We are anonymous, we are legion

DIDP Request #18 - ICANN’s Internal Website will Stay Internal

asvatha — 2016-07-29T14:53:50Z

ICANN maintains an internal website accessible to staff and employees. We requested ICANN to provide us with a document with the contents of that website in the interest of transparency and accountability.

The request filed by Padmini Baruah can be found here. To no one’s surprise, not only did ICANN not have this document in “ICANN's possession, custody, or control,” even if it did it would be subject to DIDP conditions for non-disclosure.

ICANN's response to our DIDP request may be found here.

For more details visit https://cis-india.org/internet-governance/blog/didp-request-18-icann2019s-internal-website-will-stay-internal

DIDP Request #17 - How ICANN Chooses their Contractual Compliance Auditors

asvatha — 2016-07-29T02:20:59Z

At a congressional hearing on internet governance and progress, then President of ICANN Fadi Chehadi indicated that the number of people working on compliance audits grew substantially—from 6 to 24 (we misquoted it as 25)— in the span of a few years.

It is clear to us at CIS that the people in charge of these compliance audits perform an important function at ICANN. To that effect, we requested information on the 24 individuals mentioned by Mr Chehadi as well as the third party auditors who perform this powerful watchdog function. More specifically, we requested documents calling for appointments of the auditors and copies of their contracts with ICANN.

The request filed by Padmini Baruah can be found here.

What ICANN said

In their response to the first part of our question, ICANN linked us to a webpage containing the names and titles of all employees working on contractual compliance. This page contains 26 names including the Contractual Compliance Risk and Audit Manager: https://www.icann.org/resources/pages/about-2014-10-10-en

ICANN also described the process of selecting KPMG as their third party auditor in detail. A pre-selection process shortlists 5 companies that fit the following criteria: knowledge of ICANN, global presence, size, expertise and reputation. Then, ICANN issues a targeted Request For Proposal (RFP) to these companies asking them for their audit proposals. After a question and answer session, a proposal analysis and rating the scorecards, a “cross-functional steering committee” decided to go with KPMG. While the process has been discussed transparently, our questions remain unanswered.

The RFP would qualify as the document requested by us in the second part of the question (i.e.) a “document that calls for appointments to the post of the contractual compliance auditor.” Unfortunately, ICANN has not published the RFP citing the DIDP Conditions for Non-disclosure. However, the timeline for the RFP and other details have been posted here after our DIDP request. In addition, the contract between KPMG and ICANN has also not been published.

ICANN's response to our DIDP request may be found here.

For more details visit https://cis-india.org/internet-governance/blog/didp-request-17-how-icann-chooses-their-contractual-compliance-auditors

DIDP Request #16 - ICANN has no Documentation on Registrars’ “Abuse Contacts”

asvatha — 2016-07-29T02:11:52Z

Registrars on contract with ICANN are required to maintain an “abuse contact” - a 24/7 dedicated phone line and e-mail address to receive reports of abuse regarding the registered names sponsored by the registrar.

We wrote to ICANN requesting information on these abuse complaints received by registrars over the last year. We specifically wanted reports of illegal activity on the internet submitted to these abuse contacts as well as details on actions taken by registrars in response to these complaints.

The request filed by Padmini Baruah can be found here.

What ICANN said

Our request to ICANN very specifically dealt with reported illegal activities. However, in their response, ICANN first broadened it to abuse complaints and then failed to give a narrowed down list of even those complaints.

In their response, ICANN indicated that they do not store records of complaints made to the abuse contact. This is stored by the registrars and is available to ICANN only upon request. However, since ICANN is only obliged to publish documents it already has in its possession, we did not receive an answer to our first question.

As for the second item, ICANN gave a familiarly vague answer, linking us to the Contractual Compliance Complaints page with a list of all the breach notices that have been issued by ICANN to registrars. A breach notice is relevant to our request only if it is in response to an abuse complaint, and the abuse complaint specifically deals with illegal activity. Even discounting that, this is not a comprehensive list when you take into account that a breach notice is published only “if a formal contractual compliance enforcement process has been initiated relating to an abuse complaint and resulted in a breach.”[1] What about the rest of the complaints received by the registrar?

In addition, ICANN refused to publish any communication or documentation of ICANN requesting reports of illegal activity under the DIDP non-disclosure conditions.

ICANN's response to our DIDP request may be found here.

[1] See ICANN response here (Pg 4): https://www.icann.org/en/system/files/files/didp-response-20150901-4-cis-abuse-complaints-01oct15-en.pdf

For more details visit https://cis-india.org/internet-governance/blog/didp-request-16-icann-has-no-documentation-on-registrars2019-201cabuse-contacts201d

DIDP Request #15: What is going on between Verisign and ICANN?

asvatha — 2016-07-29T02:01:06Z

During a hearing of the House Committee on Energy and Commerce on “Internet Governance Progress After ICANN 53,” President and CEO of ICANN - Mr Fadi Chehade indicated that ICANN follows up with registries and registrars on receipt of any complaint against them about violations of their contract with ICANN.

At CIS, we believe that any exchange of dialogue or any outcome from ICANN acting on these complaints needs to be in the public domain. Thus, our 15th DIDP request to ICANN were for documents pertinent to Verisign’s contractual compliance and actions taken by ICANN stemming from any discrepancies of Verisign’s compliance with its ICANN contract.

The DIDP request filed by Padmini Baruah can be found here.

What ICANN said

After sorting through a response designed to obfuscate information, it was clear that ICANN was not going to provide any of the details we requested. As mentioned in their previous responses, individual audit reports and the names of the registries associated with discrepancies are confidential under the DIDP Defined Conditions of Nondisclosure. Nevertheless, some details from the response are worth mentioning.

According to the response, “As identified in Appendix B of the 2012 Contractual Compliance Year One Audit Program Report, the following TLDs were selected for auditing: DotAsia Organisation Limited (.ASIA), Telnic Limited (.TEL), Public Interest Registry (.ORG), Verisign (.NET), Afilias (.INFO), and Employ Media LLC (.JOBS).” The response goes on to state that out of these 6 registries that were selected, only 5 chose to participate in the audit, the identies of which are once again confidential.

However, on further examination, it can be seen that Verisign (.NET) was chosen to participate in the audit the year after as well. Therefore, it’s clear that 2013 was the year Verisign was audited. Unfortunately, that was pretty much all that was relevant to our request in ICANN’s response.

