We are anonymous, we are legion

Many sites bypass porn ban

Admin — 2018-12-24T15:45:25Z

They use proxy and mirror sites to cater to India, now on a list of countries such as Pakistan and Saudi Arabia that block intimate content online.

The article by Rajitha Menon was published in Deccan Herald on December 6, 2018. Akriti Bopanna was quoted.

The government has got Internet service providers (ISPs) to block 827 websites with pornographic content.

The instruction was based on an order of the Uttarakhand High Court, which reinstated a government order in 2015, on the grounds that watching porn promotes sexual assault.

After a failed ban, the government had got its way, armed with a court order. A horrifying gang rape at a Dehradun school prompted the Uttarakhand court order. According to reports, four students assaulted a girl after watching porn clips.

The order cites no scientific evidence to link pornography with sexual assault. Many in Bengaluru are sceptical not just about the order but also by the assumption that porn can be effectively blocked.

The Internet has plenty of options and the number of porn websites out there is certainly more than 827, they say. It is not rocket science to figure out how to bypass the filters by using virtual private networks (VPN); the Opera browser uses this. Several porn sites have launched altered URLs so that Indian users can still access their content.

Proxy websites, such as Hidester, Hide.me, Whoer.net, and Anonymouse, easily bypass the block. Other sites like Behance.net advise their clients to download their mobile app and browse anonymously.

Even for those who are not that tech savvy, there is a massive market of offline pornography. Porn DVDs or porn on a flash drive can be found on sale everywhere.

Then, Indian law does not ban porn. Watching porn in private is not a criminal offence, say lawyers. Storing and publishing images of child sexual abuse are, however, punishable.

Mobile users are already complaining that ISPs are blocking porn sites.

Finally, what are the sociological and psychological consequences of the ban? Metrolife spoke to some experts to find out.

Deepika Nambiar,Â Clinical psychologist ,Â Abhayahasta Multispeciality Hospital

Banning porn is not the answer. Watching porn is a personal choice. Porn can affect people but it does not override their values. People with aggressive tendencies or with personality issues might get affected though. When it comes to adverse consequences on children, parents should have control. When we ban something, the curiosity increases. And there are many sources for this kind of thing on the Internet. Children are curious or under peer pressure to watch such videos. This can result in addiction later on, if there is no one to tell them where to draw the line. Parents should keep a watch on kids isolating themselves and spending too much time alone.

Amba Salelkar,Â Lawyer, Equals Centre for Promotion of Social Justice

There is ample evidence to show there is no correlation between access to pornographic material and incidents of sexual assault. Also, it is not that all pornographic material is shot non-consensually or is exploitative in nature. In fact, there is an emerging area of feminist pornography. If the question is of prevention, you might as well strengthen sex education in the country. People have to resort to videos on the Internet to clarify their doubts and that is not a good thing. Sex-positive education should be included in school curriculums. We need to strengthen mechanisms to tackle cases of revenge porn and videos that promote violence against women. We also need to engage with website providers instead of banning them.

Raj Armani, CEO, Imbesharam.com, Adult store

I think it is illogical to connect the rising cases of rape with porn consumption. India cannot be truly democratic if the government decides to moral police people. It has to eventually accept that the new generation is ready and able to balance their traditions as well as their freedom of choice and expression. In one way, we are opening the doors by decriminalising gay sex and on the other side, we are closing windows. Associating rape to watching porn is as illogical as associating a murder with a Bollywood or Hollywood crime thriller. The boundaries of law, humanity and decency always override any content consumption. On the contrary, the lack of porn may lead to a build-up of unhealthy energy and cause it to go haywire.

Akriti Bopanna, Programme Office, Centre for Internet and Society

Viewing porn is not illegal but publishing obscene content, which pornography can be construed as, is illegal under sections 67 and 67A of the IT Act. Section 69 (A) of the Act allows the government to order blocking of public access to websites. Moreover, under Section 79 (3) (b) of the Act, governments can get away with making ISPs ban porn since it mandates intermediaries to comply with government orders in the case of unlawful acts. Otherwise they lose their safe harbour provisions.

The Supreme Court in 2015 stated you canâ??t stop citizens from watching porn within their own homes. This was prior to the Puttaswamy judgment, and now that the right to privacy has been declared a right, banning porn websites can be argued as a violation of it.

There is a high risk of a ban being counterproductive in that it will compel individuals to access websites with lax security or shoddy VPNs. These then put people in danger because their information can be logged by such entities, giving access to tracking for advertising and creating malware problems. Not all VPNs are sound, so the individual will still be legally unsafe since information could be potentially traceable.

Dr Rizwana Begum, Psychotherapist, Aviva Psychological Clinic

Porn does encourage abusive sex. The acts shown in pornographic videos are more like fantasy, not really achievable in reality. When one wants to fulfil the fantasy, the other partner might not be okay with it. This affects a lot of relationships as shame and guilt are induced. It leads to aggression, disgust and rejection. There is a rise in the number of cases of pornography addiction, especially among single men. Also, the concept of multiple partners in a sexual act was introduced through pornographic videos and is leading to disorder and violence in real life.

How it started

In 2013, Indore-based advocate Kamlesh Vaswani filed a public interest case in the Supreme Court seeking a ban on porn. He came up with a list of 857 websites which he wanted the court to ban. He argued that most of the porn online is exploitative and increases violent sexual behaviour in the real world.

The court asked the government to find ways to block porn. The government formed the Cyber Regulation Advisory Committee, chaired by then telecom and IT minister Ravi Shankar Prasad.

For more details visit https://cis-india.org/internet-governance/news/deccan-herald-rajitha-menon-december-6-2018-many-sites-bypass-porn-ban

Mapping cybersecurity in India: An infographic

Arindrajit Basu, Karan Saini, Aayush Rathi and Swaraj Barooah — 2018-12-23T16:57:24Z

This infographic maps the key stakeholder, areas of focus and threat vectors that impact cybersecurity policy in India. Broadly, policy-makers should concentrate on establishing a framework where individuals feel secure and trust the growing digital ecosystem. The infographic therefore serves as a ready reference point for the research that we have done and hope to continue through our cybersecurity work at CIS.

Infographic designed by Saumyaa Naidu

For more details visit https://cis-india.org/internet-governance/blog/arindrajit-basu-karan-saini-aayush-rathi-and-swaraj-paul-barooah-december-23-mapping-cyber-security-in-india-infographic

European E-Evidence Proposal and Indian Law

vipul — 2018-12-23T16:45:02Z

In April of 2018, the European Union issued the proposal for a new regime dealing with cross border sharing of data and information by issuing two draft instruments, an E-evidence Regulation (“Regulation”) and an E-evidence Directive (“Directive”), (together the “E-evidence Proposal”). The Regulation is a direction to states to put in place the proper legislative and regulatory machinery for the implementation of this regime while the Directive requires the states to enact laws governing service providers so that they would comply with the proposed regime.

The main feature of the E-evidence Proposal is twofold: (i) establishment of a legal regime whereunder competent authorities can issue European Production Orders (EPOs) and European Preservation Orders (EPROs) to entities in any other EU member country (together the “Data Orders”); and (ii) an obligation on service providers offering services in any of the EU member countries to designate legal representatives who will be responsible for receiving the Data Orders, irrespective of whether such entity has an actual physical establishment in any EU member country.

In this article we will briefly discuss the framework that has been proposed under the two instruments and then discuss how service providers based in India whose services are also available in Europe would be affected by these proposals. The authors would like to make it clear that this article is not intended to be an analysis of the E-evidence Proposal and therefore shall not attempt to bring out the shortcomings of the proposed European regime, except insofar as such shortcomings may affect the service providers located in India being discussed in the second part of the article.

Part I - E-evidence Directive and Regulation

The E-evidence Proposal introduces the concept of binding EPOs and EPROs. Both Data Orders need to be issued or validated by a judicial authority in the issuing EU member country. A Data Order can be issued to seek preservation or production of data that is stored by a service provider located in another jurisdiction and that is necessary as evidence in criminal investigations or a criminal proceeding. Such Data Orders may only be issued if a similar measure is available for the same criminal offence in a comparable domestic situation in the issuing country. Both Data Orders can be served on entities offering services such as electronic communication services, social networks, online marketplaces, other hosting service providers and providers of internet infrastructure such as IP address and domain name registries. Thus companies such as Big Rock (domain name registry), Ferns n Petals (online marketplace providing services in Europe), Hike (social networking and chatting), etc. or any website which has a subscription based model and allows access to subscribers in Europe would potentially be covered by the E-evidence Proposal. The EPRO, similarly to the EPO, is addressed to the legal representative outside of the issuing country’s jurisdiction to preserve the data in view of a subsequent request to produce such data, which request may be issued through MLA channels in case of third countries or via a European Investigation Order (EIO) between EU member countries. Unlike surveillance measures or data retention obligations set out by law, which are not provided for by this proposal, the EPRO is an order issued or validated by a judicial authority in a concrete criminal proceeding after an individual evaluation of the proportionality and necessity in every single case.^{^[1]} Like the EPO, it refers to the specific known or unknown perpetrators of a criminal offence that has already taken place. The EPRO only allows preserving data that is already stored at the time of receipt of the order, not the access to data at a future point in time after the receipt of the EPRO.

While EPOs to produce subscriber data^{^[2]} and access data^{^[3]} can be issued for any criminal offence an EPO for content data^{^[4]} and transactional data^{^[5]} may only be issued by a judge, a court or an investigating judge competent in the case. In case the EPO is issued by any other authority (which is competent to issue such an order in the issuing country), such an EPO has to be validated by a judge, a court or an investigating judge. In case of an EPO for subscriber data and access data, the EPO may also be validated by a prosecutor in the issuing country.

To reduce obstacles to the enforcement of the EPOs, the Directive makes it mandatory for service providers to designate a legal representative in the European Union to receive, comply with and enforce Data Orders. The obligation of designating a legal representative for all service providers that are operating in the European Union would ensure that there is always a clear addressee of orders aiming at gathering evidence in criminal proceedings. This would in turn make it easier for service providers to comply with those orders, as the legal representative would be responsible for receiving, complying with and enforcing those orders on behalf of the service provider.

