We are anonymous, we are legion

Nasscom wants board to protect Net neutrality, regulate pricing

praskrishna — 2016-01-31T09:25:09Z

The debate against differential pricing of data services at the cost of net neutrality doesn’t seem to be getting over yet. While internet activists have gone out on streets in Bengaluru and Hyderabad to protest in favour of net neutrality, industry experts believe that differential pricing, when regulated could be tailored for public interest.

The article by Shadma Shaikh was published in Asian Age on January 7, 2016. Pranesh Prakash was quoted.

Given the current situation of low internet and broadband penetration along with lower levels of digital literacy and limited local language support in the country, IT industry body Nasscom said that protection of net neutrality is essential to fight these monumental challenges that require continuous innovation, both in technology solutions and business models.

“We strongly oppose any model where TSPs or their partners have a say or discretion in choosing content that is made available at favourable rates, speed,” Nasscom President R. Chandrashekhar said in a statement.

However, Nasscom also suggested a suitable oversight mechanism in the form of “an independent not-for-profit entity with an independent board to manage proposed differential pricing programs that are deemed to be in the public interest and are philanthropic in nature.”

In view of regulator Trai’s proposal to question the fairness of zero-rating—a practice of not counting certain traffic towards a subscriber's regular Internet usage, Pranesh Prakash, Centre for Internet and Society said, all forms of zero-rating result in some form of discrimination, but not all zero-rating is harmful, nor does all zero-rating need to be prohibited.

Prakash says that Trai’s paper has been inappropriately reduced to a referendum, by both parties—supporters of differential pricing programme as well as internet activists fighting zero-rating. Content-agnostic zero-rating models are not harmful, he says, adding “some traffic, such as government or public interest sites could be made free.”

Facebook’s Free Basics app that aims to provide ‘free Internet access’ to users who cannot afford data packs, has run into trouble for being against net neutrality principle. Trai, while evaluating the zero-rating proposal has asked Reliance Communications, the official telecom partner for Free Basics to put the service on hold.

After drawing flak from critics and citizens over its Free Basics program and its extensive advertisement in the media and on Facebook itself to influence the decision of Trai in favour of zero-rating program, Zuckerberg reached out to Indian readers through an opinion piece he published in an Indian daily newspaper.

Facebook’s justification for Free Basics lies in comparing internet as a service similar to education and healthcare. Free schools, free libraries and public hospitals may not provide the best of services, but their existence is essential to cater to a large set of audience who cannot afford expensive healthcare or education. In the same way, says Facebook founder Mark Zuckerberg, everyone deserves access to free basic internet service.

Calling Facebook’s Free Basics programme as an illusion, Nikhil Pahwa, founder MediaNama and volunteer at savetheinternet.in said “Facebook’s Free Basics is not free internet.” The choice to determine what data or content to browse should be left to the internet users, he says.

For more details visit https://cis-india.org/internet-governance/news/asian-age-january-7-2016-shadma-shaikh-nasscom-wants-board-to-protect-net-neutrality-regulate-pricing

Nasscom chief saying full data protection isn’t possible should wake us from our digital slumber

praskrishna — 2017-03-17T01:47:25Z

Considering India is rapidly moving towards a digital economy, the hurdles not withstanding, data and identity security are topics which have to be taken very seriously. Since the demonetisation, a large part of the population who would never bother with digital transactions has suddenly come online. But there is no such thing as complete security of personal data, according to Nasscom chief R Chandrashekhar.

This was published by First Post on March 16, 2017. Pranesh Prakash was quoted.

Attending the World Consumer Rights Day, R Chandrashekhar said that personal data of online consumers cannot be completely secure and stressed on the need to have strict enforcement of consumer protection laws. Speaking to PTI, Chandrashekhar said, “More than 3 million credit card data details were misused recently. Let us face it, these kind of security breaches will take place. There is nothing called fully perfect security in IT.”

It’s high time we call a spade, a spade

R Chandrashekhar, President Nasscom. Image: PIB

Coming from the head of Nasscom, this announcement pertaining to security is very important. According to Chandrashekhar one cannot expect complete cyber security, but there are definitely ways in which such attacks and incidents can be minimised. He very rightly said that that protecting the online consumer data, specially looking at how rapidly e-commerce is growing in the country, is of prime importance.

One cannot help but agree with Chandrashekhar, specially considering the fact India does not have a privacy law ecosystem that is present in countries such as the US and the UK, where online consumer protection is taken very seriously. Germany and other EU nations have always been at the forefront, when it comes to protecting data privacy, and it has ensured that consumer-facing technology companies do not run roughshod when it comes to protecting user data.

Chandrashekhar stated that there was no need for separate regulations for e-commerce sites, but the priority was ensuring means to enforce consumer laws in the digital world.

Lack of dedicated privacy laws

According to cyberlaw and cybersecurity expert, Pavan Duggal, “Going forward, there is an urgent need for India to take a strong view on privacy in terms of legislative frameworks. Unfortunately, at the time of writing, India does not have a dedicated law on privacy.”

Image: Foamy Media

Social media websites for instance have a lot of user data. But what happens when they suddenly change their privacy policies? For instance, a lot of users signed on to WhatsApp when it was an independent company. But post the Facebook acquisition, there have been a lot of instances where WhatsApp has updated its terms and conditions to suit its parent Facebook.

That’s not completely illegal one may say. Loss of privacy is a price you pay for free services. But what if, I as a consumer of WhatsApp do not want the app to share any of my data with Facebook? The only option I am left with is to delete WhatsApp. But then again, I do not know if my data is also deleted from WhatsApp servers or it has already been shared. Social media apps, only let you know what updates are being added. Consent is only required to update the app. You can stall that, up to a point. But there will come a time when you will have to update an app. Then by default you have given approval to all the terms and conditions associated with the app.

Two students had challenged WhatsApp’s revision to its privacy policy before Delhi High Court. The Court dismissed the petition insisting that users could opt out by deleting their accounts.

When a similar challenge was mounted before the authorities in UK, Facebook had to put a pause on their data sharing – and this was because of its strong data protection policy. Under the UK data protection law, the company has to inform the authority established under the Act of any changes in the use of user data. In the case of WhatsApp, the UK authority objected to such sharing.

Aadhaar – the 12-digit biometric storehouse

Aadhaar card is being used for many financial and non financial transactions. Also the Aadhaar number associated with an individual also holds a lot of personal and biometric data. So when recently, there was news about a possible Aadhaar data breach when UIDAI filed a police complaint against Axis Bank, business correspondent Suvidhaa Infoserve and e-sign provider eMudhra, it was naturally a shock to many.

Unlike a password which can be changed, with biometric information there is no scope to do that if it is compromised. Although UIDAI claims that there are multiple levels of security and firewalls to ensure there is no breach of Aadhaar information of an individual, one can only hope that it is robust enough to withstand any attack. Collection of biometric data by the government to form a database, for instance, was debated and ultimately not used in the UK.

