We are anonymous, we are legion

New Standard Operating Procedures for Lawful Interception and Monitoring

divij — 2014-03-20T05:13:13Z

Government issues new guidelines to TSP’s to assist Lawful Interception and Monitoring.

Even as the Central Government prepares the Central Monitoring System for the unrestricted monitoring of all personal communication, the Department of Telecom has issued new guidelines for Telecom Service Providers to assist in responding to requests for interception and monitoring of communications from security agencies.

These guidelines do not appear to be publicly accessible, but according to news items, under the “Standard Operating Procedures for Lawful Interception and Monitoring of Telecom Service Providers”, the TSP’s must now provide for lawful interception and monitoring requests for voice calls, Short message Service (SMS), General Packet Radio Service (GPRS) and Value Added Service (VAS) including Multi Message Service (MMS), data and voice in 3G/4G/Long Term Evolution (LTE) including video call or Voice Over Internet protocol (VoIP). This move comes just days after the Home Ministry suggested that the Department of Telecom either change the rules under their Telecom Policies such as the Unified Access Service Licence (UASL) to include VoIP monitoring, or, drastically, block all VoIP services on the internet, which would include several communication applications including Skype and GTalk. (See the article published by Economic Times).

The guidelines will supposedly also provide for some basic safeguards to ensure that non-authorized interception does not take place, such as ensuring that the interception is only to be provided by the Chief Nodal Officer of a TSP and only upon the issue of an order by the Home Secretary at the Central or State Government. Furthermore, these requests must only be in written, in untampered and sealed envelopes with no overwriting, etc. and bearing the order number issued by the concerned Secretary, with the date of the order. However, in exigent circumstances the order may be provided by email, provided that the physical copy is sent within two days of the order, else the interception order must be terminated. Inquiry processes are detailed under the new SOP’s which can verify whether the request was in original and addressed to the Nodal Officer and from which designated security agency it was issued, and can also verify the issue of an acknowledgment of compliance of the order by the TSP within two days of its receipt. The new guidelines also clarify the issue of interception of roaming subscribers by the State Government where the subscriber is registered. According to the guidelines, an order by the government of the state where such a caller has registered is sufficient and does not need vetting by the Home Secretary at the centre.

Notwithstanding the additional “safeguards” against unlawful or unauthorized interception, the message to take away from these guidelines is the Government’s continued efforts to expand its surveillance regime to comprehensively monitor every action and every communication at its whim. These requests for monitoring, undertaken by “security agencies” which include taxation agencies and the SEBI, are flawed not merely because of the possibility of “unauthorized” interception, rather because the legal basis of the interception is vague, broad and widely susceptible to misuse, as the recent “snoopgate” allegations against the Gujarat government have shown. (See the article published by the Hindu).

The current regime, based on a wide interpretation of Section 5(2) of the Indian Telegraph Act and the telecom policies of the Department of Telecom, do not have adequate safeguards for preventing misuse by those in power – such as the requirement of reasonable suspicion or a warrant. Without a sound legal basis for interception, which protects the privacy rights of individuals, any additional safeguards are more or less moot, since the real threat of intrusive surveillance and infringing of basic privacy exists regardless of whether it is done under the seal of the Home Secretary or not.

Resources

For more details visit https://cis-india.org/internet-governance/blog/new-standard-operating-procedures-for-lawful-interception-and-monitoring

New rules to ensure due diligence: IT dept

praskrishna — 2011-05-23T06:12:39Z

Facing widespread criticism over new IT rules that put certain amount of liability on intermediaries like Google and Facebook for user-generated content, the government clarified that the rules are simply seeking "due diligence" on the part of websites and web hosts. This news was published in the Times of India on May 11, 2011.

The new rules were notified on April 11. Activists and Internet companies say that the rules are archaic and loosely worded and may lead to harassment of web users and website owners. The Times of India was first to report on the issue on April 27.

The ministry of information and technology said, "The terms specified in the rules are in accordance with the terms used by most of the intermediaries as part of their existing practices, policies and terms of service which they have published on their website."

It also clarified the "department of telecommunication has reiterated that there is no intention of the government to acquire regulatory jurisdiction over content under these rules".

The government has claimed that before it made the rules final, it had sought public comments over the draft. "None of the industry associations and other stakeholders objected to the formulation which is now being cited in some section of media," it claimed.

However, sources told TOI that companies like Google had objected to loose wordings of the documents and asked government not to put any liability on intermediary for user-generated content on the web. "We too approached the government with our concerns. For our communication, we never received any acknowledgment," said Sunil Abraham, executive director at the Centre for Internet and Society (CIS).

"Given the fact that final rules are more or less similar to the draft rules, I can say that nobody in the government took into account the objections raised by CIS and many other organizations," he added.

Google had earlier told TOI that new rules would adversely affect businesses that depend upon online collaboration to prosper. "We believe that a free and open Internet is essential for the growth of digital economy and safeguarding freedom of expression.

If Internet platforms are held liable for third party content, it would lead to self-censorship and reduce the free flow of information," a Google spokesperson said.

Read the original published by the Times of India here

For more details visit https://cis-india.org/news/new-rules-for-due-diligence

New rules leave social media users vulnerable: Experts

Krupa Joseph — 2021-06-14T11:27:53Z

They analyse the implications of the government vs Twitter controversy on individual privacy

The article by Krupa Joseph was published in the Deccan Herald on 10 June 2021. Torsha Sarkar has been quoted.

The government had notified the changes on February 25, and allowed social media companies three months to comply. Twitter and WhatsApp had then separately approached the Delhi High Court against the new regulations, fearing they could compromise user privacy.

On Monday, the court gave Twitter three weeks to file a response to the government’s charge that it had not appointed a grievance officer as claimed.

Vague rules

Karthik Srinivasan, communications consultant, who uses his blog Beast of Traal to comment on social media, says the new rules are “vague and open-ended”.

“Coupled with the fact that we still do not have a data protection law, the rules could be severely misused both by government and private entities,” he says.

Users are particularly vulnerable in a country where anything and everything offends a lot of people, he says.

Law overreach

Torsha Sarkar, researcher with the Centre for Internet and Society, says the rules introduce additional obligations for social media platforms and classify intermediaries.

“Intermediaries with over five million users would have obligations to introduce traceability, instal automated filtering, provide detailed grievance redressal mechanisms, and publish compliance reports detailing action taken on takedown orders,” she says.

While some of these obligations are similar to those laid down internationally, some alterations are causing concern. The traceability requirement, for example, is highly contentious as it would erode user privacy.

“It is also concerning that the user threshold, for a country like India, with such vast Internet usage, is set at a very low level. This means that even smaller social media platforms might becompelled to carry out economically crippling obligations,” she explains.

The legislative overreach is seen in how the initial draft , which only covered entities like Twitter and Facebook, now seeks to cover digital news media and content curators like Netfl ixand Hulu, she says.

Stretching the scope of the legislation this way is undemocratic since it was not subject to any public consultation, she notes.

Case in High Court

Mishi Choudhary, technology lawyer and founder of SFLC.in, a legal services organisation specialising in law, technology and policy, says the IT rules notified by the government are unconstitutional. “In the garb of addressing misinformation and regulating technology companies, the government has been exceeding the powers granted through subordinate legislation and using it for political purposes,” she says. It is on these grounds that the Free and Open Source Software community has challenged the new rules in the Kerala High Court. “Technology companies need regulation but not at the expense of user rights,” she says.

Congress ‘toolkit’ row

A few weeks after social media platforms were asked to take down posts critical of thegovernment’s management of India’s Covid-19 crisis, Twitter once again found itself at thereceiving end. Last week, Twitter labelled a tweet by BJP leader Sambit Patra, accusing theCongress of working with a ‘toolkit, as ‘manipulated media’. Twitter says it gives the label totweets that include media (videos, audio, and images) that are “deceptively altered orfabricated”. The Delhi police then sent a notice to Twitter in connection and asked the micro-blogging site to explain the reasons for assigning the tag. The police also conducted raids onTwitter offices in India. Things escalated when Twitter said the government was intimidating it. The government hit back saying law-making was its privileges, and Twitter, being a social media platform, should not dictate legal policy framework.

New rules

Under the new IT rules, social media companies like Facebook, WhatsApp and Twitter will be responsible for identifying the originator of a flagged message within 36 hours. They also have to appoint a chief compliance officer, a nodal contact person and a resident grievance officer. Failing to comply with these rules would cause the platforms to lose their status as intermediaries, and make them liable for whatever is posted on their platforms.

For more details visit https://cis-india.org/internet-governance/news/deccan-herald-krupa-joseph-june-10-2021-new-rules-leave-social-media-users-vulnerable

New rules for govt agencies to ensure security of personal data

praskrishna — 2017-06-07T13:51:29Z

The new rules put the onus on government departments and agencies to safeguard personal data or information held by them.

