tech 2, May 9, 2013). Pranesh Prakash is quoted.
Is India's government becoming Big Brother? (by Talia Ralph and Jason Overdorf, May 9, 2013). Pranesh Prakash is quoted.
Worldwide Playground (Telegraph, May 15, 2013). Pranesh Prakash is quoted.
NGO invites public to peruse its accounts (by Vandana Kamath, May 18, 2013). Sunil Abraham is quoted.
Online privacy should not come at the cost of security: Sunil Abraham (by Anirban Sen, May 19, 2013). Sunil Abraham is quoted.
A lifetime of five years on the internet (by Subir Ghosh, DNA, May 19, 2013). Sunil Abraham is quoted.
CIS highlights changes ushered in by the Internet (Hindu, May 22, 2013).
Burma to host first Internet freedom forum (by Chan Myae Khine, Asian Correspondent, May 22, 2013).
INET Bangkok to Explore Internet’s Impact on Thailand’s Economy and Society (BusinessWire, May 30, 2013). Sunil Abraham is participating in this conference.
Shooting cyber cafes before they die (by Bangalore Mirror, May 31, 2013). CIS’s film on Cyber Cafes is mentioned in this article.

Knowledge Repository on Internet Access
CIS in partnership with the Ford Foundation is executing a project on Internet Access. It covers the history of the internet, technologies involved, principle and values of internet access, broadband market and universal access and will touch upon various polices and regulations which has an impact on internet access and bodies and mechanism which are responsible for formulation policies related to internet access. The blog posts and modules will be published in a new website: www.internet-institute.in.

Ongoing Event

Institute on Internet and Society (supported by Ford Foundation, Golden Palms Resort, Bangalore, June 8 – 14, 2013). The agenda for the event has been finalised.

The following unit was published recently:

Network Connections and Modes of Access (by Srividya Vaidyanathan, May 30, 2013).

Telecom

CIS is involved in promoting access and accessibility of telecommunications services and resources and has provided inputs to ongoing policy discussions and consultation papers published by TRAI. It has prepared reports on unlicensed spectrum and accessibility of mobile phones for persons with disabilities and also works with the USOF to include funding projects for persons with disabilities in its mandate:

Newspaper Column

Configuring a 'Non-Toothless' Regulator (TRAI) (by Shyam Ponappa, Business Standard, May 9, 2013 and Organizing India Blogspot, May 10, 2013).

About CIS

The Centre for Internet and Society is a non-profit research organization that works on policy issues relating to freedom of expression, privacy, accessibility for persons with disabilities, access to knowledge and IPR reform, and openness (including open government, FOSS, open standards, etc.), and engages in academic research on digital natives and digital humanities.
Follow us elsewhere

Get short, timely messages from us on Twitter
Join the CIS group on Facebook
Visit us at http://cis-india.org

Support Us
Please help us defend consumer / citizen rights on the Internet! Write a cheque in favour of ‘The Centre for Internet and Society’ and mail it to us at No. 194, 2nd ‘C’ Cross, Domlur, 2nd Stage, Bengaluru – 5600 71.

Request for Collaboration
We invite researchers, practitioners, and theoreticians, both organisationally and as individuals, to collaboratively engage with Internet and society and improve our understanding of this new field. To discuss the research collaborations, write to Sunil Abraham, Executive Director, at sunil@cis-india.org or Nishant Shah, Director – Research, at nishant@cis-india.org

CIS is grateful to its donors, Wikimedia Foundation, Ford Foundation, Privacy International, UK, Hans Foundation and the Kusuma Trust which was founded by Anurag Dikshit and Soma Pujari, philanthropists of Indian origin, for its core funding and support for most of its projects.

For more details visit https://cis-india.org/about/newsletters/may-2013-bulletin

Shooting cyber cafes before they die

praskrishna — 2013-05-31T06:32:38Z

Working for an NGO, Christy Raj cans the history of city internet parlours through the eyes of a transgender.

Vandana Kamath's article was published in the Bangalore Mirror on May 31, 2013. The Centre for Internet and Society's film on Cyber Cafes is mentioned in this article.

At the turn of the century, when dotcoms were booming, cyber cafes were ubiquitous. But just as video killed the radio star, smartphones have been the slow death of cyber cafes. They may soon be history, but before internet parlours are wiped off the face of the city, Christy Raj, 26, a transgender, has ‘captured’ them for posterity.

Raj (female to male transgender) has single-handedly shot a film on cyber cafes, viewed from the eyes of a transgender. The film is part of a project by Video Volunteers,an NGO that promotes community media. Raj is a correspondent for the NGO.

“I wanted to capture what happens in a cyber café, especially from the point of view of a transgender,” Raj said. “I’ve captured why a transgender would go to a cyber café. It could be for various reasons like applying for a job. The film captures the difficulties a transgender faces etc. It’s a short film, but conveys a lot, especially for a viewer who sees it after cyber cafes have gone extinct in the city!”

Raj admits that he had a tough time while shooting the movie. “We (actor and I) went to several cyber cafes to shoot the film,” Raj said. “Since my actor and I are both transgender, many gave us suspicious looks. Most refused to allow us to even enter the place, forget about shooting the film. We had to show our identity cards at several places and finally we got the opportunity to shoot in a cyber cafe.”

The film, a joint venture of Centre for Internet and Society (CIS) and Video Volunteers, was completed in two weeks and the raw footage was sent to Video Volunteers based in Goa. The film was screened at their fifth anniversary celebrations recently. Raj, who has basic knowledge of camera handling, has been with the NGO since 2010 and has shot various short films on subjects like sexual minorities, the recent eviction of people in Ejipura and human rights.

“Being a correspondent with Video Volunteers has given me an opportunity to work on mainstream issues and work with people from the mainstream. Prior to joining Video Volunteers, I was associated with NGOs like Samara and Sangama. We were given training in camera handling. They give us an opportunity to work on several issues based on the community.”

Raj was born and brought up in Bangalore. His parents abandoned him after they learnt of his transsexual tendencies and he had to drop out of school in the ninth standard. He lives with his partner in Sanjay Nagar.When he left his home, Raj decided he had to make a name in the community.“Today,Icanhandleacamera with confidence and conceptualise and make the films on issues pertaining not only to sexual minorities but also on several other issues,” says Raj.