Pranesh Prakash, policy director of the Centre for Internet and Society, expressed concern about the pace at which we are progressing when it comes to having a legal and regulatory framework when it comes to the Digital India push. “While the security architecture of Aadhaar Enabled Payment Systems (AEPS) might in itself be good, the idea of providing your fingerprints to merchants for financial transactions is a terrible idea since that is like asking you to give your bank password to a merchant, and the merchant can reuse that password, and you can’t ever change the password,” said Prakash.

Enforcing the correct processes

Last year, a malware affected the systems of Hitachi Payment Services, which provides back end services to ATM machines and Point of Sale nodes across India. As a result of this, around 32 lakh debit cards were compromised including those issued by SBI, HDFC, Yes Bank, Axis, BOB and ICICI. Security experts and consultants have pointed out various holes in the electronic transaction systems in place in India. Intel has also warned that ATM machines in India are vulnerable to malicious attacks. Intel points out that countries in the Asia Pacific region are developing and are particularly vulnerable because of old systems and machines being used.

Image: REUTERS/Amit Dave

According to Mahesh Patel, president and group CTO, AGS Transact Technologies this was more of a governance issue of the data centre than any technical error. “It is not about the software, but it is about the processes and procedures you put in place to ensure that the system is secure. Everything from physical security to computing security to admin management, etc should be process driven. So somewhere there could have been a weak link there. Cloud has to be secure and encrypted which suffices the use case of payments. This cloud is different from the ones used by e-commerce sites to display all their products,” said Patel.

We may have the best of software and security measures, but ensuring that they are implemented the right way is equally important. Plugging the loopholes in current regulations is also important.

Existing laws and regulations, not enough

According to Duggal, “The Information Technology Act, 2000 hardly has effective provisions to protect any data and personal privacy in the digital ecosystem. The Indian Government needs to come up with strong privacy law which can protect both personal privacy and data privacy in an effective manner.”

One may find it really shocking to hear the head of Nasscom saying something to the extent that full data protection for online consumers is not possible, but there is definitely truth to the matter. It will require concerted efforts from not only regulators, governments, digital wallet players and banking industry to come up with these privacy laws, but also you the consumer has to ensure that you are aware of the dangers lurking in the digital world. Educating oneself of the various ways in which your data can be compromised is a good way to protect your online self.

Because, let’s face it, for all practical purposes if you are online, your privacy is dead.

For more details visit https://cis-india.org/internet-governance/news/first-post-march-16-nimish-sawant-nasscom-chief-saying-full-data-protection-isnt-possible-should-wake-us-from-our-digital-slumber

Nasscom against differential pricing for data services

praskrishna — 2016-01-06T15:12:17Z

The National Association of Software and Services Companies says it should be the regulator that decides on such content, not firms.

The article by Moulishree Srivastava was published in Livemint on January 5, 2016. Pranesh Prakash gave inputs.

India’s top software lobby on Monday said if select web content needs to be provided cheaper for some Indians, it must be the regulator that decides on such content, not companies.

In its response to a consultation paper by the Telecom Regulatory Authority of India (Trai) on differential pricing for data usage, the National Association of Software and Services Companies (Nasscom) objected to plans such as Free Basics and Airtel Zero where companies choose content to be provided at different speeds and prices, but backed powers for the regulator to allow such a model if the regulator deems they are in “public interest”, while adhering to principles of net neutrality.

“We strongly oppose any model where telecom service providers (TSPs) or their partners have a say or discretion in choosing content that is made available at favourable rates, speed... any differential pricing by TSP either directly such as Airtel Zero or indirectly as in the case of Free Basics through a platform provider which limits access to the internet services or websites (selected by the TSP or by the partners) violate the idea of net neutrality,” said R. Chandrashekhar, president, Nasscom.

“But when we recognize the reality of India as a country which has low internet penetration and even lower broadband penetration, apart from low levels of digital literacy and limited local language content... there may be a need to provide certain services in public interest at differential or lower prices which the regulator feels are necessary,” he said.

“Therefore, it is important that the regulator should have the power to allow differential pricing for certain types or classes of services that are deemed to be in public interest and based on mandatory prior approvals,” he said. “Any such programmes should abide by the principles of net neutrality and not constrain innovation in any way and not constrain innovation in any way.”

Differential pricing for data usage means offering services at different price points to different users. However, analysts say it could lead to an anti-competitive environment, hurting small companies and start-ups, while giving the TSPs and their partner platforms near-monopolistic access to the vast amount of user data that has potential commercial value in a country such as India where privacy laws are not strong.

Differential pricing is a significant aspect of the net neutrality debate that erupted in India in 2015, when Trai released a consultation paper in April. Soon, telecom operator Bharti Airtel Ltd launched Zero, a marketing platform that allows customers to access mobile applications for free but charges the application providers.

Facebook’s Free Basics service (the new name for Internet.org) aims to offer people without the Internet free access to a handful of websites and a range of services through mobile phones, which net neutrality activists say will violate the core principle that everyone should have unrestricted access to Internet and it should not be regulated by a company.

Following the outrage, Trai put Free Basics on hold, asking Reliance Communications Ltd to furnish the detailed terms and conditions of its Free Basics service. The next step will be announced later this month.

In an op-ed in the Times of India last week, Nandan Nilekani, co-founder of Infosys Ltd. and former chairman of Unique Identification Authority of India, publicly criticized Facebook’s Free Basics, calling it a walled garden.

“The walled garden of Free Basics goes against the spirit of openness on the internet, and in the guise of being pro-poor, balkanises it. Only Free Basics-approved websites will be accessible for free,” he said in the article which he co-authored with Viral Shah who led the design of government’s subsidy platforms using Aadhaar. “In theory, anyone meeting the technical guidelines today can participate. However, services that may potentially compete with telco offerings may not join Free Basics. Since Facebook does not currently subsidise free usage, telcos will have to foot the bill by raising prices.”

He said schemes such as direct benefit transfer for Internet data packs would be better compared to programmes such as Free Basics.

Nasscom, in its response, recommended “mandatory prior approval of such services by the regulator and sharing of periodic information on tariff plans seek to lower the price as well as zero rating services,” adding that these programmes should abide by the principle of net neutrality, meaning it should not limit consumers access to pre-defined set of services or websites.

“Any such differential pricing programs should have explicit approval of the regulator—and should be deemed to be in the public interest and the onus of proving it to be in the public interest in the first instance would be on service provider and before Trai arrives at a final decision a public consultation is also advised because of the dangers involved,” Nasscom said. “Even after the approval, suitable oversight mechanism should be maintained by the regulator in all such case.”

