We are anonymous, we are legion

India High Court: No Takedown Requests On Social Sites Without Court, Gov't Order

praskrishna — 2015-04-03T06:18:52Z

Indian police will no longer be able to threaten Internet users and online intermediaries with jail merely on the basis of a complaint that they have posted “offensive” posts online.

The blog post by Madhur Singh was published in Bloomberg BNA on March 25, 2015. Geetha Hariharan gave her inputs.

Following a landmark judgment by the Supreme Court of India March 24, law enforcement agencies will be able to take action in such cases only after an order has been obtained from a court or the government (Singhal v.Union of India, India Sup. Ct., 3/24/15).

The court struck down in its entirety Section 66A of the Information Technology Act, which authorized criminal penalties for sending “offensive” messages through electronic communication services. Opponents of the measure said the section defined “offensive” very vaguely and broadly, and that cases of arrest under the section frequently made headlines.

Freedom of speech activists and Internet-based businesses welcomed the judgment as a boost for civil liberties, freedom of speech and a conducive business environment for an entire gamut of online businesses.

The judgment is good news for intermediaries such as Facebook Inc. and the India-based review site MouthShut.com, both of which have been repeatedly inundated with takedown notices based on complaints against “offensive” posts.

Offensive Posts Were Actionable Under Section 66A

Section 66A, added to the Information Technology Act of 2000 through an amendment in February 2009, prescribed imprisonment of up to three years and a fine for anyone who sends via a computer resource or communication device:

(a) any information that is grossly offensive or has menacing character;
(b) any information which he knows to be false, but for the purpose of causing annoyance, inconvenience, danger, obstruction, insult, injury, criminal intimidation, enmity, hatred or ill will, persistently by making use of such computer resource or a communication device; or
(c) any electronic mail or electronic mail message for the purpose of causing annoyance or inconvenience or to deceive or to mislead the addressee or recipient about the origin of such messages.

A supporting Section 79(3)(b) stated that “upon receiving actual knowledge, or on being notified by the appropriate government or its agency that any information, data or communication link residing in or connected to a computer resource controlled by the intermediary is being used to commit the unlawful act,” the intermediary would have to “expeditiously remove or disable access to that material or that resource.”

Together, these sections put ordinary Internet users at risk for arrest for simply posting online and obligated intermediaries such as Twitter Inc., Facebook, MouthShut.com and others to take down content simply pursuant to a complaint.

Earlier this month, Facebook revealed statistics indicating that India is second on its global list of governments demanding takedowns.

Court Removes Intermediaries' Discretion

Shwetasree Majumder, partner at Fidus Law Chambers, told Bloomberg BNA March 25 that after this decision, any blocking of content can now only take place via a reasoned order after complying with several procedural safeguards, including a hearing to the originator and intermediary either by the designated
officer or pursuant to an order passed by a competent court.

“So intermediaries like Google, Facebook etc. are no longer required to judge as to whether the take down notices received by them contain legitimate requests or not,” she wrote in an e-mail. “As an acknowledgement that a true intermediary should not concern itself with the merits of the content posted by third parties, the court takes away the intermediary's discretion as to what content must remain and what must go.”

Geetha Hariharan, program officer at the Centre for Internet and Society, told Bloomberg BNA that after “reading down” Section 79, the Supreme Court “has relieved the intermediary of its responsibility to judge the lawfulness of content. Now, the intermediary will lose immunity under Section 79(3)(b) (and be liable
to prosecution or penalty) only if it does not take content down after receiving ‘actual knowledge of a court order or government notification' requiring takedown of content.”

Prior to the judgment, an intermediary was required to judge whether a takedown notice concerned unlawful content on its website, which would constitute “actual knowledge” under the section. If the intermediary made an affirmative determination, it was required to take the content down or lose immunity under Section 79(3)(b).

Supreme Court Strikes Down 66A

Momentum against Section 66A built up over the last three years, particularly after law student Shreya Singhal filed a challenge in the Supreme Court after two Mumbai women were arrested and put in jail for 10 days in 2012 for Facebook posts against a shutdown of Mumbai city following a politician's death.

A Supreme Court bench comprising Justices Jasti Chelameswar and Rohinton F. Nariman heard ten such cases together, and ruled March 24 that Section 66A was unconstitutional as it directly affected the right of the public to know. Holding that Section 66A was “open ended, undefined, and vague” so that “virtually any opinion on any subject would be covered by it, as any serious opinion dissenting with the mores of the day would be caught within its net,” the court struck it down in its entirety.

The court said that Rule 3(4) of the Intermediaries (Guidelines) Rules, 2011, which pertains to an intermediary disabling access to material that is “known” to be violative of Rule 3(2), needed to be read down in the same manner as Section 79(3)(b).

The court, however, upheld Section 69A of the Information Technology Act, which gives the government the power to block web content if doing so is in the interest of the sovereignty, integrity or security of India.

Impact on Intermediary Liability

Overall, Majumder said that intermediary liability now stands significantly watered down. One particular case this might impact is the currently pending Super Cassettes India Ltd. v MySpace Inc. case before the Division Bench of the Delhi High Court, which is considering the validity of the high threshold of intermediary liability prescribed by a single judge in copyright infringement cases.

Hariharan wrote in an e-mail that while intermediaries such as Internet service providers (ISPs) or content hosts may “choose” to take down content when they receive a private takedown notice, they don't “need” to do so to remain immune under Section 79(3)(b) or Rule 3(4) of the Intermediaries Guidelines.

“This reduces uncertainty in intermediary liability in India. It will also hopefully keep intermediaries from taking down content in an overbroad manner to escape liability,” Hariharan said, adding that the government nevertheless continues to have the ability to criminalize online acts. For instance, Sections 66B
to 67B of the IT Act define and criminalize different online conduct. Additionally, sections of the Indian Penal Code that criminalize speech acts (e.g., Sections 295A and 153A for incitement; Section 292 for obscenity) have also been applied to online acts in the past.

The Internet & Mobile Association of India said in a statement on its website March 24 that the judgment will mark a new phase for the growth and evolution of the Internet in India. While Internet users will no longer fear illegal censorship or harassment, it said that “online businesses, ranging from established international companies to small Indian startups, will be able to take advantage of a more conducive business environment.”

The IAMAI added that the judgment will be especially helpful to smaller companies such as Mouthshut.com that will “now not be harassed by the frivolous and mal-intentioned notices of take down.”

For more details visit https://cis-india.org/internet-governance/news/bloomberg-bna-march-25-2015-madhur-singh-india-high-court-no-takedown-requests-on-social-sites-without-court-govt-order

Supreme Court Strikes Down Section 66A Of IT Act

praskrishna — 2015-03-25T16:43:53Z

In a major boost to freedom of speech online in India, the Supreme Court on Tuesday struck down Section 66A of the Information Technology Act, reading down a draconian law that was poorly conceived, tragically worded and caused ordinary citizens to be jailed for so much as a comment on Facebook that annoyed just about anyone.