Grounds on which EPOs can be issued

The grounds on which Data Orders may be issued are contained in Articles 5 and 6 of the Regulation which makes it very clear that a Data Order may only be issued in a case if it is necessary and proportionate for the purposes of a criminal proceeding. The Regulation further specifies that an EPO may only be issued by a member country if a similar domestic order could be issued by the issuing state in a comparable situation. By using this device of linking the grounds to domestic law, the Regulation tries to skirt around the thorny issue of when and on what basis an EPO may be issued. The Regulation also assigns greater weight (in terms of privacy) to transactional and content data as opposed to subscriber and access data and subjects the production and preservation of the former to stricter requirements. Therefore while Data Orders for access and subscriber data may be issued for any criminal offence, orders for transactional and content data can only be issued in case of criminal offences providing for a maximum punishment of atleast 3 years and above. In addition to that EPOs for producing transactional or content data can also be issued for offences specifically listed in Article 5(4) of the Regulation. These offences have been specifically provided for since evidence for such cases would typically be available mostly only in electronic form. This is the justification for the application of the Regulation also in cases where the maximum custodial sentence is less than three years, otherwise it would become extremely difficult to secure convictions in those offences.^{^[6]}

The Regulation also requires the issuing authority to take into account potential immunities and privileges under the law of the member country in which the service provider is being served the EPO, as well as any impact the EPO may have on fundamental interests of that member country such as national security and defence. The aim of this provision is to ensure that such immunities and privileges which protect the data sought are respected, in particular where they provide for a higher protection than the law of the issuing member country. In such situations the issuing authority “has to seek clarification before issuing the European Production Order, including by consulting the competent authorities of the Member State concerned, either directly or via Eurojust or the European Judicial Network.”

Grounds to Challenge EPOs

Service Providers have been given the option to object to Data Orders on certain limited grounds specified in the Regulation such as, if it was not issued by a proper issuing authority, if the provider cannot comply because of a de facto impossibility or force majeure, if the data requested is not stored with the service provider or pertains to a person who is not the customer of the service provider.^{^[7]} In all such cases the service provider has to inform the issuing authority of the reasons for the inability to provide the information in the specified form. Further, in the event that the service provider refuses to provide the information on the grounds that it is apparent that the EPO “manifestly violates” the Charter of Fundamental Rights of the European Union or is “manifestly abusive”, the service provider shall send the information in specified Form to the competent authority in the member state in which the Order has been received. The competent authority shall then seek clarification from the issuing authority through Eurojust or via the European Judicial Network.^{^[8]}

If the issuing authority is not satisfied by the reasons given and the service provider still refuses to provide the information requested, the issuing authority may transfer the EPO Certificate along with the reasons given by the service provider for non compliance, to the enforcing authority in the addressee country. The enforcing authority shall then proceed to enforce the Order, unless it considers that the data concerned is protected by an immunity or privilege under its national law or its disclosure may impact its fundamental interests such as national security and defence; or the data cannot be provided due to one of the following reasons:

(a) the European Production Order has not been issued or validated by an issuing authority as provided for in Article 4;

(b) the European Production Order has not been issued for an offence provided for by Article 5(4);

(c) the addressee could not comply with the EPOC because of de facto impossibility or force majeure, or because the EPOC contains manifest errors;

(d) the European Production Order does not concern data stored by or on behalf of the service provider at the time of receipt of EPOC;

(e) the service is not covered by this Regulation;

(f) based on the sole information contained in the EPOC, it is apparent that it manifestly violates the Charter or that it is manifestly abusive.

In addition to the above mechanism the service provider may refuse to comply with an EPO on the ground that disclosure would force it to violate a third-country law that either protects “the fundamental rights of the individuals concerned” or “the fundamental interests of the third country related to national security or defence.” Where a provider raises such a challenge, issuing authorities can request a review of the order by a court in the member country. If the court concludes that a conflict as claimed by the service provider exists, the court shall notify authorities in the third-party country and if that third-party country objects to execution of the EPO, the court must set it aside.^{^[9]}

A service provider may also refuse to comply with an order because it would force the service provider to violate a third-country law that protects interests other than fundamental rights or national security and defense. In such cases, the Regulation provides that the same procedure be followed as in case of law protecting fundamental rights or national security and defense, except that in this case the court, rather than notifying the foreign authorities, shall itself conduct a detailed analysis of the facts and circumstances to decide whether to enforce the order.^{^[10]}

Service Provider “Offering Services in the Union”

As is clear from the discussion above, the proposed regime puts an obligation on service providers offering services in the Union to designate a legal representative in the European Union, whether the service provider is physically located in the European Union or not. This appears to be a fairly onerous obligation for small technology companies which may involve a significant cost to appoint and maintain a legal representative in the European Union, especially if the service provider is not located in the EU. Therefore the question arises as to which service providers would be covered by this obligation and the answer to that question lies in the definitions of the terms “service provider” and “offering services in the Union”.

The term service provider has been defined in Article 2(2) of the Directive as follows:

“‘service provider’ means any natural or legal person that provides one or more of the following categories of services:

(a) electronic communications service as defined in Article 2(4) of [Directive establishing the European Electronic Communications Code];^{^[11]}

(b) information society services as defined in point (b) of Article 1(1) of Directive (EU) 2015/1535 of the European Parliament and of the Council^{^[12]} for which the storage of data is a defining component of the service provided to the user, including social networks, online marketplaces facilitating transactions between their users, and other hosting service providers;

(c) internet domain name and IP numbering services such as IP address providers, domain name registries, domain name registrars and related privacy and proxy services;”

Thus broadly speaking the service providers covered by the Regulation would include providers of electronic communication services, social networks, online marketplaces, other hosting service providers and providers of internet infrastructure such as IP address and domain name registries, or on their legal representatives where they exist. An important qualification that has been added in the definition is that it covers only those services where “storage of data is a defining component of the service”. Therefore, services for which the storage of data is not a defining component are not covered by the proposal. The Regulation also recognizes that most services delivered by providers involve some kind of storage of data, especially where they are delivered online at a distance; and therefore it specifically provides that services for which the storage of data is not a main characteristic and is thus only of an ancillary nature would not be covered, including legal, architectural, engineering and accounting services provided online at a distance.^{^[13]}

This does not mean that all such service providers offering the type of services in which data storage is the main characteristic, in the EU, would be covered by the Directive. The term “offering services in the Union” has been defined in Article 2(3) of the Directive as follows:

“‘offering services in the Union’ means:

(a) enabling legal or natural persons in one or more Member State(s) to use the services listed under (3) above; and

(b) having a substantial connection to the Member State(s) referred to in point (a);”

Clause (b) of the definition is the main qualifying factor which would ensure that only those entities whose offering of services has a “substantial connection” which the member countries of the EU would be covered by the Directive. The Regulation recognizes that mere accessibility of the service (which could also be achieved through mere accessibility of the service provider’s or an intermediary’s website in the EU) should not be a sufficient condition for the application of such an onerous condition and therefore the concept of a “substantial connection” was inserted to ascertain a sufficient relationship between the provider and the territory where it is offering its services. In the absence of a permanent establishment in an EU member country, such a “substantial connection” may be said to exist if there are a significant number of users in one or more EU member countries, or the “targeting of activities” towards one or more EU member countries. The “targeting of activities” may be determined based on various circumstances, such as the use of a language or a currency generally used in an EU member country, the availability of an app in the relevant national app store, providing local advertising or advertising in the language used in an EU member country, making use of any information originating from persons in EU member countries in the course of its activities, or from the handling of customer relations such as by providing customer service in the language generally used in EU member countries. A substantial connection can also be assumed where a service provider directs its activities towards one or more EU member countries as set out in Article 17(1)(c) of Regulation 1215/2012 on jurisdiction and the recognition and enforcement of judgments in civil and commercial matters.^{^[14]}

Part II - EU Directive and Service Providers located in India

In this part of the article we will discuss how companies based in India and running websites providing any “service” such as social networking, subscription based video streaming, etc. such as Hike or AltBalaji, Hotstar, etc. and how such companies would be affected by the E-evidence Proposal. At first glance a website providing a video streaming service may not appear to be covered by the E-evidence Proposal since one would assume that there may not be any storage of data. But if it is a service which allows users to open personal accounts (with personal and possibly financial details such as in the case of TVF, AltBalaji or Hotstar) and uses their online behaviour to push relevant material and advertisements to their accounts, whether that would make the storage of data a defining component of the website’s services as contemplated under the proposal is a question that may not be easy to answer.

Even if it is assumed that the services of an Indian company can be classified as information society services for which the storage of data is a defining component, that by itself would not be sufficient to make the E-evidence Proposal applicable to it. The services of an Indian company would still need to have a “substantial connection” with an EU member country. As discussed above, this substantial connection may be said to exist based on the existence of (i) a significant number of users in one or more EU member countries, or (ii) the “targeting of activities” towards one or more EU member countries. The determination of whether a service provider is targeting its services towards an EU member country is to be made based on a number of factors listed above and is a subjective determination with certain guiding factors.

There does not seem to be clarity however on what would constitute a significant number of users and whether this determination is to be based upon the total number of users in an EU member country as a proportion of the population of the country or is it to be considered as a proportion of the total number of customers the service provider has worldwide. To explain this further let us assume that an Indian company such as Hotstar has a total user base of 100 million customers.^{^[15]} If there is a situation where 10 million of these 100 million subscribers are located in countries other than India, out of which there are about 40 thousand customers in France and another 40 thousand in Malta; then it would lead to some interesting analysis. Now 40 thousand customers in a customer base of 100 million is 0.04% of the total customer base of the service provider which generally speaking would not constitute a “significant number”. However if we reckon the 40 thousand customers from the point of view of the total population of the country of Malta, which is approximately 4.75 Lakh,^{^[16]} it would mean approx. 8.4% of the total population of Malta. It is unlikely that any service affecting almost a tenth of the population of the entire country can be labeled as not having a significant number of users in Malta. If the same math is done on the population of a country such as France, which has a population of approx. 67.3 million,^{^[17]} then the figure would be 0.05% of the total population; would that constitute a significant number as per the E-evidence Proposal.