The article by Komal Gupta was published by Livemint on June 2, 2017.

Government departments handling personal data or information will have to ensure that end-users are made aware of the data usage and collection and their consent is taken either in writing or electronically, according to new guidelines issued by the government for security of personal data. Sensitive personal data such as passwords, financial information (bank account, credit card, debit card and other payment instrument details), medical records and history, sexual orientation, physical and mental health, and biometric information cannot be stored by agencies without encryption, say the guidelines issued by the ministry of electronics and information technology (IT) on 22 May.

The rules put the onus on government departments and agencies to safeguard personal data or information held by them. To be sure, the Information Technology Act 2000 and Aadhaar Act 2016 have laid down most of these rules. The new guidelines seek answers to questions being asked on data protection under the Aadhaar Act. “If agency is storing Aadhaar number or sensitive personal information in database, data must be encrypted and stored. Encryption keys must be protected securely, preferably using Hardware Security Modules (HSMs). If simple spreadsheets are used, it must be password protected and securely stored,” according to the guidelines.

In April, the IT Ministry issued a notification directing all government departments to remove any personal data published on their websites or through other avenues. The guidelines require regular audits to ensure effectiveness of data protection and also call for swift action on any breach of personal data. In cases where an Aadhaar number has to be printed, it should be truncated or masked. The guidelines say only the last four digits of the 12-digit unique identity number can be displayed or printed.

According to a research report issued by Bengaluru-based think tank Centre for Internet and Society on 1 May, four government portals could have made public around 130-135 million Aadhaar numbers and around 100 million bank account numbers.

For more details visit https://cis-india.org/internet-governance/news/livemint-june-2-2017-komal-gupta-new-rules-for-govt-agencies-to-ensure-security-of-personal-data

New regulations in place; Aadhaar Card records to be preserved for 7 yrs by Centre

praskrishna — 2016-10-17T14:46:31Z

UIDAI chief executive office ABP Pandey said that the concerns regarding Aadhar card-related benefits were "exaggerated" and that the agency will keep the records in case any disputes arise in the future.

The article was published in the Financial Express on October 17, 2016. Sunil Abraham was quoted.

As per new regulations, the government will now keep a record for seven years of all services and benefits that are availed using Aadhaar number. Fearing that the database might be used for surveillance, the Unique Identification Authority of India (UIDAI) will preserve the records.

UIDAI chief executive office ABP Pandey said that the concerns regarding Aadhar card-related benefits were “exaggerated” and that the agency will keep the records in case any disputes arise in the future.

Pandey added that the information will be available online for two years and shall be shifted to the offline archives for the next five years. In that case, users will be able to check the records only for two years. However, the rules won’t apply for security agencies and that they will need a district judge’s permission to access the data.

According to HT, the rules allow designated joint secretary-level officers at the Centre to order access to information on the grounds of national security.

Talking about this Sunil Abraham, director of the Bengaluru-based think tank, Centre for Internet and Society said that once Aadhar becomes mandatory, it can be misused to conduct a 360-degree surveillance on any person.

Every time a person fingerprints and quotes the Aadhaar number, the agency concerned sends the data to UIDAI to crosscheck the particulars.
The UIDAI authenticates about five million Aadhaar numbers, which are quoted to avail LPG subsidy, cheap ration and even passport, a day against a capacity to verify 100 million requests daily, reports HT.

Meanwhile, The Unique Identification Authority of India (UIDAI) has launched a drive to enrol any leftover population for Aadhaar in 22 states and UTs that have “statistically” hit 100 per cent coverage for adults.

The ‘Challenge drive’ starts from October 15 for a month, a UIDAI statement said, adding that as of today, over 106.69 crore Aadhaar numbers have been generated across the country.

For more details visit https://cis-india.org/internet-governance/news/financial-express-october-17-2016-new-regulations-in-place-aadhaar-card-records-to-be-preserved-for-7-yrs-by-centre

New Recommendations to Regulate Online Hate Speech Could Pose More Problems Than Solutions

amber — 2018-01-02T03:06:18Z

The T.K. Viswanathan committee’s recommendations could prove to be dangerous for free speech if acted upon without resolving its flaws.

The article was published by Wire on October 14, 2017

It was reported last week that an expert committee headed by T.K. Viswanathan, former secretary general of Lok Sabha, recommended that the Indian Penal Code (IPC), the Code of Criminal Procedure and the Information Technology Act be amended to include stringent penal provisions regarding online hate speech. While this report has not been made public, the Indian Express reported that the committee’s recommendations include, among other things, insertion and expansion of penal provisions in the IPC on ‘incitement to hatred’ (Section 153C) and ‘causing fear, alarm or provocation of violence’ (Section 505A) to include online speech, and creation of the offices of state cyber crime coordinator and district cyber crime cell.

Online hate speech has been among the more complex issues with regard to the regulation of technology. The complexity of restricting hate speech has to do with a number of factors, including the ubiquity of strong opinions in online speech, often offensive to certain groups, the interplay between individual and group rights, and the tensions between the values of dignity, liberty and equality. Siddharth Narrain has pointed out in his thesis on hate speech law that the use of law to curb offensive or hurtful speech has been done by religious groups, caste based groups, occupation based groups with strong caste associations, language groups and gender based groups. The range of actions arising from such uses of the law include the banning of books, criminal proceedings for political satire, or even ‘liking’ political posts on social media.

The relationship between speech acts and acts of violence is a complicated issue with little consensus on appropriate ways to regulate it. Scholars such as Jonathan Maynard have advocated greater reliance on non-legal responses such as counter speech, as the use of criminal law to tackle speech often has the effect of chilling forms of dissent. The formulation and application of legal tests in criminal law with respect to hate speech is also hard as hate speech has much to do with the content of speech as it has to do with the context, including factors such as power structures. Speech by a figure in a position of power also has a greater likelihood to result in a call for violence.

Before looking at the specific recommendations made by the T.K. Viswanathan committee, it would be worthwhile to also look at the background of this committee. The committee notes with approval the Law Commission of India’s 267th report on the issue of hate speech. The Law Commission, in turn, was acting at the behest of observations made by the Supreme Court in Pravasi Bhalai Sangathan v. Union of India in 2014. In this case, the Supreme Court exhibited judicial restraint and refused to frame guidelines prohibiting political hate speech, and had instead requested the Law Commission to look into it. However, the court noted with approval international case law on the issues, particularly the observations in the Canadian case Saskatchewan v. Whatcott. Relying on Whatcott, the Supreme Court provides a definition of hate speech that includes the following statements:

“Hate speech is an effort to marginalise individuals based on their membership in a group. Using expression that exposes the group to hatred, hate speech seeks to delegitimise group members in the eyes of the majority, reducing their social standing and acceptance within society. Hate speech, therefore, rises beyond causing distress to individual group members..[and] lays the groundwork for later, broad attacks on vulnerable that can range from discrimination, to ostracism, segregation, deportation, violence and, in the most extreme cases, to genocide. Hate speech also impacts a protected group’s ability to respond to the substantive ideas under debate, thereby placing a serious barrier to their full participation in our democracy.”

Thus, it is evident that the Supreme Court itself clearly states that hate speech must be viewed through the lens of the right to equality, and relates to speech not merely offensive or hurtful to specific individuals, but also inciting discrimination or violence on the basis of inclusion of individuals within certain groups. It is important to note that it is the consequence of speech that is the determinative factor in interpreting hate speech, more so than even perhaps the content of the speech. This is also broadly reflected in the Law Commission’s report that identifies the status of the author of the speech, the status of victims of the speech, the potential impact of the speech and whether it amounts to incitement as key identifying criteria of hate speech.

However, in the commission’s recommendations, these principles are not fairly represented in the suggested new Sections 153C and 505A, as per a draft released by the Internet Freedom Foundation. Section 505A, for instance, refers to “highly disparaging, indecent, abusive, inflammatory, false or grossly offensive information” and “derogatory information.” These are extremely broad terms, not having any guiding jurisprudence within Indian or international law, which may be helpful in restrictively interpreting them. It is important to note the similarities between this provision and the repealed Section 66A of the Information Technology Act, which sought to criminalise speech that was “grossly offensive,” having “menacing character,” or “causing annoyance..danger..insult..enmity, hatred or ill will.”

These terms in the recommended Section 505A also run foul of the observations of Justice Nariman in Shreya Singhal v. Union of India, where he took exception to the nature of the terms in Section 66A by stating that, “Information that may be grossly offensive or which causes annoyance or inconvenience are undefined terms which take into the net a very large amount of protected and innocent speech.” While these terms are somewhat tempered in this provision with a requirement to show intent to “cause fear of injury or alarm,” they remain exceedingly broad and contrary to the requirement that restrictions on speech must be couched in the narrowest possible terms.