The article by Indrani Basu and Betwa Sharma published in the Huffington Post on March 24, 2015 quotes Sunil Abraham.

In its 122-page judgment, the court struck down the entire section, refusing to heed the government's plea that it will not be misused.

"The apex courts in India have consistently protected the rights of its citizens. And the Supreme Court has once again upheld that great tradition with this decision. There are constitutional exceptions to free speech that exist.

But this judgment will protect against the abuse of this vague and badly drafted law," said Sunil Abraham, executive director at the Centre for Internet and Society.

The section was passed without discussion in Parliament by the UPA government in 2008, adding an amendment to the original 2002 Act. While Narendra Modi supported the repealing of the Act during his prime ministerial campaign, after the BJP came to power, the government defended the provision, even while admitting it was draconian.

The government argued that the provision was necessary to prevent people from posting inflammatory content offending religious or political sentiments, leading to violence.

"I''m so happy with the decision. They have completely struck down the whole section. This is a victory for the country," said Shreya Singhal, the 24-year-old law student on whose petition the Supreme Court was hearing the case. "I don't have a political agenda — both the Congress government and the BJP have misused the section earlier. Section 66A was a blanket provision which was very vague. There are many IPC sections that could be used in its place."

"No one should fear putting anything up on the internet. It is very important for us to protect this right today," she said.

But there are sections in the Indian Penal Code that can deal with such situations.

And the broad and vague wording of 66A meant that it effectively became a tool that muzzled all speech online.

In 2012, Shaheen Dada, a 21-year old Mumbai girl, posted on Facebook comments about Shivsena leader Bal Thackerey. Annoyed party members went to the cops and Dada was arrested. Her friend Rinu Srinivasan, who had 'liked' the comment on Facebook, was also arrested.

The same year, Jadavpur University professor Ambikesh Mahapatra was arrested for sharing a cartoon poking fun at West Bengal chief minister Mamata Banerjee.

Mumbai cartoonist Aseem Trivedi was also arrested under the provision for his cartoons during the Anna Hazare anti-corruption agitation.

Here is what the section said:

66A. Punishment for sending offensive messages through communication service, etc.
Any person who sends, by means of a computer resource or a communication device,—
(a) any information that is grossly offensive or has menacing character; or
(b) any information which he knows to be false, but for the purpose of causing annoyance, inconvenience, danger, obstruction, insult, injury, criminal intimidation, enmity, hatred or ill will, persistently by making use of such computer resource or a communication device,
(c) any electronic mail or electronic mail message for the purpose of causing annoyance or inconvenience or to deceive or to mislead the addressee or recipient about the origin of such messages,
shall be punishable with imprisonment for a term which may extend to three years and with fine.

For more details visit https://cis-india.org/internet-governance/news/huffington-post-indrani-basu-betwa-sharma-march-24-2015-supreme-court-strikes-down-section-66a-of-it-act

Indian Supreme Court Overturns Law Barring ‘Offensive Messages’ Online

praskrishna — 2015-03-25T16:18:29Z

India’s Supreme Court on Tuesday struck down legislation barring “offensive messages” online, saying it violated constitutional guarantees of free expression.

The article by Niharika Mandhana published by Wall Street Journal on March 24, 2015 quotes Sunil Abraham.

A two-judge panel voided a part of India’s Information Technology Act that made it a crime to share information through computers or other communications devices that could cause “annoyance, inconvenience” and “enmity, hatred or ill will.”

Announcing the ruling in a crowded courtroom in the Indian capital, Justice Rohinton Nariman said the law’s provisions were too vague and didn’t provide “clearly defined lines” for law-enforcement officials. “What is offensive to one person may not be offensive to another,” he said.

The court also ruled that Internet companies, such as Facebook and Google, could be required to remove or block access to online content only if ordered to do so by a court or by a notification from the government. Previously, they were expected to act when they had “actual knowledge” of allegedly illegal materials.

Free-speech activists had long argued against the broad language in the law, which was enacted in part as an effort to prevent the incitement of violence among different religious and ethnic groups in the world’s second-most-populous nation.

On Tuesday they applauded the decision.

“This provision was hugely problematic for anyone using the Internet in India and that is gone,” said Sunil Abraham, head of the Bangalore-based Center for Internet and Society. “The court has removed the additional, unconstitutional limits to free speech.”

India’s Information Technology minister, Ravi Shankar Prasad, said in a televised interview after the ruling that the government “supports free social media.”

“If the security establishment needs a response in cases of terrorism, extremism, communal violence, the government will take a view after wider consultations,” Mr. Prasad said. “But only with adequate safeguards.”

Enforcement of the law has sparked controversy for years. In 2012, a 21-year-old was detained after complaining on Facebook about the effective shutdown of Mumbai for the funeral of a right-wing Hindu leader. Another person was also detained for “liking” her comment.

That year, political cartoonist Aseem Trivedi was also charged under this law for his work lampooning Parliament. Mr. Trivedi said Tuesday that the court’s decision would “put a stop to years of misuse of the law by the government and politicians.”

“It sends a strong message that Indian law is with free speech,” Mr. Trivedi said.

According to a recent report by Facebook, the U.S. social media company blocked 5,832 pieces of content in the second half of 2014 on requests from Indian law-enforcement agencies and the government.

That was up from 4,960 pieces blocked from January to June last year. Facebook said it restricted access in India to a lot of “anti-religious content” and “hate speech that Indian officials reported could cause unrest and disharmony.”

J. Sai Deepak, a New Delhi-based lawyer involved in the case, said Tuesday’s decision was a significant victory for Internet companies in India. He said the law’s implementation—which earlier was “subject to the vagaries of the political winds of the state,” he said—would now be guided only by the free-speech rules laid down in the Indian constitution.

The order, however, rejected an argument by free-speech advocates that information shared on the Internet must be treated the same way as other kinds of speech, such as a live address or printed material. The court said lawmakers could create a separate law to deal with online speech because such content, unlike others, “travels like lightning and can reach millions of persons all over the world.”

But the current law, the court said, was too vague and included terms which “take into the net a very large amount of protected and innocent speech.” The law “is cast so widely that virtually any opinion on any subject would be covered by it,” the order said.

—Newley Purnell contributed to this article.

For more details visit https://cis-india.org/internet-governance/news/wall-street-journal-niharika-mandhana-march-24-2015-indian-supreme-court-overturns-law-barring-hate-speech-online

‘A safe Internet and a free Internet can co-exist’

praskrishna — 2015-03-25T15:58:02Z

Striking down of 66A kicked off celebrations in the IT capital.

The article was published in the Hindu on March 25, 2015. Sunil Abraham is quoted.