The issues discussed above are very important for any service provider, specially a small or medium sized company since the determination of whether the E-evidence Proposal applies to them or not, apart from any potential legal implications, imposes a direct economic cost for designating a legal representative in an EU member country. Keeping in mind this economic burden and how it might affect the budget of smaller companies, the Explanatory Memorandum to the Regulation clarifies that this legal representative could be a third party, which could be shared between several service providers, and further the legal representative may accumulate different functions (e.g. the General Data Protection Regulation or e-Privacy representatives in addition to the legal representative provided for by the E-evidence Directive).^{^[18]}

In case all the above issues are determined to be in favour of the E-evidence Directive being applicable to an Indian company and the company designates a legal representative in an EU member country, then it remains to be seen how Indian laws relating to data protection would interact with the obligations of the Indian company under the E-evidence Directive. As per Rule 6 of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (“SPDI Rules”) service providers are not allowed to disclose sensitive personal data or information except with the prior permission of the except disclosure to mandated government agencies. The Rule provides that “the information shall be shared, without obtaining prior consent from provider of information, with Government agencies mandated under the law to obtain information including sensitive personal data or information for the purpose of verification of identity, or for prevention, detection, investigation including cyber incidents, prosecution, and punishment of offences….”. Although the term “government agency mandated under law” has not been defined in the SPDI Rules, the term “law” has been defined in the Information Technology Act, 2000 (“IT Act”) as under:

“’law’ includes any Act of Parliament or of a State Legislature, Ordinances promulgated by the President or a Governor, as the case may be. Regulations made by the President under article 240, Bills enacted as President's Act under sub-clause (a) of clause (1) of article 357 of the Constitution and includes rules, regulations, byelaws and orders issued or made thereunder;”^{^[19]}

Since the SPDI Rules are issued under the IT Act, therefore the term “law” referred as used in the would have to be read as defined in the IT Act (unless court holds to the contrary). This would mean that Rule 6 of the SPDI Rules only recognises government agencies mandated under Indian law and therefore information cannot be disclosed to agencies not recognised by Indian law. In such a scenario an Indian company may not have any option except to raise an objection and challenge an EPO issued to it on the grounds provided in Article 16 of the Regulation, which process itself could mean a significant expenditure on the part of such a company.

Conclusion

The framework sought to be established by the European Union through the E-evidence Proposal seeks to establish a regime different from those favoured by countries such as the United States which favours Mutual Agreements with (presumably) key nations or the push for data localisation being favoured by countries such as India, to streamline the process of access to digital data. Since the regime put forth by the EU is still only at the proposal stage, there may yet be changes which could clarify the regime significantly. However, as things stand Indian companies may be affected by the E-evidence Proposal in the following ways:

Companies offering services outside India may inadvertently trigger obligations under the E-evidence Proposal if their services have a substantial connection with any of the member states of the European Union;
Indian companies offering services overseas will have to make an internal determination as to whether the E-evidence Proposal applies to them or not;
In case of Indian companies which come under the E-evidence Proposal, they would be obligated to designate a legal representative in an EU member state for receiving and executing Data Orders as per the E-evidence Proposal.
If a legal representative is designated by the Indian company they may have to incur significant costs on maintaining a legal representative especially in a situation where they have to object to the implementation of an EPO. The company would also have to coordinate with the legal representative to adequately put forth their (Indian law related) concerns before the competent authority so that they are not forced to fall foul of their legal obligations in either jurisdiction. It is also unclear the extent to which appointed legal representatives from Indian companies could challenge or push back against requests received.

Disclaimer: The author of this Article is an Indian trained lawyer and not an expert on European law. The author would like to apologise for any incorrect analysis of European law that may have crept into this article despite best efforts.

^{^[1]} Explanatory Memorandum to the Proposal for Regulation of the European Parliament and of the Council on European Production and Preservation Orders for Electronic Evidence in Criminal Matters, Pg. 4, available at https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:52018PC0225&from=EN.

^{^[2]} Subscriber data means data which is used to identify the user and has been defined in Article 2 (7) as follows:

“‘subscriber data’ means any data pertaining to:

(a) the identity of a subscriber or customer such as the provided name, date of birth, postal or geographic address, billing and payment data, telephone, or email;

(b) the type of service and its duration including technical data and data identifying related technical measures or interfaces used by or provided to the subscriber or customer, and data related to the validation of the use of service, excluding passwords or other authentication means used in lieu of a password that are provided by a user, or created at the request of a user;”

^{^[3]} The term access data has been defined in Article 2(8) as follows:

“‘access data’ means data related to the commencement and termination of a user access session to a service, which is strictly necessary for the sole purpose of identifying the user of the service, such as the date and time of use, or the log-in to and log-off from the service, together with the IP address allocated by the internet access service provider to the user of a service, data identifying the interface used and the user ID. This includes electronic communications metadata as defined in point (g) of Article 4(3) of Regulation concerning the respect for private life and the protection of personal data in electronic communications;”

^{^[4]} The term content data has been defined in Article 2 (10) as follows:

“‘content data’ means any stored data in a digital format such as text, voice, videos, images, and sound other than subscriber, access or transactional data;”

^{^[5]} The term transactional data has been defined in Article 2(9) as follows:

“‘transactional data’ means data related to the provision of a service offered by a service provider that serves to provide context or additional information about such service and is generated or processed by an information system of the service provider, such as the source and destination of a message or another type of interaction, data on the location of the device, date, time, duration, size, route, format, the protocol used and the type of compression, unless such data constitues access data. This includes electronic communications metadata as defined in point (g) of Article 4(3) of [Regulation concerning the respect for private life and the protection of personal data in electronic communications];”

^{^[6]} Explanatory Memorandum to the Proposal for Regulation of the European Parliament and of the Council on European Production and Preservation Orders for Electronic Evidence in Criminal Matters, Pg. 17, available at https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:52018PC0225&from=EN.

^{^[7]} Articles 9(4) and 10(5) of the Regulation.

^{^[8]} Article 10(5) of the Regulation.

^{^[9]} Article 15 of the Regulation.

^{^[10]} Article 16 of the Regulation. Also see https://www.insideprivacy.com/uncategorized/eu-releases-e-evidence-proposal-for-cross-border-data-access/.

^{^[11]} Article 2(4) of the Directive establishing European Electronic Communications Code provides as under:

‘electronic communications service’ means a service normally provided for remuneration via electronic communications networks, which encompasses 'internet access service' as defined in Article 2(2) of Regulation (EU) 2015/2120; and/or 'interpersonal communications service'; and/or services consisting wholly or mainly in the conveyance of signals such as transmission services used for the provision of machine-to-machine services and for broadcasting, but excludes services providing, or exercising editorial control over, content transmitted using electronic communications networks and services;”

^{^[12]} Information Society Services have been defined in the Directive specified as “any Information Society service, that is to say, any service normally provided for remuneration, at a distance, by electronic means and at the individual request of a recipient of services.”

^{^[13]} Proposal for a Directive of the European Parliament and of the Council Laying Down Harmonised Rules on the Appointment of Legal Representatives for the Purpose of Gathering Evidence in Criminal Proceedings, Pg 8, available at https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:52018PC0226&from=EN.

^{^[14]} Proposal for a Directive of the European Parliament and of the Council Laying Down Harmonised Rules on the Appointment of Legal Representatives for the Purpose of Gathering Evidence in Criminal Proceedings, Pg 9, available at https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:52018PC0226&from=EN.

^{^[15]} Hotstar already has an active customer base of 75 million, as of December, 2017; https://telecom.economictimes.indiatimes.com/news/netflix-restricted-to-premium-subscribers-hotstar-leads-indian-ott-content-market/62351500

^{^[16]} https://en.wikipedia.org/wiki/Malta

^{^[17]} https://en.wikipedia.org/wiki/France

^{^[18]} Proposal for a Directive of the European Parliament and of the Council Laying Down Harmonised Rules on the Appointment of Legal Representatives for the Purpose of Gathering Evidence in Criminal Proceedings, Pg 5, available at https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:52018PC0226&from=EN.

^{^[19]} Section 2(y) of the Information Technology Act, 2000.

For more details visit https://cis-india.org/internet-governance/blog/vipul-kharbanda-december-23-2018-european-e-evidence-proposal-and-indian-law

Feminist Methodology in Technology Research: A Literature Review

ambika — 2018-12-25T15:18:21Z

This literature review has been authored by Ambika Tandon, with contributions from Mukta Joshi. Research assistance was provided by Kumarjeet Ray and Navya Sharma. The publication has been designed by Saumyaa Naidu.

Abstract

Feminist research methodology is a vast body of knowledge, spanning across multiple disciplines including sociology, media studies, and critical legal studies. This literature review aims to understand key aspects of feminist methodology across these disciplines, with a particular focus on research on technology and its interaction with society. Stemming from the argument that the ontological notion of objectivity effaces power relations in the process of knowledge production, feminist research is critical of the subjects, producers, and nature of knowledge. Section I of the literature review explores this argument along with a range of theoretical concepts, such as standpoint theory and historical materialism, as well as principles of feminist research derived from these, such as intersectionality and reflexivity.

Given its critique of the "god's eye view" (Madhok and Evans, 2014) of objectivist research, feminist scholars have largely developed qualitative methods that are more conducive to acknowledgement of power hierarchies. Additionally, some scholars have recognised the political value in quantification of inequalities such as the wage gap, and have developed intersectional quantitative methods that aim at narrowing down measurable inequalities. Both sets of methods are explored in Section II of the literature review, interspersed with examples from research focused on technology.

Introduction

According to authoritative accounts on the subject, while research focused on gender or women predates its arrival, the field of ‘feminist methodology’ explores questions of epistemology and ontology of research and knowledge. Initiated in scholarship arising out of the second wave of North American feminism, it theoretically anchors itself in the post-modernist and post-structuralist traditions. It additionally critiques positivism for being a project furthering patriarchal oppression. North American feminist scholars critique traditional methods within the social sciences from an epistemological perspective, for producing acontextual and ahistorical knowledge, replicating the tendency of positivist science to enumerate and measure subjective social phenomena. This, according to them, leads to the invisiblising of the web of power relations within which the ‘known’ and ‘knower’ in knowledge production are placed. This is then used to devise methods and underlying principles and ethics for conducting more egalitarian research, aimed at achieving goals of social justice.

The second wave feminist movement was itself critiqued by Black and other feminists from the global South for being exclusionary of non-white and heterosexual identities. Given its origins in the global North, scholars from the South have interrogated the meaning of feminism and feminist research in their context. Some African scholars even detail difficulty in disclosing a project as feminist publicly due to popular resistance to the term feminism, which stems from it being rejected by certain social groups as an alien social movement that’s antithetical to their “African cultural values." Their own critique of “White feminism” comes from its essentialization of womanhood and the resultant negation of the (neo)colonial and racialised histories of African women. This has led scholars from the global South to critically interrogate feminism and feminist methods. They acknowledge the multiplicity of feminisms, and initiate creative inquiries into different forms of feminist methodology. Feminist researchers that work in contexts of political violence, instability, repression, scarcity of resources, poor infrastructure, and/or lack of social security, have pointed out that traditional research methods assume conditions that are largely absent in their realities, leading them to experiment with feminist research.