Once again, ICANN was able to use the DIDP Defined Conditions of Nondisclosure, especially the following conditions to allow itself the ability not to answer the public:

Information exchanged, prepared for, or derived from the deliberative and decision-making process between ICANN, its constituents, and/or other entities with which ICANN cooperates that, if disclosed, would or would be likely to compromise the integrity of the deliberative and decision-making process between and among ICANN, its constituents, and/or other entities with which ICANN cooperates by inhibiting the candid exchange of ideas and communications.
Information provided to ICANN by a party that, if disclosed, would or would be likely to materially prejudice the commercial interests, financial interests, and/or competitive position of such party or was provided to ICANN pursuant to a nondisclosure agreement or nondisclosure provision within an agreement.
Confidential business information and/or internal policies and procedures.[1]

ICANN’s response to our request can be found here.

[1] See DIDP https://www.icann.org/resources/pages/didp-2012-02-25-en

For more details visit https://cis-india.org/internet-governance/blog/didp-request-15-what-is-going-on-between-verisign-and-icann

Roundtable: Identifying and Limiting Hate Speech and Harassment Online

praskrishna — 2016-08-09T13:31:58Z

Japreet Grewal attended this event organized by Software Freedom Law Centre at Constitution Club Of India, Rafi Marg, New Delhi on July 28, 2016.

See the original report published by SFLC here.

SFLC.in organized a roundtable discussion on 28^th July, 2016 in New Delhi to initiate a focused and collaborative dialogue around the increasingly important issues of online harassment and hate speech. This roundtable was intended as the first in a series of discussions around said issues, and was attended by representatives from various stakeholder groups including intermediary platforms, civil society groups, and media houses, along with individuals who had personally experienced such online abuse & harassment. The core objective of this discussion was to recognize and understand the vast range of concerns that exist in this sphere, in an effort to develop a framework for the regulation of such activities, without stepping on the right to freedom of expression. The discussion was conducted under Chatham House rules so as to facilitate an uninhibited exchange of views.

Over the course of the event, the complex and multifaceted nature of its overarching theme unraveled, as the discussion moved from underlying social constructs, to responsibilities of intermediary platforms, adequacy of existing laws, sensitization of everyday users and effective handling of grievances by law enforcement agencies. At the very outset, it was highlighted that social media platforms, with their increasing popularity, are being considered centralized hubs for businesses and others. However, individuals, communities & institutions often find themselves at the receiving end of sustained abuse and threats either on grounds of their actual or perceived characteristics, or over their online expression. The dynamic discussion that ensued brought to light significant concerns that would require a collaborative effort across stakeholder groups to address. For the sake of clarity, we are categorizing these learnings under the following heads:

Conceptual understanding of online harassment and hate speech: It was discussed at length that hate speech and speech that culminates in harassment on the online sphere, are reflective of the social outlook of the country at large. Women were seen as more frequent targets of harassment in the form of rape threats, sexual remarks, and name calling, whereas men are mostly called out for their beliefs and opinions. When discussing hate speech relations, it was considered important to take note of the power dynamics at play amongst the stronger groups, and the vulnerable ones. Limiting such content gets specially complicated considering the apprehension that in an effort to monitor hate speech and harassment, free speech may get stifled. The paradox of anonymity being an enabler of free speech, as well the reason for unabashed harassment adds yet another layer of complexity to the issue. Moreover, it was felt that a nuanced distinction needed to be made regarding the systematic attacks by online mobs against a particular person, as opposed to hateful and/or harassing speech that engages on a one to one level. This all culminated in a realization that this issue goes beyond the online domain, into the societal mindset that is amplified on the Internet, and that the faint line between free speech, and hateful & harassing speech is very difficult to pin-point.
Role of intermediaries: It was the opinion of the representatives of intermediary platforms at the roundtable that the current legal frameworks in the country are sufficient to tackle this issue and they should operate in compliance with such laws. While the specific terms of service may differ in terms of permissible content depending on the type of service being provided by the intermediary, these platforms do invariably keep a check on the content being generated and evaluate them for compliance with the applicable terms of service. Additionally, platforms that have the option of users creating & generating their own content, give the user various tools such as block, filter, un-follow, and other customized options to moderate the content they receive. though the intermediaries, in their own words ‘ are not a delete squad, but a compliance team’, it was said that they ran the perpetual risk of either censoring content that should not have been censored, or not censoring enough of the content that should have been censored. This incentivizes them to exercise zero-tolerance policies in certain areas such as child sexual abuse or terrorism, and resort to immediate take down of content related to such themes. However, in spite of the sheer volume of material that is generated and reported, it was felt that a completely automated approach cannot be followed for filtering hateful and harassing content that violates terms of service Taking down content and expression requires processing various factors that determine the context of that material, and this calls for a subjective approach that requires a set of human eyes. Therefore, the intermediaries do have tools for users that protect them from hate and harassing speech, and they work with certain safety experts to ensure that the users feel safe while using their services.
Adequacy of legal frameworks: A distinction was drawn over the course of the discussion between hate speech as a social as opposed to a legal concept. For legal purposes, speech would not attract penalties until it incites a real threat of violence and civic disorder. However, the law is not sufficiently equipped to deal with speech that does not incite violence, but causes psychological damage. It was undisputed that the concerns in this area cannot be solved by creating more statutes. Going down this road could lead to the creation of a Section 66A equivalent that would lead to censorship through law and cause a chilling effect on freedom of expression. It was emphasized that the existing laws have adequate provisions, but a strict implementation is required.
Response from law enforcement agencies: An evaluation of this point led to the conclusion that people who are harassed online, or are the targets of hate speech, are hesitant to approach the police and law enforcement agencies for their help. There have been instances where the police is unable to help due to the limited application of laws in such cases, as mentioned above.
Possible remedies: As a part of this roundtable, SFLC.in had proposed a set of best practices aimed at limiting hateful and harassing content online. These were intended as self-regulatory measures that could be followed by intermediaries functioning as speech platforms, where users could create and publish content without pre-filtrations. Amongst the measures that was discussed extensively was the practice of promoting ‘counter speech’ on the platforms that are most frequently used to spread hateful propaganda and harassment. This was generally seen as an effective counter-measure deserving further exploration, and one of the intermediaries mentioned a project they were formulating on ‘counter radicalization’. However, concerns were raised with respect to the identification of areas that would benefit from counter speech, and its effectiveness with respect to mob attacks. Another unique approach suggested by the participants was to ‘vaccinate’ first time users by educating them about the enormity and complexity of the Internet, including intiation of such users to the idea that freedom of expression online often crosses over to hate speech and harassment. This would act as an initiation process to understand the working of the Internet and the prevalence of hateful and harassing content on its numerous speech platforms, so that first-time users are not discouraged from using the Internet merely due to the presence of negative content. An interesting suggestion for the platforms was to work towards a mechanism that is more offender centric, and facilitates the tracking of repeat offenders along with providing tools of blocking for users.