Pranesh Prakash, policy director at the Centre for Internet and Society (CIS), said Nasscom’s approach to make differential pricing plans and options as an exception rather than the rule was quite reasonable. “It says that if differential pricing services adhere to the guidelines of being non-discriminatory, non-anti-competitive, non-predatory, non-ambiguous and transparent, they can be allowed under the supervision of the regulator, which is similar to the position adopted by CIS,” he said.

“Though some of their positions are ambiguous—for instance what they mean by non-discriminatory, and whether they are okay with differential pricing between classes of applications, are unclear—and some of their recommendations increase regulatory complexity, such as their proposal for independent not-for-profit entities with independent boards to own and manage such differential pricing programs, by and large it is a useful submission,” Prakash added.

For more details visit https://cis-india.org/internet-governance/news/livemint-moulishree-srivastava-january-5-2016-nasscom-against-differential-pricing-for-data-services

Narendra Modi’s personal app sparks India data privacy row

Admin — 2018-03-28T16:17:32Z

PM’s NaMo app sends user data to third party in US, says researcher.

Sunil Abraham was quoted in the article published by Financial Times on March 28, 2018.

“People are outraged that there is a peephole,” says Sunil Abraham, executive director of the Bangalore-based Centre for Internet and Society, a non-profit research organisation. “They are not outraged that anyone has looked into the peephole — because there is no evidence of that yet.”

For Mr Abraham, however, the controversy demonstrates that “Indian political parties have a voracious appetite for political data. If unchecked by law or public outrage, they will continue to hoover up as much data as they can from our devices.”

“Privacy is definitely a political issue,” says Mr. Abraham. “Political parties are reacting not because they will get into trouble under the law. They are reacting because they areafraid their supporters may not like it.”

For more details visit https://cis-india.org/internet-governance/news/financial-times-march-28-2018-narendra-modi-personal-app-sparks-india-data-privacy-row

Nanny state rules porn bad for you

praskrishna — 2015-08-05T01:39:28Z

The article by Anahita Mukherji was published in the Times of India on August 4, 2015. Pranesh Prakash gave his inputs.

Half a century ago, India banned the DH Lawrence classic, Lady Chatterley's Lover. The ban, though lambasted for its Victorian view of modesty and obscenity, was fair and square; the matter was debated in the Supreme Court, which upheld the ban. Over 50 years later, a diverse spectrum of civil society has slammed a much more insidious and far less transparent ban on internet pornography.

For starters, the 857 sites that vanished from India's internet sphere haven't been officially banned, they just don't show up when you type the url. The order blocking them isn't public. For a list of the 857 sites, one must rely on leaked documents put out on Twitter by Pranesh Prakash, policy director, Centre for Internet and Society. "The ban on Lady Chatterley's Lover was public. As for the blocked websites, the government has gone out of its way to hide the list of sites pulled down. A secret order banning material violates all principles of transparency in a democracy," says Prakash.

The document, with 'Restricted' written on it, is a letter from the department of telecom asking ISPs to disable 857 sites as they bear content related to "morality" and "decency," violating Article 19 (2).

Strangely, the order's been issued under Sec 79 (3)(b) of the IT Act dealing with intermediaries having to remove material used to commit unlawful acts. "Watching porn isn't illegal in India. Disseminating 'obscene' content can be illegal, but for that, the government must file a case against the sites, and they must be allowed a representation," says Prakash.

"Sec 79 (3)(b) of the IT act isn't the section under which governments can block sites. It should use Sec 69 that has a review process," says Nikhil Pahwa, a champion of internet freedom.

The government drew up its list of 857 sites even as SC is in the process of hearing a petition to ban porn and is yet to pass an order. It includes playboy.com that, says Prakash, is a legitimate adult site. Pahwa points to the ban's "bizarrely moralistic undertones".

"As society evolves, government and regulatory regime are stuck in medieval ages," he says, adding a ban on websites will be rendered ineffective, pushing users to VPNs, a black hole for government monitoring mechanisms.

"A government that hasn't succeeded with Make in India is trying to prevent Make out in India," says venture capitalist Mahesh Murthy, who earlier backed net neutrality.

"The government is blocking websites to keep Rightwing lunatic fringes happy after its unsuccessful bid to pass the land bill," says Murthy.

"It isn't merely looking at blocking porn, but is trying to bring back Sec 66A (IT Act), ruled unconstitutional by the SC," he adds. "It's part of the bid to restrict individual freedom, create an artificial separation between Indian culture and anything erotic, driven by a diktat from Hindutva forces. It's ironic as Modi came to power as someone looking to activate individual agency. Now he's wary about where that leads to," says Subir Sinha, professor at the School of Oriental and African Studies (London). Murthy and Sinha believe the issue stems from a refusal to accept Indian culture in totality. "Victorian morality is considered Hindu, Khajuraho isn't," says Murthy.

"The government seems to be acting in a more high-handed manner than previous ones. The press and public opinion should wake up to this," says sociologist Andre Beteille.

For more details visit https://cis-india.org/internet-governance/news/the-times-of-india-august-4-2015-anahita-mukherji-nanny-state-rules-porn-bad-for-you

Namaste, Mr. Eric Schmidt

praskrishna — 2013-03-21T08:48:48Z

An article by R. Jai Krishna published in the Wall Street Journal on March 20, 2013 quotes Sunil Abraham.

Read the original published by the Wall Street Journal on March 20, 2013.

Sandwiched between a January visit to North Korea and a stop in Myanmar at the end of this week Google Inc.'s GOOG +0.42% executive chairman, Eric Schmidt, is visiting India until Thursday.

The world’s largest democracy might seem to have little in common with the two authoritarian states.

But free speech advocates say recent developments in India are troubling and observers are waiting to see whether Mr. Schmidt addresses them during two events over the next couple of days.

At issue is a debate in India over the limits to free speech. In 2011, India’s government, angered at the spread of inflammatory material online, passed a law that allows it to hold Internet companies liable for “offensive” material posted by users. Parts of the law are being challenged in India’s Supreme Court, which has yet to rule.

In December 2011, India’s then-telecoms minister, Kapil Sibal, urged Google Facebook Inc. FB -2.67% and other Internet companies to screen derogatory material from their sites. The requests came amid official anger over content that parodied Prime Minister Manmohan Singh and Sonia Gandhi, president of the ruling Congress party, as well as other leading politicians.

A journalist, Vinay Rai, subsequently filed criminal cases in a Delhi court against Internet firms including Google, alleging material they hosted was defamatory, obscene and promoted enmity among different religious and ethnic groups. The companies are challenging the validity of the case in a higher court. The lower court is expected to begin hearings next month.

Google and the others deny wrongdoing. Google has said it makes unavailable to Indian users any content that violates its terms of services or local laws.

Mr. Schmidt is unlikely to address the ongoing lawsuits. But he might take the opportunity to push India to reconsider its position on free speech, say activists.