Feminist research across these variety of contexts raises ontological and epistemological concerns about traditional research methods and underlying assumptions about what can be known, who can know, and the nature of knowledge itself. It argues that knowledge production has historically led to the creation of epistemic hierarchies, wherein certain actors are designated as ‘knowers’ and others as the ‘known’. Such hierarchies wreak epistemic violence upon marginalised subjects by denying them the agency to produce knowledge, and delegitimize forms of knowledge that aren’t normative. Acknowledging the role of power in knowledge production has the radical implication that the subjectivities of the researchers and the researched inherently find their way into research and more broadly, knowledge production. This challenges the objectivity and “god’s eye view” of traditional humanistic knowledge and its processes of production. Feminist research eschews scientifically orthodox notions of how “valid knowledge will look”, and creates novel resources for understanding epistemic marginalization of various kinds. It then provides a myriad of tools to disrupt structural hierarchies through and within knowledge production and dissemination.

Feminist research, given its evolution from living movements and theoretical debates, remains a contested domain. It has reformulated a range of qualitative and quantitative research methods, and also surfaced its own, such as experimental and action-based. What these have in common are theoretical dispositions to identify, critique, and ultimately dismantle power relations within and through research projects. It is thus “critical, political, and praxis oriented. Several disciplines with the social sciences, such as feminist technology studies, cyberfeminism, and cultural anthropology, have built feminist approaches to the study of technology and technologically mediated social relations. However, this continues to remain a minor strand of research on technology.

This literature review aims to address that gap through scoping of such methods and their application in technological research. Feminist methodology provides a critical lens that allows us to explore questions and areas in technology-based research that are inaccessible by traditional methods. This paper draws on examples from technology-focused research, covering key interdisciplinary feminist methods across fields such as gender studies, sociology, development, and ICT for development. In doing so, it actively constructs a history of feminist methodology through authoritative sources of knowledge.

Read the full paper here

For more details visit https://cis-india.org/internet-governance/blog/ambika-tandon-december-23-2018-feminist-methodology-in-technology-research

Event Report on Intermediary Liability and Gender Based Violence

akriti — 2018-12-21T07:16:41Z

This report is a summary of the proceedings of the Roundtable Conference organized by the Centre for Internet and Society (CIS) at the Digital Citizen Summit, an annual summit organized by the Digital Empowerment Foundation. It was conducted at the India International Centre in New Delhi on November 1, 2018 from 11.30 a.m. to 12.30 p.m.

With inputs and edited by Ambika Tandon. Click here to download the PDF

Introduction

Background

The topic of discussion was intermediary liability and Gender Based Violence (GBV), the debate on GBV globally and in India evolving to include myriad forms of violence in online spaces in the past few years. This ranges from violence native to the digital, such as identity theft, and extensions of traditional forms of violence, such as online harassment, cyberbullying, and cyberstalking^[1]. Given the extent of personal data available online, cyber attacks have led to a variety of financial and personal harms.^[2] Studies have explored the extent of psychological and even physical harm to victims, which has been found to have similar effects to violence in the physical world^[3]. Despite this, technologically-facilitated violence is often ignored or trivialised. When present, redressal mechanisms are often inadequate, further exacerbating the effects of violence on victims.

TheRoundtable explored ways of how intermediaries can help tackle gender based violence and discussed attempts at making the Internet a safer place for women which can ultimately help make it a gender equal environment. It also analyzed the key concerns of privacy and security leading the conversation to how we can demand more from platforms for our protection and how best to regulate them.

The roundtable had four female and one male participants from various civil society organisations working on rights in the digital space.

Roundtable Discussion

Online Abuse

The discussion commenced with the acknowledgement of it being well documented that women and sexual minorities face a disproportionate level of violence in the digital space, as an extension/reproduction of physical space. GBV exists on a continuum from the physical, verbal, and technologically enabled, either partially or fully, with overflowing boundaries and deep interconnections between different kinds of violence. Some forms of traditional violence such as harassment, stalking, bullying, sex trafficking, extend themselves into the digital realm while other forms are uniquely tech enabled like doxxing and morphing of imagery. Due to this considerations of anonymity, privacy, and consent, need to be re-thought in the context of tech enabled GBV. These come into play in a situation where the technological realm has largely been corporatised and functions under the imperative of treating the user and their data as the final product.

It was noted early on that GBV online can be a misnomer because it can be across a number of spaces and, the participants concentrated on laying down the specific contours of tech mediated or tech enabled violence. One of the discussants stated that the term GBV is a not a useful one since it does not encompass everything that is talked about when referring to online abuse. The phenomenon that gets the most traction is trolling on social media or abuse on social media. This is partly because it is the most visible people who are affected by it, and also since often, it is the most difficult to treat under law. In a 2012 study by the Internet Democracy Project focusing on online verbal abuse in social media, every woman they interviewed started by asserting that she is not a victim. The challenge with using the GBV framework is that it positions the woman as a victim. Other incidents on social media such as verbal abuse where there are rape threats or death threats, especially when there is an indication that the perpetrator is aware of the physical location of the victim, need to be treated differently from say online trolling.

Further, certain forms of violence, such as occurrences of ‘revenge porn’ or the non-consensual sharing of intimate images, including rape videos are easier to fit within the description of GBV. It is important to make these distinctions because the remedies then should be commensurate with perceived harm. It is not appropriate to club all of these together since the criminal threshold for each act is different. Whereas being called a “slut” or a “bitch” would not be enough for someone to be arrested, if a woman is called that repetitively by a large number of people the commensurate harm could be quite significant. Thus, using GBV as a broad term for all forms of violence ends up invisiblising certain forms of violence and prevents a more nuanced treatment of the discussion.

In response to this, a participant highlighted the normalisation of gendered hate speech, to the extent of lack of recognition as a form of hate speech. This lacunae in our law stems from the fact that we inherited our hate speech laws from a colonial era where it was based on the grounds of incitement of violence, more so physical violence. As a result, we do not take the International Covenant on Civil and Political Rights (ICCPR) standard of incitement to discrimination. If the law was based on an incitement to discriminate point of view then acts of trolling could come under hate speech. Even in the United Kingdom where there is higher sentencing for gender based crime as compared to other markers of identity such as race, gender does not fall under the parameters of hate speech. This can also be attributed to the threshold at which criminalization kicks in for such acts.

A significant aspect of online verbal abuse pointed out by a participant was that it does not affect all women equally. In a study, the Twitter accounts of 12 publicly visible women across the political spectrum were looked at for 2 weeks in early December, 2017. They were filtered against keywords and analyzed for abusive content. One Muslim woman in the study had extremely high levels of abuse, being consistently addressed as “Jihad man, Jihad didi or Jihad biwi”. According to the participant, she is also the least likely to get justice through the criminal system for such vitriol and as such, this disparity in the likelihood of facing online abuse and accessing official redressal mechanisms should be recognized. Another discussant reaffirmed the importance of making a distinction between online abuse against someone as opposed to gender based violence online where the threat itself is gendered.

In a small ethnographic study with the Bangalore police undertaken by one of the participants, the police were asked for their opinion on the following situation: A women voluntarily providers photos of herself in a relationship and once the relationship is over, the man distributes it. Is there a cause for redressal?

Policemen responded that since she gave it voluntarily in the first instance, the burden of the consequences is now on her. So even in a feminist framework of consent and agency where we have laws for actions of voyeurism and publishing photos of private parts, it is not being recognized by institutional response mechanisms.

Intermediary Liability

Private communications based intermediaries can be understood to be of two types: those that enable the carriage/transmission of communications and provide access to the internet, and those that host third party content. The latter have emerged as platforms that are central to the exercising of voice, the exchange of information and knowledge, and even the mobilisation of social movements. The norms and regulations around what constitutes gender based violence in this realm is then shaped not only by state regulations, but content moderation standards of these intermediaries. Further, the kinds of preventive tools and tools providing redressal are controlled by these platforms. More than before, we are looking deeper into the role of these companies that function as intermediaries and control access to third party content without performing editorial functions.

In the Intermediary Liability framework in the United States formulated in the 1990s, the intermediaries that were envisioned were not the intermediaries we have now. With time, the intermediary today is able to access and possess your data while urging a certain kind of behaviour from you. There is then an intermediary design duty which is not currently accounted for by the law. Moreover, the law practices a one size fits all regime whereas what could be more suitable is having approached tailored as per the offence. So for child pornography, a ‘removal when uploaded’ action using artificial intelligence or machine learning is appropriate but a notice and takedown approach is better for other kinds of content takedown.

Globally, another facet is that of safe harbour provisions for platforms. When intermediaries such as Google and Facebook were established, they were thought of as neutral pipes since they were not creating the content but only facilitating access. However, as they have scaled and as their role in ecosystem has increased, they are now one of the intervention points for governments as gatekeepers of free speech. One needs to be careful in asking for an expansion of the role and responsibilities of platforms because then complementary to that we will also have to see that the frameworks regulating them need to be revisited. Additionally, would a similar standard be applicable to larger and smaller intermediaries, or do we need layers of distinction between their responsibilities? Internet platforms such as the GAFA (Google, Apple, Facebook and Amazon) yield exceptional power to dictate what discourse takes place and this translates into the the online and offline divide disappearing. Do we then hold these four intermediaries to a separate and higher standard? If not, then all small players will be held to stringent rules disadvantaging their functioning and ultimately, stifling innovation. Thus, regulation is definitely needed but instead of a uniform one, one that’s layered and tailor-made to different situations and platform visibility levels could be more useful.

Some participants shared the opinion that because these intermediaries are based in foreign countries and have primary legal obligations there, the insulation plays out in the citizen’s benefit. It lends itself a layer of freedom of speech and expression that is not present in the substantive law, rule of law framework or the institutional culture in India.

Child pornography is an area where platforms are taking a lot of responsibility. Google has spoken about how they have been using machine learning algorithms to block 40% of such content and Microsoft is also working on a similar process. If we argue for more intervention from platforms, we simultaneously also need to look at their machine learning algorithms. Concerns of how these algorithms are being deployed and further, being incorporated into the framework of controlling child pornography are relevant since there is not much accountability and transparency regarding the same.