For more details visit https://cis-india.org/news/bangalore-mirror-vandana-kamath-may-31-2013-shooting-cyber-cafes-before-they-die

The Bapsybanoo Marchioness of Winchester Lectures

praskrishna — 2013-06-09T03:35:38Z

Chinmayi Arun was a speaker at the Bapsybanoo Marchioness of Winchester Lectures on 'India's Politics of Free Expression' in the University of Oxford on May 31 2013, in the session on 'media and security'.

The Asian Studies Centre, Free Speech Debate, the Oxford India Society and Ideas for India Oxbridge Exchange were the co-sponsors for this event.

Theme: India's Politics of Free Expression
Date: May 31, 2013
Time: 10.00 a.m. to 6.15 p.m.
Venue: Nissan Lecture Theatre, St. Antony's College, Oxford

More details can be found here.

For more details visit https://cis-india.org/news/sant-ox-ac-uk-may-31-2013-bapsybanoo-marchioness-winchester-lectures

Online privacy should not come at the cost of security: Sunil Abraham

praskrishna — 2014-11-02T02:27:12Z

Sunil Abraham, Centre for Internet and Society’s executive director, on privacy laws and Internet penetration.

Anirban Sen's article was published in LiveMint on May 19, 2013. Sunil Abraham is quoted.

The Centre for Internet and Society (CIS), a research thinktank that primarily focuses on issues of Internet governance, is pushing to revise the provisions of the Information Technology (IT) Act and make a stronger case for privacy laws and free speech in India, an issue that has caused widespread concern after the government tried to restrict access to more than a 100 websites last year with little justification.

“We want to revise the IT Act...that’s the toughest one and that’s not going to happen very soon because the government is treating it like an ego battle now. They no longer listen to the others,” said Sunil Abraham, executive director of CIS.

The IT Act has been at the centre of debate, with some of its provisions such as Section 66A, which criminalizes “causing annoyance or inconvenience” online or electronically, coming under criticism from rights advocates for being too vague and subject to interpretation.

CIS, which will complete five years on Monday and is organizing a four-day event focusing on issues such as cyber security, surveillance in India and privacy, said it also was working towards creating a privacy law for India within the next 3-4 years. India, which is estimated to have Internet penetration of just 10%, is the third-largest Internet market in the world.

“We’re getting closer and closer to that (privacy law),” said Abraham, adding that privacy should not come at the cost of security.

Over the past five years, Bangalore-based CIS has also been part of some government committees such as the Justice AP Shah Committee, which focused on privacy laws in India, and is also currently working on the country’s telecom policy. The non-government organization, which receives grants from international bodies such as the Wikimedia Foundation, has also worked on policies for the government of Iraq and is currently also doing policy work for the government of Burma.

“Five years ago we were making noise from outside the room, we were not inside any policy making space. That has also changed. From an organization that was mostly outside the room, we’re increasingly being trusted by our own government,” said Abraham, who was one of the most vocal critics of the government’s unique identification (UID) project when it was first launched. Abraham had raised concerns over its overtly broad scope and issues over privacy in the project.

For CIS, one of the biggest achievements over the past five years was being part of the policy framework for the government of India’s draft national policy on open standards for e-governance, said Abraham, adding that the organization was working towards increasing Internet penetration in the country, especially in rural areas.

“We’re hoping that every single mobile phone user in the country will become an Internet user. We’re planning for that future,” he said.

The CIS event starting on Monday will include speakers such as legal researcher and advocate Lawrence Liang and Vibodh Parthasarathi, an associate professor at the Centre for Culture, Media and Governance at the Jamia Millia Islamia university. Both Liang and Parthasarathi are members of the board at CIS.

For more details visit https://cis-india.org/news/livemint-anirban-sen-may-19-2013-online-privacy-should-not-come-at-the-cost-of-security

INET Bangkok to Explore Internet’s Impact on Thailand’s Economy and Society

praskrishna — 2013-06-06T06:18:34Z

The Internet Society, in collaboration with the Thailand Internet community, the National Science & Technology Development Agency (NSTDA), and the Ministry of Information & Communication Technology (MICT), will host the INET Bangkok, 7-8 June 2013. The conference will be held at the Queen Sirikit National Convention Center, and will focus on the power of the Internet as a force for economic and social progress.

This post was published in BusinessWire on May 30, 2013. Sunil Abraham is participating in this conference.

INET Bangkok will bring together Thai Internet stakeholders to engage in an open discussion on the Internet agenda. This event will specifically showcase the creative power of the Internet, promote the importance of participating in the Internet governance process, and share capacity building efforts to expand Internet access.

The INET Bangkok agenda will feature four tracks covering key drivers of the Internet in Thailand: Technology, Innovation, Society, and the Future. Noted speakers at the event include H.E. Anudith Nakornthap, Minister of Information & Communication Technology (MICT); Dr. Thaweesak “Hugh” Koanantakool, President, National Science and Technology Development Agency (NSTDA); Paul Wilson, Director General of Asia Pacific Network Information Centre (APNIC); Dr. Rohan Samarajiva, Founder of LIRNEasia; Sunil Abraham, Executive Director, The Centre for Internet and Society; and Dr. Sak Segkhoonthod, President & CEO, Electronic Government Agency (EGA).

“The Internet has become a remarkable engine for social development and economic growth,” said Rajnesh Singh, Internet Society Regional Bureau Director for Asia-Pacific. “The Internet Society works closely with our Chapters, members, and regional community organizations to ensure the Internet continues to evolve as a platform for innovation, collaboration, creativity, and economic and social development. INET Bangkok will bring together leading Internet experts to discuss critical Internet issues for Thailand and across the region.”

A highlight of the event will be VIP Gala Dinner on 6 June 2013, celebrating the 25^th anniversary of the .TH group, Thailand’s ccTLD. For more details and to register, visit http://www.internetsociety.org/inet-bangkok.

About the Internet Society
The Internet Society is the trusted independent source for Internet information and thought leadership from around the world. With its principled vision and substantial technological foundation, the Internet Society promotes open dialogue on Internet policy, technology, and future development among users, companies, governments, and other organizations. Working with its members and Chapters around the world, the Internet Society enables the continued evolution and growth of the Internet for everyone. For more information, visit www.internetsociety.org.