This roundtable served in exploring the many layers of hateful and harassing speech that runs across roles and responsibilities of various stakeholder groups and concerns that are deeply entrenched in our societal outlook. The increasing frequency and amount of such content on the Internet is an indication of the urgent need to collaborate and develop a framework for limiting such speech, while balancing the fundamental right to freedom of expression. We thank all the participants and appreciate their valuable contributions that facilitated a better understanding of the overall theme.

For more details visit https://cis-india.org/internet-governance/news/roundtable-identifying-and-limiting-hate-speech-and-harassment-online

DIDP Request #14: Keeping track of ICANN’s contracted parties: Registrars

asvatha — 2016-07-28T16:34:27Z

In September 2016, we filed two separate DIDP requests regarding ICANN’s Contractual Compliance Goals.

The first one which we have written about here,[1] was regarding ICANN contracts with registries while the second one about registrars is briefed below. In our second request, we specifically asked for the following information:

Copies of the registrar contractual compliance audit reports for all the audits carried out as well as external audit reports from the last year (2014-2015).
A generic template of the notice served by ICANN before conducting such an audit.
A list of the registrars to whom such notices were served in the last year.
An account of the expenditure incurred by ICANN in carrying out the audit process.
A list of the registrars that did not respond to the notice within a reasonable period of time.
Reports of the site visits conducted by ICANN to ascertain compliance.
Documents which identify the registrars who had committed material discrepancies in the terms of the contract.
Documents pertaining to the actions taken in the event that there was found to be some form of contractual non-compliance.
A copy of the registrar self-assessment form which is to be submitted to ICANN.

The DIDP request filed by Padmini Baruah can be viewed here.

What ICANN said

Information pertinent to item 1 and 3 can be found in the 2014 Contractual Compliance Annual Report here:https://www.icann.org/en/system/files/files/annual-2014-13feb15-en.pdf. While this report contains detailed information regarding the audit, individual audit reports are subject to the DIDP Defined Conditions for Nondisclosure.

ICANN provided a link to all the communication templates used during the audit process, including the notice served by ICANN prior to conducting audits. (Item 2) It can be found here: https://www.icann.org/en/system/files/files/audit-communication-template-04dec15-en.pdf. As mentioned in an earlier blog post, ICANN set aside USD 0.6 million for the Three Year Audit plan.[2] (item 4)

According to the Audit FAQ on ICANN website,[3] “If a contracted party reaches the enforcement phase per process, ICANN will issue a notice of breach in which the outstanding issues are noted. The response links us to the ICANN webpage where these breach notices are listed: https://www.icann.org/compliance/notices#notices-2014. (Item 5) According to the link, 61 registrars received breach notices in 2014; a full explanation has been provided for each notice. (Item 7 and 8) Since no site visits were conducted, ICANN does not possess any document regarding this.

According to the ICANN website, “The 2013 Registrar Accreditation Agreement (RAA) requires ICANN-accredited registrars to complete an annual self-assessment and provide ICANN with a compliance certification by 20 January.”[4] The form for the same can be found here: https://www.icann.org/resources/pages/approved-with-specs-2013-09-17-en#compliance

ICANN’s response to our request can be found here.

[1] To be linked to the first post

[2] See FY15 budget (pg72): https://www.icann.org/en/system/files/files/adopted-opplan-budget-fy15-01dec14-en.pdf

[3] See Audit FAQ: https://www.icann.org/resources/pages/faqs-2012-10-31-en

[4] See CEO certification: https://www.icann.org/resources/pages/ceo-certification-2014-01-29-en

For more details visit https://cis-india.org/internet-governance/blog/didp-request-14-keeping-track-of-icann2019s-contracted-parties-registrars

DIDP Request #13: Keeping track of ICANN’s contracted parties: Registries

asvatha — 2016-07-28T15:40:01Z

On multiple occasions, Fadi Chehade, then President and CEO of ICANN has emphasized the importance of conducting audits (internal and external) to ensure compliance of ICANN’s contracted parties. At a US congressional hearing, he spoke about the contract monitoring function of ICANN.

In September 2015, we filed two separate DIDP requests regarding ICANN’s Contractual Compliance Goals. The first one, briefed below, is regarding the contracts with registries and the second one is regarding ICANN contracts with registrars. This post contains some additional background information on the Contractual Compliance Goals at ICANN. In our first request, we specifically asked for the following information:

Copies of the registry contractual compliance audit reports for all the audits carried out as well as external audit reports from the last year (2014-2015).
A generic template of the notice served by ICANN before conducting such an audit.
A list of the registries to whom such notices were served in the last year.
An account of the expenditure incurred by ICANN in carrying out the audit process.
A list of the registries that did not respond to the notice within a reasonable period of time.
Reports of the site visits conducted by ICANN to ascertain compliance.
Documents which identifies the registry operators who had committed material discrepancies in the terms of the contract.
Documents pertaining to the actions taken in the event that there was found to be some form of contractual non-compliance.

The DIDP request filed by Padmini Baruah can be viewed here.

What ICANN said

ICANN’s Contractual Compliance Goal is to ensure that all the parties that ICANN has entered into a contract with complies with the stipulations of the contract. This is done in several ways, including Contractual Compliance complaints and Audits.[1]

In 2012, ICANN initiated the Three Year Audit plan where one-third of registries were selected each year for an audit. In 2014, the third set of registries were audited. In response to Item 1, information about the audit for 2014 can be found here: https://www.icann.org/en/system/files/files/contractual-compliance-ra-audit-report-2014-03feb15-en.pdf. At this link, we can also find the list of registries that went through the audit process in 2014 (item 3). Monthly updates on overall contractual compliance can be found here: https://www.icann.org/resources/pages/update-2013-03-15-en.