Another fraction that has emerged from recent events is the divide between traditional form of media and new media. Taking the example of rape victims and sexual harassment claims, there are strict rules regarding the kinds of details that can be disclosed and the manner in which this is to be done. In the Kathua rape case, for instance, the Delhi High Court sent a notice to Twitter and Facebook for revealing details because there are norms around this even though they have not been applicable to platforms. Hence, there are certain regulations that apply to old media that have now escaped in the frameworks applicable to the new media and at some level that gap needs to be bridged.

Role of Law

One of the participants brought up the question; what is the proper role of the law and does it come first or last? In case of the latter, the burden then falls upon the kind of standard setting that we do as a society. The role of platforms as an entity in mediating the online environment was discussed, given the concerns that have been highlighted about this environment, especially for women. The third thing to be considered is whether we run the risk of enforcing patriarchal behaviour by doubling down on the either of the two aforementioned factors. If legal standards are made too harsh they may end up reinforcing a power structure that is essentially dominated by upper caste men who comprise a majority of staff within law enforcement and the judiciary. Even though the subordinate judiciary do have mahila courts now, the application of the law seems to reify the position of the woman as the victim. This also brings up the question of who can become a victim within such frameworks, where selective bias such as elements of chastity come to play as court functions are undertaken.

An assessment of the way criminal law in India is used to stifle free speech was carried out in 2013 and repeated in 2018, illustrating how censorship law is used to stifle voices of minorities and people critical of the political establishment. Even though it is perhaps time to revisit the earlier conceptualizations of intermediaries as neutral pipes, it is concerning to look at the the court cases regarding safe harbour in India. Many of them are carried out with the ostensible objective of protecting women's rights. In Kamlesh Vaswani V Union of India, the petition claims that porn is a threat to Indian women and culture, ignoring the reality that many women watch porn as well. Pornhub releases figures on viewership every year, and of the entirety of Indian subscribers one third are women. This is not taken into account in such petitions. In Prajwala V Union of India, an NGO sent the Supreme Court a letter raising concerns about videos of sexual violence being distributed on the internet. The letter sought to bring attention to the existence of such videos, as well as their rampant circulation on online platforms. At some point in the proceedings, the Court wanted the intermediaries to use keywords to take down content and keeping aside poor implementation, the rationale behind such a move is problematic in itself. For instance, if you choose sex as one of those words then all sexual education will disappear from the Internet. There are many problems with court encouraged filtering systems like one where a system automatically tells you when a rape video goes up. The question arises of how will you distinguish between a video that was consensually made depicting sexual activities and a rape video. The narrow minded responses to the Sabu Mathew and Prajwala cases originate in the conservative culture regarding sexual activity prevalent in India.

In a research project undertaken by one of the participants in the course of their work, they made a suggestion to include gender, sexuality and disability as grounds for hate speech while working with women’s rights activists and civil society organisations. This suggestion was not well received as they vehemently opposed more regulation. In their opinion, the laws that India has in place are not being upheld and creating new laws will not change if the implementation of legislation is flawed. For instance, even though the Supreme Court stuck down S.66A, Internet Freedom Foundation has earlier provided instances of its continued usage by police officers to file complaints.^{^[4]} Hate speech laws can be used to both ends, even though unlike in the US they do not determine whose speech they want to protect. Consequently, in the US a white supremacist gets as much protection as a Black Lives Matter activist but in India, that is not the case. The latest Law Commission Report on hate speech in India tries to make progress by incorporating the ICCPR view of incitement to discriminate and include dignity in the harms. It specifically speaks about hate speech against women saying that it does not always end up in violence but does result in a harm to dignity and standing in society. Often, protectionist forms of speech such as hate speech often end up hurting the people it aims to protect by reinforcing stereotypes.

Point of View undertook a study where they looked at the use of S.67 in the Information Technology (IT) Act which criminalizes obscene speech when you use a medium covered by the IT, in which they found that the section was used to criminalize political speech. In many censorship cases, the people who those provisions benefit are the ones in power.^{^[5]} For instance in S.67, obscenity provisions do not protect women's rights, they protect morality of society. Even though these are done in the name of protecting women, when a woman herself decides that she wants to publish a revealing picture of herself online, it is disallowed by the law. That kind of control of sexuality is part of a larger patriarchal framework which does not support women's rights or recognise her sexuality. However, under Indian law, there are quite a few robust provisions for image based abuse, and there is some recognition of women in particular being vulnerable to it. S.66A of the IT Act specifically recognizes that it is a criminal activity to share images of someone’s private parts without their consent. This then also encompasses instances of ‘revenge porn’. That provision has been in place in India since 2008, in contrast to the US where half the states still do not have such a provision. Certain kinds of vulnerability have adequate recognition in the law, thus one should be wary of calls of censorship and lowering the standards for criminalizing speech.

Non-legal interventions

This section centres around the discussions of redressal mechanisms that can be used to address some of the forms of violence which do not emanate from the law. All of the participants emphasized the importance of creating safe spaces through non-legal interventions. It was debated whether there is a need to always approach the law or if it is possible to categorize forms of online violence according to the gravity of the violation committed. These can be in the form of community solutions where law is treated as the last resort. For instance, there was support for using community tools such as ‘feminist trollback’ where humor can be used to troll the trolls. Trolls feed on the fear of being trolled, so the harm can be mitigated by using community initiatives wherein the target can respond to the trolls with the help of other people in the community. It was reiterated that non technical and legal interventions are needed not only from the perspective of power relations within these spaces but also access to the spaces in the first place. Accordingly, the government should work on initiatives that get more women online and focus on policies that makes smartphones and data services more accessible. This would also be a good method to increase the safety of women and benefit from the strength in numbers.

In cases of the non-consensual sharing of intimate images, law can be the primary forum but in cases of trolling and other social media abuse, the question was raised - should we enhance the role of the intermediary platforms? Being the first point of intervention, their responsibility should be more than it currently is. However this would require them to act in the nature of police or judiciary and necessitate an examination of their algorithms. A large proportion of the designers of such algorithms are white males, which increases the possibility of their biases against women of colour for instance, to feed into the algorithms and reinforce a power structure that lacks accountability.

Participants questioned the lack of privacy in design with the example in mind being of how registrars do not make domain owner details private by default. Users have to pay an additional fee for not exposing their details to public and the notion of having to pay for privacy is unsettling. There is no information being provided during the purchasing of the domain name about the privacy feature as well. It was acknowledged that for audit and law enforcement purposes it is imperative to have the information of the owner of a domain name and their details since in cases of websites selling fake medicines, arms or hosting child pornography. Thus, it boils down to the kind of information necessary for law enforcement. Global domain name rules also impact privacy on the national level. The process of ascertaining the suitability and necessity of different kinds of information excludes ordinary citizens since all the consultations take place between the regulatory authority and the state. This makes it difficult for citizens to participate and contribute to this space without government approval.

Issues were flagged against community standards in that the violence that occurs to women is also because the harms are not equal for all. Further, some users are targeted specifically because of the community they come from or the views they have. Often also because, they represent a ‘type’ of a woman that does not adhere to the ‘ideal’ of a woman held by the perpetrator. Unfortunately community standards do not recognise differential harms towards certain communities in India or globally. Twitter, for example, regularly engages in shadow banning and targets people who do not conform to the moral views prevalent in that society where the platform is engaging in censorship. We know these instances occur only when our community members notice and notify us of the same. There is a certain amount of labor that the community has already put in flagging instances of these violations to the intermediary which also needs recognition. In this situation, Twitter is disproportionately handling how it engages with the two entities in question. Community standards could thus become a double edged sword without adding additional protections for certain disadvantaged communities.

Conclusion

Currently, intermediaries are considered neutral pipes through which content flows and hence have no liability as long as they do not perform editorial functions. This has also been useful in ensuring that the freedom of speech is not harmed. However, given their potential ability to remedy this problem, as well as the fact that intermediaries sometimes benefit financially from such activities, it is important to look at the intermediaries’ responsibility in addressing these instances of violence. Governments across the world have taken different approaches to this question^{^[6]}. Models, such as in the US, where intermediaries have been solely responsible to institute redressal mechanisms have proven to be ineffectual. On the other hand, in Thailand, where intermediaries are held primarily liable for content, the monitoring of content has led to several free speech harms.

People are increasingly looking at other forms of social intervention to combat online abuse since technological and legal ones do not completely address and resolve the myriad issues emanating from this umbrella term. There is also a need to make the law gender sensitive as well as improving the execution of laws at ground level, possibly through sensitisation of law enforcement authorities. Gender based violence as a catchall phrase does not do justice to the full spectrum of experiences that victims face, especially women and sexual minorities. Often these do not attract criminal punishment given the restricted framework of the current law and need to be seen through the prism of hate speech to strengthen these provisions.

Some actions within GBV receive more attention than others and as a consequence, these are the ones platforms and governments are most concerned with regulating. Considerations of free speech and censorship and the role of intermediaries in being the flag bearers of either has translated into growing calls for greater responsibility to be taken by these players. The roundtable raised some key concerns regarding revisiting intermediary liability within the context of the scale of the platforms, their content moderation policies and machine learning algorithms.

^{^[1]} See Khalil Goga, “How to tackle gender-based violence online”, World Economic Forum, 18 February 2015, <https://www.weforum.org/agenda/2015/02/how-to-tackle-gender-based-violence-online/>. See also Shiromi Pinto, “What is online violence and abuse against women?”, 20 November 2017, Amnest International, <https://www.amnesty.org/en/latest/campaigns/2017/11/what-is-online-violence-and-abuse-against-women/>.

^{^[2]} Nidhi Tandon, et. al., “Cyber Violence Against Women and Girls: A worldwide wake up call”, UN Broadband Commission for Digital Development Working Group on Broadband and Gender, <http://www.unesco.org/new/fileadmin/MULTIMEDIA/HQ/CI/CI/images/wsis/GenderReport2015FINAL.pdf>

^{^[3]} See Azmina Dhrodia, “Unsocial Media: The Real Toll of Online Abuse against Women”, Amnesty Global Insights Blog, <https://medium.com/amnesty-insights/unsocial-media-the-real-toll-of-online-abuse-against-women-37134ddab3f4>

^{^[4]} See Abhinav Sekhri and Apar Gupta, “Section 66A and other legal zombies”, Internet Freedom Foundation Blog, <https://internetfreedom.in/66a-zombie/?