For more details visit https://cis-india.org/news/businesswire-may-30-2013-inet-bangkok-to-explore-internet-impact-on-thailand-economy-and-society

Sweden 'must raise its net freedom profile'

praskrishna — 2013-07-02T09:57:51Z

While promoting internet freedom is a policy priority for Swedish Foreign Minister Carl Bildt, Sweden's efforts remain largely unknown, according a new report that concludes Sweden needs to do more to raise its global profile as a leader on the issue.

The article by David Landes was published in "The Local" on May 30, 2013. Pranesh Prakash is quoted.

Last week, Bildt and his colleagues at Sweden's Ministry of Foreign Affairs welcomed hundreds of delegates to the Stockholm Internet Forum to discuss what Sweden considers one of the "great global issues of the future".

"Our aim is clear: to create an international, inclusive platform for constructive discussions on the importance of internet freedom for development," Bildt told conference attendees in Stockholm last week.

"We will work to connect the unconnected to an open, secure internet that drives innovation and growth, and that contributes to better democracy and the enjoyment of free speech."

But while Bildt's message was clear to everyone in the audience in Stockholm, a report released on Wednesday suggested that Sweden has so far failed to adequately explain its commitment to internet freedom to a wider audience.

"Sweden does a lot right already, but we are too unknown. We're a small player. So we need to work with others to raise our profile," United Minds analyst Paul Alacron, one of the authors of the report, told The Local.

The report, Freedom and Development on the Internet, was published by the Swedish Institute, together with the United Minds opinion research firm, and is designed to give a qualitative view of internet freedom in six countries, as well as insights into Sweden's perceived importance for the issue.

In-depth interviews with 18 internet experts and activists in Russia, Pakistan, India, China, the United States, and Egypt revealed that there is a demand for Sweden's expertise on internet freedom, but that awareness of what Sweden has to offer is limited.

"If you ask a regular Chinese, most would probably think that the United States is the best role model [for internet freedom]. Most Chinese don't know anything about Sweden," one Chinese blogger is quoted as saying in the report.

Meanwhile, Pranesh Prakash from the Centre for Internet and Society in India, said Sweden could better leverage its strong reputation to help promote internet freedom.

"If the Americans push an issue, many go against it simply because they're behind it. If Sweden takes up the same proposal, the chances are greater that the debate will be about the proposal itself," he said in the report.

According to report co-author Javeria Rizvi Kabani of the Swedish Institute, Sweden has kept a low profile in part due to safety considerations for activists who have participated in exchange programmes organized by the Swedish Institute.

"The safety of those in the of human rights defenders and net activist networks we've created over the last few years and who have visited Sweden always comes first. So we've focused on that rather than Sweden's profile on these issues," she told The Local.

The low-profile approach is nothing new for Sweden, she added.

"We have been very strong in recent years in foreign aid and supporting the process of democratization around the world, but unlike other countries, we haven't put 'brand Sweden' next to that work," Rizvi Kabani explained.

While Sweden is generally recognized as a country that promotes transparency and the freedom of information, the report revealed that the ongoing case involving Sweden's attempts to extradite WikiLeaks founder Julian Assange has dented some people's belief that Sweden is committed to internet freedom.

"The trial of Julian Assange makes Sweden's relationship with the issue of internet freedom complicated," Egyptian journalist Nasry Esmat said in the report.

"I'm aware that the accusations against Assange pertain to something completely different, but that makes Sweden appear like a country that doesn't support WikiLeaks."

The report also pointed to a "troublesome development" in some countries whereby regimes are trying to exert more control over the internet and the spread of information.

According to Alacron, such developments, while concerning, are simply one more argument for why Sweden needs to raise its profile as a staunch supporter of internet freedom.

"Sweden has an important role to play. That's very clear," he said.

"Knowledge and understanding about Sweden may be rather low, but at the same time there are high expectations for what Sweden can do. The conditions are ripe, therefore, for Sweden to play an even more important role in these issues."

For more details visit https://cis-india.org/news/the-local-may-30-2013-sweden-must-raise-its-net-freedom-profile

Towards a Global Network of Internet and Society Centres

praskrishna — 2013-06-05T07:29:43Z

This event was held in Istanbul by Bilgi University as part of the collaboration on Global Network of Interdisciplinary Internet and Society Research Centres.

Chinmayi Arun spoke on the Internet Governance panel at the conference on 'ICT, Law and Innovation: Recent Developments, Challenges, and Lessons Learned'.

A Technological Solution to the Challenges of Online Defamation

Eduardo Bertoni — 2013-07-02T14:47:46Z

When people are insulted or humiliated on the Internet and decide to take legal action, their cases often follow a similar trajectory.

This blog post written by Eduardo Bertoni was published in GlobalVoices on May 28, 2013. CIS has cross-posted this under the Creative Commons Licence.

Consider this scenario:

A public figure, let’s call her Senator X, enters her name into a search engine. The results surprise her — some of them make her angry because they come from Internet sites that she finds offensive. She believes that her reputation has been damaged by certain content within the search results and, consequently, that someone should pay for the personal damages inflicted.

Her lawyer recommends appealing to the search engine – the lawyer believes that the search engine should be held liable for the personal injury caused by the offensive content, even though the search engine did not create the content. The Senator is somewhat doubtful about this approach, as the search engine will also likely serve as a useful tool for her own self-promotion. After all, not all sites that appear in the search results are bothersome or offensive. Her lawyer explains that while results including her name will likely be difficult to find, the author of the offensive content should also be held liable. At that point, one option is to request that the search engine block any offensive sites related to the individual’s name from its searches. Yet the lawyer knows that this cannot be done without an official petition, which will require a judge’s intervention.

“We must go against everyone – authors, search engines – everyone!” the Senator will likely say. “Come on!” says the lawyer, “let's move forward.” However, it does not occur to either the Senator or the lawyer that there may be an alternative approach to that of classic courtroom litigation. The proposal I make here suggests a change to the standard approach – a change that requires technology to play an active role in the solution.

Who is liable?

The “going against everyone” approach poses a critical question: Who is legally liable for content that is available online? Authors of offensive content are typically seen as primarily liable. But should intermediaries such as search engines also be held liable for content created by others?

This last question raises a very specific, procedural question: Which intermediaries will be the subjects of scrutiny and viewed as liable in these types of situations? To answer this question, we must distinguish between intermediaries that provide Internet access (e.g. Internet service providers) and intermediaries that host content or offer content search functions. But what exactly is an ‘intermediary’? And how do we evaluate where an intermediary’s responsibility lies? It is also important to distinguish those intermediaries which simply connect individuals to the Internet from those that offer different services.