The T.K. Viswanathan committee, in addition, seeks to bring, within the scope of the prospective Sections 153C and 505A, electronic speech. As per its recommendations, ‘means of communication’ would include “any words either spoken or written, signs, visible representations, information, audio, video or combination of both transmitted, retransmitted or sent through any telecommunication service, communication device or computer resource.” This could have the impact of bringing in a provision that has some similar effects as that of the now defunct Section 66A of the Information Technology Act. The lack of regard for the Supreme Court’s observations on hate speech, the need to look at it through the lens of equality and the over-broadness of restrictions on speech are likely to be dangerous for free speech if the recommendations of this committee are acted upon.

For more details visit https://cis-india.org/internet-governance/blog/the-wire-amber-sinha-

New privacy Bill more refined & has wider ambit, say experts

praskrishna — 2014-04-03T11:06:51Z

But creates wide exceptions for government agencies.

The article by Surabhi Agarwal was published in the Business Standard on April 2, 2014. CIS welcomes changes in the Bill but is cautious of the wide exceptions.

The government’s latest attempt to draft a privacy Bill is being termed by as a refined one by experts as it expands its ambit.

However, the Bill creates some wide exceptions for law enforcement and intelligence agencies to collect personal information of individuals. The government has made several attempts at drafting a privacy Bill since 2010, with the aim of protecting individuals against data misuse by government or private agencies.

The first draft, released in 2011, extended the Right to Privacy to citizens of India. But, the 2014 version has expanded its ambit to cover all residents of the country. The 2014 Bill also recognises the Right to Privacy as a part of Article 21 of the Indian Constitution and extends to the whole of India. In contrast, the 2011 Bill did not explicitly recognise the Right to Privacy as being a part of Article 21, and excluded Jammu and Kashmir from its purview.

Both the drafts include a list of circumstances under which authorisation for the collection and processing of sensitive personal data is not required. The lists are broadly the same. However, the latest version exempts insurance company and government intelligence agencies collecting or processing data “in the interest of the sovereignty, integrity, security or the strategic, scientific or economic interest of India.”

A Bangalore-based Internet think-tank Centre for Internet and Society said it welcomed many changes in the Bill, but were cautious on the wide exceptions.

“The Bill carves out another exception for government agencies, allowing disclosure of sensitive personal data without consent to government agencies mandated under law for the purposes of verification of identity, or for prevention, detection, investigation, including cyber incidents, prosecution and punishment of offences,” the Centre for Internet and Society said in a note analysing the provisions of the Bill.

The privacy Bill was originally conceptualised to ensure the data collected by the government under various new projects such as Aadhaar or the National Information Grid (NATGRID) are not misused in any way. But incidents, such as the tapping of phone conversations involving former lobbyist Niira Radia, prompted the government to expand the ambit of the privacy law from just being a data protection one to also cover surveillance and interception.

However, it was unable to reach a consensus due to inter-ministerial conflicts as the law was superseding various provisions under several existing legislations.

The government also set up a committee under retired Delhi high court judge Ajit P Shah under the aegis of the Planning Commission to study international best practices on privacy and surveillance. This committee filed a report in 2012.

Some additions to the Bill include the term personal identifier, defined by any unique alphanumeric sequence of members, letters, and symbols that specifically identifies an individual with a database or a data set.

The Bill has also re-defined sensitive personal data to denote personal data relating to physical and mental health, including medical history, biometric, bodily or genetic information, criminal convictions, password, banking credit and financial data, narco analysis or polygraph test data and sexual orientation.

Once the law comes into being, the government or a private agency will have to adequately inform citizens before collecting data, stating the reasons and only collecting as much information as is necessary.

It will also have to clearly define the time period for which the data will be stored and the security measures taken to protect it from misuse. The law also lays down the penalties in case of a breach.

For more details visit https://cis-india.org/news/business-standard-april-3-2014-surabhi-agarwal-new-privacy-bill-more-refined-has-wider-ambit-say-experts

New movies lose out due to piracy

Admin — 2019-02-02T02:24:42Z

Piracy continues to be a huge concern among filmmakers but it can also be a marketing strategy for small-budget films.

The article by Surupasree Sarmmah was published in Deccan Herald on January 23, 2019. Akriti Bopanna was quoted.

Despite a slew of measures taken by filmmakers, pirated versions of recently released films like ‘Uri: The Surgical Strike’, ‘Viswasam’, ‘KGF’ and ‘Why Cheat India’ were leaked online on websites like TamilRockers. Piracy has been a huge concern for all movie industries in India, national and regional, but experts say that not much can be done when a film is leaked online.

Neville J Kattakayam, author of the book ‘The All Seeing Digital Eyes: A Guide To Privacy, Security and Literacy’, says, “The maximum one can do is to control the servers in a particular jurisdiction. But there are servers in unlikely places — like somewhere out in the sea. These places don’t fall under any jurisdiction, national or international. It becomes impossible to control the servers then.”

Talking about the process of piracy, he explains that once a content is leaked, it mirages into different servers across to the world; not just online but offline too. “There are mirror sites having the same content that are immediately born. Accessibility wise, it’s all out there; there is nothing that one can completely restrict,” he says.

Neville feels that it is largely in the hands of the producers to restrict access to their material until the movie is released. With people usually preferring good quality prints, theatrical replicas are not favoured much, he told Metrolife.

“From what I have heard, the piracy usually happens when the copy is being sent to the censor board. Some intermediate source, who really wants to kill a movie, leaks it from there. That is the real challenge,” says Neville.

Hemanth M Rao, a director, says that when a movie is leaked online, the effort, time and money put in is at stake. “You feel robbed. Most people would want to go to the theatres to watch a film but with incidents of piracy on the rise, the life span of a movie is shortened,” he says.

However, he adds that the audience is beginning to understand the impact piracy has on the movie industry, especially at a time when there is intense competition between regional language industries.

He has a word of praise for the Kannada Film Industry, which he feels is safeguarding interests of the artistes.

“We have a close tie-up with the city police. We monitor where all a film is playing after its release. In case we come to know about any illegal activities, we intimate the police who act swiftly. This way, the access is cut down.”

“Another thing that upsets me is the habit of going live on Facebook while one is at the theatre. I don’t understand what pleasure people get out of it,” he says.

According to a new draft rule, being contemplated by the IT Ministry, host websites will be liable for any illegal content uploaded on their platform. Currently, a website is liable only for unlawful actions; like uploading copyrighted content without permission.

“The Government can block access to the original host of the pirated content if needed however the traction and virality these kinds of content get make it very difficult to contain their spread. It ends up being a blanket ban on sites such as torrent sites where all the content is not illegal yet the site is blocked as a whole,” says Akriti Bopanna, Policy Officer, Centre for Internet and Society.

The time taken for legal recourse doesn’t help either. Though filmmakers can approach the court for a ban on the website or server, the time taken for a legal remedy is way too long. By that time, the same link would have appeared in two or three other websites, says Akriti. “A leaked movie can be easily downloaded and sent to someone instantly.”

She feels that a more effective method than banning a website or a server would be to educate people.

“Not many know about copyright infringement, it is important to spread awareness from the grassroots level. Though we have messages on piracy shown at the start of every movie, these need to be more creative and fun so they will stay in the audience’s minds. Maybe the industry, as a whole, can do this as a community initiative,” she opines.

Small players don’t care much about piracy

Small-budget movies take piracy as a marketing strategy. They feel that once people watch the movie and write reviews, the film will get an overall boost — allowing them to sell more tickets in theatres.

However, major players spend crores on their movies and depend on ticket sales to get back the amount.

Difficult to claim copyright from different websites

Prominent production companies are targeting streaming websites who have uploaded their movies, citing copyright issues. However, floating websites like citytorrents and TamilRockers keep changing their domain name and it becomes impossible to counter them.

-Neville J Kattakayam

For more details visit https://cis-india.org/internet-governance/news/deccan-herald-surupasree-sarmmah-january-23-2019-new-movies-lose-out-due-to-piracy

New Media, personalisation and the role of algorithms

amber — 2017-01-16T07:20:52Z

In his much acclaimed book, The Filter Bubble, Eli Pariser explains how personalisation of services on the web works and laments that they are creating individual bubbles for each user, which run counter to the idea of the Internet as an inherently open place. While Pariser’s book looks at the practices of various large companies providing online services, he briefly touches upon the role of new media such as search engines and social media portals in new curation. Building upon Pariser’s unexplored argument, this article looks at the impact of algorithmic decision-making and Big Data in the context of news reporting and curation.