ICANN linked us to all the communication templates used during the audit process, including the notice served by ICANN prior to conducting audits. (Item 2) It can be found here: https://www.icann.org/en/system/files/files/audit-communication-template-04dec15-en.pdf

In the operating plan and budget for FY15, ICANN sets aside USD 0.2 million for the New Registry Agreement Audit and USD 0.6 million for the Three Year Audit plan.[2]

Other documents to answer this question such as invoices from the external auditing firm are subject to non-disclosure under DIDP policies. Since all registries responded in a timely manner and no site visits were conducted, there are no documents to answer items 5 and 6.

The audit report linked above contains information on deficiencies identified during the audit. ICANN states that registries addressed these deficiencies during the remediation process. However, there is a caveat to this discussion. The names of the registries that are associated with these discrepancies remains confidential, subject to the DIDP Defined Conditions for Nondisclosure. (Item 7) ICANN goes on to state that it is not required to confirm if the registries have taken appropriate action and thus does not have any documents in response to item 8. While ICANN’s audit process seems thorough, does this last statement indicate a lack of enforcement mechanisms on ICANN’s part?

ICANN’s response to our request can be found here.

[1]. See Contractual Compliance website: https://www.icann.org/resources/pages/compliance-2012-02-25-en

[2]. See FY15 budget (pg72): https://www.icann.org/en/system/files/files/adopted-opplan-budget-fy15-01dec14-en.pdf

For more details visit https://cis-india.org/internet-governance/blog/didp-request-13-keeping-track-of-icann2019s-contracted-parties-registries

Facebook is censoring some posts on Indian Kashmir

praskrishna — 2016-07-28T03:03:53Z

Film makers, activists and journalists accused Facebook of blocking their accounts this week after they posted messages and images related to the violence in the trouble-torn province of Kashmir. In recent weeks, the India administered, Muslim-majority Kashmir state has been facing violence and curfews after protests erupted against the killing of a popular leader of a terrorist group.

The article by Rama Lakshmi was published by Washington Post on July 27. Sunil Abraham was quoted.

As people posted images, videos and stories about police violence and people injured by pellet wounds on Facebook, some discovered their accounts were disabled. On Monday, the account of Arif Ayaz Parrey, an editor with an environmental magazine in New Delhi, was disabled for more than a day. He administers the Facebook account of a discussion group called the Kashmir Solidarity Network, whose page was also removed.

“The Kashmir Solidarity page was started by a Kashmiri anthropology student in New York. This is not a hate forum, we share stories,” Parrey said. More than 47 people have died and hundreds injured in angry clashes between the police and protesters in Kashmir this month, the worst outbreak of bloody violence in six years in the region claimed by both India and neighboring Pakistan.

“Our Community Standards prohibit content that praises or supports terrorists, terrorist organizations or terrorism, and we remove it as soon as we’re made aware of it,” said a Facebook spokesman in India. “We welcome discussion on these subjects but any terrorist content has to be clearly put in a context which condemns these organizations or their violent activities.”India and the United States topped the list of governments that requestFacebook for details of accounts in the second half of 2015.

India has more than 340 million mobile Internet users and has the second largest number of Facebook users after the United States. The company is seeking to expand its footprint here by introducing a pared down version called “Free Basics.” But earlier this year, New Delhi shot it down, saying service providers cannot charge discriminatory prices for Internet users.

A journalist in Kashmir said that many who shared stories about a new band of militants and videos of police brutality have been blocked. “It looks more like Facebook censorship rather than something initiated by the government. Maybe they are trying to please the government proactively,” said Sunil Abraham, executive director of Center for Internet and Society. “Nevertheless it will have a chilling effect. You will think twice before exercising free speech on Facebook now.”

Ather Zia, a political commentator from Kashmir who teaches anthropology at the University of Northern Colorado, said after her account was disabled on Tuesday: "It is safe to assume creating awareness for Kashmir using social media or writing about the ground reality is under severe threat." Meanwhile, users struggled to restore their accounts on Wednesday as they uploaded new documents requested by the company.

“I use my Facebook account not as a personal page to tell people about my last haircut or last holiday. I use it for work, I share media stories about whatever bothers me in the universe,” said Sanjay Kak, a documentary film maker whose account was disabled Tuesday. “Nothing I shared can be considered inflammatory or incendiary.”

For more details visit https://cis-india.org/internet-governance/news/washington-post-july-27-2016-rama-lakshmi-facebook-is-censoring-some-posts-on-indian-kashmir

DIDP Request #9 - Exactly how involved is ICANN in the NETmundial Initiative?

asvatha — 2016-07-27T15:53:22Z

The importance and relevance of knowing ICANN’s involvement in the NETmundial Initiative cannot be overstated.

It was reported recently that ICANN contributed US$200,000 to the Initiative.[1] Following this report, we requested the details of all expenses incurred by ICANN for NMI till date. This includes formal contributions to NMI as well as costs incurred towards travel and accommodation of ICANN board and staff to meetings relevant to the NMI discussion.

Apart from these financial details, we also requested information regarding the number of staff working on NMI from ICANN and the hours clocked by them for the same. We further specified that we would like this information to gauge ICANN’s involvement beyond its technical mandate. The request filed by Geetha Hariharan can be found here.

What ICANN said

In its response, ICANN separated the questions in the request into two categories: a) Expenses incurred by ICANN towards the NETmundial Initiative and b) Other resources (personnel and hours) allocated to the Initiative by ICANN. The first category in the request includes: formal contribution to the NETmundial Initiative; travel costs of ICANN board and staff; and costs of maintenance of other sponsored parties. The second includes the number of staff involved in the NETmundial Initiative from ICANN and the number of hours spent working on it.

To answer both, the response directs us to the Memorandum of Collaboration (MOC)[2]signed by the Brazilian Internet Steering Committee (CGI.br), ICANN and the World Economic Forum (WEF) to set up the NETmundial Initiative according to the outcome document from the initial NETmundial meeting in Sao Paulo, Brazil.

Some of the important takeaways from the MOC that are relevant to our request are the following:

Each party to the MOC agrees to pay $201,667 towards operational expenses on signature of the agreement.
Total anticipated cost of the NETmundial Initiative is $605,000 (also mentioned in the response).
Each party will assign 1 staff member to the NETmundial Initiative secretariat during the inaugural period to smoothen the process. This staff member will commit at least 50% of their time towards Secretariat work.