What kind of liability might an intermediary carry?

This brings us to the second step in the legal analysis of these situations: How do we determine which model we use in defining the responsibility of an intermediary? Various models have been debated in the past. Leading concepts include:

strict liability, under which the intermediary must legally respond to all offensive content
subjective liability, under which the intermediary’s response depends on what it has done and what it was or is aware of
conditional liability – a variation on subjective liability – under which, if an intermediary was notified or advised that it was promoting or directing users to illegal content and did nothing in response, it is legally required to respond to the offensive content.

These three options for determining liability and responses to offensive online content have been included in certain legislation and have been used in judicial decisions by judges around the world. But not one of these three alternatives provides a perfect standard. As a result, experts continue to search for a definition of liability that will satisfy those who have a legitimate interest in preventing damages that result from offensive content online.

How are victims compensated?

Now let’s return to the example presented earlier. Consider the concept of Senator X’s “satisfaction.” In these types of situations, “satisfaction” is typically economic — the victim will sue for a certain amount of money in “damages”, and she can target anyone involved, including the intermediary.

Interestingly, in the offline world, alternatives have been found for victims of defamation: For example, the “right to reply” aims to aid anyone who feels that his or her reputation or honor has been damaged and allows individuals to explain their point of view.

We must also ask if the right to reply is or is not contradictory to freedom of expression. It is critical to recognize that freedom of expression is a human right recognized by international treaties; technology should be able to achieve a similar solution to issues of online defamation without putting freedom of expression at risk.

Solving the problem with technology

In an increasingly online world, we have unsuccessfully attempted to apply traditional judicial solutions to the problems faced by victims like Senator X. There have been many attempts to apply traditional standards because lawyers are accustomed to using in them in other situations. But why not change the approach and use technology to help “satisfy” the problem?

The idea of including technology as part of the solution, when it is also part of the problem, is not new. If we combine the possibilities that technology offers us today with the older idea of the right to reply, we could change the broader focus of the discussion.

My proposal is simple: some intermediaries (like search engines) should create a tool that allows anyone who feels that he or she is the victim of defamation and offensive online content to denounce and criticize the material on the sites where it appears. I believe that for victims, the ability to say something and to have their voices heard on the sites where others will come across the information in question will be much more satisfactory than a trial against the intermediaries, where the outcome is unknown.

This proposal would also help to limit regulations that impose liability on intermediaries such as search engines. This is important because many of the regulations that have been proposed are technologically impractical. Even when they can be implemented, they often result in censorship; requirements that force intermediaries to filter content regularly infringe on rights such as freedom of expression or access to information.

This proposal may not be easy to implement from a technical standpoint. But I hope it will encourage discussion about the issue, given that a tool like the one I have proposed, although with different characteristics, was once part of Google’s search engine (the tool, “Google Sidewiki” is now discontinued). It should be possible improve upon this tool, adapt it, or do something completely new with the technology it was based on in order to help victims of defamation clarify their opinions and speak their minds about these issues, instead of relying on courts to impose censorship requirements on search engines. This tool could provide much greater satisfaction for victims and could help prevent the violation of the rights of others online as well.

Critics may argue that people will not read the disclaimers or statements written by “defamed” individuals and that the impact and spread of the offensive content will continue unfettered. But this is a cultural problem that will not be fixed by placing liability on intermediaries. As I explained before, the consequences of doing so can be unpredictable.

If we continue to rely on traditional regulatory means to solve these problems, we’ll continue to struggle with the undesirable results they can produce, chiefly increased controls on information and expression online. We should instead look to a technological solution as a viable alternative that cannot and should not be ignored.

Eduardo Bertoni is the Director of the Center for Studies on Freedom of Expression and Access to Information at Palermo University School of Law in Buenos Aires. He served as the Special Rapporteur for Freedom of Expression to the Organization of American States from 2002-2005.

For more details visit https://cis-india.org/internet-governance/blog/global-voices-may-28-2013-eduardo-bertoni-a-technological-solution-to-the-challenges-of-online-defamation

Burma to host first Internet freedom forum

praskrishna — 2013-06-05T07:10:38Z

Myanmar ICT Development Organisation (MIDO) will host “Myanmar Internet Freedom Forum” in Yangon from June 1-2. In the first forum of its kind in Burma, MIDO aims to raise awareness of Internet freedom in a country that has endured decades of media censorship.

Chan Myae Khine's post was published in Asian Correspondent on May 22, 2013. The Centre for Internet and Society will be joining local netizens and organisations for discussion.

In a country with a notoriously low Internet penetration rate, MIDO has been conducting Internet and communications technology (ICT) training in cities and remote areas “to empower citizens using ICT to address core development and poverty-reduction goals.” It is involved in BarCamps and government organized forums as well.

“As our organisation focuses on ICT4D and Internet Policy, Internet freedom is also a vital issue that we look on,” said Htaike Htaike Aung, Program Manager of MIDO.

The major goal of the Myanmar Internet Freedom Forum is to advocate for Internet freedom in Burma (Myanmar). “As the media and policy makers do not have awareness on Internet Governance Forum and its agenda, the issues have not been addressed and lack media attention,” said MIDO in its proposal submission. “Not having local resources on Internet Governance is also a cause for the lack of advocacy groups and campaigns.”

MIDO also aims to promote “access” and “digital rights” with a multi-stakeholderism approach involving government, journalists, bloggers, social media activists, netizens and international experts so that all voices are allowed and heard. Various topics such as Cyber Law, Digital Security, E-education and Netizen Empowerment will be discussed during panel discussions and breakout sessions at the event.

MIDO expects 300 attendees for Day 1 of the forum, when the Center for Internet and Society, the Thai Netizen Network and other regional groups will be joining local netizens and organisations for discussion. “For the government representatives, we’re still trying to get confirmation,” explained Htaike Htaike.

MIDO will invite about 20 netizens from around the country to join interested participants from Yangon to discuss how to effectively monitor Internet freedom on the second day of the forum. The aim is to establish a network to monitor and report on Internet censorship in Burma. MIDO hopes to publish Internet Censorship Index each year with help of the reports generated from the network.

With a 7% of Internet penetration rate, this is a problematic area in Burma, though there has been some progress and Internet business opportunities have begun to emerge. The Internet Freedom Forum, as an all-inclusive platform, has potential to bring necessary knowledge to the public, such as awareness of rights when accessing Internet and other privacy issues which are vital for new netizens.