“He will obviously make a case..but the government is unlikely to take it seriously,” said Sunil Abraham, executive director at the Bangalore-based Centre for Internet and Society. “It’s much more complicated.”

Mr. Schmidt is set to speak at two technology conferences – one organized by the country’s software industry body, the National Association of Software and Services Companies, or Nasscom, on Wednesday, and another by Google on Thursday.

Paroma Roy Chowdhury, a spokeswoman for Google India said: “The Google India team is very happy to host him here.”

Mr. Schmidt’s India visit follows his private visit to North Korea in January where he urged its officials to drop barriers to global Internet access if they hope to develop their economy. He is likely to travel to Myanmar on March 22, after his India trip.

Google is facing other legal challenges in India. They include a federal anti-trust probe on alleged anticompetitive practices by Google’s online advertising business. Google says it has done nothing wrong.

For Google, India is an important market for its Internet services as well as mobile-devices software Android.

Market research firm ComScore Inc. SCOR -0.41% said in June that Google reached 95% of online users in India. “Visitors spent 2.5 hours on Google sites, with YouTube accounting for a major share,” it said.

More and more Indians have started taking to the Internet to express their views. India has about 62 million people in urban areas using social media platforms, according to a recent study by the Internet and Mobile Association of India, a trade body, and market-research agency, IMRB. That is expected to rise to 66 million by June.

Demographically, the report said, the “highest proportion’ of social media usage was among young men and college students, representing 84% and 82% of the total internet users, respectively.

Last year, New Delhi issued a series of guidelines on how government departments should use social media to reach out to people and to ensure public participation in policy framing.

The ruling Congress-led coalition government has now started embracing these networks.

For example, Finance Minister P. Chidambaram earlier this month interacted with citizens during the annual budget proposal using social media platform Google+.

For many, this was seen as a move to counter Gujarat Chief Minister Narendra Modi’s use of online platforms during his successful re-election campaign late last year. Mr. Modi, widely expected to be named the prime ministerial candidate for the main opposition Bharatiya Janata Party in 2014, is scheduled to attend Google’s event Thursday.

For more details visit https://cis-india.org/news/wsj-r-jai-krishna-march-20-2013-namaste-mr-eric-schmidt

Myanmar Digital Rights Forum proposes a path away from 66(d)

praskrishna — 2017-01-10T15:09:21Z

This was published by Coconuts Yangon on December 14, 2016. Sunil Abraham was quoted.

Nica Dumlao from the Philippine Internet Freedom Alliance speaks at the forum. Photo: Phandeeyar

Over the last two years, Myanmar has experienced a connectivity revolution; tens of millions of people have hopped onto the web all at once. However, recent events have highlighted how vulnerable people in Myanmar are when communicating and sharing information online.

Daw Ei Myat Noe Khin, a Phandeeyar associate and co-organizer of the event, explained: “Myanmar’s laws and regulations were changed to enable millions of people to get connected. However, not nearly enough has been done to protect the rights of these users. Urgent legislative action is needed to ensure that the rights and freedoms that the Myanmar people now enjoy offline are also protected when they are using the internet.”

Rights groups and media organizations have noted the threats to freedom of speech posed by the arrest under Article 66(d) of Myanmar’s Telecommunications Law of journalists and ordinary citizens for Facebook posts.

Nay Phone Latt, the former political prisoner and free speech activist who now serves in the Yangon Region parliament, called for changes to Myanmar’s laws, which are now being used to sue people for as actions as little as leaving a comment on social media.

“Even though I am now an MP, my opinion on free speech has not changed,” he said.

He also called on Union-level lawmakers to attend similar forums and ultimately improve the laws relating to digital rights.

However, Article 66(d) is only one of many issues that need to be addressed. According to speakers at the forum, other critical issues include information privacy, the right to information, online hate speech, cyberbullying, revenge porn and phishing scams.

Vicky Bowman, director of Myanmar Center for Responsible Business, recounted the story from a few years ago of an NGO leader who gave away $80,000 of his organization’s money when he was duped by a phishing scam online.

“Are Myanmar people aware of digital rights? I don’t think so. They’re excited about SIM cards and gadgets, but they’re probably not reading the terms and conditions.”

There is still a lot to worry about in the realm of digital rights in Myanmar, she said.

In this challenging environment, the forum’s attendees are working to develop specific policy recommendations, strategies and campaigns to ensure digital rights to the people of Myanmar.

“The benefits of connectivity won’t be realized if people are scared to use the internet. The objective of the Myanmar Digital Rights Forum is to raise awareness about the importance of these issues and to develop concrete plans to address them,” said Daw Htaike Htaike Aung, executive director of Myanmar ICT for Development Organization (MIDO).

Some speakers offered the experiences of other countries as models for what Myanmar might be able to do to protect internet users. Sunil Abraham, the executive director of the Bangalore-based Center for Internet and Society, urged against thinking of companies and governments as monoliths. There are people in government, he said, who do have the rights of citizens in mind. He also advised digital rights campaigners to pursue change on all sides of the political spectrum, just as free-software activists found support in India’s communist and nationalist parties.

Ms Cheekay Cinco, a program manager for Engage Media, said: “This is not a Myanmar problem. Hyper-connectivity in the region has led to greater criminalization of online activities. Over the years, spaces in Southeast Asia have been created to talk about these issues. We can only spark development and change when these spaces continue to flourish and have participation from different sectors.”

For more details visit https://cis-india.org/internet-governance/news/coconuts-yangon-december-14-2016-myanmar-digital-rights-forum-proposes-a-path-away-from-66d

Myanmar Digital Rights Forum

praskrishna — 2016-12-17T00:44:25Z

Sunil Abraham was a speaker at the Myanmar Digital Rights Forum in Myanmar on December 14 and 15, 2016. The two day event was organized by Phandeeyar, You Can Do IT, Engage Media and Myanmar Centre for Responsible Business with support form the Embassy of Sweden.

More than 55 representatives from technology companies, government, media and civil society organizations gathered at the innovation lab Phandeeyar to participate in the Myanmar Digital Rights Forum. The event was organized to address critical digital rights challenges in Myanmar. Participants discussed the issues raised by the increasing access, in recent years, of large numbers of Myanmar citizens to the internet, social media and mobile phones. For more info see here.

Click to read the agenda

For more details visit https://cis-india.org/internet-governance/news/myanmar-digital-rights-forum

My Experiment with Scam Baiting

sahana — 2012-03-13T10:43:28Z

Today, as I am sure many of you have experienced, Internet scams are widespread and very deceptive. As part of my research into privacy and the Internet, I decided to follow a scam and attempt to fully understand how Internet scams work, and what privacy implications they have for Internet users. Though there are many different types of scams that take place over the Internet —identity scams, housing scams, banking scams— just to name a few. I decided to look in depth at the lottery scam.