Everything which bars freedom and fullness of communication sets up barriers that divide human beings into sets and cliques, into antagonistic sects and factions, and thereby undermines the democratic way of life. —John Dewey

Eli Pariser, in his book, The Filter Bubble,[1] refers to the scholarship by Walter Lippmann and John Dewey as integral to the evolution of the understanding of the democratic and ethical duties of the Fourth Estate. Lippmann was disillusioned by the role of newspapers in propaganda for the First World War. He responded with three books in quick succession — Liberty and the News,[2] Public Opinion[3] and The Phantom Public.[4] Lippmann brought attention the fact that the process of news-reporting was conducted through privately determined and unexamined standards. The failure of the Fourth Estate to perform its democratic functions, was, in the opinion of Lippmann, one of the prime factors responsible for the public not being an informed and rational entity. John Dewey, while rejecting Lippmann’s arguments that matters of public policy can only be determined by inside experts with training and education, did acknowledge the his critique of the media.

Pariser points to the creation of a wall between editorial decisionmaking and advertiser interests, as the eventual result of the Lippmann and Dewey debate. While accepting that this division between the financial and reporting sides of media houses has not been always observed, Pariser emphasises that the fact that the standard exists is important.[5] Unlike traditional media, the new media which relies on algorithmic decision-making for personalisation is not subject to the same standards which try to mitigate the influence of commercial interests on editorial decisions while performing many of the same functions as the traditional media.[6]

How personalisation algorithms work

Kevin Slavin, at his famous talk in the TEDGLobal Conference, characterised algorithms as “maths that computers use to decide stuff” and that it was infiltrating every aspect of our lives.[7] According to Slavin’s view, algorithms can be seen as control technologies and shape our world constantly through media and information systems, dynamically modifying content and function through these programmed routines. Search engines and social media platforms perpetually rank user-generated content through algorithms.[8]

Personalisation technologies have various advantages. It translates into more relevant content, which for service providers means more clicks and revenue and for consumer, less time spent on finding the content.[9] However, it also leads to privacy compromise, lack of control and reduced individual capability.[10] Search engines like Google use the famous PageRank algorithm, which combined with geographical location and previous searches yields most relevant search results.[11] PageRank algorithm uses various real time variables dependent on both voluntary and involuntary user inputs. These variables include number of clicks, number of occurrences of the key terms and number of references by other credible pages etc. This data in turn determines the order of pages in search results and influences the way we perceive, understand and analyse information.[12] Maps showing real time traffic information retrieve data from laser and infrared sensors alongside the road and from information from devices of users. Once this real time data is combined with historical trends, these maps recommend rout to every user, hence influencing the traffic patterns.[13]

Even though this phenomenon of personalization may appears to be new, it has been prevalent in the society for ages.[14] The history of mass media culture clearly shows personalization has always been a method to increase market, market reach and customer satisfaction.[15] Newspapers have sections dedicated to special topics, radio and TV have channels dedicated to different interest groups, age groups and consumers.[16] These personalised sections in a newspaper and personalised channels on radio and television don’t just provide greater satisfaction to the readers or listeners or consumers, they also provide targeted advertisement space for the advertisers and content developers. However, digital footprints and mass collection of data have made this phenomenon much more granular and detailed. Geographical location of an individual can tell a lot about their community, their culture and other important traits local to a community.[17] This data further assists in personalisation. Current developments in technology not only help in better collection of data about personal preferences but also help in better personalisation.

Pariser mentions three ways in which the personalization technologies of this day are different from those of the past. First, for the very first time, individuals are alone in the filter bubble. While in traditional forms of personalisation, there were various individuals who shared the same frame of reference, now there is a separate sets of filters governing the dissemination of content to each individual.[18] Second, the personalisation technologies are entirely invisible now, and there is little that consumers can do to control or modify them.[19] Third, often the decision to be subject to these personalisation technologies is not an informed choice. A good example of this would be an individual’s geographical location.[20]

The neutrality of New Media?

More and more, we have noticed personalisation technologies having an impact on how we consume news on the Internet. Google News, Facebook’s News Feed which tries to put together a dynamic feed for both personal and global stories, and Twitter’s trending hashtag feature, have brought forward these services are key drivers of an emerging news ecosystem. Initially, this new media was hailed as a natural consequence of the Internet which would enable greater public participation, allow journalists to find more stories and engage with the readers directly. An illustration of the same could be seen in the way Internet based news media and social networking websites behaved in the aftermath of Israel’s attacks on a United Nations run school in Gaza strip. While much of the international Internet media covered the story, Israel’s home media did not cover the story. The only exception to this was the liberal Israeli news website Ha’aretz.[21] Network graph details of Twitter, for a few days immediately after the incident clearly show the social media manifestation of the event in the personalised cyberspace. It is clearly visible that when most of the word was re-tweeting news of this heinous act of Israel, Israeli’s hardly re-tweeted this news. In fact they were busty re-tweeting the news of rocket attacks on Israel.[22]

The use of social media in newsmaking was hailed by many scholars as symptomatic of the decentralisation characteristic of the Internet. It has been seen as movement towards greater grassroots participation by negating the ‘gatekeeping’ role traditionally played by editors. Thomas Poell and José van Dijck punch holes in theory of social media and other online technologies as mere facilitators of user participation and translators of user preferences through Big Data analytics.[23] They quote T. Gillespie’s work which talks of the narrative of these online services as platforms which are “open, neutral, egalitarian and progressive support for activity.”[24]

Pedro Domingos calls the overwhelming number of choices as the defining problem of the information age, and machine learning and data analytics as the largest part of this solution.[25] The primary function of algorithmic decision making in the context of consumption of content is to narrow down the choices. Domingos is more optimistic about the impact of these technologies, and he says “last step of the decision is usually still for humans to make, but learners intelligently reduce the choices to something a human can manage.”[26] On the other hand, Pariser is more circumspect about the coercive result of machine learning algorithms. Whichever way we lean, we have to accept that a large part of personalisation algorithms is to select and prioritize content by categorising it on the basis of relevance and popularity.

Poell and van Dijck call this a new knowledge logic which in effect replaces human judgement (as, earlier exercised by editors) to some kind of proxy decisionmaking based on data. Their main thesis is that there is little evidence to suggest that the latter is more democratic than former and creates new problems of its own. They go on to compare the practices of various services including Facebook’s new graph and Twitter’s trending topic, and conclude that they prioritise breaking news stories over other kinds of content.[27] For instance, the algorithm for the trending topics depends not on the volume but the velocity of the tweets with the hashtag or term. It could be argued that given this predilection, the algorithms will rarely prefer complex content. If we go by Lippmann and Dewey’s idea that the role of the Fourth Estate is to inform public debate and accountability of those in positions of power, this aspect of Big Data algorithms does not correspond with this role.

Quantified Audience

Another aspect of use of Big Data and algorithms in New Media that requires attention is that the networked infrastructure enables a quantified audience. C W Anderson who has studied newsroom practices in the US looked at role played by audience quantification and rationalization in shifting newswork practices. He concluded that more and more, journalists are less autonomous in their news decisions and increasingly reliant on audience metrics as a supplement to news judgment.[28] Poell and van Dijck review the the practices by some leading publications such a New York Times, L.A. Times and Huffington Post, and degree to which audience metrics dictates editorial decisions. While New York Times seems to prioritise content on their social media portals based on expectation of spike in user traffic, L.A. Times goes one step further by developing content specifically aimed towards promoting greater social participation. Neither of these practices though compare to the reliance on SEO and SMO strategies of web-born news providers like Huffington Post. They have traffic editors who trawl the Internet for trending topics and popular search terms, the feedback from them dictates the content creation.[29]

Conclusion

The above factors demonstrate that the idea of New Media leading to the Fourth Estate performing its democratic functions does not take into account the actual practices. This idea is based on the erroneous assumption that technology, in general and algorithms, in particular are neutral. While the emergence of New Media might have reduced the gatekeeping role played by the editors, its strong prioritisation of content that will be popular reduce the validity of arguments that it leads to more informed public discussion. As Pariser said, the traditional media scores over the New Media inasmuch as there is an existence of a standard of division between editorial decisionmaking and advertiser interest. While this standard is flouted by media houses all the time, it exists as a metric to aspire to and measure service providers against. The New Media performs many of the same functions and maybe it is time to evolve some principles and ethical standards that take into account the need for it to perform these democratic functions.

Endnotes

^{^[1]} Eli Pariser, The Filter Bubble: What the Internet is hiding from you (The Penguin Press, New York, 2011)

[2] Walter Lippmann, Liberty and News (Harcourt, Brace and Howe, New York 1920) available athttps://archive.org/details/libertyandnews01lippgoog

^{^[3]} Walter Lippmann, Public Opinion (Harcourt, Brace and Howe, New York 1920) available at http://xroads.virginia.edu/~Hyper2/CDFinal/Lippman/cover.html

^{^[4]} Walter Lippmann, The Phantom Public (Transaction Publishers, New York, 1925)

^{^[5]} Supra Note 1 at 35.