Social media was celebrating on Tuesday. “Such a party going on on Twitter today #66A!” said one exuberant user, while another put a rap on it: “Made an FB post and didn’t go to jail. I gotta say today was a good day.” Another group was quick to point though: “Enjoy the freedom “responsibly!"

The day the Supreme Court struck down Section 66A of the Information Technology (IT) Act, those who had consistently termed it a “tyrannical” and “draconian” legal provision did a victory lap, calling it a “triumph for free speech in India”. Bengaluru, often called the information technology capital of the country, can stake claim for some of the legwork, with many from the city having either campaigned for the cause or took part in the PIL.

MP Rajeev Chandrasekhar, one of the litigants, said, “A free and fair Internet is crucial for innovation, connection and economic growth. By repealing section 66A, India is now ready for a technological leap. A safe Internet and a free Internet can co-exist, and the government should now draft carefully worded amendments that enable this co-existence.”

Stating that the Section was more your foe than a friend, cyber law expert Pavan Duggal said, “Section 66A symbolised the tyranny of ambiguous vague terms over the purity of legitimate free speech. It represented a tool for suppressing bonafide free speech, which was extensively misused. Freedom of speech and expression on the Internet is sacrosanct and only subject to reasonable restrictions given under Article 19(2) of the Constitution of India.”

Intermediaries

Sunil Abraham, Executive Director of the Centre for Internet and Society (CIS), said there were other positives in the landmark judgement.

“For the first time since the 1960s, the SC has struck down a section of law deeming it unconstitutional. Section 79 gave an adjudicatory position to intermediaries (such as Facebook, Twitter or bloggers). They were liable if they took the wrong decision or if they did not act on ‘take down’ requests within 36 hours. Now they are immune either way,” he explained. He said small-time bloggers, newspapers, and open source encyclopaedia, such as Wikipedia, will now be protected.

‘Retain spirit of Section 66A(b)’

K.V. Aditya Bharadwaj

Bengaluru: While even cops handling cyber crimes have welcomed scrapping sub-sections (a) and (c) of Section 66A of IT Act, 2000, they make a case for retaining the spirit of sub-section (b) in an amended law expected to be brought in shortly.

Section 66A(b) deals with a person sending out messages using electronic medium, which he knows to be false. It was under this provision that cops booked rumour-mongers who spread hatred messages through WhatsApp and other social media, which was scrapped.

A classic case was the one were two men were arrested for sending out provocative WhatsApp messages in July 2012, leading to an exodus of North-East Indians from the city. “Similar baseless WhatsApp messages led to chaos after the December 2014 Church Street blast and D.K. Ravi’s death. Even twitter was abuzz with parody profiles and fake claims made by people after the bomb blast. Rumour mongering and sending provocative messages have turned out to be a major area of concern in urban centres,” said a senior official.

An official said that in the absence of Section 66A(b), such rumour-mongers could only be booked under the Karnataka Police Act, which carries a very light punishment.

For more details visit https://cis-india.org/internet-governance/news/the-hindu-march-25-2015-a-safe-internet-and-a-free-internet-can-co-exist

Netizens Rejoice Over SC Ruling to Keep the Net Free

praskrishna — 2015-03-25T15:16:03Z

The Supreme Court ruling to strike down Section 66A of the Information Technology (IT) Act has been welcomed by the city’s netizens.

The article by Parina Dhilla was published in the New Indian Express on March 25, 2015. T. Vishnu Vardhan gave his inputs.

Sharanya Gopinathan, a recent graduate, was overjoyed at the decision. The youngster, who is now pursuing her masters in London, recalls the time her post on Facebook about Prime Minister Narendra Modi was reported for being offensive.

“It was just a sentence about how I felt about Mr Modi. Nothing obscene but it still got reported,” she says. She believes the Internet to be “the last guard of freedom”, where free speech has real meaning because there is no government and corporate control.

Forums propagating freedom on the World Wide Web too have applauded the verdict.

T Vishnu Vardhan, programme director of Access to Knowledge at the Centre for Internet and Society, says the draconian aspect of the IT Act has finally been removed.

The other laws coming under the IT Act’s ambit too need to be reviewed and changed, he said.

Lawyers told Express that many times, they have advised clients to take down posts that could be construed as offensive under Section 66A.

Lawrence Liang, a lawyer with the Alternative Law Forum, says, “Recently, we were approached by a woman saying she was being harassed by a mob after she tweeted about the beef ban in Maharashtra. We asked her to delete the tweet and lie low.”

“But now, I won’t advise people to take down their posts from the internet. It is a good ruling and gives people their freedom of speech and expression on the Internet,” Lawrence says.

Change on the Horizon

With bans raining down in the country, many believe the apex court’s decision will bring about change.

Yogita Dakshina, a freelance content writer who regularly posts about the hardships faced by the LGBT community, says she has always posted fearlessly but some of her family members were always scared that she would court trouble due to the provisions of Section 66A.

Prabahan Chakravorty, a PhD student, is of the view that this will be a big lift for those in the creative field. “The rights to freedom and expression need to be given to all citizens, especially writers and artists. Some people may consider a few posts offensive, but then, the world is offensive and people need to deal with that.”

On the responsibility that falls upon netizens with this verdict, Ankura Nayak, a student of Mount Carmel College, says, “People are responsible and they know what to post. There were a few people who posted irresponsible content even before this ruling. But these are few in number compared to responsible netizens.”

For more details visit https://cis-india.org/internet-governance/news/new-indian-express-march-25-2015-parina-dhilla-netizens-rejoice-over-sc-ruling-to-keep-the-net-free

Internet becomes vernacular with relaunch of e-bhasha

praskrishna — 2015-04-03T05:49:42Z

With the relaunch of e-bhasha as a mission mode project, there is a fresh urgency to create content and technical solutions in Indian languages.

The article by Ankita Lahiri was published in Governance Now on March 23, 2015. Sunil Abraham is quoted.

Computer literacy is often linked to the knowledge of English. With the launch of the e-bhasha project, the government is hoping to make the internet more accessible. The project aims at providing computing tools in Indian languages, thus making government services available to a substantial part of India. These tools were developed more than a decade ago, but sadly remained non-utilised. However, the government has now decided to bring in the e-bhasha project under the umbrella of the national e-governance plan (NeGP) as a mission mode project (MMP).

The project that is being jointly driven by the department of electronics and information technology (DeitY) and technology development for Indian languages (TDIL), will be implemented in all departments across states and promises to provide all government services in 22 scheduled Indian languages. It will also provide a range of technical solutions, browsers and content in local languages. The multilingual aspect will ensure that government services have a wider reach and are accessible to citizens in local languages. The department hopes to get approval for the MMP by early next year.