Day 1: July 4, 2011

On July 4, I received a spam mail from Shell BP Manchester England (lamarc65@cs.com). The e-mail informed me that my e-mail address had won a sum of $550,000 which was held on July 3, 2011 in England. In order to claim my prize the e-mail instructed me to confirm the receipt of the mail by submitting a few of my personal details to one Dr. Mohammed Al Maliki. This is an extract from the letter asking for my information:

Information Requested:

Your full Name:
Contact address:
Your Telephone:
Your Age:
Your occupation:
Your country of origin:

Congratulations.
Yours Sincerely,
Mrs Roseline Lott
Shell Prize announcer, England.

Deciding to reply to the email and see what happened, I responded to Dr. Mohammed Al Maliki (dr.mohamedmalik@gmail.com) with the information that the e-mail had asked, only I substituted my real information with the following fake information:

Shaiza Sarkar
B-196, CR Park, New Delhi - 110019
09916000603
23 yrs old
India

To my surprise he replied to my mail the same day at 4:59pm. In this mail he informed me that he had sent my details to Lloyds Bank who would be responsible for the payment of my prize. He asked me to inform him after I receive a mail from the bank. The e-mail contained a phone number for me to call. I tried to call the number mentioned in the mail but there was no reply.

Again to my surprise, I received a mail from Lloyds Bank at 6:58 p.m. the same day with a list of documents and details that I was supposed to send them to claim the prize money. Lloyds Bank had also attached a deposit certificate to ‘prove’ that Shell Petroleum Development Company had deposited the prize money in the bank. Below is an extraction of the e-mail I received from Lloyds Bank.

"FROM THE DESK OF DR. MOHAMED MALIK
REGIONAL CLAIMS AGENT,
SHELL PETROLEUM INTERNATIONAL LOTTERY PROGRAM.
Regional Office:
St James Court, Great Park Road,
Almondsbury Park, Bradley Stoke,
Bristol BS32 4QJ, England
Contact: +447035974608
“LLOYDS BANK PLC
ADMINISTRATIVE HEADQUARTERS.
LONDON, ENGLAND, UNITED KINGDOM.
REF...FILENOS2345/LTB
ATTENTION: SARKAR SHAIZA
*REGARDING YOUR PRIZE FROM SHELL PETROLEUM DEVELOPMENT COMPANY*
PLEASE SEND US THE DOCUMENTS BELOW;
1. A CERTIFICATE OF AWARD FROM SHELL PETROLEUM CONTACT DR MOHAMED MALIK
2. A SCANNED COPY OF EITHER YOUR DRIVERS LICENSE OR YOUR INTERNATIONAL PASSPORT OR WORK I.D CARD.
3. A SWORN AFFIDAVIT OF CLAIM FROM THE CROWN COURT HERE IN LONDON,YOU ARE REQUIRED TO CONTACT [DR MOHAMED MALIK]YOUR AGENT FOR ALL THIS.
SIR PAUL WISCONFIELD.
HEAD OF OPERATIONS.
LLOYDS TSB BANK PLC

Day 2: July 5, 2011

The next day I informed Dr. Mohammed Al Maliki of the above letter from the bank, as instructed to at 8:58 p.m. At 9:45 p.m., Dr. Mohammed Al Maliki emailed me back with the certificate of award from Shell Petroleum Development Company with my fake name printed on it.

Though the first two documents that Lloyds Bank required me to obtain were standard enough, the turning point in this entire scam was the third document that Lloyds Bank asked me to acquire. The third document asked me to present a sworn affidavit of claim from the Crown Court in London. Following the instructions given by the bank, I again emailed Dr. Mohammed Al Maliki. He replied with instructions for me to contact Barrister Wilson Burrows (ESQ) of Wilson and Co. Law Chambers for this document. I tried to search for Wilson and Co. Chambers on the Internet and found that no company with such a name exists.

This is the certificate of award provided to me by Dr. Mohammed Al Maliki:

Day 3: July 6, 2011

At 1:47 p.m. I mailed Wilson and Co. Law Chambers informing them about the sworn affidavit that I required in order to claim the lottery prize. The same day at 8:25 p.m. the Law Chambers sent me the following mail with an application form, and asked me to transfer 520 pounds through a Western Union Money Transfer to the Chamber’s Accountant Mr. Preston Doyle. I checked the address provided in the mail to see if it existed. The Google map showed that the given pin code “L14JJ”- London - was a pin code for Liverpool, Merseyside UK, which is not London , and not where Wilson and Co. Law Chambers claimed to be based. Additionally, the Law Chambers attached a form for the affidavit in this mail.

Below is an extract from the email I received from Wilson and Co. Law Chambers:
“The Principal Attorney
Wilson and co Chambers
#18 Harms Road Manchester
L14JJ - London.
Supreme Solicitors, Principal Attorneys and Property Managers
Kind Attention: Client,
As stated in the attached form, the completed form should be returned with the Court Oath Fee. For further processing, see below fees;
Court Oath Fee: 250 Pounds
Attorney Fee: 270 Pounds
------------------------------------------
Total Fee: 520 Pounds
-----------------------------------------
To send this money, go to any WESTERN UNION MONEY TRANSFER OFFICE nearest to you and make the payment to the Chamber's Accountant - Mr. Preston Doyle with the following details -
Receiver's Name: Mr. Preston Doyle
Receiver's Location: London, United Kingdom.
Receiver's Address: #18 Harms Road Manchester, L14JJ – London
Amount: £ 520.00 (Five Hundred and Twenty Pounds)
Regards,
Mrs.Wilson Burrows(ESQ)
(Registrar)
Mrs. Ivon Samuel (KBE) (Secretary)”

Day 4: July 7, 2011

After receiving the e-mail asking for a money transfer, I was curious and wished to probe more. Thus, I wrote to Wilson and Co Law Chambers and explained that a Western Union Transfer was not available in my village. The same day at 6:48 p.m. the Law Chambers sent me a mail saying that the Honourable Chamber recognizes only Western Union Transfer as the safest mode for transactions. I did not reply to this mail, as I knew I would not be able to go any further with my investigation. Though I was disappointed because this was the end to my investigation into lottery scams, and I still had questions that I wanted answered, the last e-mail the Law Chambers sent me was very interesting. In the last email sent to me by the Law Chambers requested (in a very pushy tone) that I should not tell anyone about my prize money, and that it was in fact in my best interest not to tell anyone.

Below is the extract of this mail:

“So do not discuss your winning with anybody until your prize has been transferred to you. It is for your own good. And it is at that time alone that you can be used for advert purposes by our company. So the success of this transfer lies sorely in your hands. These are the exact words from the Director this morning.”