^{^[5]} See Bishakha Datta “Guavas and Genitals”, Point of View <https://itforchange.net/e-vaw/wp-content/uploads/2018/01/Smita_Vanniyar.pdf>

^{^[6]} ‘Examining Technology-Mediated Violence Against Women Through a Feminist Framework: Towards appropriate legal-institutional responses in India’, Gurumurthy et al., January 2018.

For more details visit https://cis-india.org/internet-governance/blog/intermediary-liability-and-gender-based-violence

A Gendered Future of Work

Ambika Tandon and Aayush Rathi — 2020-07-21T06:29:22Z

This paper aims to contextualise the narrative around digitalisation and automation with reference to women's labour in India. The paper has been authored by Ambika Tandon and Aayush Rathi, edited by Elonnai Hickok and Rakhi Sehgal. Research assistance has been provided by Divya Kushwaha.

Abstract

Studies around the future of work have predicted technological disruption across industries, leading to a shift in the nature and organisation of work, as well as the substitution of certain kinds of jobs and growth of others. This paper seeks to contextualise this disruption for women workers in India. The paper argues that two aspects of the structuring of the labour market will be pertinent in shaping the future of work: the gendered nature of skilling and skill classification, and occupational segregation along the lines of gender and caste. We will take the case study of the electronics manufacturing sector to flesh out these arguments further. Finally, we bring in a discussion on the platform economy, a key area of discussion under the future of work. We characterise it as both generating employment opportunities, particularly for women, due to the flexible nature of work, and retrenching traditional inequalities built into non-standard employment.

Introduction

The question on the future of work across the global North - and parts of the global South - has recently been raised with regards to technological disruption, as a result of digitisation, and more recently, automation (Leurent et al., 2018). While the former has been successively replacing routine cognitive tasks, the latter, defined as the deployment of cyber-physical systems, will enable the replacement of manual tasks previously being performed using human labour (Leurent et al., 2018). In combination, these are expected to have a twofold effect on: the “structure of employment”, which includes occupational roles and nature of tasks, and “forms of work”, including interpersonal relationships and organization of work (Piasna and Drahokoupil, 2017). Building from historical evidence, the diffusion of digitising or automative technologies can be anticipated to take place differently across economic contexts, with different factors causing varied kinds of technological upgradation across the global North and South. Moreover, occupational analysis projects occupations in the latter to be at a significantly higher risk of being disrupted than the former (WTO, 2017).

However, these concerns are somewhat offset by the barriers to technological adoption that exist in lower income countries such as lower wages, and a relatively higher share of non-routine manual jobs (WTO, 2017). 1 With the global North typically being early and quicker adopters of automation technologies, the differential technology levels in countries have been in fact been utilised to understand global inequality (Foster and Rosenzweig, 2010). Consequently, the labour-cost advantage that economies in the global South enjoy may be eroded, leading to what may be understood as re-shoring/back shoring - a reversal of offshoring (ILO, 2017). This may especially be the case in sectors where there has been a failure to capitalise on the labour-cost advantage by evolving supplier networks to complement assembly activities (such as in manufacturing) (Milington, 2017), or production of high-value services (such as in the services sector).

Extensive work over the past three decades has been conducted on the effects of liberalisation and globalisation on employment for women in the global South. This has explored conditional empowerment and exploitation as women are increasingly employed in factories and offices, with different ways of reproducing and challenging patriarchal relations. However, the effects of reshoring and technological disruption have yet to be explored to any degree of granularity for this population, which arguably will be one of the first to face its effects. This can be seen as a consequence of industries that rely on low cost labour being impacted first by re-shoring, such as textile and apparel and electronics manufacturing (Kucera and Tejani, 2014).

Download the full paper here.

For more details visit https://cis-india.org/internet-governance/blog/ambika-tandon-and-aayush-rathi-december-19-2018-a-gendered-future-of-work

Podcast on 'Abortion rights and privacy' with PI

Admin — 2018-12-25T01:09:47Z

Ambika Tandon recorded a podcast with Privacy International on abortion rights, bodily autonomy, and privacy in the Indian and Argentinian context, which was released on December 6, 2018.

The participants in the podcast are Eva Blum-Dumontet from Privacy International, Eduardo Ferreyra from Asociacion pos los Derechos Civiles, and Ambika herself. Listen to the podcast here.

For more details visit https://cis-india.org/internet-governance/news/podcast-on-abortion-rights-and-privacy-with-pi

A Critical Look at the Visual Representation of Cybersecurity

Paromita Bathija, Padmini Ray Murray, and Saumyaa Naidu — 2019-08-21T08:00:11Z

The Centre for Internet and Society and design collective Design Beku came together on the 15th of November for a workshop on Illustrations and Visual Representations of Cybersecurity. Images in the public sphere such as visuals in the media, Wikipedia commons, and stock images - play a vital role in the public’s perception of cybercrime and cybersecurity.

Edited by Karan Saini / Illustrations by - Paul Anthony George, and Roshan Shakeel

Download the file here

The existing imagery comprises of largely stereotypical images of silhouettes of men in hoodies, binary codes, locks, shields; all in dark tones of blue and green. The workshop aimed at identifying the concerns with these existing images and ideating on creating visuals that capture the nuanced concepts within cybersecurity as well as to contextualise them for the Global South. It began with a discussion on the various concepts within cybersecurity including disinformation, surveillance in the name of security, security researchers, regulation of big technology companies, gender and cybersecurity, etc. This was followed by a mapping of different visual elements in the existing cybersecurity imagery to infer the biases in them. Further, an ideation session was conducted to create alternate visualisations that counter these biases. A detailed report of the workshop can be read here.

The participants began by discussing the concerning impacts of present visualisations – there is a lack of representation and context of the global south. Misrepresentation of cybersecurity leads people to be susceptible to disinformation, treats cybercrime as an abstract concept that does not have a direct impact, and oversimplifies the problem and its solutions. The ecosystem in which this imagery exists also presented a larger issue. A majority of the images are created as clickbait alongside media articles. Media houses thus benefit from the oversimplification and mystification of cybersecurity in such images.

Through the mapping of existing images present online, several concerns were identified. The vague elements and unclear representation add to the mystification of cybersecurity as a concept. In present depictions, the use of technological devices and objects, leads to the lack of a human element, distancing the threat from any real impact to people using these devices. The metaphor of a physical threat is often used to depict cybersecurity using elements such as a lock and key. Recurring use of these elements gives a false idea of what is being secured or breached and how. Representations rely on tropes regarding the identity of hackers, and fail to capture the vulnerability of the system. The imagery gives the impression that systems which are breached are immensely secure to begin with and are compromised only as a result of sophisticated attacks carried out by malicious actors. The identity of hackers is commonly associated with cyber attacks and breaches, and the existing imagery reinforces this. Visuals showing a masked man or a silhouette of a man in dark background are the usual markers of a malicious hacker in conventional cybersecurity imagery. While there is a lack of representation of women in stock cybersecurity images, another trope found was that of a cheerful woman coder. There were also images of faceless women with laptops^{^[1]}. The reductive nature of these images point to deeper concerns around gender representation in cybersecurity.

The participants examined what the implications of such visual representation would be, and why there is a need to change the imagery. How can visual depictions be more representative? Can they avoid subscribing to a homogenised idea of an Indian context – specific without being reductive? Can better depiction broaden understanding of cybercrime and emphasize the proximity of those threats? With technology, concepts are often understood through metaphors – how data is explained impacts how people perceive it. Visual imagery can play a critical role in demystifying concepts when done well; illustrations can change the discourse. They must begin to incorporate intersecting aspects of gender, privacy, susceptibility of vulnerable populations, generational and cultural gaps, as well as manifestations of the described crimes to make technological laypersons more aware of the threat.

Potential new imagery would need to address aspects such as disinformation, the importance of privacy and who has a right to it, change representation of hackers, depict the cybersecurity community, explain specific concepts to both – the general user and to the people part of cybersecurity efforts in the country, the implications of cybercrime on vulnerable populations, and more in an attempt to deconstruct and disseminate what cybersecurity looks like today.

The ideation session involved rethinking specific concepts such as disinformation, and ethical hacking to create alternate imagery. For instance, disinformation was visually imagined as a distortion of an already distorted message being perceived by the viewer. In order to bring attention to the impact of devices, a phone was thought of as a central object to which different concepts of cybersecurity can be connected.

‘Fake News Cascade’ by Paul Anthony George

‘Fake News’ by Paul Anthony George

‘Disinformation/ Fake News’ by Roshan Shakeel; The sketch is about questioning the validity of what we see online, and that every message we see is constructed in some form or the other by someone else.

‘Disinformation/ Fake News’ by Roshan Shakeel; The sketch visualizes how the source of information ('the original') gets distorted after a certain point.

For ethical hacking, a visualisation depicting a day in the life of an ethical hacker was thought of to normalize hacking and to focus on their contribution in security research.

‘A Day in the Life of an Indian Hacker’ by Paul Anthony George

'Surveillance in the Name of Security' by Roshan Shakeel

Resources on ethical hacking (HackerOne)^[2] and hacker culture (2600.com)^[3] were also consulted as part of the exercise to gather references on the work done by hackers. This allowed a deeper understanding of how the hacker community depicts itself. Check Point Research^[4] and Kerala Police Cyberdome^[5] were also examined for further insight into cybersecurity. With regard to gender representation, sources that use visual techniques to communicate concerns and advocacy campaigns were also referred to. The Gendering Surveillance^[6] initiative by the Internet Democracy project^[7], which looks at how surveillance harms and restricts women, also offered insights on the use of illustrations supporting the case studies. Another reference was the "Visualising Women's Rights in the Arab World"^[8] project by the Tactical Technology Collective^[9]. The project aims to “strengthen the use of visual techniques by women's rights advocates in the Arab world, and to build a network of women with these skills”.^[10]

More visual explainers and animations^{^[11]} from the Tactical Technology Collective were noted for their broader engagement with digital security and privacy. A video by the Internet Democracy Project that explains the Internet through rangoli^{^[12]}, was observed specifically for setting the concept in Indian context through the use of aesthetics.