Although TDIL has been finalised as the nodal implementing agency, the idea is to create a separate body, the centre of excellence (CoE) for localisation of Indian languages that will do the actual implementation on the ground level. Discussing the wing’s role, Swaran Lata, officer-in-charge, human-centred computing division, TDIL, told Governance Now: “We are like the backbone MMP. We will provide tools and solutions that can be used to generate the content in Indian languages. We will also provide standards and guidelines for the electronic governance domain. The final service delivery will be the responsibility of the various departments.”

Elaborating on how this platform can potentially transform the lives of the common citizen, Rajat Moona, director general, centre for development of advanced computing (C-DAC), said, “More people will get connected to government services now. It will bring the government closer to the citizen. The platform will change the way people carry out government services.” C-DAC has been working on local language computing and has been a key player driving the initiative on the technology front.

As an MMP, e-bhasha will have two main components: productisation and capacity building. The first step towards creating the e-bhasha platform will be the productisation. As Rajendra Kumar, joint secretary, DeitY, pointed out, “E-bhasha is all about the use of computing tools in Indic languages. It is about the productisation of these software tools, which means the ultimate utilisation of these tools for the end user.” In order to fully implement the MMP, proper training as to how to implement it at the ground level has to be given. The capacity building module of the MMP aims to train both the government departments as well as their technical teams. The training will be implemented jointly by DeitY and TDIL.

Commenting on the need for capacity building Lata said, “People still don’t have the skills to develop applications in multilingual or bilingual languages.” The training will be given through classroom sessions and various trouble shooting groups. Lata explained that applications will be classified in two groups – new projects and continuing projects. For each group the challenges will be different. For pre-existing applications, the entire application might have to be rewritten since the application as such might not have any provision for local languages. “The localisation of applications will vary according to the existing applications,” she said.

After this, content in these languages will be generated by various institutes and research and development organisations. Explaining that the service delivery framework for the MMP has already been designed, Rajendra Kumar said that the centre will extend total support to all the states in implementing the project.

Where India stands

Work to provide support in the form of tools and content in Indic languages has been going on in the country for more than two decades. C-DAC has been involved in this since 1988. The centre has been working towards developing tools that support Indic languages. Moona said, “We have been supporting Indic languages since 1988, whether it is from left to right or vice versa and languages with multiple fonts, like Konkani.

“As an integral part of the e-bhasha MMP, the centre will provide software tools that will facilitate the citizen in accessing government services in the local languages,” Moona said adding that, “Through the tools, we provide localisation support of government services. We provide government frontend in local languages. That is what the e-bhasha MMP is all about.”

C-DAC has already developed a number of solutions that support the Indic languages including a mobile touch keypad that can be downloaded from its website. Further a screen reader and various templates are also available. “The keyboard is slowly disappearing. We have a touchscreen that supports 27 Indic languages,” Moona said.

One of the key initiatives by TDIL has been in the form of the Sakal Bharti font, a type of open font format (OFF). It is a standard font, applicable to all the 22 schedule languages, irrespective of the platform, programme and language. It allows one to view and edit any document without any loss of data. Similar efforts have also been made by private players in creating the required tools to increase the reach the Indian languages. The Centre for Internet and Society (CIS) has launched several initiatives, including translating Wikipedia in regional languages and creating screen readers that support indigenous languages.

With the increase in internet penetration and the resulting increase in demand, private players, including digital giants Google and Microsoft, have joined hands to promote content in Indian languages. The initiative called the Indian languages Internet Alliance (ILIA) was launched by Google to cater to the Hindi-speaking population by providing content and solutions. Launched around the same time as the e-bhasha project, the two projects are expected to complement each other.

“It is heartening to see support from the government for this initiative. The initiative would shape the thinking around the government’s e-bhasha initiative and we are happy to partner with the government around the three pillars of e-bhasha: e-governance, e-education and culture,” said a Google spokesperson.

In support of the private initiatives that are coming up, Lata explained that an ecosystem has been built. “What happens is that in areas where it is not commercially beneficial, it has to be the government which steps in first. I think the government has received a wake-up call in terms of both e-governance as well as languages.”

The chicken or the egg?

The resources have been available with the government for the last two decades, yet it is only now that the push for local languages has got the attention it much needed. According to Kumar, while C-DAC has been involved in developing these tools and their language department, GIST, has been around for at least 15 years the implementation in e-governance did not happen.

Lata further elaborated, “It is not the correct perspective to say that the localisation of languages is just a frontend issue. It is an architectural issue and a language solution should enable people to search access and retrieve data in the local languages.”

The surge in the number of users as well as the new government’s heightened interest in electronic governance has created an increased demand. “The push for Indian languages has been there for a long time. Many government websites are bilingual (English and Hindi). However, with the introduction of electronic governance a lot of activities have been happening. The need for Indian languages has become much higher,” Moona said. “It is an evolutionary process. Internet governance is still a new thing in India, it is only after its introduction that the tools and support for local languages has been required.”

Sunil Abraham, executive director, CIS, said, “Creation of Indic content cannot be left to a single government entity. It needs massive effort from all concerned stakeholders. The reason that there is very little Indic content online is because most internet users today either are comfortable using English or don’t have sufficient purchasing power to sustain different business models. As more and more Indians come online, more and more businesses will begin to leverage Indic content. However, focused and enlightened investments by the government would be very useful in helping Indic languages catch up on the internet.”

With Indic languages receiving a push from both the government and private players, it might just be time that the internet really becomes a tool for everyone.

For more details visit https://cis-india.org/internet-governance/news/governance-now-march-23-2015-ankita-lahiri-internet-becomes-vernacular-with-relaunch-of-e-bhasha

India's plan to offer citizens digital lockers poses a privacy threat, say experts

praskrishna — 2015-04-03T06:32:20Z

The Indian government launched a test version of a service called the digital locker last month that allows citizens to store scanned versions of important documents online, something that experts say poses a serious threat to people’s privacy.

The blog post was published in Scroll.in on March 19, 2015. Sunil Abraham was quoted.

Based on a similar project being tried out in Maharashtra, the service allows people with Aadhar cards to store scanned copies of their passports, birth certificates, ration cards and other important documents on remote servers. This way, people can digitally back-up important documents and also send them over the internet to others, such as potential employers or banks, for availing themselves of other services.

The service, whose test version was launched on February 12, will be optional. But it could find takers from among the about 90% of India’s households who do not own a laptop or computer and the 95% that do not have an internet connection, according to the 2011 census. Experts are concerned that sensitive data stored in a central place could be stolen or misused.

Serious threat

“Any large linked database with personal information is a serious threat to citizen's data,” said G Nagarjuna, a researcher at the Homi Bhabha Centre for Science Education in Mumbai and a member of the Free Software Movement. “There exists no agency that could secure their data till date without any possibilities of data theft.”

Digitisation is not inherently a problem, experts say. It is the kind of information stored that is. There are two kinds of information people need to be concerned about, said Sunil Abraham, executive director of the Bangalore-based Centre for Internet and Society, in an email to Scroll.in. Public domain information such as land records, pan cards and ration cards should be available to the public anyway. However, private information such as biometrics and passports are of concern.