^{^[6]} Supra Note 1 at 36.

^{^[7]} https://www.ted.com/talks/kevin_slavin_how_algorithms_shape_our_world/transcript?language=en

^{^[8]} Fenwick McKelvey, “Algorithmic Media Need Democratic Methods: Why Publics Matter”, available at http://www.fenwickmckelvey.com/wp-content/uploads/2014/11/2746-9231-1-PB.pdf.

^{^[9]} http://mashable.com/2011/06/03/filters-eli-pariser/#9tIHrpa_9Eq1

^{^[10]} Helen Ashman, Tim Brailsford, Alexandra Cristea, Quan Z Sheng, Craig Stewart, Elaine Torns and Vincent Wade, “The ethical and social implications of personalization technologies for e-learning” available at http://www.sciencedirect.com/science/article/pii/S0378720614000524.

^{^[11]} Sergey Brin and Lawrence Page, “The Anatomy of a Large-Scale Hypertextual Web Search Engine” available at http://infolab.stanford.edu/pub/papers/google.pdf.

^{^[12]} Ian Rogers, “The Google Pagerank Algorithm and How It Works” available at http://www.cs.princeton.edu/~chazelle/courses/BIB/pagerank.htm.

^{^[13]} Trygve Olson and Terry Nelson, “The Internet’s Impact on Political Parties and Campaigns”, available at http://www.kas.de/wf/doc/kas_19706-544-2-30.pdf?100526130942.

^{^[14]} Ian Witten, “Bias, privacy and and personalisation on the web”, available at http://www.cs.waikato.ac.nz/~ihw/papers/07-IHW-Bias,privacyonweb.pdf.

^{^[15]} Supra Note 1 at 10.

^{^[16]} https://www.americanpressinstitute.org/publications/reports/survey-research/social-demographic-differences-news-habits-attitudes/

^{^[17]} Charles Heatwole, “Culture: A Geographical Perspective” available at http://www.p12.nysed.gov/ciai/socst/grade3/geograph.html.

^{^[18]} Supra Note 1 at 10.

^{^[19]} Id.

^{^[20]} Supra Note 1 at 11.

^{^[21]} Paul Mason, “Why Israel is losing the social media war over Gaza?” available at http://blogs.channel4.com/paul-mason-blog/impact-social-media-israelgaza-conflict/1182.

^{^[22]} Gilad Lotan, Israel, Gaza, War & Data: Social Networks and the Art of Personalizing Propaganda available at www.huffingtonpost.com/entry/israel-gaza-war-social-networks-data_b_5658557.html

^{^[23]} Thomas Poell and José van Dijck, “Social Media and Journalistic Independence” in Media Independence: Working with Freedom or Working for Free?, edited by James Bennett & Niki Strange. (Routledge, London, 2015)

^{^[24]} T Gillespie, “The politics of ‘platforms,” in New Media & Society (Volume 12, Issue 3).

^{^[25]} Pedro Domingos, The Master Algorithm: How the quest for the ultimate learning machine will re-make the world (Basic Books, New York, 2015) at 38.

^{^[26]} Ibid at 40.

^{^[27]} Supra Note 23.

^{^[28]} C W Anderson, Between creative and quantified audiences: Web metrics and changing patterns of newswork in local US newsrooms, available at https://www.academia.edu/10937194/Between_Creative_And_Quantified_Audiences_Web_Metrics_and_Changing_Patterns_of_Newswork_in_Local_U.S._Newsrooms

^{^[29]} Supra Note 23.

For more details visit https://cis-india.org/internet-governance/new-media-personalisation-and-the-role-of-algorithms

New Lock For EU’s Digital Mines

Admin — 2018-03-17T13:10:52Z

Indian companies dealing with European data wait anxiously as the EU pushes in new security rules

The article by Arindam Mukherjee was published in the Outlook in March 26, 2018 issue. Elonnai Hickok was quoted.

Pretty soon, Indian companies, especially those associated with European companies, will have to walk that extra mile to protect personal data. Come May 25, the European Union (EU) will enact a new set of regulations, called the General Data Protection Regulation (GDPR), which will impose stringent conditions for personal data protection and privacy laws.

What’s more, any violation of or non-compliance with the new regulations will attract the strictest of penalties and fines. On an average, the new regulations call for up to 4 per cent of a company’s global revenue as penalty.

With the already huge and rapidly expanding field of big data play across companies and industries, data protection has come under the limelight and many countries are talking in terms of putting in place stringent rules for personal data protection. The EU will be the first off the block with GDPR, which comes into effect in less than three months. It is expected that following the EU’s example, similar regulations will start coming up in other countries as well.

The GDPR will replace the 1995 Data Protection Directive currently operational in the EU.

The GDPR will replace the 1995 Data Protection Directive currently operational in the EU and its regulations will cover all EU member states and citizens. Accordingly, all companies operating in the EU and having customers there, or even having work outsourced from the EU which involves its citizens’ personal data, will have to fall in line and comply.

The rules under GDPR will be relevant for businesses collecting, processing, storing, and sharing data of EU data subjects. This would include all businesses located in India providing services directly or indirectly to EU data subjects, as well as Indian companies with a presence in Europe.

This has put a lot of Indian IT and ITES companies in a bind given that few Indian companies are in a position to comply with the new GDPR rules and regulations within the given deadline. GDPR necessitates that adequate steps have to be taken to secure EU data wherever it is stored or processed.

At present, India does not have any data privacy law. However, the government has set up a committee of experts under former Supreme Court Justice B.N. Srikrishna to look into matters related to data protection and privacy in the country. The committee has so far come up with a draft protection bill. But it is unlikely that the committee will be able to come out with its final report before the GDPR deadline of May 25.

Huzefa Goawala, who heads GRC, India & SAARC, RSA, says the impact of GDPR will be heavy on India. “A sizeable chunk of Indian companies operate out of the EU including IT/ITeS, manufacturing, financial services and telecom companies,” he adds. “The GDPR will apply to personally identifiable information and internal facing data and external facing data, and organisations will have to protect data on all these fronts. Unfortunately, very few organisations have taken measures to become GDPR compliant at the ground level and are waiting for others to make a move. Larger, tier 1 organisations are in a consultation mode at the moment and are in a preliminary stage of compliance.”

According to Ernst & Young’s forensic data analytics survey (2018) done among Indian companies, 60 per cent of Indian respondents are still not familiar with the GDPR, while only a little over 23 per cent have heard of it but have done nothing about it. “This puts India in a precarious position, especially because it takes time for a company to prepare for GDPR compliance, which involves identifying where all the data resides and taking measures to safeguard it,” says Mukul Shrivastava, partner, Fraud Investigation and Dispute Services, Ernst & Young. “Many large IT-ITeS companies have secure servers in the EU or on cloud. But a lot of EU data processing is either done in India or is outsourced to India. That data needs to be protected under the GDPR.”

Experts say that under GDPR, a company will have to report any breach of data security within 72 hours. In case it fails to do so, stiff penalties will be imposed. With GDPR, the EU wants to stress on how important personally identifiable information is and see what companies are doing to protect it. It calls for deployment of ground level technologies by companies to ensure data security.

To ensure full compliance under GDPR will be a difficult task. “It is not possible to check 100 per cent compliance,” says Vijayshankar Na, cyber law and international information security expert. “There can be multiple versions of personal data in a process. To tap this data and see where all it is flowing in the system will be the toughest part under GDPR. Companies will have to identify all this in order to protect data.”

To help Indian companies, India’s IT representative body Nasscom has sought a “data secure” status for its companies from the EU. The EU has given a similar status to American companies, which ensures some concessions for them. Indian companies would be entitled to similar concessions under GDPR if they get the data secure status. But a decision on this is yet to come.

“As India has not attained data secure status, the collection, processing, storing, and sharing of EU data subjects by Indian companies will continue to be through ‘binding corporate rules’,” says Elonnai Hickok, chief operating officer, CIS (Centre For Internet and Society), Bangalore. “Though GDPR will affect any company handling EU data, the IT sector in India could potentially be impacted the most given the amount of business that it does and potentially could do with the region. For instance, a Deloitte report has estimated the outsourcing opportunity of the Indian IT industry with Europe at $45 billion.”