This information is important but it does not provide a comprehensive answer to our query. It does not, for example, answer if ICANN contributed anything more than the $201,667 the MOC specifies. It also does not tell us if ICANN allotted any staff apart from the designated secretariat member to work on NETmundial Initiative.

Further, the response states that ICANN does not keep track of costs according to the number of hours or the topic but rather according to strategic objectives. Since ICANN is not required to create a document that does not already exist to answer a DIDP enquiry,[3] we have no way of knowing the specific amount of time or money spent on the NETmundial Initiative by ICANN. The response instead directs us to the financial presentation at ICANN50 where the costs of attending the NETmundial Meeting at Sao Paulo is detailed. While this is interesting (ICANN spent $1.5 million)[4] it is not a satisfactory answer to our question.

ICANN justifies its lack of direct answers by expressing that not only is the request “overbroad", it is also “subject to the following DIDP Condition of Nondisclosure: Information requests: (i) which are not reasonable; (ii) which are excessive or overly burdensome; and (iii) complying with which is not feasible.”[5]

ICANN's response to our DIDP request may be found here.

[1] See McCarthy, ‘I’m Begging You To Join’ – ICANN’s NETmundial Initiative gets desperate, THE REGISTER (12 December 2014), http://www.theregister.co.uk/2014/12/12/im begging you to join netmundial initiative gets d esperate/

[2] See MOC: https://www.netmundial.org/sites/default/files/MOC-%20CGI.br,%20ICANN%20&%20WEF.pdf

[3] See Disclosure Policy: https://www.icann.org/resources/pages/didp-2012-02-25-en

[4] See ICANN50 Finance Presentation (Pg 4): https://london50.icann.org/en/schedule/thu-finance/presentation-finance-26jun14-en

[5] See ICANN conditions for non-disclosure: https://www.icann.org/resources/pages/didp-2012-02-25-en

For more details visit https://cis-india.org/internet-governance/blog/didp-request-9-exactly-how-involved-is-icann-in-the-netmundial-initiative

DIDP Request #10 - ICANN does not know how much each RIR contributes to its Budget

asvatha — 2016-07-27T14:57:00Z

In an effort to understand the relationship between the Regional Internet Registries (RIRs) and ICANN, we requested current and historical information on the contract fees paid by the five RIRs (AfriNIC, ARIN, APNIC, LACNIC and RIPE NCC) to ICANN annually.

We acknowledged that the independently audited financial reports on ICANN’s website list the total amount from all RIRs as a lump sum.[1] However, we specifically sought a breakdown of these fees detailing contributions made by each RIR from 1999 to 2014. Not only will this information help understand the RIR-ICANN relationship, it will also be relevant to the IANA transition.

The request filed by Protyush Choudhury can be found here.

What ICANN said

According to ICANN’s response to our request, the five RIRs (AfriNIC, ARIN, APNIC, LACNIC and RIPE NCC) make a voluntary annual contribution to ICANN’s budget through the Number Resource Organization (NRO). [2] Since Financial Year 2000, this contribution has been made to ICANN as an aggregate amount without the kind of breakdown requested by us with the exception of FY03, FY04 and FY05. The breakdown of the contribution for those years is as below:

FY03: APNIC - $129,400; ARIN - $159,345; RIPE - $206,255
FY04: APNIC - $160,500; ARIN - $144,450; RIPE - $224,700; LACNIC - $5,350
FY05: APNIC - $220,976; ARIN - $218,507; RIPE - $358,086; LACNIC - $25,431

The response links back to the independent financial reports mentioned by us in the request. These reports can be found on the ICANN website here.

On closer examination of the audit reports of FY03, 04 and 05, it is clear that the information provided in their response is either incomplete or incorrect. According to KPMG’s audit report of FY03, the total contribution from Address Registries is US$535,000. The breakdown in the response adds up only to $494,600. The response does not account for the extra $40,400. If only APNIC, ARIN and RIPE contributed to ICANN in 2003, where did the other $40,400 come from? Moreover, why is it listed as an Address Registry Fee in the audit report if it was a voluntary contribution?[3]

The “Address Registry Fees” in the audit reports for FY04 and FY05 match the amounts in the response: $535,000 and $823,00 respectively. ICANN's response to our DIDP request may be found here.

For the reader’s reference, the audit reports for FY00 - FY14 are linked below:

[1] See audited financial reports: https://www.icann.org/resources/pages/governance/current-en

[2] See letter from NRO to ICANN: https://www.icann.org/en/system/files/files/akplogan-to-twomey-23mar09-en.pdf

[3]. See report for FY03 (pg 4): https://www.icann.org/en/system/files/files/financial-report-fye-30jun03-en.pdf

For more details visit https://cis-india.org/internet-governance/blog/didp-request-10-icann-does-not-know-how-much-each-rir-contributes-to-its-budget

Stand up for Digital Rights

praskrishna — 2016-07-25T15:29:41Z

The Centre for Internet & Society (CIS) invites you to a discussion on a set of Recommendations for Ethical Research, a report on human rights and private online intermediaries which describes key areas where such actors have responsibilities. The discussion is on coming Friday, July 29, 2016 at the Centre for Internet & Society's Delhi office from 3.00 p.m. to 5.00 p.m.

The discussion intends to launch a report on human rights and private online intermediaries, which describes key areas where such actors have responsibilities and provides a detailed set of Recommendations for Ethical Tech. This work is the culmination of a year-long research project led by the Centre for Law and Democracy (CLD), in collaboration with the Arabic Network for Human Rights Information (ANHRI), the Centre for Internet and Society (CIS), Open Net Korea, the Center for Studies on Freedom of Expression and Access to Information at the University of Palermo (CELE) and researchers with the University of Ottawa and the Munk School of Global Affairs at the University of Toronto. The key themes for discussion would include:

General Human Rights Responsibilities and Private Online Intermediaries
Expanding Access
Net Neutrality
Content Moderation
Privacy
Transparency and Informed Consent
Responding to State Interferences

We look forward to meeting you and making this a forum for knowledge exchange a success.

For more details visit https://cis-india.org/internet-governance/events/stand-up-for-digital-rights-1

One Pokémon to Rule Them All

nishant — 2016-07-25T01:16:04Z

America’s head start on the augmented reality game Pokémon Go shows that the interweb is not an egalitarian space.