“Unless the cryptography and architecture is organised in such a manner that only the citizen will have access there can be very serious consequences for the individual’s right to privacy,” he said.

The scheme raises the same concerns about privacy that came up during the creation of Aadhar cards, for which the government has collected biometric and identification data for 773 million citizens.

Information is power

Experts pointed to the dangers of the state having access to crucial data about citizens. The dangers are perhaps greater when the data passes into the hands of private corporations, they said.

The Indian government has not said who will run the central servers on which all the data is to be stored, but Maharashtra said in January that it would upload the data it was collecting to a private cloud service run by Microsoft.

“This is a terrible idea because it is centralising storage of personal information across silos controlled by different data controllers and also giving the citizen no control over who has access to his or her data," said Abraham.

“A blunder of the highest order is to pass this information to a cloud, and that too to a foreign company,” said Nagarjuna. “India is a sovereign republic, and hence we should assert this in the country’s digital assets as well. How secure can India be if our security is passed on to another agency that owes its allegiance to another country?”

Surykant Jadhav, joint secretary of the Directorate of Information Technology in Maharashtra, defended the scheme, comparing it to other optional services that the state provides such as online ticketing and filing of income tax returns. “The lockers are there only if people want to use it,” he said.

Cart before the horse

But the government ought to be trying to improve the basics, such as increasing computer and internet penetration, before launching value-added digital services, said Nagarjuna.

“What is the basic social or economic problem that the government is trying to solve by creating the digital lockers?” “Just as each citizen learns how to protect their assets, the digital natives of a digital society will eventually learn how to protect their digital assets. Digital India cannot be created without providing digital literacy to all the citizens. Did we do that? Once we do that, citizens will learn what is good for them, particularly for their own assets over which the government has no ownership.”

For more details visit https://cis-india.org/internet-governance/news/scroll-mridula-chari-march-19-2015-indias-plan-to-offer-citizens-digital-lockers-poses-a-privacy-threat-say-experts

Tech Law Form @ NALSAR

praskrishna — 2015-04-03T16:36:01Z

The event was organized by NALSAR University of Law, Hyderabad on March 7 and 8, 2015. Geetha Hariharan participated as a speaker. She gave a lecture on Perspectives on Internet Governance.

For more info on the event click here.

For more details visit https://cis-india.org/internet-governance/news/tech-law-forum-at-nalsar

Delhi Govt Sets Up WiFi Task Force

praskrishna — 2015-04-03T07:06:41Z

Delhi government is believed to have set up a task force to enable WiFi in the city. The task force, which has been recently constituted, includes entrepreneur and start-up advisor Mahesh Murthy, Medianama founder Nikhil Pahwa and Center for Internet Society director Pranesh Prakash, as per a report by PTI.

Originally published by Press Trust of India, the news was mirrored by TeleAnalysis on March 18, 2015.

The Wifi task force was set up by Delhi Dialogue Commission (DDC), which besides this, will also look after various initiatives that can make Delhi a better place to live. The commission, in the past, has sought suggestions, expert opinions and proposals from domain experts in various issues related to Delhi. The DDC is evaluating various proposals and will act accordingly, the report said.

The DDC is inviting proposals and suggestions, comments and ideas over email at ddc.delhi@gov.in and the Whatsapp helpline +919643327265.

“These have received tremendous response with over 400 emails and thousands of Whatsapp messages coming in from Delhi citizens, who sent in their requests and needs and also detailed technical assistance and support in the implementation of this project,” the government said in a statement.

While the above email Id is active and we got an instant automated response, when sent a query, the Whatsapp number seems to be dead, as it was last seen on ‘1/25/2015′.

Providing free WiFi in Delhi was a part of the manifesto of the Aam Aadmi Party.

For more details visit https://cis-india.org/internet-governance/news/tele-analysis-gyana-ranjan-swain-delhi-govt-sets-up-wifi-task-force

Live Chat: Aadhaar: An identity crisis?

praskrishna — 2015-04-03T06:54:25Z

The Aadhaar card is not compulsory for citizens and "no person should be denied any benefits or ‘suffer’ for not having the Aadhaar cards issued by Unique Identification Authority of India," the Supreme Court ruled on Monday.

The live chat was published in the Hindu on March 17, 2015. Sunil Abraham took part in the discussions.

Four years after Aadhaar was launched – and touted as a panacea to access social services and subsidies – its users continue to be dogged by an array of problems ranging from technical glitches to procedural delays. And those who do not have an Aadhaar card find themselves quizzed by government authorities.

The Hindu’s Tamil Nadu edition today highlighted the challenges ordinary citizens - both those who have cards and those who do not – face, be it from non-availability of application forms or glitches in the biometrics process.

We will be hosting a live chat on Aadhaar at 5 pm today. You can pose questions and share your views with Sunil Abraham, Executive Director of Bangalore-based research organisation, Centre for Internet and Society; K. Gopinath, Professor at the Computer Science and Automation Department at the Indian Institute of Science (IISc) and The Hindu’s K. Venkatraman.

Comment From Anon

What could have happened such that the current government, who were once in the opposition, were members of the parliamentary committee that strongly opposed UIDAI, now suddenly wants to use it everywhere? What could have transpired such that the PM got so convinced that it would help its citizens more than it could potentially harm?

Sunil Abraham: Usually the party that is in power is pro-surveillance and anti-censorship and the opposition is pro-privacy and pro-free speech. After the elections - if the parties swap positions as a result of the mandate - then they usually also swap positions on surveillance and censorship. This phenomenon is not specific to India.

K. Gopinath: The leakage in the current models is very high. Hence, the attraction.

The issue earlier was whether there was some costs to the use of sw (esp. proprietary) from outside the country. Probably, these have been addressed.

Comment From Saurabh

Aadhaar was supposed to be a good 2 factor authentication mechanism, what happens to it now ?

Sunil Abraham: Aadhaar architecture was designed to allow for multiple authentication factors. Unfortunately biometrics is a poor authentication factor since it cannot be revoked. Any two-factor authentication scheme where one factor is biometrics is in reality only a one-factor scheme. Pin code as with credit cards and debit cards would have been much more secure for authentication.

K Venkataramanan: It will continue to be relevant, but is unlikely to be mandatory for quite some time.

K. Gopinath: Real-time 2-factor auth (biometrics, signatures) are not easy, esp over Internet, and would require a much longer rollout

Comment From Saurabh

I did not get Aadhar for myself or my family. Does this mean, I will not have to as yet.

Sunil Abraham: As per the UIDAI - Aadhaar is not mandatory. Also according to the latest remarks from the Supreme Court - Aadhaar should not be made mandatory without enabling law. But many state and central government agencies have ignored the comments made by the SC and have made Aadhaar mandatory for various programmes and schemes.