Regards,

Mrs.Wilson Burrows (ESQ)

(Registrar)

His Lordship, Justice Ivon Samuel (KBE) (Secretary)

Day 5: July 8, 2011

Originally I wrote to the Law Chambers telling them I did not have access to a Western Union for the purpose of seeing if they use other mediums to receive money. Surprisingly, at 1:47 p.m. Wilson and Co. Law Chambers emailed me. The e-mail said that they would grant me the privilege of using a direct deposit of the 250 pounds into their correspondents account in India. In the mail they asked me to confirm that I would use this method of payment, and that once confirmed, that they would furnish me with their correspondent’s account details. Interested, I confirmed. After my e-mail confirmation at 9:47 p.m. they emailed me the details of their correspondent in India.

Below are the details of the account that I was supposed to transfer the money into:

This is the account details you will deposit the money into:
Account Name: L. MOHAN SINGH
Bank name: HDFC BANK
Branch: DELHI
Account number: 0609190004391
Ifsc Code : HDFC0000609
Pan Card: DDMPS9075M

Day 6: July 11, 2011

I did not deposit the money (obviously) and I did not e-mail the bank or the Law Chambers, I did receive a mail from Wilson and Co. Law Chambers informing me that their reputable organization would not tolerate my laxity. Unfortunately, because I could not pay the fee to their correspondent and obtain the affidavit, I was unable to follow the scam any further. Despite this dead end I was curious to know if they would provide me with the phone number of their Indian correspondent. Thus, I wrote them a mail to humbly apologise for the delay. I further asked them to provide me with the correspondent’s phone number claiming that the bank was rejecting his profile due to security protocols.

Day 7: July 12, 2011

The Law Chambers responded, informing me that they did not wish to give the correspondents number. In their e-mail they made it quite clear that for online banking all that is needed is the IFSC code. Therefore, I had to stop here.

This is the extract of the mail they sent me when I asked for the phone number:

The Principal Attorney
Wilson and co Chambers
#18 Harms Road Manchester
L14JJ - London.
Supreme Solicitors, Principal Attorneys and Property Managers

Kind Attention: Client,
This Honorable Chambers is in receipt of your mail. It is very important for you to know that laxity will not be accepted anymore. For the online transfer of this payment, you do not need any phone number, all you need is the IFSC Code already supplied to you. Once more, the IFSC Code is HDFC0000609. That is all you need to make an online transfer.

While I stopped following the scam at this point, many people might have continued with the process without any knowledge of it being a scam. Thus, one should be very sceptical about individuals or organizations who ask for personal and banking information.

Conclusions

In my experiment with scam baiting, I realized that:

They introduced me to various parties to make this entire scheme look professional. I initially assumed that I would have to carry out the process with the Shell Petroleum Development Company alone.
In the beginning of the experiment I initially thought the scam was about taking my account number and hacking into it. During my experiment I realized that the scam was not designed to make money by emptying my bank account, but instead was designed to profit off of the various admission fees such as the Sworn Affidavit.
Due to the speed by which they were able to respond to my emails, I realized that they had pre-prepared fake documents – ready to send to anyone who emailed them regarding claiming the offered lottery prize.
Throughout all of our e-mail exchanges I noticed that the individuals behind the scam only used a G-mail account. Curious, I checked their IP address – hoping to find out more information and possibly track their location – but found that Google does not reveal senders IP address information (which is in fact a very good thing in terms of privacy protection!)

For a detailed understanding of different types of scams visit here.

For more details visit https://cis-india.org/internet-governance/blog/privacy/scam-baiting

MWC19 Shanghai AI and Trust in APAC and China

Admin — 2019-06-05T07:10:50Z

Sunil Abraham will be making a presentation at the summit on AI and Trust in APAC and China at MWC19 Shanghai on June 27, 2019. Sunil has been invited as a speaker on panel ‘Framing AI for Digital Upstarts’.

MWC Shanghai is a three-day conference and exhibition bringing together over 200 AI business leaders, 65,000 attendees, and 550 companies from across different industries and perspectives to address business and technical concerns in the Intelligent Connectivity era and debate tough problems for today and tomorrow. More info here. For event details see this page.

For more details visit https://cis-india.org/internet-governance/news/mwc19-shanghai-ai-and-trust-in-apac-and-china

Muzzling the Internet

praskrishna — 2011-04-01T15:14:44Z

It is strange suddenly to be confronted with the provisions of a law passed way back in 2008. But why should the Information Technology Amendment Act, 2008, pushed through in the weeks following the 26/11 attacks in Mumbai be making news now? This news item by Sundeep Dougal was posted in Outlook on March 17, 2011.

The Economic Times, with a report headlined Government can switch off your internet if necessary breathlessly reported yesterday:

The Indian government has armed itself with powers to 'switch off' or kill the internet during times of national emergencies, becoming one of the first few countries to assume such far reaching authority. Even as the US and other western nations debate the judiciousness of giving the government's complete control to shut down cyber traffic, India has moved a step ahead and incorporated a provision under the IT Act of 2008, giving the Central government, or any of its officers specially authorised by it, to block the internet if necessary. The shutdown can happen in the interest of sovereignty and integrity of India, its defense, security of its states, friendly relations with foreign states or for public order. Failure to comply will result in imprisonment of up to seven

But perhaps the report can be excused for the simple reason that because the act was pretty much hustled through Parliament at a time when the national mindspace was preoccupied with other concerns, there was not much analysis or criticism in the mainstream media, though specialised blogs did raise an alarm even then. [See one critique dating back to December 2008 here April 2010 here -- and for the record, the bill was endorsed by the President in Feb 2009, and then only notified in October 2009.]

Read the ET report further and you realise that the reference was perhaps occasioned by the following development that the news report went on to provide:

Not satisfied with this provision, India is now moving ahead to develop alternate plans in case the 'switch' does not work. The draft plan by the Cabinet Committee on Security and Ministry of Home Affairs along with Ministry of IT & Communications to 'choke' the internet at will, which ET reported last year, is also learnt to be in its final stages.

Choking refers to handicapping the servers by subjecting it to multiple requests and attacks and preventing it from functioning effectively

But more dangerous to the issue of freedom of the internet were the recent reports, earlier in the month, of the blocking of Typepad, Mobango, Clickatell by some ISPs, though only one of them provided a message saying, "This site has been blocked as per request from the Department of Telecom". It was 2006 all over again.

As usual, the real problem was the total arbitrariness of the process and the confusion was confounded further when an unnamed Airtel spokesperson told the Hindu that there was no directive from the government, and this was “just a temporary network problem”.

The crux of the matter can be summed up in this one quote from Nikhil Pahwa of Medianama in the Hoot: "what gets me angry is that we wouldn't even have got to know of the blocking. There are never any indications of which websites are blocked and why. We have got to have more transparency on these issues."