For more details visit https://cis-india.org/news/asian-correspondent-chan-myae-khine-may-22-2013-burma-to-host-internet-freedom-forum

Comparative Analysis of DNA Profiling Legislations from Across the World

atreya — 2013-07-12T11:30:17Z

With the growing importance of forensic data in law enforcement and research, many countries have recognized the need to regulate the collection and use of forensic data and maintain DNA databases. Across the world around 60 countries maintain DNA databases which are generally regulated by specific legislations. Srinivas Atreya provides a broad overview of the important provisions of four different legislations which can be compared and contrasted with the Indian draft bill.

This research was undertaken as part of the 'SAFEGUARDS' project that CIS is undertaking with Privacy International and IDRC

Efforts to regulate the collection and use of DNA data were started in India in 2007 by the Centre for DNA Fingerprinting and Diagnostics through their draft DNA Profiling Bill. Although the bill has evolved from its original conception, several concerns with regard to human rights and privacy still remain. The draft bill heavily borrows the different aspects related to collection, profiling and use of forensic data from the legislations of the United States, United Kingdom, Canada and Australia.

Click to find an overview of a comparative analysis of DNA Profiling Legislations.

For more details visit https://cis-india.org/internet-governance/blog/comparative-analysis-of-dna-profiling-legislations-across-the-world

CIS highlights changes ushered in by the Internet

praskrishna — 2013-05-22T06:06:44Z

As part of its fifth anniversary celebrations, the Centre for Internet and Society (CIS) has organised an exhibition showcasing its accomplishments, besides a series of talks by experts on the changes ushered in by the Internet. The exhibition will remain open till Thursday.

The article was published in the Hindu on May 22, 2013.

On Wednesday, a talk will be held at 6 p.m. on “Cyber security, privacy and surveillance”. Also, Laird Brown, strategic planner and writer, and Purba Sarkar, associate producer with the cyber security film project, will make presentations on cyber security.

The valedictory will have talks by Kannada writer Chandrashekar Kambar on “Kannada in modern era”, while member of Kannada Software Committee U.B. Pavanja will speak on “From palm leaf to tablet”. This will be followed by a Carnatic music programme by Nirmita Narasimha. The CIS has also invited the public to be its auditors by displaying its account books and contracts, which shows how it has spent the Rs. 13.13 crore received from donors. The exhibition is open from 10 a.m. to 8 p.m.

For more details visit https://cis-india.org/news/the-hindu-may-22-2013-cis-highlights-changes-ushered-in-by-the-internet

NGO invites public to peruse its accounts

praskrishna — 2013-05-21T14:38:38Z

Domlur-based The Centre for Internet and Society opens its books for anyone to see and track every rupee of the Rs 13.13 crore it received from donors.

This article by Vandana Kamath was published in the Bangalore Mirror on May 18, 2013. Sunil Abraham is quoted.

In an unusual but ‘clean’ way of celebrating its fifth anniversary, a city-based non-governmental organisation (NGO) has invited the general public to inspect its books of accounts, check out its list of donors and view contracts. At a time when several NGOs are under the scanner for trying to shroud financial transactions in secrecy, The Centre for Internet and Society (CIS), a non-profit research organisation that defends consumer rights on the Internet, has upped its policy of transparency a notch.

Located in Domlur and largely patronised by Bangalore’s tech community, CIS’s books of accounts will be available for public scrutiny during its fifth anniversary celebrations from May 20 to 23 and will show how the NGO has spent the Rs 13.13 crore it has received from donors since its launch.

Speaking to Bangalore Mirror, CIS executive director Sunil Abraham admitted that the move was to dispel any lingering doubts on the motives of his organisation. “These days, many NGOs have been in the news for misappropriation of donations,” Abraham said. “We want to keep our books of accounts open to the public. Apart from details like salaries drawn by each board member, many other details like contractual obligations with entities, details of donors and official travel expenses by board members can also be obtained. Anybody can walk into our office and ask to see the accounts. A photocopy of all the details will also be given to them at the earliest.”

In fact, a recent debate in the Rajya Sabha centred on the lack of transparency among NGOs receiving contributions from overseas after the Foreign Contribution Regulation Act (FCRA) was passed in 2010. With 17 donors, a majority of who are from overseas, CIS ensures that every rupee obtained is well spent and accounted for.

“We have made public a list of donors and their share of contributions to our society,” Abraham said. “This will give everybody a clear picture of the funds we receive and where and how it is being spent.”

CIS is primarily funded by the Kusuma Trust, The Wikimedia Foundation and The Hans Foundation among others. The society was founded in 2008 and has 17 staff of whom four are based in Delhi and the rest in Bangalore. The society also has seven distinguished fellows and five fellows.

It conducts policy research programmes on topics like accessibility, access to knowledge, openness, internet governance and telecom. The society has churned out 641 research items in five years that include essays, books and blog entries on the topics. It has also conducted research on the accessibility of the e-governance system and has suggested ways to make it more disabled-friendly.

As part of its anniversary celebrations, the society will hold a four-day event in its office starting May 20 that will include an exhibition showcasing its activities so far. Various artists like Kiran Subbaiah, Tara Kelton, Navin Thomas and Abhishekh Hazra are expected to participate and give live demonstrations.

For more details visit https://cis-india.org/news/bangalore-mirror-vandana-kamath-may-18-2013-ngo-invites-public-to-peruse-its-accounts

Report on the 3rd Privacy Round Table meeting

maria — 2013-07-12T11:35:22Z

This report entails an overview of the discussions and recommendations of the third Privacy Round Table meeting in Chennai, on 18th May 2013.

This research was undertaken as part of the 'SAFEGUARDS' project that CIS is undertaking with Privacy International and IDRC.

In furtherance of Internet Governance multi-stakeholder Initiatives and Dialogue in 2013, the Centre for Internet and Society (CIS) in collaboration with the Federation of Indian Chambers of Commerce and Industry (FICCI), and the Data Security Council of India (DSCI), is holding a series of six multi-stakeholder round table meetings on “privacy” from April 2013 to August 2013. The CIS is undertaking this initiative as part of their work with Privacy International UK on the SAFEGUARD project.