The workshop concluded with a discussion of potential visual iterations – imagery of cybersecurity that is not technology-oriented but focussed on the behavioural implications of access to such technology, illustrated public service announcements enhancing the profile of cybersecurity researchers or the everyday hacker. The impact of the discussion itself can indicate the relevance of such an effort. Artists and designers can be encouraged to create a body of imagery that shifts discourse and perception, to begin visualising for advocacy, demystify and stop the abstraction of cybercrime that can lead to a false sense of security, incorporate unique aspects of the debate within the Indian context, and generate new dialogue and understanding of cybersecurity. A potential step forward from this workshop would be to engage with the design community at large along with the domain experts to create more effective imagery for cybersecurity.

^{^[1]} https://www.hackerone.com/

^{^[2]} https://2600.com/

^{^[3]} https://research.checkpoint.com/about-us/

^{^[4]} http://www.cyberdome.kerala.gov.in/

^{^[5]} https://genderingsurveillance.internetdemocracy.in/

^{^[6]} https://internetdemocracy.in/

^{^[7]} https://visualrights.tacticaltech.org/index.html

^{^[8]} https://tacticaltech.org/

^{^[9]} https://visualrights.tacticaltech.org/content/about-website.html

^{^[10]} https://tacticaltech.org/projects/survival-in-the-digital-age-ono-robot-2012/

^{^[11]} https://internetdemocracy.in/2018/08/dots-and-connections/

^{^[12]} https://www.independent.co.uk/life-style/gadgets-and-tech/features/women-in-tech-its-time-to-drop-the-old-stereotypes-7608794.html

For more details visit https://cis-india.org/internet-governance/blog/paromita-bathija-padmini-ray-murray-and-saumyaa-naidu

Teaching at Shristi Interlude

Admin — 2018-12-05T02:53:15Z

Shweta Mohandas is participating as a mentor for Srishti Interlude (a set of workshops that help the design students to produce outputs on a given theme) the theme of this year is Privacy. The course would end on December 7, 2018.

1. Aravani Art Project

Is LGBTQ desire only public at a queer pride parade?

How private is my bedroom?

How does an insult unfold in ‘public view’ ?

2. Padmini Ray Murray

Is LGBTQ desire only public at a queer pride parade?

How private is my bedroom?

“Move fast and break things.” Do you trust Facebook with your privacy?

3. Joshua Muyiwa

Is LGBTQ desire only public at a queer pride parade?

How private is my bedroom?

Profits should be private, risks should be public and art should be beautiful?

4. Roshan Sahi

Profits should be private, risks should be public and art should be beautiful?

“Move fast and break things.” Do you trust Facebook with your privacy?

How does an insult unfold in ‘public view’ ?

5. Shweta Mohandas

“Move fast and break things.” Do you trust Facebook with your privacy?

Is caste “Sensitive Personal Data”? How does an insult unfold in ‘public view’?

6. Suresh Kumar

Is caste “Sensitive Personal Data”?

Profits should be private, risks should be public and art should be beautiful?

How does an insult unfold in ‘public view’?

For more details visit https://cis-india.org/internet-governance/news/teaching-at-shristi-interlude

Report: From Oppression to Liberation: Reclaiming the Right to Privacy

Admin — 2018-12-05T02:48:31Z

Eva Blum-Dumontet, Research Officer at Privacy International, published her report on gender and privacy on November 28, 2018. The report, titled 'From Oppression to Liberation: Reclaiming the Right to Privacy', traces the history of privacy as a tool of oppressing women across different spheres, eventually calling for a feminist reclamation of privacy. Ambika Tandon was quoted.

Whose privacy are we fighting for when we say we defend the right to privacy? In this report we take a hard look at the right to privacy and its reality for women, trans and gender diverse people. We highlight how historically privacy has been appropriated by patriarchal rule and systems of oppression to keep women, trans and gender diverse people in the private sphere.

For us, this report is also an opportunity to show how surveillance and data exploitation are also uniquely affecting women, trans and gender diverse people. We demonstrate how patriarchy and systems of oppression rely on surveillance to perpetuate themselves and how surveillance and data exploitation need the rigid and gender-normative categories of patriarchy to function. We conclude by presenting how protecting the right to privacy can address some of these challenges.

We hope this report will be read as a call for action: privacy needs to be reclaimed by women, trans and gender diverse people.

Download the report

For more details visit https://cis-india.org/internet-governance/news/report-from-oppression-to-liberation-reclaiming-the-right-to-privacy

Future Tech and Future Law

Admin — 2019-01-03T01:17:29Z

The Dept. of IT & BT, Government of Karnataka organised the 21st edition of Bengaluru Tech Summit from November 29, 2018 to December 1, 2018 at Palace Grounds, Bengaluru. Arindrajit Basu was a speaker at the panel on 'Future Tech and Future Law'.

The discussion was moderated by Tanvi Ratna. Aayush's co-panelists were Apar Gupta,Jaideep Reddy and Nilesh Trivedi. During his remarks, he attempted to focus on our AI research thus far and our suggestions for AI regulation.

For more details see this page.

For more details visit https://cis-india.org/internet-governance/news/future-tech-and-future-law

International Network on Feminist Approaches to Bioethics 2018

Admin — 2018-12-04T15:46:02Z

The event was co-organized by Feminist Approaches to Bioethics and Sama - A Resource Centre for Women and Health and was held at St. John's Medical College in Bangalore between December 3 and 5, 2018.

Aayush Rathi and Ambika Tandon participated in the event as speakers. Aayush presented a paper 'Sexual Surveillance and Data Regimes: Development in the Data Economy' co-authored by himself and Ambika.

Download the agenda

For more details visit https://cis-india.org/internet-governance/news/international-network-on-feminist-approaches-to-bioethics-2018

November 2018 Newsletter

praskrishna — 2018-12-19T02:41:01Z

Our newsletter for the month of November.

Highlights

CIS has published a statement on its website in response to the serious allegations against CIS members and the CIS workplace on social media. CIS has taken note of the concern raised on a social platform, and its Internal Committee (IC), constituted as per the Sexual Harassment of Women at Workplace (Prevention, Prohibition and Redressal) Act, 2013, has taken some critical steps. CIS has engaged POSH at Work to review the case and make recommendations to the Executive Director of CIS.
Anubha Sinha attended the 37th meeting of WIPO SCCR held in Geneva in the month of November 2018. During the week she made two statements on behalf of CIS and participated in a panel discussion and a closed door meeting to brief government delegates from the Asia pacific region on the WIPO limitations and exceptions agenda. CIS made statements on limitations and exceptions and the proposed treaty for the protection of broadcasting organizations. Transcript of her talk can be accessed here.
A memorandum outlining India's strategy to global cyber norms formulation processes authored by Elonnai Hickok and Arindrajit Basu and edited by Aayush Rathi and Shruti Trikanad. The memorandum seeks to summarise the state of the global debate in cyberspace; outline how India can craft it’s global strategic vision and finally, provides a set of recommendations for the Ministry of External Affairs as they craft their cyber diplomacy strategy.
The institution of open standards is as a formidable regulatory regime governing the Internet while facilitating its growth as a network of networks. As a nation digitising rapidly and facing concerns in cybersecurity and Internet governance, there is a need for the Government of India to meaningfully participate at standards development organisations to represent the interests of the Indian populace and become a voice for the global South. Authors Aayush Rathi, Gurshabad Grover and Sunil Abraham examine this in a policy brief.
The Convention on Cybercrime adopted in Budapest (“Convention”) is the first and one of the most important multilateral treaties addressing the issue of internet and computer crimes. Vipul Kharbanda has analyzed this in his research paper titled Budapest Convention and the Information Technology Act.
Amber Sinha was one of the stakeholders who provided inputs to the Danish Expert Group on Data Ethics in June 2018 during their visit to New Delhi. The Expert Group has prepared and submitted its final report.
For the fourth edition of the Internet Researchers’ Conference (IRC19), CIS invited sessions that engage critically with the form, imagination, and politics of the *list*. The list of proposed sessions are finalized and posted on this page.

Articles

Lessons from US response to cyber attacks (Arindrajit Basu; edited by Elonnai Hickok; Hindu Businessline; October 30, 2018). Mirrored on CIS website on November 1.
Digital Native: One Selfie Does a Tragedy Make (Nishant Shah; Indian Express; November 11, 2018).

CIS in the Media

Open Street Maps help tackle disasters: Experts (Deccan Chronicle; November 21, 2018).
Are connected tech toys too smart for their own good? (Abhijit Ahaskar; Livemint; November 22, 2018).
Girls' schools, women's PGs: The shocking results when you Google 'bitches near me' (News Minute; November 26, 2018).
Amazon launches Machine Learning-based platform for healthcare space (Kul Bhushan; Hindustan Times; November 28, 2018).
Report: From Oppression to Liberation: Reclaiming the Right to Privacy (Privacy International; November 28, 2018).
Are Chinese video apps violating the Indian law? (Nilesh Christopher; Economic Times; November 30, 2018).

-----------------------------------
Access to Knowledge
-----------------------------------
Our Access to Knowledge programme currently consists of two projects. The Pervasive Technologies project, conducted under a grant from the International Development Research Centre (IDRC), aims to conduct research on the complex interplay between low-cost pervasive technologies and intellectual property, in order to encourage the proliferation and development of such technologies as a social good. The Wikipedia project, which is under a grant from the Wikimedia Foundation, is for the growth of Indic language communities and projects by designing community collaborations and partnerships that recruit and cultivate new editors and explore innovative approaches to building projects.

►Copyright and Patent

Blog Entries

37th SCCR: CIS Statement on the Proposed Treaty for the Protection of Broadcasting Organizations (Anubha Sinha; November 29, 2018).
37th SCCR: CIS Statement on the Agenda on Limitations and Exceptions (Anubha Sinha; November 29, 2018).
Views on on the proposed WIPO Treaty for the Protection of Broadcasting Organizations at side-event organised by Knowledge Ecology International (Anubha Sinha; November 29, 2018).

►Wikipedia

As part of the project grant from the Wikimedia Foundation we have reached out to more than 3500 people across India by organizing more than 100 outreach events and catalysed the release of encyclopaedic and other content under the Creative Commons (CC-BY-3.0) license in four Indian languages (21 books in Telugu, 13 in Odia, 4 volumes of encyclopaedia in Konkani and 6 volumes in Kannada, and 1 book on Odia language history in English).

Blog Entry

Aditya 365 (Pavan Santhosh; November 7, 2018).