The article was published in the Indian Express on July 17, 2016

I was busy, writing, when a Telegram message trickled in. It was a friend who asked me if I had looked at the new Pokémon Go game which has been getting more attention than national elections and global warfare in the USA lately. A location-based augmented reality game that involves the users moving around their physical environments “collecting” pokemon characters that appear hiding in different locations has a large part of the American population in a frenzy, leading to aching soles, traffic accidents, and involuntary bumping into things and people as the players move around, their eyes glued to their screens. The global release of the game is still in the pipeline, and so the rest of us will have to make do with the videos and screen grabs of the game.

While a big Pikachu fan myself, I don’t see myself going crazy over this game as and when my geography allows me for it, but the friend who had written to me about it is perturbed. An avid gamer and a self-proclaimed Pokémon fan, he is devastated that the users in privileged geography are going to get a head start in the global leader boards that he can never catch up with. The interwebz is already abuzz with players sharing hacks, cracks, bugs, cheat codes, and tips to collect more Pokémon, discover hidden powers, and rise quickly in the ranks as they drive, walk, run and jog around their neighbourhoods, in the quest of catching those delightful monsters on their phones. While my friend is aware that this cloud-based game will have multiple servers for different geographies, and so there will be relative rankings and customised interfaces for each community of players, he was feeling cheated about living in India and not having access to the first release of the game that has all the attention on the social web right now.

‘It almost makes me want to leave India and move to the USA,’ he said in mock frustration. It made me think about the privilege of geography when it comes to the presumed flatness of the digital world. One of the imaginations of the peer-to-peer architectures of the internet is its promise of flatness. With a series of non-discriminatory principles like #NetNeutrality and #ZeroRating enshrined as the fundamental attributes of the digital internet, we are often led to believe that when we are online, we are equal. This idea is so prevalent that in most of our technology-based development practices and policies, we think of access as the “be all”, if not the “end all”, of our activities. The rhetoric promises that if we get everybody online, we will have an egalitarian society where everybody will have equal access to resources, and equity by participating in the decision-making processes.

Despite overwhelming evidence that the digital world is anecdotally and systemically a space of exclusion, contestation, and intimidation, we continue to propagate the idea that these are “human” problems. Humans, fragile, frail and foolish in their being, contaminate the digital space. Humans, mired in the analogue systems of hatred and abuse, appropriate technologies to perpetuate these older forms of discrimination. The technological structures are imagined as pure, sterile, and committed to constructing parameters of equality through their neutral promises of universal access and seamless connectivity. Technology is clean, the human being is impure. Technology is robust, the human frail. Technology is flat, human hierarchical. These narratives of a neutral and egalitarian technology consequently lead us to put more importance and faith in algorithmic decisions and data-driven governance and policing. We have come to believe that because technologies are neutral, they will do a better job of regulating us than we do ourselves.

Pokémon Go, and its obvious geographical privilege reminds us that the digital is not flat. It is oriented towards a very obvious logic of geopolitical, economic, racial, and identity privileging that continues to promote some parts of the world as favoured standards of first access. The exclusive release of Pokémon Go reminds us that the digital is as subject to Euro-American centrism which treat these erstwhile imperial geographies as the beginning points of all digital activities, slowly expanding their fold to other regions through a trickle-down politics and economics. Whether you are waiting impatiently to join the global bandwagon of Pokémon collection, or are ready to shrug this off as another thing that people do on the web, this differential, preferential, and variable access of the internet is something we definitely want to consider as we continue to push for the digital as the solution to human problems.

For more details visit https://cis-india.org/internet-governance/blog/indian-express-nishant-shah-july-17-2016-one-pokemon-to-rule-them-all

The Gay Pride Charade

nishant — 2016-07-25T01:10:28Z

For most of the milllenials, news is formed by trends, what goes viral, and often open to speculation, projection, manipulation and deceit.

The article was published in Indian Express on July 3, 2016.

The world of social media can be a minefield of misinformation, and it does get difficult to verify facts and ensure the veracity of the information that comes to us on the winged notifications of our apps. This becomes starkly clear in times of crises. Hence, when the historic and heinous shootout at a gay night club in Orlando, USA, shook the world with horror and grief a couple of weeks ago, when the first tweets appeared on my timeline, my initial reaction was denial. Instead of believing those first responders, I was already searching for more credible news lines that could confirm — or hopefully deny — the massacre. It took only a few minutes, though, to realise that #StandWithOrlando was a reality that we will have to accommodate in the story of continued violence and abuse of sexual minorities around the world.

However, not all deception is bad. One of the most fantastic responses to the shoot-out was from a Quebec-based satirical website called JournalDemourreal.com that published a photoshopped image showing the Canadian PM Justin Trudeau kissing the leader of the Canadian opposition party Tom Mulcair, with a headline that the two, despite their differences, are “united against homophobia”. I know that I liked this fake story four times on different newsfeeds, half-believing, half-wishing that it was true, before I realised that it is a hoax. Morphed as it might be, the doctored image enabled people to talk about the tragedy as demanding a personal and a policy-level action, ranging from acceptance and freedom, to control of guns and protecting the rights of life and dignity for the sexual minorities who continue to remain persecuted in the world.

The image also allowed many queer people in different parts of the world — especially in the countries where homosexuality continues to be criminalised and severely punished — to participate not only in the global grief but also to demand that their governments take more responsibility towards its queer population.

While this photoshopped picture was making the rounds, another tweet showed up on my timeline. This time it was a tweet from our media-savvy PM, Narendra Modi, who claimed that he was “shocked at the shootout in Orlando.”And further added that his “thoughts and prayers are with the bereaved families and the injured”. When I saw this tweet, my reaction again, was that this must be another joke. Because even as queer rights activists in the country struggle to fight for the decriminalisation of homosexuality, through their curative petitions in the Supreme Court in India, PM Modi’s government has continued its hateful diatribe against queer people in the country. His party has called homosexuality “anti-Indian” and “anti-family”. The party’s favourite, Baba Ramdev, continues his hate speech, offering to cure homosexuality through yoga.