In 2012, the CIS and DSCI were members of the Justice AP Shah Committee which created the “Report of Groups of Experts on Privacy”. The CIS has recently drafted a Privacy (Protection) Bill 2013, with the objective of contributing to privacy legislation in India. The CIS has also volunteered to champion the session/workshops on “privacy” in the meeting on Internet Governance proposed for October 2013.

At the roundtables the Report of the Group of Experts on Privacy, DSCI´s paper on “Strengthening Privacy Protection through Co-regulation” and the text of the Privacy (Protection) Bill 2013 will be discussed. The discussions and recommendations from the six round table meetings will be presented at the Internet Governance meeting in October 2013.

The dates of the six Privacy Round Table meetings are enlisted below:

New Delhi Roundtable: 13 April 2013
Bangalore Roundtable: 20 April 2013
Chennai Roundtable: 18 May 2013
Mumbai Roundtable: 15 June 2013
Kolkata Roundtable: 13 July 2013
New Delhi Final Roundtable and National Meeting: 17 August 2013

Following the first two Privacy Round Tables in Delhi and Bangalore, this report entails an overview of the discussions and recommendations of the third Privacy Round Table meeting in Chennai, on 18^th May 2013.

Overview of DSCI´s paper on ´Strengthening Privacy Protection through Co-Regulation´

The third Privacy Round Table meeting began with an overview of the paper on “Strengthening Privacy Protection through Co-Regulation” by the Data Security Council of India (DSCI). In particular, the DSCI pointed out that although the IT (Amendment) Act 2008 lays down the data protection provisions in the country, it has its limitations in terms of applicability, which is why a comprehensive privacy law is required in India. The DSCI provided a brief overview of the Report of the Group of Experts on Privacy (drafted in the Justice AP Shah Committee) and argued that in light of the UID scheme, NATRGID, DNA profiling and the Central Monitoring System (CMS), privacy concerns have arisen and legislation which would provide safeguards in India is necessary. However, the DSCI emphasized that although they support the enactment of privacy legislation which would safeguard Indians from potential abuse, the economic value of data needs to be taken into account and bureaucratic structures which would hinder the work of businesses should be avoided.

The DSCI supported the enactment of privacy legislation and highlighted its significance, but also emphasized that such a legal framework should support the economic value of data. The DSCI appeared to favour the enactment of privacy legislation as it would not only oblige the Indian government to protect individuals´ sensitive personal data, but it would also attract more international customers to Indian online companies. That being said, the DSCI argued that it is important to secure a context for privacy based on Indian standards, rather than on global privacy standards, since the applicability of global standards in India has proven to be weak. The privacy bill should cover all dimensions (including, but not limited to, interception and surveillance) and the misuse of data should be legally prevented and prohibited. Yet, strict regulations on the use of data could potentially have a negative effect on companies’ competitive advantage in the market, which is why the DSCI proposed a co-regulatory framework – if not self-regulation.

In particular, the DSCI argued that companies should be obliged to provide security assurances to their customers and that regulation should not restrict the way they handle customers´ data, especially since customers choose to use a specific service in every case. This argument was countered by a participant who argued that in many cases, customers may not have alternative choices for services and that the issue of “choice” and consent is complicated. Thus it was argued that companies should comply with regulations which restrict the manner with which they handle customers´ data. Another participant argued that a significant amount of data is collected without users´ consent (such as through cookies) and that in most cases, companies are not accountable in regards to how they use the data, who they share it with or how long they retain it. Another participant who also countered the co-regulatory framework suggested by the DSCI argued that regulations are required for smartphones, especially since there is currently very low accountability as to how SMS data is being used or shared. Other participants also argued that, in every case, individual consent should be acquired prior to the collection, processing, retention, and disclosure of data and that that individual should have the right to access his/her data and make possible corrections.

The DSCI firmly supported its position on co-regulation by arguing that not only would companies provide security assurances to customers, but that they would also be accountable to the Privacy Commissioner through the provision of a detailed report on how they handle their customers´ data. Furthermore, the DSCI pointed out that in the U.S. and in Europe, companies provide privacy policies and security assurances and that this is considered to be adequate. Given the immense economic value of data in the Digital Age and the severe effects regulation would have on the market, the DSCI argued that co-regulation is the best solution to ensure that both individuals´ right to privacy and the market are protected.

The discussion on co-regulation proceeded with a debate on what type of sanctions should be applied to those who do not comply with privacy regulations. However, a participant argued that if a self-regulatory model was enforced and companies did not comply with privacy principles, the question of what would happen to individuals´ data would still remain. It was argued that neither self-regulation nor co-regulation provides any assurances to the individual in regards to how his/her data is protected and that once data is breached, there is very little that can be done to eliminate the damage. In particular, the participant argued that self-regulation and co-regulation provide very few assurances that data will not be illegally disclosed and breached. The DSCI responded to this argument by stating that in the case of a data breach, the both the Privacy Commissioner and the individual in question would have to be informed and that this issue would be further investigated. Other participants agreed that co-regulation should not be an option and argued that the way co-regulation would benefit the public has not been adequately proven.

The DSCI countered the above arguments by stating that the industry is in a better position to understand privacy issues than the government due to the various products that it produces. Industries also have better outreach than the Indian government and could enhance awareness to both other companies and individuals in terms of data protection, which is why the code of practice should be created by the industry and validated by the government. This argument was countered by a participant who stated that if the industry decides to participate in the enforcement process, this would potentially create a situation of conflict of interest and could be challenged by the courts in the future. The participant argued that an industry with a self-regulatory code of practice may be problematic, especially since there would be inadequate checks and balances on how data is being handled.

Another participant argued that the Indian government does not appear to take responsibility for the right to privacy, as it is not considered to be a fundamental human right; this being said, a co-regulatory framework could be more appropriate, especially since the industry has better insights on how data is being protected on an international level. Thus it was argued that the government could create high level principles and that the industry would comply. However, a participant argued that every company is susceptible to some type of violation and that in such a case, both self-regulation and co-regulation would be highly problematic. It was argued that, as any company could probably violate users´ data in some way down the line either way, self-regulation or co-regulation would probably not be the most beneficial option for the industry. This argument was supplemented by another participant who stated that co-regulation would mandate the industry and the Privacy Commissioner as the ultimate authorities to handle users´ data and that this could potentially lead to major violations, especially due to inadequate accountability towards users.