►Openness

Our work in the Openness programme focuses on open data, especially open government data, open access, open education resources, open knowledge in Indic languages, open media, and open technologies and standards - hardware and software. We approach openness as a cross-cutting principle for knowledge production and distribution, and not as a thing-in-itself.
Teaching

Lecture on Open Access and Open Content Licensing at ICAR (short course) (ICAR-Indian Institute of Horticultural Research; Bangalore; November 13 - 22, 2018). Anubha Sinha delivered a lecture.

-----------------------------------
Internet Governance
-----------------------------------

As part of its research on privacy and free speech, CIS is engaged with two different projects. The first one (under a grant from Privacy International and IDRC) is on surveillance and freedom of expression (SAFEGUARDS). The second one (under a grant from MacArthur Foundation) is on restrictions that the Indian government has placed on freedom of expression online.

►Cyber Security

Research Papers

Budapest Convention and the Information Technology Act (Vipul Kharbanda; November 20, 2018).
Cyberspace and External Affairs:A Memorandum for India Summary (Arindrajit Basu and Elonnai Hickok; edited by Aayush Rathi and Shruti Trikanad; November 30, 2018).
Regulating the Internet: The Government of India & Standards Development at the IETF (Aayush Rathi, Gurshabad Grover and Sunil Abraham; November 30, 2018).

Event Co-organized

Workshop on Cybersecurity Illustrations (CIS, Bangalore; November 15, 2018).

Participation in Events

Connections 2018 (Organized by Internet Engineering Task Force; Bangalore; October 31 - November 1, 2018). Gurshabad Grover attended the event.
IETF103 (Organized by Internet Engineering Task Force; Bangkok; November 3 - 9, 2018). Gurshabad Grover attended the event.

►Free Speech and Expression

Research Paper

ICANN Workstream 2 Recommendations on Accountability (Akriti Bopanna; November 23, 2018).

Blog Entry

DIDP #32 On ICANN's Fellowship Program (Akriti Bopanna; November 12, 2018).

Participation in Event

Internet Freedom at Crossroads - Common Paths towards Strengthening Human Rights Online (Organized by Freedom Online; Berlin; November 28 - 30, 2018). Elonnai Hickok was a speaker.

►Privacy

Blog Entry

Clarification on the Information Security Practices of Aadhaar Report (Amber Sinha and Srinivas Kodali; November 5, 2018).

Participation in Events

Building a Community of Practice: Reflections from 2nd All Partners (Organized by Partnership on AI; San Francisco, California; November 14 - 15, 2018). Elonnai Hickok spoke on the panel on the PAI working groups and co-lead the AI Labor and Economy working group meeting as co-chair of the group.
Briefing on BBC News pan-India research on how 'fake news' / digital misinformation spreads (Organized by BBC; New Delhi; November 16, 2018).
DSCI Bangalore Chapter meet (Organized by Data Security Council of India; 10K NASSCOM Startup Warehouse; Bangalore; November 22, 2018). Gurshabad Grover and Karan Saini attended the DSCI Bangalore Chapter meet.
Informational Privacy in India: An Emerging Discourse (Organized by Centre for Policy Research and supported by Omidyar Network; New Delhi; November 29, 2018). Amber Sinha was a speaker on the first panel on privacy and its tradeoffs.
Facebook Privacy Design Sprint (Organized by Facebook and Quicksand; WeWork, Bangalore; November 30, 2018). Pranav Bidare and Saumyaa Naidu participated in the event.

►Miscellaneous

Event Co-organized

SOTM Asia 2018 (Co-organized by CIS and Indian Institute of Management, Bangalore; November 17-18, 2018). Saumyaa Naidu, Aayush Rathi and Ambika Tandon participated in the event.

Participation in Events

Speculative Futures Lab on Artificial Intelligence in Media, Entertainment, and Gaming (Organized by Quicksand; Bangalore; November 16 - 18, 2018). Pranav Bidare was a panelist.
Future Tech and Future Law (Organized by Dept. of IT & BT, Government of Karnataka as part of Bengaluru Tech Summit; November 29 - December 1, 2018). Aayush Rathi was a speaker.

►Gender

Statement

Statement on Serious Allegations against CIS Members and the CIS Workplace on Social Media (Sunil Abraham; November 24, 2018).

Participation in Events

Roundtable on Intermediary Liability and Gender Based Violence at the Digital Citizen Summit, 2018 (Organized by Digital Empowerment Foundation; India International Centre, New Delhi; November 1, 2018).
International Network on Feminist Approaches to Bioethics 2018 (Co-organized by Feminist Approaches to Bioethics and Sama - A Resource Centre for Women and Health; St. John's Medical College; Bangalore; December 3 - 5, 2018). Aayush Rathi and Ambika Tandon participated in the event as speakers. Aayush presented a paper 'Sexual Surveillance and Data Regimes: Development in the Data Economy' co-authored by himself and Ambika.

-----------------------------------
Telecom
-----------------------------------
CIS is involved in promoting access and accessibility to telecommunications services and resources, and has provided inputs to ongoing policy discussions and consultation papers published by TRAI. It has prepared reports on unlicensed spectrum and accessibility of mobile phones for persons with disabilities and also works with the USOF to include funding projects for persons with disabilities in its mandate:

Article

A great start on Wi-Fi reforms (Shyam Ponappa; Business Standard; November 1, 2018 and Organizing India Blogspot; November 1, 2018).

-----------------------------------
Researchers at Work
-----------------------------------
The Researchers at Work (RAW) programme is an interdisciplinary research initiative driven by an emerging need to understand the reconfigurations of social practices and structures through the Internet and digital media technologies, and vice versa. It aims to produce local and contextual accounts of interactions, negotiations, and resolutions between the Internet, and socio-material and geo-political processes:

IRC19

List of proposed sessions:

#AyushmanBhavah - Arya Lakshmi and Adrij Chakraborty
#ButItIsNotFunny - Madhavi Shivaprasad and Sonali Sahoo
#CallingOutAndIn - Usha Raman, Radhika Gajjala, Riddhima Sharma, Tarishi Varma, Pallavi Guha, Sai Amulya Komarraju, and Sugandha Sehgal
#DigitalPlatformAttributes - Nandakishore K N and Dr. V. Sridhar
#EnlistingPrivacy - Pawan Singh and Pranjal Jain
#FOMO - Pritha Chakrabarti and Dr. Baidurya Chakrabarti
#LegitLists - Form follows function: List by design - Akriti Rastogi, Ishani Dey, and Sagorika Singha
#ListInterface - Bharath Sivakumar, Rakshita Siva, and Deepak Prince
#ListsAsDatabase - Ria De and Samata Biswas
#LoSHAandWhatFollowed - Anannya Chatterjee, Arunima Singh, Bhanu Priya Gupta, Renu Singh, and Rhea Bose
#PowerListing - Dr. Shubhda Arora, Dr. Smitana Saikia, Prof. Nidhi Kalra, and Prof. Ravikant Kisana
#SocialMediationAsGenderedJustice - Esther Anne Victoria Moraes and Manasa Priya Vasudevan
#StoriesRecordsLegendsRituals - Priyanka, Aditya, Bhanu Prakash GS, Aishwarya, and Dinesh

-----------------------------------
About CIS
-----------------------------------
The Centre for Internet and Society (CIS) is a non-profit organisation that undertakes interdisciplinary research on internet and digital technologies from policy and academic perspectives. The areas of focus include digital accessibility for persons with disabilities, access to knowledge, intellectual property rights, openness (including open data, free and open source software, open standards, open access, open educational resources, and open video), internet governance, telecommunication reform, digital privacy, and cyber-security. The academic research at CIS seeks to understand the reconfigurations of social and cultural processes and structures as mediated through the internet and digital media technologies.

► Follow us elsewhere

Twitter: http://twitter.com/cis_india
Twitter - Access to Knowledge: https://twitter.com/CISA2K
Twitter - Information Policy: https://twitter.com/CIS_InfoPolicy
Facebook - Access to Knowledge: https://www.facebook.com/cisa2k
E-Mail - Access to Knowledge: a2k@cis-india.org
E-Mail - Researchers at Work: raw@cis-india.org
List - Researchers at Work: https://lists.ghserv.net/mailman/listinfo/researchers

► Support Us

Please help us defend consumer and citizen rights on the Internet! Write a cheque in favour of 'The Centre for Internet and Society' and mail it to us at No. 194, 2nd 'C' Cross, Domlur, 2nd Stage, Bengaluru - 5600 71.

► Request for Collaboration

We invite researchers, practitioners, artists, and theoreticians, both organisationally and as individuals, to engage with us on topics related internet and society, and improve our collective understanding of this field. To discuss such possibilities, please write to Sunil Abraham, Executive Director, at sunil@cis-india.org (for policy research), or Sumandro Chattapadhyay, Research Director, at sumandro@cis-india.org (for academic research), with an indication of the form and the content of the collaboration you might be interested in. To discuss collaborations on Indic language Wikipedia projects, write to Tanveer Hasan, Programme Officer, at tanveer@cis-india.org.

CIS is grateful to its primary donor the Kusuma Trust founded by Anurag Dikshit and Soma Pujari, philanthropists of Indian origin for its core funding and support for most of its projects. CIS is also grateful to its other donors, Wikimedia Foundation, Ford Foundation, Privacy International, UK, Hans Foundation, MacArthur Foundation, and IDRC for funding its various projects.

For more details visit https://cis-india.org/about/newsletters/november-2018-newsletter

Facebook Privacy Design Sprint

Admin — 2018-12-04T16:28:41Z

Pranav Bidare and Saumyaa Naidu participated in the Facebook Privacy Design Sprint on Friday, November 30, 2018.

For more details visit https://cis-india.org/internet-governance/news/facebook-privacy-design-sprint

Danish Expert Group on Data Ethics

Admin — 2018-12-01T04:42:42Z

Amber Sinha was one of the stakeholders who provided inputs to the Danish Expert Group on Data Ethics in June 2018 during their visit to New Delhi. The Expert Group has prepared and submitted its final report.

In April the Danish Expert Group on Data Ethics commenced work on developing recommendations on Data Ethics for the Danish Government. The expert group have now handed over their recommendations to the Danish Minister of Industry, Business and Financial Affairs. Read the report.

For more details visit https://cis-india.org/internet-governance/news/danish-expert-group-on-data-ethics