Medianama also compiled and reported the following:

Tech2 wrote about a blogspot blackout on Feb 12th.
CuttingtheChai wrote about Kirtu.com, where the not-safe-for-work comic Savita Bhabhi was hosted, Mobango, Typepad and Clickatell being blocked on Feb 22nd.
Kafila reports, and this is something that we’ve also been told about as well, that Zone-H.org has been blocked as well. This is strange, but there is a suggestion that a company called E2 Labs got Zone-H blocked, because they did a post criticizing E2′s proposal to start a cyber security educational institution, alleging that there was falsification of information. A pdf of the post here, via Naavi.org. Again, we need clarity on why these blocks have been ordered. Also read Apar Gupta’s post
the utilitarian critique of E2 Labs v. Zone-H

Medianama further reported that on the sidelines of the Gov 2.0 conference last Friday, Communications & IT Minister Kapil Sibal passed the buck on the issue of lack of transparency in the way the Indian government blocks access to websites. Sibal told MediaNama that we should “Ask the Home Ministry, because this is a security issue.”

As Shivam Vij of Kafila asked:

All I want to ask Kapil Sibal is: How is Savita Bhabhi a threat to India’s national security? Wait, I have another question: why should I ask the Home Ministry when the orders for blocking come from your own Ministry, Mr Sibal, and the committee that decides on blocking has only one Home Ministry representative and two from your Ministry, sir?

In theory a lot of people will say that the internet can not be free of regulation, that the government must block some sites. But this is the problem in practice: the government will block a soft porn comic - only because it was talked about openly, discussed in the papers, and so on. Only because it came in the way of some bureaucrat’s antiquated sense of morality. Why, there are countless hard core Indian porn sites that are not blocked! (Oops, I shouldn’t be giving ideas.)

And when you wonder why the Government of India thinks Savita Bhabhi is too obscene for you, they will say national security!

If you don’t know about the Savita Bhabhi blocking issue, see this Huffington Post article.

All of this of course assumes ominous overtones when one considers the government's attitude on Wikileaks and offers an inkling of the shape of things to come when we look at the recent release of the long awaited draft rules for important sections of the Information Technology Act 2000, objections to which were sought from the public by February 28, 2011.

So far, the following draft rules have been formalised:

The Draft rule under section 43A- Reasonable security practices and procedures and sensitive personal information

Privacy India and Centre for Internet and Society, Bangalore have offered a detailed para-wise commentary here.

The Draft rule under section 79-Due diligence observed by intermediaries guidelines

A detailed, para-wise, criticism is available by the Centre for Internet and Society which pointed out, inter-alia:

they vest an extraordinary power of censorship in the hands of the intermediary, which could easily lead to the stifling of the constitutionally guaranteed freedom of speech online. Analogous restrictions do not exist in other fields, e.g., against the press in India or against courier companies, and there is no justification to impose them on content posted online. Taken together, these provisions make it impossible to publish critical views about anything without the risk of being summarily censored.

The rules are so loosely worded as to cover almost anything. For example, consider Section 3 of the proposed rules, particularly point (g):

"causes annoyance or inconvenience or deceives or misleads the addressee about the origin of such messages or communicates any information which is grossly offensive or menacing in nature;"

Imagine the number of sensitive souls out there who could be claiming "inconvenience" because of "annoyance" having been caused.

The Draft rule under section 79-Guidelines for Cyber Cafe

A critique by PRS blog | Medianama | Centre for Internet and Society points out, inter alia, that

if enforced it will end up choking public access Internet in the country, whether through Cybercafes or at Wifi hotspots, which would cover all regular cafes that offer Internet access, the airport, where some telcos allow access, or even on-campus connectivity.

While the comments for the above rules were invited only till 28.02.2011, perhaps it would still be useful to let the authorities know what one thinks about these rules by sending an email to: grai AT mit.gov.in

Read the original post in the Outlook here

For more details visit https://cis-india.org/news/muzzling-internet

Mumbai no longer ‘meri jaan’

radha — 2011-04-04T06:52:29Z

Why online (and offline) activism after 26/11 never took off; what should have been done to mobilize people - an article in the Livemint by Seema Chowdhry and Samanth Subramanian - 20th November, 2009

On “One Million Strong for Bombay” (23,601 members), a 9 October post concerned the activist Hansel D’Souza, chairman of the Juhu Citizens’ Welfare Group, the Citizens’ Consensus candidate for the Andheri (West) assembly constituency; an earlier post involved the schedule of the Jazz Yatra. On “The Black Badge for Bombay” (853 members), the last post, from 31 August, wonders if Pakistan is a pawn being used by China against India.

“The idea behind ‘Black Badge for Bombay’ initially was to keep the pressure on so that the reaction to the attacks in terms of government preparedness results in concrete action,” says Somasekhar Sundaresan, the group’s creator. “The government has now set up a combat force in Mumbai, which was the stated immediate objective of this movement and
pressure group. After that, we needed to move on.”

Sundaresan admits that the posts have not been updated more frequently because he hasn’t worked hard enough to get people interested in newer issues. “Most of my discussions about civil rights movements are restricted to five or six friends who are members of this Facebook group too,” he says. “It is easier to talk to them because I meet them
professionally and personally often.” “The Black Badge for Mumbai” has also been unable to organize offline meetings.

What these groups lacked, according to Sunil Abraham, executive director of the Centre for Internet and Society in Bangalore, was a dedicated team to keep the momentum going. “They don’t have intelligently incremental action points that keep their audiences increasingly engaged,” he says in an email interview. “The creators often underestimate the importance of offline activities that will keep their audiences motivated. Finally, many of them take their membership for
granted and don’t bother sending regular updates or even an occasional thank you.”

It was perhaps the need to sustain momentum that drove some of the offline citizens’ groups into the political sphere. Anil Bahl allied his Let’s Rebuild India with the Professionals Party of India. A group called Jago Mumbai turned into the Jago Party, which fielded a candidate in the Lok Sabha election from north-west Mumbai. (He lost.) “We decided that we couldn’t do anything alone,” says Bhuresh Barot, a working member of the Jago Party. “You need to be in power to do anything.”

As his party’s south Mumbai coordinator, Barot witnessed a rapid dissolution of voter outrage back into voter apathy; in the Lok Sabha election, the turnout stood at 43.3%. “The main reason seemed to be that voters thought they already knew the ideology of every party,” Barot theorizes. “And they decided they simply didn’t have faith in the candidates.”

Link to original article

For more details visit https://cis-india.org/news/mumbai-no-longer-2018meri-jaan2019

Multistakeholders Consultation on International Public Policy Issues

praskrishna — 2014-02-03T10:07:54Z

The Department of Electronics & Information Technology has called for a meeting on January 21 in New Delhi to discuss international public policy issues. Snehashish Ghosh will participate in the meeting.

MAG Meeting Notice issued by the Department of Electronics & Information Technology on January 13 can be accessed here.