Ever since the current government took power, documented hate crimes against queer people have more than doubled in the country. So when the PM decided to offer his condolences to those in Orlando, I figured that either it was a fake Twitter account masquerading as the PM or it was some kind of a hacker troll — maybe Anonymous, the online guerrilla activists, who recently took over ISIS- friendly websites and filled them up with information about male homosexuality as a response to the shoot-out — had taken control of the Twitter account. But it turned out that this piece of information was not photoshopped or hacked. It was actually true, and we were to believe in earnest that while the government doesn’t care about the millions of queer people being denied their rights to live and love in their country, it is heartbroken about what happened in the USA.

It does make you wonder about the world we live in, where a photoshopped image sounded more plausible than an undoctored tweet. It emphasises why Orlando cannot be treated as one isolated instance in another country, but that #WeAreOrlando. For right now, Orlando is also in India. It is a reminder that while we have been fortunate not to have such an instance of dramatic violence, there are millions of people in the country who are forced to live and die in deception for their sexual orientation.

For more details visit https://cis-india.org/internet-governance/blog/indian-express-nishant-shah-july-3-2016-gay-pride-charade

Belling the trolls

praskrishna — 2016-07-24T16:44:18Z

Online abuse - specially against women - is like one of those rapidly-mutating viruses that resists all antibodies.

The article by Bishakha Datta was published in India Today on July 13, 2016. Rohini Lakshane was quoted.

We have always known that the proof of the pudding lies in the eating. And the pleasure with which it is savoured. This month, we saw its online avatar. Barely had Maneka Gandhi launched the Twitter hashtag #IAmTrolledHelp than the trolls were all over it. Trolling with all their might. Abusing both Gandhi and textile minister Smriti Irani, thereby proving her point: that something needs to be done about the unending stream of online abuse that women face every day.

Online abuse - specially against women - is like one of those rapidly-mutating viruses that resists all antibodies. It's everywhere, in many different forms. I'm not talking about the everyday sexism that's our daily bread. That we deal with. I'm not talking about androcentrism, or the assumption that men, and male experience, are at the centre of the universe. That we live with, constantly rolling our eyes in our heads.

I'm talking rape threats. Gang rape threats. Graphic gang rape threats with vivid descriptions of postures. Death threats. Those, in my view, are not free speech. They are a call to arms, incitement to violence. Especially when it's an invisible cyber-army behind the threats, backing each other up, preying on a woman. Wilding. Trying to break her. Trying to humiliate her. Trying to get her to shut up, out of the misplaced notion that only men have the right to air their thoughts and opinions online. In a public space.

In one of her essays, Egyptian writer Fatima Mernissi introduces the concept of 'trespassing in the nude' to explain how men in Morocco think of public spaces-as a men-only zone. Social norms dictate that Moroccan women not seek to be part of public space; women who break that rule are seen to be trespassing. But women who dare to step into public spaces without their veils-that's even worse. That's trespassing in the nude. And trespassing, of course, demands punishment.

On the internet, women who speak out are seen as trespassers. And women who speak about things men consider their preserve are seen to doubly trespass. Or trespass in the nude. As British writer Laurie Penny famously said, "A woman's opinion is the short skirt of the internet." It is an excuse to harass.

The women on Morocco's streets were punished by stoning, as are the women who loiter on the streets of the internet. Online abuse is as good as stoning someone who has an opinion with words. When journalist Swati Chaturvedi got massively harassed last year, she wrote about her experience: "Journalists, specially women, are hunted for sport, abused, slandered and hounded by trolls who hunt in hyena-like packs. The problem is that you have an opinion and are behaving like a journalist, not a cheerleader."

Little wonder than that Chaturvedi, like many other women online, have welcomed Gandhi's initiative to curb online abuse. As do I. I'm writing this in the middle of conducting a digital security workshop. At lunch, one of the participants described how she can't bear to be on her company's social media feed for more than an hour each morning. It's just an endless stream of filth. And something needs to be done about this filth if we want a #SwachhBharat.

Many women have tried ignoring online abuse. It continues. Others have tried fighting back. It continues. Some have tried humour, including the Peng Collective's brilliant Zero Trollerance campaign. The trolls march on, undeterred, like Tolkien's orcs. Of course, it's important to distinguish between trolling and abuse, but sometimes when you're facing the shitstream, there's just so much semantic jugglery you can take. No matter what you call it, you just want it off.

And that's where Gandhi's initiative makes sense, as one more pathway to a #SwachhBharat, since we now live both on and offline. But one that'll work only if she can take on her party's trolls. Who are now trolling her too. Yes, cybercells and cops do exist, but that route doesn't always work. Social media platforms make promises to their users, but they are rarely kept. "Not a single tweet that I've ever reported has been taken down," says Rohini Lakshane of the Centre for Internet and Society, who's helping us with our digital security workshop.

This is not only about safety. It's about digital citizenship. Women are neither interlopers nor outsiders online. We belong there just as we belong here. We intend to loiter online full-throated. We're not content with a purely offline #SwachhBharat that cleans rivers and ponds. We want online #SwachhStreams too.

For more details visit https://cis-india.org/internet-governance/news/india-today-july-13-2016-bisakha-datta-belling-the-trolls

Perumal Murugan and the Law on Obscenity

Japreet Grewal — 2016-08-09T13:01:03Z

On July 5, 2016, the Madras High Court saved Perumal Murugan’s novel, Mathorubhagan from oblivion when it dismissed the claims against Murugan on the grounds of obscenity, spreading disharmony between communities, blasphemy, and defamation and upheld his freedom of expression in S. Tamilselvan & Perumal Murugan versus Government of Tamil Nadu. This judgment has received wide appreciation for its support for freedom of expression. What made it applause-worthy? Do we have reservations with the view of the High Court?

Murugan’s book is about a married couple, Kali and Ponna, who fail to have a child despite decades of their marriage. They succumb to social and familial pressures to allow Ponna (the wife) to participate in a sexual orgy (unrestrained sexual encounter involving many people) at a religious festival (the Vaikasi Car Festival) that takes place in Arthanareeswarar Temple, for begetting a child. The local community claimed that in the book, Murugan denigrated the Arthanareeswarar Temple, the deity, Lord Arthanareeswarar, festivities relating to Vaikasi Car Festival and the women of the Kongu Vellala Gounder community. Some sections of the community believed that the facts in the story were not true and found that the sexual mores associated with the community in the book were offensive.