Hickok says India’s legal regime around privacy, consisting primarily of section 43A of the IT Act and associated rules, has not been found to be data secure by the EU in past assessments. This means that unless practices are guided by binding corporate rules, the standard of practice in India is lower than required by the previous Data Protection Directive (1995) as well as the GDPR. Some of the potentially challenging requirements in the GDPR will include the requirement for reporting breaches, new standards for consent, ensuring the rights of data subjects including access and correction, portability, erasure and deletion, the right to objection, and, if the need arises, the right to request human intervention in automated decisions.

What could also hit Indian companies is that the cost of GDPR compliance will be high—there will be costs related to human capital, periodic updates, IT infrastructure around the data (both hardware and software) and setting up cyber security and incident response programs.

“Europe is an important market for Indian companies,” says Vinayak Godse, senior director, Data Security Council of India (DSCI). “This heightened threshold of privacy may lead to some top line compromise for Indian IT companies. The compliance burden is also bound to increase. The small and mid-size companies looking at the EU as a market may struggle to comply with the new rules.”

The Indian government is trying to bring some order vis a vis data privacy and the Justice Srikrishna panel is expected to expedite the process. “The Government of India is currently developing a national data protection framework, following the Supreme Court judgment of August 2017 recognising an individual’s privacy as a fundamental right,” says Keshav Dhakad, director & assistant general counsel, corporate, External & Legal Affairs, Microsoft India. “The coming of GDPR will help galvanise the discussion in countries outside of Europe and in India.”

As of now though, there is a lot of confusion and Indian companies, staring at a tight deadline, are under stress. If they can speed up the process and comply, they will be safe, but if they fail, they could lose business in one of India’s most promising markets.

For more details visit https://cis-india.org/internet-governance/news/outlook-march-26-2018-new-lock-for-eu-digital-mines

New law to unlock data economy

praskrishna — 2017-06-12T01:10:06Z

Proposal has been sent to PMO for approval.

The article by Yuthika Bhargava was published in the Hindu on June 9, 2017.

The government is mulling a new data protection law to protect personal data of citizens, while also creating an enabling framework to allow public data to be mined effectively. The move assumes significance amid the debate over security of individuals’ private data, including Aadhaar-linked biometrics, and the rising number of cyber-crimes in the country.

“The Ministry of Electronics and Information Technology (MEIT) is working on a new data protection law. A proposal to this effect has been sent to the Prime Ministers’ Office for approval,” a senior ministry official told The Hindu.

Once the PMO approves it, the ministry will set up a “cross-functional committee” on the issue.

“We want to include all stakeholders. It will be a high-level committee, and all current and future requirements of the sector will be discussed.”

Two chief aims

The official said: “We are working with two main aims – to ensure that personal data of individuals remain protected and is not misused, and to unlock the data economy.”

The official explained that a lot of benefits can be derived from the data that is publicly available, by using technology and big data analytics. “The information can be used for the benefit of both individuals and companies,” the official said.

“The underlying infrastructure of the digital economy is data. India is woefully unprepared to protect its citizens from the avalanche of companies that offer services in exchange for their data, with no comprehensive framework to protect users,” Software Freedom Law Centre (SFLC.in), a non-profit, said in an emailed reply.

Currently, India does not have a separate law for data protection, and there is no body that specifically regulates data privacy.

“There is nominally a data protection law in India in the form of the Reasonable Security Guidelines under Section 43A of the Information Technology Act. However, it is a toothless law and is never used. Even when data leaks such as the ones from the official Narendra Modi app or McDonald’s McDelivery app have happened, section 43A and its rules have not proven of use,” said Pranesh Prakash, policy director at CIS.

Some redress for misuse of personal data by commercial entities is also available under the Consumer Protection Act enacted in 2015, according to information on the website of Privacy International, an NGO. As per the Act, the disclosure of personal information given in confidence is an unfair trade practice.

For more details visit https://cis-india.org/internet-governance/news/the-hindu-yuthika-bhargava-june-9-2017-new-law-to-unlock-data-economy

New Kids on the Blog

praskrishna — 2011-04-01T16:10:34Z

Across the world, the blogosphere is shrinking. But that might not be a bad thing. Look closer, self-indulgence has found newer platforms, and only the fittest and the smartest blogs have survived. This article was published by the Indian Express on February 6, 2011. Indian Express reporter spoke with Nishant Shah.

Meet aneesha, a personable 20-something in a red jacket, with a coffee “without cream” cupped in her hands. Seven years ago, this Delhi-based professional was an avid user of LiveJournal. Most of her friends are from the online world; she met their blogs before she knew them personally. “My family’s perception of me and what I am are very different,” she says, “I hide myself in the layers of the internet.” Aneesha found herself and her friends through blogs; today, however, she has no time or inclination for the blogging world. “We used to write about the sunshine, a cute dog, a nice day. Who has the time for that any more?”

“I quit”. “We are moving out”. “This blog is Dead”.

An aerial view of the blogosphere resembles an abandoned city, with silence blowing through boarded-up windows. Recent Pew Internet Project surveys of teens and adults in the US reveal a decline in blogging among teens and young adults and a modest rise among adults 30 and older. According to the 2010 report, “In 2006, 28 per cent of teens in the 12-17 age group, and adults between 18 and 29 were bloggers, but by 2009, the numbers had dropped to 14 per cent of teens and 15 per cent of adults. During the same period, the percentage of online adults over 30 who were bloggers rose from 7 per cent to 11 per cent.” These numbers reflect American reality, but the blogosphere has not been similarly mapped and analysed in India, says Nishant Shah, director, research, Centre for Internet and Society, Bangalore. When contacted, WordPress, a blog tool and publishing platform, said that they don’t publish country-specific statistics either.

While blogging in itself seems to have peaked and plateaued, blog-like activities have moved to other online spaces. Blogs were at the social media forefront around five years ago. According to Technorati, an internet search engine for blogs, the blogosphere in 2004 was eight times as large as it was in June 2003. Since then, Blogger and WordPress have been stagnating, says Nielsen, a media-research firm. A 2010 article in The Economist pointed out, that according to Blogads, which sells ads, “media buyers’ inquiries increased tenfold between 2004 and 2008, but have grown by only 17 per cent since then.”

But the numbers only tell a part of the story. The immensity of the blogging world means that it will always remain terra incognita. Its vastness allows poorly-written, lazily-reasoned dribbles to exist, but it also provides an unparalleled democratic platform (if you have access to the internet). The blogosphere, which had become an endless echo chamber, has evolved into a more interesting space, with startling diversity. Teenagers have found new fads, and moved out; instead, adults are setting up their couches here. Over the last four-five years, the fittest and smartest blogs have survived, whereas those with a readership of one have sunk to Google’s ocean floor. Few bloggers actually bother to delete their accounts, most starve away because of the author’s neglect and the audiences’ disinterest. The ones that have thrived have created communities of kindred souls, with an eye for beauty or a knack for the kooky. The Indian blogosphere is rich ground for posts on cinema, economics, sports, design and politics. Blogs can be conclaves of critics against the mainstream, they can be crucial support systems for the grieving. But how did we get here?

Peter Merholz, a lover of words and etymologies, and founding partner of consultancy Adaptive Path, created the word “blog” in 1999.

Playing with syllables, he decided to change “weblog” into “blog” for short. This San Francisco-based designer writes in his blog, “I like that it’s roughly onomatopoeic of vomiting. These sites (mine included!) tend to be a kind of information upchucking.”

For something that started as verbal upchucking, blogging has evolved over the decade. Anupam Mukerji, aka the Fake IPL Player, whose blog was the sensational sideshow that overshadowed the second edition of the Indian Premier League in 2009, says, “Self-indulgence is out. People want to be entertained and nobody really cares what you had for breakfast.”

In the early part of this decade, blogging was about self-expression, within a small community (like LiveJournal), says Aneesha. Kiran Jonnalagadda, a Bangalore-based social technologist, and founder of HasGeek, which organises technical discussions, recalls, “Your blog was not secret, but was private by virtue of not many people being online. It was a safe assumption for young people that their parents and siblings would never read their blog. The medium of the blog was the most advanced technology of the day. It was crude by modern standards, but fantastic compared to anything earlier.” Aneesha and Jonnalagadda abandoned LiveJournal after their initial euphoria. Today, it is said, only the Russians use it, since it was bought over by a Russian company in 2007.

Blogging has come of age in India where we now see the growth of the “modern blogger”, says Jonnalagadda, one of the early Indian bloggers. “It’s important to distinguish between these two — the blogger as someone who indulged in self-expression in the early 2000s, who’s now moved to Facebook and other tools, versus the modern blogger who uses the same technology but is actually a small media publisher serving a niche segment.”