For more details visit https://cis-india.org/news/multi-stakeholders-consultation-on-intl-public-policy-issues-january-21-2014

Multistakeholder Consultation on Encryption

praskrishna — 2016-12-17T01:22:35Z

The Centre for Internet & Society (CIS) in collaboration with ORF and Takshashila Institution is organizing a Multi-Stakeholder Consultation on Encryption on December 17, 2016 at TERI in Bengaluru.

The consultation is intended to help shape the discussions around the new draft encryption policy slated to be released sometime early next year. The consultation will be divided into two segments: an open house and a panel discussion with high-level government representatives, including Dr. Gulshan Rai, the National Cyber Security Coordinator. The sessions start at 10.30 a.m. on December 17, 2016 and will go on for until approximately 4.30 p.m.

The discussions themselves will highlight inputs from the three main constituents affected by an encryption policy: civil society and end users, the private sector and government. The range of civil liberties and constitutional rights implicated by encryption, as well as the needs of businesses to secure data flows will be discussed. Government officials too are expected to join the consultation and will provide perspectives on encryption and legitimate access to data for law enforcement purpose.

For more info reach out to Udbhav Tiwari (udbhav@cisindia.org) or Bedavyasa Mohanty (bedavyasam@orfonline.org)

For more details visit https://cis-india.org/internet-governance/events/multistakeholder-consultation-on-encryption

Multiple Aspects Need to be Addressed as the Clamour Grows for Network Neutrality

sunil — 2015-04-16T13:33:03Z

In the global debate there are four violations of Network Neutrality that are considered particularly egregious.

The article was published in DNA on April 16, 2015.

One — blocking of destinations or services in order to force the consumer to pay extra charges for access, two — not charging or zero-rating of certain destinations and services with or without extraction of payment from the sender or destination, and three — throttling or prioritisation of traffic between competing destinations or services and four — specialised services wherein the very same Internet infrastructure is used to provide non-Internet but IP based services such as IP-TV.

The main harms of network neutrality violations are as follows: one, censorship by private parties without legal basis; two, innovation harms because the economic threshold for new entrants is raised significantly; three, competition harms as monopolies become more entrenched and then are able to abuse their dominant position; four, harms to diversity because of the nudge effect that free access to certain services and destinations has on consumers reducing the infinite plurality of the Internet to a set of menu options. The first and fourth harm could result in the Internet being reduced to a walled garden.

It is insufficient to try and address this with networking rules for engineers such as “all packets should be treated equally.” But a set of principles could be developed that can help us grow access without violating network neutrality. Wikimedia Foundation has already developed their principles which they call “Wikipedia Zero Operating Principles”. In India our principles could include the following. One, no blocking without legal basis. Two, transparency — all technical and commercial arrangements are to be disclosed to the public. Three, non-exclusivity — all arrangements should be available to all parties, no special deals for those you favour. Four, non-discrimination between equals — technologies and entities that are alike should be treated alike. Five, necessity — whilst some measure may be required occasionally when there is network congestion they should be rolled back in a time-bound fashion.

Once these principles are enforced through a network neutrality regulation, ISPs and telecom operators will be allowed to innovate with business and payment models. Steve Song, inventor of Village Telco says “My preferred take on zero-rating would be to zero-rate gprs/edge data in general so that there is a minimum basic access for all.” My colleague Pranesh Prakash says “One possibility, of many, is to create a single marketplace or exchange for zero-rating, through which one can zero-rate on all telecom networks for standard tiered rates that they publish, and terms that are known to the regulator. Banning is akin to a brahmastra in a regulator's arsenal: it should not be used lightly” Jochai Ben-Avie of Mozilla told me yesterday of experiments in Bangladesh where consumers watch an advertisement everyday in exchange for 5Mb of data. My own suggestion to address the harms caused by walled gardens would be to make them leak – mandate that unfettered access to the Internet be provided every other hour.

There is many other ways in which the Internet has been transformed in India and other countries but these are not commonly considered network neutrality violations. Here are some examples. One, blocking of port 25 — a port that is commonly used to relay email spam. Two, blocking of port 80 – so that domestic connections cannot be used to host web servers. Three, the use of private IP addresses, ISPs who are delaying migration to IPv6 infrastructure because of cost implications leverage their IPv4 address inventory by using Carrier Grade — Network Address Translators [CG-NATs]. Four, asymmetric connections where download speeds for consumers are faster than upload speeds. With the exception of the first example — all of them affect end users negatively but do not usually impact corporations and therefore have been unfortunately sidelined in the global debate.

The TRAI consultation paper reveals many of the concerns of the telecom operators that go beyond the scope of network neutrality. Many of these concerns are very legitimate. There is a scarcity of spectrum — this could partially be addressed by auctioning more spectrum, scientific management of spectrum, promotion of shared spectrum and unlicensed spectrum. Their profit margins are thinning – this could be addressed by dismantling the Universal Service Obligation Fund, it is after all as Rohan Samarajiva puts it “a tax on the poor.” Internet companies don't pay taxes – this could be addressed by the Indian government, by adopting the best practices from the OECD around preventing tax avoidance. But some of their concerns cannot be addressed because of the technological differences between telecom and Internet networks. While it is relatively easy to require telecom companies to provide personal information and allow for interception of communications, those Internet companies that use end-to-end encryption cannot divulge personal information or facilitate interception because it is technologically impossible. While the first two concerns could be addressed by TRAI, the last two should be addressed by other ministries and departments in the Indian government.

There are other concerns that are much more difficult to address without the deep understanding of latest advancements in radio communication, signal processing and congestion control techniques in packet switched networks. A telecom expert who did not wish to be identified told me that “even 2G TDM voice is 10 to 15 times more efficient when compared to VOIP. IP was developed to carry data, and is therefore not an efficient mode to carry voice as overhead requirement for packets destroys the efficiency on voice. Voice is best carried close to the physical layer where the overheads are lowest.” He claims that since “VOIP calls are spectrally inefficient they should be discouraged” through differential pricing. We need accessible scientific literature and monitoring infrastructure so that an evidence base around concerns like this can be created so as to address them effectively through regulatory interventions.

You know you have reached a policy solution when all concerned stakeholders are equally unhappy. Unfortunately, the TRAI consultation paper assumes that Internet companies operate in a regulatory vacuum and therefore places much unnecessary focus on the licensing of these companies. This is a disastrous proposal since the Internet today is the result of “permission-less innovation”. The real issue is network neutrality and one hopes that after rigorous debate informed by scientific evidence TRAI finds a way to spread unhappiness around equally.

The author works for the Centre for Internet and Society which receives funds from Wikimedia Foundation which has zero-rating alliances with telecom operators in many countries across the world.

For more details visit https://cis-india.org/internet-governance/blog/dna-april-16-2015-sunil-abraham-multiple-aspects-need-to-be-addressed-as-the-clamour-grows-for-network-neutrality