The Court was required to evaluate, whether the novel was obscene (Section 292 of Indian Penal Code, 1860 (IPC)), offensive to the community (Section 153A of IPC) and the religion (Section 295 of IPC); and whether the State had the responsibility to protect the writer from mob violence on account of his controversial book. The Court held that the book was neither offensive nor did it hurt community or religious sentiments. The Court also held that the State had a positive obligation to protect Murugan against the mob. It would be useful to look at the analysis of the Court in drawing these conclusions and see if we completely agree with it.

The Court relied on the standard for determining obscenity in Aveek Sarkar v. State of West Bengal wherein, it was held that what is lascivious/appealing to the prurient interest/depraved or corrupt has to be tested using the contemporary ‘community standards. The Court was of the view that the novel was not offensive by the current mores (para 150 and 151). The Court further relied on MF Hussain v. Rajkumar Pandey, (also decided by Justice Sanjay Kishan Kaul) wherein it was held, that while evaluating obscenity in a work, “the judge has to place himself in the position of the author in order to appreciate what the author really wishes to convey and thereafter, placing himself in the position of the reader in every age group in whose hand the book is likely to fall, arrive at a dispassionate conclusion.”It is necessary to mention here that the community standards test has been criticised by scholars, worldwide, as it is difficult to divorce subjective morality of an individual and ascertain what those standards are. This indeterminacy interferes with the ability of judges to apply these standards. There is established scholarship that says that judges cannot divorce themselves from their subjectivities while evaluating obscenity in work of art or literature and may often reinforce the moral norms of the majority in the society thus crushing the moral standards of the minority. In India, we have a mixed bag of judgments that address the issue of obscenity. Seeing the difficulty in application of the community standards test, it is noteworthy that the ultimate fate of a book, painting or a film is dependent on the morality of an individual judge. In fact, the Court had asked a pertinent question in the judgment, “Would it be desirable for the Courts to intervene or should it be left to the readers to learn for themselves what they think and feel of the issue in question?” (para 136) However, it eventually reinforced these standards by applying the existing precedents on obscenity. The Court added thatunder Section 292, it was required to first prove whether the novel was obscene at all and only if it was found to be obscene it should be tested within the parameters of exceptionsit would fall under. The Court found that the novel was not obscene. There was no need to evaluate its social character to save it from a ban. While drawing this conclusion, the Court stated that, “sex, per se, was not treated as undesirable, but was an integral part right from the existence of civilization” (para 149) and that “in our society, we seem to be more bogged down by conservative Victorian philosophy rather than draw inspiration from our own literature and scriptures.”The Court also said, “there are different kinds of books available on the shelves of book stores to be read by different age groups from different strata. If you do not like a book, simply close it.”(para 148) While this reflects a progressive view of the judges on sexual morality, we have reservations on court’s reliance on ancient literature to justify why sex and its depiction in art or literature is not obscene.
We appreciate the observations that the Court has made while determining whether the novel hurt community or religious sentiments. The Court has acknowledged the declining tolerance level of the society (para 154) and stated that “any contra view or social thinking is met at times with threats or violent behaviour” (para 142).
The Court addressed the issue of harassment of writers and artists at the hands of a mob and held that there should “be a presumption in favour of free speech and expression as envisaged under Article 19(1)(a) of the Constitution of India” and emphasized the need for the State to protect those who suffer from hostility of several sections of a society as a consequence of holding a different view (para 175).Citing MF Hussain v. Rajkumar Pandey, the Court said “freedom of speech has no meaning if there is no freedom after speech.”The Court has identified the problematic sphere of mob violence and how it affects freedom of expression. However, we do not agree with what the Court held subsequently.

Reproducing an extract of the judgment here, “There is bound to be a presumption in favour of free speech and expression as envisaged under Article 19(1)(a) of the Constitution of India unless a court of law finds it otherwise as falling within the domain of a reasonable restriction under Article 19(2) of the Constitution of India.” (para 184) The words, “unless a court of law finds it otherwise as falling within the domain of a reasonable restriction under Article 19(2) of the Constitution of India.” indicate that the judiciary has the power to determine whether a certain type of speech could be restricted under Article 19 (2) of the Constitution of India. This understanding is incorrect. The language of Article 19 (2) makes it clear that speech could only be restricted by ‘law’ and judiciary cannot assume the authority to restrict speech. It has the authority to decide the applicability and the constitutionality of the law that restricts speech. The relevant part of Article 19 (2) is reproduced below for reference. “(2) Nothing in sub clause (a) of clause ( 1 ) shall affect the operation of any existing law, or prevent the State from making any law, in so far as such law imposes reasonable restrictions on the exercise of the right….” The Court further acknowledged that “the State and the police authorities would not be the best ones to judge such literary and cultural issues, which are best left to the wisdom of the specialists in the field and thereafter, if need be, the Courts” (para 181). The Court thus issued directions to the Government to constitute an expert body to deal with situations arising from such conflicts of views so that an independent opinion is forthcoming, keeping in mind the law evolved by the judiciary(para 181). There are concerns with this mandate of the Court; firstly, constituting an expert body to resolve conflict of views will not serve any purpose unless there are guidelines to evaluate work. It is difficult to dissociate subjectivity and ascertain objective standards for evaluating offensiveness of literary or artistic work. Secondly, reliance on expert opinion and then courts completely disregards existing law. Under Section 95 of the Code of Criminal Procedure,1973, the Government has the power to declare forfeiture of works which, it considers in violation of section 153A or section 153B or section 292 or section 293 or section 295A of the Indian Penal Code, 1860. The power to evaluate a piece of writing or other work has already been given to the government. The Court has created a parallel mechanism for evaluation by giving directions to constitute an expert panel. In the event this mechanism fails to resolve the conflict, it is suggested that courts would then be approached to address the matter. This is in complete disregard of the powers of the Government under Section 95.

In the Murugan judgment, the Court has attempted to provide a narrow interpretation of what is considered obscene, emphasized the need for the society to be more tolerant and for State to protect those members of the society who, on account of their views, suffer at the hands of an intolerant society. It is for these reasons, the judgment is, undoubtedly a sound precedent for protection of speech in India. However, it is concerning to see that in drawing these conclusions, the Court has reinforced vague legal standards of obscenity and in that regard, it remains yet another addition to the mixed bag of judgments.

For more details visit https://cis-india.org/internet-governance/perumal-murugan-and-the-law-on-obscenity