Facebook and Twitter are dummy-friendly and easily satisfy the exhibitionist, the voyeur, the curious or the intellectual. In 2010, there were 152 million blogs on the internet; it doesn’t seem much in comparison to 600 million Facebook users. On Facebook, it takes just a few seconds to upload a picture. A “thumbs up” is all it takes to “like” a photo or a comment. A personal update becomes part of the newsflash on friends’ homepages. Facebook’s “Notes” can satisfy the desire to write long, random and personal outpourings. “Tagging” friends in these notes assures one of a readership. Sharing so little with so many has never been this effortless. Blogs, defined as a format of writing, where pieces are arranged in a reverse chronological order, are no longer the preferred tool for the personal.

Technorati reports that the significant growth of mobile blogging is a key trend in 2010. Though the smartphone may still be relatively new in India, bloggers have reported that mobile blogging has lead to shorter posts and to a growing preference for Facebook and Twitter. Kiruba Shankar, CEO of Business Blogging Pvt Ltd, a social media consultancy in Chennai, and a once-prolific blogger, says, “Five years back, I was averaging two posts a day. In 2010, which was my worst year in blogging, I did one post every two months! It’s not that I stopped writing. I just moved my updates to Twitter and Facebook.” Shankar has even written an entire book in 140-character capsules on the merits of collaborative work: Crowdsourcing Tweet. He explains, “I love reading smaller books. I love tweeting my thoughts. I wanted to eat the elephant in smaller bites and so I jotted down points in tweets.”

On the Web, none of these social mediums work in isolation, each is connected with the other. Facebook and Twitter have also become ways to promote blogs, with people often posting their links and thereby increasing their readership and the scope of the conversation.

With blogs moving beyond the personal, the rise of the modern blogger writing for a niche audience is of particular interest. Mumbai-based Chandrahas Choudhury, author of The Middle Stage, a blog of essays on Indian and world literature, says, “Blogs have matured over the years in India. People who are serious have kept it. Lots of the press indulge in the criticism that blogs are not edited. But I’ve seen many great blogs. It’s a very good way of learning how to write good prose.” The Middle Stage provides an important space for literary criticism at a time when newspapers are squeezing out literary columns. Blogs give “maximum freedom”, says Choudhury, as one can increase the content through links; they also allow one to quote freely from other texts, which newspapers do not allow.

Shankar emphasises that search engines give more importance to any site with fresh content, and that blogs have high “archival value”, compared with “Facebook or Twitter where old updates seem to fall off the face of the earth”. The Google requisite for new content has made the group blog a better option than the personal as it makes it easier to generate content regularly. Successful group blogs are making an impact.

Little Design Book, “an online journal of design, visual culture and material culture”, is run by Ruchita Madhok, Aditya Palsule, Avinash Rajagopal and Shreyas Krishnan. The editors, who are based in London, New York, and Bangalore respectively, work collaboratively and communicate through Skype. Through smart and pithy posts, they describe designs that are too good to be true and those which are too awful to seem probable. On this team blog, art and design interact in meaningful ways, producing discussions and insights. Speaking from New York on the behalf of his team, Rajagopal feels that design blogs have taken off recently in India. “The Web is a great place to discuss design because it is an inherently democratic medium. Anyone can have their say.”

Others, who have made use of the democratic and immediate nature of the internet, include Pavitra Mohan, who runs the successful blog Masala Chai, a “creative collective that features south Asian art and design”. These blogs about Indian art and design are few but they are playing an important role in the promotion and criticism of the arts. Mohan says, “There’s high art and low art. They are both provided a uniform platform on the Web.” Started three years ago, the blog recently became a physical reality, with Masala Chai opening its first outlet in Chennai.

Rajagopal feels, however, that there’s still scope for editorialising content. “Many blogs post images of design objects, and say a few obligatory words. This has its necessary place in the blogging world. But we also need many strident, opinionated voices.”

Strident voices with trenchant opinions ring in collective blogs like Kafila, run by no single CEO but by 22 members. Speaking only for himself and not on behalf of Kafila, Shivam Vij, writer and member, says, “Blogging is ‘self-publishing’. To read blogs (and today, together with social media) is to get an uncut view of what a society thinks, without the frame of the organised media. This allows people to use blogging and social media to influence opinion, and thus cause change, good or bad.”

While blogs can be viewed as enjoyable entertainment or a platform for serious discussion and debate, blogs can also change lives. It can make famous the anonymous man stooped over a keyboard, with a prank in his head and spunk in his prose. Anupam Mukerji, the Fake IPL Player whose anonymous blog fooled thousands of cricket fans and administrators, and who revealed his identity in August last year, says, “I am still the same guy, but people respond to me differently. The blog changed my life.”

Blogging was also the “perfect tonic” for actor Lisa Ray, who started writing The Yellow Diaries once she’d been diagnosed with multiple myeloma, a cancer of the white blood cells, in June 2009. Her blog posts, written with heart and without fuss, chronicled her battle with the disease, from being a “cancer intern” to a “cancer survivor”. In what ways did the blog help her? “In every way,” she says. “It helped me process what I was going through. It helped me be honest with myself and face my fears head on. It also helped me connect with others by sharing a very human experience. It helped dilute my fear.” Her blog also helped others, obvious in the hundreds of comments left by readers. Talking about readers’ responses, she says, “I do remember thinking that we suffer from the ‘pathology of perfection’ in contemporary society and the only antidote is to celebrate our ‘humanness’ in all forms. To embrace the hurt and pain as much as the joys and success.”

Blogging was also a tonic for Indian Homemaker or Seema Rao, blogger and mother of Tejaswee Rao, a 19-year-old journalism student who passed away last year. Seema has been a frequent blogger for the last three years and now maintains her daughter’s blog In My Arrogant Opinion. She feels her daughter lives on through her presence on the Web. Sitting in a Gurgaon living room, surrounded by photos of her daughter, Rao says, “The family wanted a memorial gathering. But I know people will talk about her illness, they’ll say you should have gone to another hospital. I feel the blogosphere is more mature. A memorial would have been traumatic. I get support from bloggers, from people who don’t even know my name. On Tejaswee’s birthday, a mother in Hyderabad sent me a cake, with TJ written on it. I don’t know how I would have coped without the blogs.”

The original article was published in the Indian Express

For more details visit https://cis-india.org/news/new-kids

New internet rules open to arbitrary interpretation

praskrishna — 2011-05-06T04:58:57Z

Six years after an e-commerce CEO's arrest for a pornographic CD sold from his website, the government has introduced a liability on intermediaries such as Facebook and Google to "act within 36 hours" of receiving information about offensive content. This article by Manoj Mitta & Javed Anwer was published in the Times of India on April 27, 2011.

Under the rules notified on April 11 under the Information Technology Act, the intermediaries are required to work with the internet user "to disable such information that is in contravention" of the prescribed restrictions. While most of the restrictions in the rules are based on the criminal law (stuff that is blasphemous, obscene, defamatory, paedophilic, etc), some are so loosely worded that they could easily be misused against netizens accustomed to speaking their mind freely, whether on politics or otherwise.

One glaring example of an ill-thought-out provision is the prohibition on saying something that is "insulting any other nation". Since this expression has been mentioned without any qualifications, it could be invoked against anybody who talks disparagingly about other countries.

Apart from encroaching on free speech, the subjective notion of insulting a nation â€” as opposed to valid criticism â€” opens scope for arbitrariness and politically motivated interpretation. The authorities may not, for instance, take action against any content that is bashing Pakistan but may be touchy about similar attacks on the US.

Since such violations and the remedial action taken on them could become a subject of police probe, the rules state that "the intermediary shall preserve such information and associated records for at least 90 days for investigation purposes".

Given their legal repercussions, activists termed the new rules "draconian". Pranesh Prakash of Centre of Internet and Society alleged, "The rules seek to expand government's reach to control content on the internet. This is neither reasonable nor constitutional as the rules undermine the free speech guaranteed by the Constitution."

The intermediaries are also required to appoint a grievance officer and publish his contact details as well as the mechanism by which "users or any victim who suffers" can notify their complaints. The grievance officer is required to redress the complaints within one month of the receipt of the complaint.

Industry sources hold that the 36-hour deadline imposed on the intermediaries to take action on complaints would unduly affect their freedom as service providers in the Indian jurisdiction. A Google spokesperson told TOI that the proposed guidelines could be "particularly damaging to the abilities of Indians who are increasingly using the internet in order to communicate, and the many businesses that depend upon online collaboration to prosper."

Read the original article published by the Times of India here

For more details visit https://cis-india.org/news/internet-rules-arbitary-interpretation

New intermediary guidelines: The good and the bad

TorShark — 2021-03-15T13:52:46Z

In pursuance of the government releasing the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, this blogpost offers a quick rundown of some of the changes brought about the Rules, and how they line up with existing principles of best practices in content moderation, among others.

This article originally appeared in the Down to Earth magazine. Reposted with permission.