Co-regulation was once again supported by the DSCI through the argument that customers choose to use specific services and that by doing so, they should comply with the security measures and privacy policies provided. However, a participant asked whether other stakeholders should be involved, as well as what type of incentives companies have in order to comply with regulations and to protect users´ data. Another participant argued that the very definition of privacy remains vague and that co-regulation should not be an option, since the industry could be violating individuals´ privacy without even realising it. Another issue which was raised is how data would be protected when many companies have servers based in other countries. The DSCI responded by arguing that checks and balances would be in place to deal with all the above concerns, yet a general consensus on co-regulation did not appear to have been reached.

Discussion on the draft Privacy (Protection) Bill 2013

Discussion of definitions: Chapter II

The sections of the draft Privacy (Protection) Bill 2013 were discussed during the second session of the third Privacy Round Table meeting. In particular, the session started with a discussion on whether the draft Privacy (Protection) Bill 2013 should be split into two separate Bills, where the one would focus on data protection and the other on surveillance and interception. The split of a Bill on data protection to two consecutive Bills was also proposed, where the one would focus on data protection binding the public sector and the other on data protection binding the private sector. As the draft Privacy (Protection) Bill 2013 is in line with global privacy standards, the possibility of splitting the Bill to focus separately on the sections mentioned above was seriously considered.

The discussion on the definitions laid out in Chapter 2 of the draft Privacy (Protection) Bill 2013 started with a debate around the definitions of personal data and sensitive personal data and what exactly they should include. It was pointed out that the Data Protection Act of the UK has a much broader definition for the term ´sensitive personal data´ and it was recommended that the Indian draft Privacy (Protection) Bill complies with it. Other participants argued that a controversy lies in India on whether the government would conduct a caste census and if that were to be the case, such data (also including, but not limited to, religion and ethnic origin) should be included in the legal definition for ´sensitive personal data´ to safeguard individuals from potential abuse. Furthermore, the fact that the term ´sensitive personal data´ does not have a harmonious nature in the U.S. and in Europe was raised, especially since that would make it more difficult for India to comply to global privacy standards.

The broadness of the definition for ´sensitive personal data´ was raised as a potential problematic issue, especially since it may not be realistic to expect companies in the long term to protect everything it may include. The participants debated on whether financial information should be included in the definition of ´sensitive personal data´, but a consensus was not reached. Other participants argued that the terms ´data subject´ and ´data controller´ should be carefully defined, as well as that a generic definition for the term ´genetic data´ should be included in the Bill. Furthermore, it was argued that the word ´monitor´ should be included in the definitions of the Bill and that the universal norms in regards to the definitions should apply to each and every state in India. It was also noted that organizational affiliation, such as a trade union membership, should also be included in the definitions of the Bill, since the lack of legal protection may potentially have social and political implications.

Discussion of “Protection of Personal Data”: Chapter III

The discussion on the data protection chapter of the draft Privacy (Protection) Bill began with the recommendation that data collected by companies should comply with a confidentiality agreement. Another participant argued that the UK looks at every financial mechanism to trace how information flows and that India should do the same to protect individuals´ personal data. It was also argued that when an individual is constantly under surveillance, that individual´s behaviour is more controlled and that extra accountability should be required for the use of CCTV cameras. In particular, it was argued that when entities outside the jurisdiction gain access to CCTV data, they should be accountable as to how they use it. Furthermore, it was argued that the Bill should provide provisions on how data is used abroad, especially when it is stored in foreign servers.

Issue of Consent

The meeting proceeded with a discussion of Section 6 and it was pointed out that consent needs to be a prerequisite to data collection. Furthermore, conditions laid out in section 3 would have to be met, through which the individual would have to be informed prior to any data collection, processing, disclosure and retention of data. Section 11 of the Bill entails an accuracy provision, through which individuals have the right to access the data withheld about them and make any necessary corrections. A participant argued that the transmission of data should also be included in the Bill and that the transmitter would have to be responsible for the accuracy of the data. Another participant argued that transmitters should be responsible for the integrity of the data, but that individuals should be responsible for its accuracy. However, such arguments were countered by a participant who argued that it is not practically possible to inform individuals every time there is a change in their data.

Outsourcing of Data

It was further recommended that outsourcing guidelines should be created and implemented, which would specify the agents responsible for outsourcing data. On this note, the fact that a large volume of Indian data is being outsourced to the U.S. under the Patriot Act was discussed. In particular, it was pointed out that most data retention servers are based in the U.S., which makes it difficult for Indians to be able to be informed about which data is being collected, whether it is being processed, shared, disclosed and/or retained. A participant argued that most companies have special provisions which guarantee that data will not cross borders and that it actually depends on the type of ISP handling the data.

Another issue which was raised was that, although a consumer may have control over his/her data at the first stage, that individual ultimately loses control over his/her data in the next stages when data is being shared and/or disclosed without his/her knowledge or consent. Not only is this problematic because individuals lose control over their data, but also because the issue of accountability arises, as it is hard to determine who is responsible for the data once it has been shared and disclosed. Some participants suggested that such a problem could possibly be solved if the data subject is informed by the data processor that its data is being outsourced, as well as of the specific parties the data is being outsourced to. Another participant argued that it does not matter who the data is being outsourced to, but the manner of its use is what really matters.

Data Retention

Acting on the powers given by POTA, it was argued that 50,000 arrests have been made. Out of these arrests, only seven convictions have been made, yet the data of thousands of individuals can be stored for many years under POTA. Thus, it was pointed out that it is crucial that the individual is informed when his/her data is destroyed and that such data is not retained indefinitely. This was supplemented by a participant who argued that most countries in the West have data retention laws and that India should too. Other participants argued that data retention does not end with data destruction, but with the return of the data to the individual and the assurance that it is not stored elsewhere. However, several participants argued that the return of data is not always possible, especially since parties may lack the infrastructure to take back their data.

It was pointed out that civil society groups have claimed that collected data should be destroyed within a specific time period, but the debate remains polarized. In particular, some participants argued that data should be retained indefinitely, as the purpose of data collection may change within time and that data may be valuable in dealing with crime and terrorism in the future. This was countered by participants who argued that the indefinite retention of data may potentially lead to human rights violations, especially if the government handling the data is non-democratic. Another participant argued that the fact that data may be collected for purpose A, processed for purpose B and retained or disclosed for purpose C can be very problematic in terms of human rights violations in the future. Furthermore, another participant stated that destruction should mean that data is no longer accessible and that is should not only apply to present data, but also to past data, such as archives.