The Hindu: Is Aadhaar virtually redundant now following the SC order? Nothing more than an expensive experiment?

K. Gopinath: I think it will be used as an addl auth mechanism (just like elec./ph. receipts). May be once the technology is demo'ed properly (it has not been done seriously anywhere else), it will be taken up again.

Comment From Abubacker

I am an NRI and need to have Aadhaar Card? How to obtain Appointmet - I am from Tuticorin, Tamil Nadu

K Venkataramanan: Your family member or representative living in Tuticorin may apply for Aadhaar through the local body. It may be possible to get a date for recording biometrics. However, you have to come down here for recording biometric details.

Comment From Kishore J

Why is Govt. not able to legalize the Aadhar, I'm assuming the only reason Supreme court keeps blocking it is because its not a law passed by Parliament ?

K. Gopinath: SC goes by the constitution. If there is some concern someone is being "excluded", they will block it.

Sunil Abraham: The NIA bill was proposed in parliament and then referred to a Standing Committee. Our summary and detailed feedback to the Bill is available here: http://cis-india.org/intern... The Standing Committee harshly criticized the Bill. See: http://164.100.47.134/lsscommittee/Finance/42%20Report.pdf After which the Bill has not been reworked by the UIDAI or the Planning Commission /Niti Aayog for re-presentation to the Parliament.

Sunil Abraham: No - it is not just an expensive experiment. It is much more dangerous - it is what security experts call a Honey Pot. A centralized repository of biometrics harvested from residents of India. These biometrics can be used to authenticate transactions in the UIDAI database and other services. If there is a breach - then this huge collection of authentication factors will end us in the hands of criminal elements or some foreign state.

Comment From vaz

Aadhar is a joke, i have so many IDs and i cannot get any benefits out of it, it is simply wasting time, if Govt really want mandate make it easy for people, i pay taxes and Govt should treat me like one , i can not waste my time standing in queues to get that card, get me time slot and don't waste my time.

Sunil Abraham: This is because the process of registration has been outsourced to private agencies. These private agencies have futher outsourced to others and so on and so forth. Consequently, there is very poor management and quality control by these agencies. If indeed corruption was a priority - we should have tackled high-ticket corruption first. We could have had biometric registration just for only the politicians and bureaucrats. We could use biometric authentication with them to create a non-repudiable audit trail of subsidies flowing from the Centre to the Panchayat. Unfortunately, we tried to register everybody simultaneously and that has resulted in poor quality of biometrics and demographic data. We have visited some of the registration centre and have seen the reality on the ground.

Comment From Guest

I have been threatened by Gas Agency people if i don't link Aadhar to Bank Account, won't be given a refilling cylinder.Is this a right one?

K Venkataramanan: There is an option for getting DBT even without Aadhaar. The bank account and the gas agency consumer account can be linked without Aadhar. Please check www.mylpg.in for knowing how to apply for DBT registration without Aadhaar

The Hindu: Your views Prof Gopinath? Do you see it as a biometrics Honey Pot too?

K. Gopinath: From a security pov, it is certainly risky. It needs really robust technologies before one can think of rolling out. For example, we have "denial of service" attacks. ie, a service can be shut out by random bombardment of msgs. Most curr large scale systems are designed to handle it but some cannot handle it if large numbers collude. This only prevents access to service but other attacks can exfiltrate (take out) data, modify data, etc.

The Hindu: And Mr. Venkataramanan, your thoughts?

Comment From kuldeep singh chauhan

We need a strong law for data security. Aadhar is collecting data but there is no provision except some provisions of IT Act and IPC for data security.

K. Gopinath: Yes, the legislation is weak or unnecessarily vague (eg. the IT2000 act) or too broad in scope. I think what we need is a citizen's charter for data access, security and privacy. Also, what needs to be done when systems do not work!

Sunil Abraham: There are two interpretations of Sec. 43A of the IT Act. Acccording to most experts it only applies to Body Corporates in other words it does not apply to the Government when it plays the role of a data controller. According to an order issued by the IT Secy of Maharastra [the court of first instance for 43A of ITA] -this section will also apply to the Government. But beyond that order we have no clarity on this question.

Comment From Pavan

With no privacy laws, isn't it a bad idea to store citizen's data in a database? We all know how inept our government is in ensuring any security/privacy.

Sunil Abraham: With or without laws. Centralized approaches to identity/authentication management are much more fragile and vulnerable compared to decentralized options. The Internet is secured by digital signatures - there is no centralized repository of all these signatures. Therefore there is no centralized point of failure for the Internet. If the Aadhaar project was based on Smart Cards instead of Biometrics - then just like the Internet it would be robust without a central point of failure. http://cis-india.org/intern...

K. Gopinath: Storing all info in a single place is a big security risk. It needs very robust technologies (such as replication and "secret sharing protocols") that work inspite of failures. These have been done here and there but doing it on a large scale requires care.

Comment From Kunal Soni

SC Adhar card recommendations, ok Got it! But what about the banks for example SBI who ask for adhar cards stating its the bank's rule? Who's going to answer the question as they would never listen to common man and they never did.

Comment From Sandeep

Hi,May be it is a strong message, but what exactly is the need to make/introduce the Adhaar card, which is not recognizable worldwide? Why dont we make our passport smart enough and reduce it to a chip as in Europe. This will also enable everyone to get enrolled in our administrative system. Basically, we are only repeating the entire process with no international recognition.

Comment From Krishna Rao

Need to make it mandatory in the lines of SSN in US. Else it would be very difficult to manage and ensure the subsidies and benefits reach the really deserved section.

Comment From Ramesh

It is a great concept it all information like property purchases, tax returns, ration card, pf, esi, bank accounts , rail, air tickets are all linked. will reduce corrupt practice considerably. It should be the main identity of an Indian

Comment From arun

@Sunil what are the privacy safeguards that are in place currently regarding protection of information collected by the government and private agencies designated for this?

Sunil Abraham: Do you mean legal or technical?

K Venkataramanan: @The Hindu: Yes, there are serious privacy issues involved in a centralised database. However, their is a counter-view that this is no different from any other data base available in the hands of the government such as the one relating to PAN. The main concern of those worried about the privacy problem in Aadhaar is that data collection is done by private agencies, and details such as biometric data could be misused

The Hindu: Sunil, a question for you from arun

Comment From Pawan

Govt should give it legal recognition and give legal guarantee about the usage and storage of the data... After that there would be no concern related to identity security or enforcing it on the people.. People would trust it and come forward to register for it.

Sunil Abraham: Legal recognition and guarantees are not sufficient. You cannot use the law to fix poor technology design. The security of the Internet is not a function of good law. It is a function of good technological design.

Comment From Pappan

the so called Europe, US an other developed countries already have Social security numbers, why cant we just look at it like that?