-------

The Government of India notified the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021. The operation of these rules would be in supersession of the existing intermediary liability rules under the Information Technology (IT) Act, made back in 2011.

These IL rules would have a significant impact on our relationships with internet ‘intermediaries’, i.e. gatekeepers and getaways to the internet, including social media platforms, communication and messaging channels.

The rules also make a bid to include entities that have not traditionally been considered ‘intermediaries’ within the law, including curated-content platforms such as Netflix and Amazon Prime as well as digital news publications.

These rules are a significant step-up from the draft version of the amendments floated by the Union government two years ago; in this period, the relationship between the government around the world and major intermediaries changed significantly.

The insistence of these entities in the past, that they are not ‘arbiters of truth’, for instance, has not always held water in their own decision-makings.

Both Twitter and Facebook, for instance, have locked the former United States president Donald Trump out of their platforms. Twitter has also resisted to fully comply with government censorship requests in India, spilling into an interesting policy tussle between the two entities. It is in the context of these changes, therefore, that we must we consider the new rules.

What changed for the good?

One of the immediate standouts of these rules is in the more granular way in which it aims to approach the problem of intermediary regulation. The previous draft — and in general the entirety of the law — had continued to treat ‘intermediaries’ as a monolithic entity, entirely definable by section 2(w) of the IT Act, which in turn derived much of its legal language from the EU E-commerce Directive of 2000.

Intermediaries in the directive were treated more like ‘simple conduits’ or dumb, passive carriers who did not play any active role in the content. While that might have been the truth of the internet when these laws and rules were first enacted, the internet today looks much different.

Not only is there a diversification of services offered by these intermediaries, there’s also a significant issue of scale, wielded by a few select players, either by centralisation or by the sheer number of user bases. A broad, general mandate would, therefore, miss out on many of these nuances, leading to imperfect regulatory outcomes.

The new rules, therefore, envisage three types of entities:

There are the ‘intermediaries’ within the traditional, section 2(w) meaning of the IT Act. This would be the broad umbrella term for all entities that would fall within the ambit of the rules.
There are the ‘social media intermediaries’ (SMI), as entities, which enable online interaction between two or more users.
The rules identify ‘significant social media intermediaries’ (SSMI), which would mean entities with user-thresholds as notified by the Central Government.

The levels of obligations vary based on these hierarchies of classification. For instance, an SSMI would be obligated with a much higher standard of transparency and accountability towards their users. They would have to fulfill by publishing six-monthly transparency reports, where they have to outline how they dealt with requests for content removal, how they deployed automated tools to filter content, and so on.

I have previously argued how transparency reports, when done well, are an excellent way of understanding the breadth of government and social media censorships. Legally mandating this is then perhaps a step in the right direction.

Some other requirements under this transparency principle include giving notice to users whose content has been disabled, allowing them to contest such removal, etc.

One of the other rules from the older draft that had raised a significant amount of concern was the proactive filtering mandate, where intermediaries were liable to basically filter for all unlawful content. This was problematic on two counts:

Developments in machine learning technologies are simply not up there to make this a possibility, which would mean that there would always be a chance that legitimate and legal content would get censored, leading to general chilling effect on digital expression
The technical and financial burden this would impose on intermediaries would have impacted the competition in the market.

The new rules seemed to have lessened this burden, by first, reducing it from being mandatory to being best endeavour-basis; and second, by reducing the ambit of ‘unlawful content’ to only include content depicting sexual abuse, child sexual abuse imagery (CSAM) and duplicating to already disabled / removed content.

This specificity would be useful for better deployment of such technologies, since previous research has shown that it’s considerably easier to train a machine learning tool on corpus of CSAM or abuse, rather than on more contextual, subjective matters such as hate speech.

What should go?

That being said, it is concerning that the new rules choose to bring online curated content platforms (OCCPs) within the ambit of the law by proposals of a three-tiered self-regulatory body and schedules outlining guidelines about the rating system these entities should deploy.

In the last two years, several attempts have been made by the Internet and Mobile Association of India (IAMAI), an industry body consisting of representatives of these OCCPs, to bring about a self-regulatory code that fills in the supposed regulatory gap in the Indian law.

It is not known if these stakeholders were consulted before the enactment of these provisions. Some of this framework would also apply to publishers of digital news portals.

Noticeably, this entire chapter was also missing from the old draft, and introducing it in the final form of the law without due public consultations is problematic.

Part III and onwards of the rules, which broadly deal with the regulation of these entities, therefore, should be put on hold and opened up for a period of public and stakeholder consultations to adhere to the true spirit of democratic participation.

The author would like to thank Gurshabad Grover for his editorial suggestions.

For more details visit https://cis-india.org/internet-governance/blog/new-intermediary-guidelines-the-good-and-the-bad

New Indian Rules May Make Online Censorship Easier

praskrishna — 2011-04-01T15:57:20Z

Draft rules proposed by the Indian government for intermediaries such as telecommunications companies, Internet service providers and blogging sites could in effect aid censorship, according to experts. The article by John Ribeiro was published in Yahoo News on March 7, 2011.

Under the draft rules, intermediaries will have to notify users of their services not to use, display, upload, publish, share or store a variety of content, for which the definition is very vague, and liable to misuse.

Content that is prohibited under these guidelines ranges from information that may "harm minors in any way" to content that is "harmful, threatening, abusive."

Some of the terms are so vague that to stay on the right side of the law, intermediaries may in effect remove third-party content that is even mildly controversial, said Pavan Duggal, a cyberlaw consultant and advocate in India's Supreme Court.

While the definition of some of the terms like obscenity have been ruled on by India's Supreme Court, some of the other terms do not have a precise legal definition, said Pranesh Prakash, program manager at the Centre for Internet and Society, a research and advocacy group focused on consumer and citizen rights on the Internet.

"Would creating a Facebook profile for a minor, for example be considered as harming a minor ?" Duggal said.

The draft rules are secondary legislation framed by the government under the country's Information Technology (Amendment) Act of 2008. Under the IT Act, an intermediary is not liable for any third-party information, data, or communication link made available or hosted by him, if among other things, he has observed due diligence under the draft rules.

The new rules will give rise to subjective interpretations, thus giving a lot of discretion to non-judicial authorities in the country to decide whether the intermediary has observed due diligence or not, Duggal said.

According to the draft rules, an intermediary has to inform users that in case of non-compliance of its terms of use of the services and privacy policy, it has the right to immediately terminate the access rights of the users to its site. After finding out about infringing content, either on its own or through the authorities, the intermediary has to work with the user or owner of the information to remove access to the information.

Rather than recognizing the diversity of the businesses of intermediaries, the draft rules use a "one-size, fits all" set of rules across a variety of intermediaries including telecom service providers, online payment sites, e-mail service providers, and Web hosting companies, Duggal said.

An intermediary such as a site with user-generated content, like Wikipedia, would need different terms of use from an intermediary such as an e-mail provider, because the kind of liability they accrue are different, Prakash wrote in his blog.

The draft rules also add new provisions that appear designed to give the government easier access to content from intermediaries. Intermediaries will be required to provide information to authorized government agencies for investigative, protective, cybersecurity or intelligence activity, according to the rules.

Information will have to be provided for the purpose of verification of identity, or for prevention, detection, prosecution and punishment of offenses, on a written request stating clearly the purpose of seeking such information, the rules add.

The IT Act already has specific procedures in this connection for very specific information requirements, but the draft rules have broadened this to a general requirement for intermediaries to provide information, Prakash said. The new rule could in fact be a way of circumventing the earlier laws, he added.

The draft rules assume significance in the context of recent moves by the Indian government to get Research In Motion to provide access to information on BlackBerry services in India. While providing lawful access to its consumer services like BlackBerry Messenger, RIM has declined to provide access to its corporate service, BlackBerry Enterprise Server, claiming that it does not have access to customers' encryption keys.

The Indian government has previously also said it would demand lawful access from Google's Gmail and Skype, but has not taken any action so far in this direction.

The draft rules will require compliance from a number of entities who until now had thought they were outside the ambit of compliance, Duggal said.

Google did not immediately respond to e-mailed requests for its comments on the new rules. Microsoft said that the government should set the policy objectives and provide directional framework, and still allow flexibility to intermediaries to set the data protection measures as they deem fit for different situations and services.

"We believe that the intermediary should be obliged to take down non-compliant content on being notified of the same as well as terminate access rights for those who use these platforms for dissemination of non-compliant content," Microsoft said in an e-mailed statement. Non-compliance include, but is not limited to, copyrights, it added.

John Ribeiro covers outsourcing and general technology breaking news from India for The IDG News Service.

Read the original in Yahoo News here

For more details visit https://cis-india.org/news/online-censorship