Data Processing

The processing of personal data is regulated in section 8 of the draft Privacy (Protection) Bill 2013. A participant argued that the responsibility should lie with the person doing the outsourcing of the data (the data collector). Another participant raised the issue that although banks acquire consent prior to collection and use of data, they subsequently use that data for any form of data processing and disclosure. Credit information requires specific permission and it was argued that the same should apply to other types of personal data. Consent should be acquired for every new purpose other than the original purpose for data collection. It was strongly argued that general consent should not cover every possible disclosure, sharing and processing of data. Another issue which was raised in terms of data processing is that Indian data could be compromised through global cooperation or pre-existing cooperation with third parties.

Data Disclosure

The disclosure of personal data was highlighted as one of the most important provisions within the draft Privacy (Protection) Bill 2013. In particular, three types of disclosure were pointed out: (1) disclosure with consent, (2) disclosure in outsourcing, (3) disclosure for law enforcement purposes. Within this discussion, principle liability issues were raised, as well as whether the data of a deceased person should be disclosed. Other participants raised the issue of data being disclosed by international third parties, who gain access to it through cooperation with Indian law enforcement agencies and cases of dual criminality in terms of the misuse of data abroad were raised. A participant highlighted three points: (1) the subject who has responsibility for the processing of data, (2) any obligation under law should be made applicable to the party receiving the information, (3) applicable laws for outsourcing Indian data to international third parties. It was emphasized that the failure to address these three points could potentially lead to a conflict of laws.

According to a participant, a non-disclosure agreement should be a prerequisite to outsourcing. This was preceded by a discussion on the conditions for data disclosure under the draft Privacy (Protection) Bill 2013 and it was recommended that if data is disclosed without the consent of the individual, the individual should be informed within one year. It was also pointed out that disclosure of data in furtherance of a court order should not be included in the Bill because courts in India tend to be inconsistent. This was followed by a discussion on whether power should be invested in the High Court in terms of data disclosure.

Discussion of “Interception of Communications”: Chapter IV

The third Privacy Round Table ended with a brief discussion on the fourth chapter of the draft Privacy (Protection) Bill 2013, which regulates the interception of communications. Following an overview of the sections and their content, a participant argued that interception does not necessarily need to be covered in the draft Privacy (Protection) Bill, as it is already covered in the Telegraph Act. This was countered by participants who argued that the interception of communications can potentially lead to a major violation of the right to privacy and other human rights, which is why it should be included in the draft Privacy (Protection) Bill. Other participants argued that a requirement that intercepted communication remains confidential is necessary, but that there is no need to include privacy officers in this. Some participants proposed that an exception for sting operations should be included in this chapter.

Meeting conclusion

The third Privacy Round Table entailed a discussion of the definitions used in the draft Privacy (Protection) Bill 2013, as well as of chapters II, III and IV on the right to privacy, the protection of personal data and the interception of communications. The majority of the participants agreed that India needs a privacy legislation and that individuals´ data should be legally protected. However, participants disagreed in regards to how data would be safeguarded and the extent to which data collection, processing, sharing, disclosure, destruction and retention should be regulated. This was supplemented by the debate on self-regulation and co-regulation; participants disagreed on whether the industry should regulate the use of customers´ data autonomously from government regulation or whether the industry should co-operate with the Privacy Commissioner for the regulation of the use of data. Though a consensus was not reached in regards to co-regulation and self-regulation, the majority of the participants agreed upon the establishment of a privacy legislation which would safeguard individuals´ personal data. The major issue, however, with the creation of a privacy legislation in India would probably be its adequate enforcement.

For more details visit https://cis-india.org/internet-governance/blog/report-on-the-third-privacy-round-table-meeting

A lifetime of five years on the internet

praskrishna — 2013-05-20T09:04:28Z

Centre for Internet and Society observes its fifth anniversary on Sunday.

The article by Subir Ghosh was published in DNA on May 19, 2013. Sunil Abraham is quoted in this.

Five years is a long time in the internet space. The past five years, certainly, has been. And so has it been for the Centre for Internet and Society that completes five years here.

When a group of citizens got together to come under a platform called CIS five years ago, they had wanted to work on policy issues about the internet that had a bearing on society. They, in fact, still do; except that the new media space itself has undergone a metamorphosis. Five years ago social media was just starting off, few people had smart phones, and online speech was not a burning issue.

Sunil Abraham, executive director of city-based CIS, affirms this, and goes on to assert: “Five years ago, privacy was not a mainstream concern. Today, many different actors and stakeholders are interested in the configuration of the draft Privacy Bill. We first warned the public about the draconian measures in the IT Act during the 2008 amendment. Four years later, many more people are familiar with problematic sections and are adopting various strategies to amend the Act and it’s associated rules.”

Likewise, five years ago, people dismissed “shared spectrum” as a pipe dream; today “shared spectrum” is mentioned in the National Telecom Policy. CIS usually thinks ahead, and works on a range of issues.

“For internet adoption in India to grow dramatically from the dismal statistics today, we need to ensure continued access to cheap devices and affordable and ubiquitous broadband,” says Abraham.

“With Ericsson suing Micromax for Rs100 crore, the mobile wars have come to India. If we have to protect innovation in sub-100 dollar devices, we need to configure our patent and copyright policy carefully.”

But since CIS works primarily on policy issues, shouldn’t it have been based in Delhi rather than in Bangalore? “We do have a small office in Delhi. But we are headquartered in Bangalore because we need to keep learning from technologists and the technical community,” explains Abraham.

When an organisation calling itself the Centre for Internet and Society (www.cis-india.org) observes its fifth anniversary, it shouldn’t surprise anyone that many of the activities related to the anniversary celebrations (May 20-23) have precious little to do with the internet, and is more about society itself. And yes, an entire evening is devoted to Kannada. There’s a talk by Chandrashekhara Kambara on ‘Kannada in the modern era,’ and another by UB Pavanaja titled ‘From Palm Leaf to Tablet – Journey of Kannada’.

“We are looking at the complete eco-system. For instance, during the digitalisation of TV in India, what will happen to the internet? Do TV promoting policies undermine the growth of broadband? On the second day we look at the connection between another older technology - cinema and the Internet.”

For more details visit https://cis-india.org/news/dna-india-may-19-2013-subir-ghosh-a-lifetime-of-five-years-on-the-internet