Sunil Abraham: Social Security Number are an additional identifier. The database just contains a collection of identifiers. If that database is compromised the information cannot be used to authenticate transactions. This is very unlike the UIDAI centralized database which is a collection of authentication factors. Think of it as a database filled with the passwords of all Indian residents.

K Venkataramanan: @Kunal Soni - SBI can't insist on it as of now. The person who issued any circular to that effect may be hauled up in court

Comment From Guest

I have two questions. First, why is the honourable supreme court strking down aadhar, on what grounds? Second, how can the government come around those objections and allay the courts fears/objections? The informed panelists may please give their opinions too. Thank you

Sunil Abraham: There are 3 sets of petitioners who are being heard by the SC in the combined case. Some of them associated with the right are arguing that the UID is a threat to national security as it legitimizes illegal immigrants. Those associated with the left are arguing that it is a violation of the right to privacy. Still other who are ex-officers from the armed forces are arguing that the project is mired in corrupt practices.

K Venkataramanan: The Court has not struck down Aadhaar. It has only passed interim orders protecting the access to services of those who have not yet had them.

Comment From Aashish Gupta

Aadhaar was supposed to usher in portability of benefits. That is, you could migrate to a different state and still get the benefit you deserved.

Sunil Abraham: The Aadhaar database only contains information that identifies you and also allow you to authenticate against that database. It does not indicate eligibility for various schemes/subsidies. The migration across State level eligibility lists has to be done by the State. It is not a functionality provided by the UIDAI.

Comment From Ramesh

Supreme Court should have suggested a better option instead of coming down heavily on the Aadhar Card. The card will straight eliminate multiple rations cards and voter ids.

Sunil Abraham: The previous technology adopted by the NDA government - smart cards or SCOSTA [for the MNIC]. This technology option is free from many of the flaws of UIDAI's current design.

Comment From Mrigesh

Why is Aadhaar needed? I am for a middle class or for the elite class?

Comment From Geetha

Has the government (or concerned agencies/departments) formulated any policy on using the Aadhar information collected? For instance, what agency can use the information, under what conditions, with whose approval, for what limited purposes? Is this policy publicly available?

Sunil Abraham: No. Anyone who is approved by the UIDAI as a legitimate can use the KYC API. Absolutely anyone can use the Authentication API. There is no policy on what data collection/retention practices must be adhered to by the users of both these APIs.

Comment From Arun Jayapal

Has the government ever considered/analyzed a way to link the existing resources (such as ration card, DL, passport, voter id, etc.,) and not have come up with a completely new system (aadhaar). Is this not an absolute waste of time and resources?

Sunil Abraham: Yes, you are absolutely right. The government should have used biometrics as a means to dedup an existing high value database like the Electoral Rolls or more importantly the PAN Card database. That would have been better RoI for our anti-corruption Rupee.

K Venkataramanan: @Ramesh The Court has come down heavily on only officials who insist on Aadhar for delivery of services when there are clear orders that it should not be mandatory

Comment From George J

I'm an NRI. I presently work and live in a country where the first order of business on landing/Birth is to register one self and get a unique ID number and ID. This the case for expats as well as residents be they foreigners or Citizens. The registration process includes collection of Biometric data. This single No and Id is used for everything from Bank Accounts to School Admissions. It is good that India is doing something similar. It is high time people with multiple ration cards, Passports and the like are weeded out and provided a single verifiable identity. Data Security is of essence and necessary safeguards are available.

Sunil Abraham: Could you name the country? And can you use biometrics your country to authenticate transactions in a centralized database for all sorts of transactions? If yes, then the technology design in your country is as poor as in ours and it is only a question of time when the centralized database leaks.

Comment From Aashish Gupta

Apart from the Honey Pot, Aadhaar does not serve its primary purpose: tackling corruption. Most pilots of Aadhaar have crash landed, and as a result, state governments have created their own simpler systems to tackle corruption.

Sunil Abraham: See: http://www.thehindu.com/opi... If the authentication match is not working [1:1 match]. Then basically the dedup will not work [1:n] match. That is why they are doing demographic dedup before biometric dedup - because they know that the biometric dedup is fallible.

Comment From Balu

A citizenship card , backed with a strond database is a must for every citixen . Some serious thoughts should be done in this matter at the earliest , instead of wasting time and money on different schemes .

Sunil Abraham: We should use decentralized Internet scale technologies based on open standards that are already proven. If we had used smart cards based on SCOSTA or EMV standard we would be in a much better place.

Comment From PRASHANTH

Comment From vikash

supreme court should not have to push such legal hurdles given that the 750 million card has already been generated.A lot of money has been investad in the project

Comment From Saket

Aaadhar card is full of errors. At the place where I got registered person was issuing it in a hurry which creates lots of typing errors in DOB and Place.

Comment From Aashish Gupta

The supreme court has not struck down aadhaar, it has said that aadhaar cannot be mandatory. This is to make sure that people who do not have an aadhaar card do not miss out on their entitlements.

Comment From Ramesh

Aadhaar should be made mandatory with necessary safeguards. Unless there is an ultimatum and time frame to get the card it will never be implemented. Even now many do not know where to get it done.

Comment From Aadharam

Could you clarify whether this is an interim order or a final order on Aadhar? Is there scope for a retraction/shift on the Supreme Court's part?

Comment From Onkar Tiwari

Why supreme court doesnt understand Adhar is necessary? it can curb corruption. it wll reduce corruption specially in manrega where people enters fake details and grab the money.

K Venkataramanan: It is only an interim order. The Court will, hopefully, resolve the questions raised by the petitioners about privacy and data security issues

Comment From George J

I have taken Aadhar Card. The procedure asks the applicant themselves to verify the data entered for typing mistakes etc. before being uploaded, in fact where I registered they had asked for a sign off on the final data on a printout. So how errors can creep in is beyond me. However the photography equipment and skill of the data entry operator leave much to be desired as the mug shot is not very kind to me!

Comment From Guest

There should be a guide line which need to be followed as it is in the hands of private partners who are also ask for bribe from the poor people for the aadhar and they have no other option to pay for it as they thought that this only can help them to get the govt. facilities and subsidies.

K Venkataramanan: @Onkar Tiwari, It is up to the government to convince the court that Aadhaar will help curb corruption, and how. The Court is unlikely to stop the use of technology to improve delivery of services and curb corruption.

Comment From v subrahmanian

help line over phone and the email correspondence is total waste.. they themselves are helpless. Any query has never been replied to the caller's satisfaction. Getting them on line itself is a challenge. It's so complex. Of course, every eligible citizen of this complex country must have the identity card. Why not if it is done through employer in case of organized salaried employees?

Comment From Ramakrishna Rao

Hi !! I request the panelists to kindly sum up in few 4 or 5 points the reasons/grounds on which the parliamentary committee has rejected the aadhar

Comment From Guest

The agencies who are collecting data for Aadhar Card are not doing good. The aadhar card is full with many kind of errors including Name and DOB.. Even a person is able to register twice under this scheme.

The Hindu: Mr. Venkataramanan would you like to respond to Ramakrishna Rao?

Comment From Guest

@K Gopinath - how robust is the de-duplication UID claims to have. And in real time transactions, is it possible to authenticate n request without 'false positives' or 'negatives'?

K. Gopinath: Dedup claims assume “good” conditions. For example, a farmhand may have rough skin, etc that may make the fingerprints problematic. 1% errors have been reported in the past. Real time txns: I think the current Aadhar is not geared for it. The connectivity is not there. Also, with fingerprint technologies, the ability to check large number of fingerprints for a match is not good enough. It has never been scaled to the extent that is being planned.

Comment From Sandeep

Still not sure if Aadhaar then other ID cards not needed ? Or Still all along with Aadhaar ? then what is meaning of Aadhaar ? Only for LPG connection? Why not govt making Aadhaar is mandatory in all other fields as well , As Govt spent huge money for Aadhaar

Comment From Guest

@ Sunil - How plausible is the idea that govt can use UID data to profile public?

Comment From Sushubh

I for one is very happy that at least the Supreme Court is not falling for this privacy infringing scam. People defending this card here on this platform needs to read more about it.

Comment From Guest

Govt. created panic among public regarding adhaar. Public is highly annoyed with the way the government is handling this adhaar project. Only court reprimands,govt. backtracks as far as the adhaar is concerned. It is high time for govt. to have serious insight into this.

K Venkataramanan: The parliamentary committee on Finance had objected to the UID being extended to non-citizens on the ground that it may end up in illegal immigrants getting Aadhaar numbers.

It had also questioned the rollout ofthe scheme before legislation was passed. It had objected to its implementation without regard to its consequences.

Comment From Srinivasa

I believe Nandan Nilkeni had mentioned certain very good examples of the system flagging duplicates. So I assume the system is robust. We need to make it mandatory for all services delivery and have suitable policy and technology to protect data.

Sunil Abraham: I don't think we can go by the assurance of someone no longer associated with the project. It is not persons that keep us safe it is proper technology and law.

The Hindu: Welcome back Sunil! Lots of questions await you

K Venkataramanan: The committee had said UIDAI had no conceptual clarity, no proper assessment of the costs involved, and that it could end up in the hands of private agencies, that the technology was untested and the UID may not meet the objectives for which it was conceived

Sunil Abraham: Sorry I was logged out.

Comment From Guest

There was a recent news in The Hindu about linking of Adhar cards to election voter ID cards in Andhra Pradesh. Do you think that adopting such moves by every state result in mandating the procedure eventually?

Comment From Guest

First Passport then PAN , voter id and now adahar, in any country there is only passport and SSN, why india needs so many identity cards

K. Gopinath: The PAN database has been problematic just as the voter id. Hence, every technology cycle, a new system is usually attempted that attempts to be "better" than the before. However, this requires care which is not in good supply in the govt where the "lowest" bidder wins or outsourcing happens.

The Hindu: We have Prof Gopinatha back too. Sorry about that technical glitch.

Comment From Deepak Vasudevan

Why are different apex agencies managing Aadhar like UIDAI, Census and NPR? There should be one root (apex) body and others should report onto it.

Sunil Abraham: Yes. The division of work between UIDAI and NPR is not very clear and has added to the confusion.

K Venkataramanan: The parliamentary standing committee, too pointed out the overlap of functions involving UIDAI and NPR

The Hindu: There was this question for you earlier on the thread @K Gopinath - how robust is the de-duplication UID claims to have. And in real time transactions, is it possible to authenticate n request without 'false positives' or 'negatives'?

Comment From Guest

When Union Of India aimed to greater transparency... these are the road blocks they get... If Aadhar is not mandatory... then make Voter ID, PAN Card, Ration card also not mandatory in their respective Govt Businesses ... make self declaration as mandatory .. lets go to the stone age in this Information age. Instead SC should direct the center to come up with procedure to accommodate legitimate citizens of India into the scheme in a time bound manner and frame policies to avoid misuse of the personal data. are we looking the current world Information age thru the same old glasses... it is time to adopt the change...

Sunil Abraham: Indeed we need more transparency. But privacy protections must be inversely proportionate to power and as Julian Assange says transparency requirements should be directly proportionate to power See: http://openup2014.org/priva...

K Venkataramanan: Linking Aadhaar and voter ID cards is also being tried out in other states It is only one more means of eliminating fake voters or duplicates, but is unlikely tobe a ground to make Aadhaar mandatory

Comment From Ganesh

@Mr.Sunil, The current technology adopted for UIDAI is not good compared to last regime?

Sunil Abraham: Please see my our open letter on this question http://cis-india.org/intern...

Comment From Madhavan R

Just because UPA government bring this, its not good for NDA to object it.. STOP wasting our money.. Just try to make best out of it..

Sunil Abraham: Pouring more money into a failed project will not save it. It has serious technological flaw and without addressing it we are just making a bad situation worse.

Comment From George J

Currently all embassy's are collecting biometric data when you apply for a visa. Most of this collection is done by private parties on behalf of the respective governments. So if an Indian has travelled abroad the chances of his Biometric data being available to foreign govts is 99%. So what is the big scare about this? The need that it should be secure and should not be misused is sacrosanct. with the kind of revelations that have been made about mass eavesdropping I think people should get used to living in glass houses!

Comment From Pappan

@Sunil, please clarify about your comment on technology inadequecy

Comment From Yuvaraj

I strongly support Adhaar card implemenataion. intially they may face challeneges but for the long run its very effective mechanism to monitor every thing

Sunil Abraham: Monitoring everything means you monitor nothing. The bigger the haystack the harder it is to find the needle. Good surveillance practices means targetting survelliance not en masse data collection.

Comment From Guest

It is heard that privacy of citizens is at stake with adhaar card. can panelists respond to this?

Sunil Abraham: I have dealt with your question here: http://www.business-standar...

Comment From Srinivasa

That comparison of the two standards (SCOSTA and Aadhar) made interesting reading. Why not a system where you collect biometrics and iris and then issue a SCOSTA card? the biometrics and iris can be used to remove duplicates and maintain a clean registry by failing the duplicate SCOSTA cards. And all further transactions will only need a card based access.

Comment From Loganathan

This is one the worst move by any government in the center to remember. With no motive for the card, they introduced just to add to the loss in exchequer and there is no benefit out of it. Many have wrong data entered against their name and totally the waste one of all

Comment From Sabari Arasu

I am aware of someone who is not Indian citizen got Aadhar card for himself and his family. This scares me a lot as anyone(read Bangaladheshis, Sri Lankans, Pakintanis, etc..) can get Aadhar card. Is there a measure taken by Government to identify these issues?

Sunil Abraham: This is possible because the technology [biometrics] cannot verify citizenship. Even worse biometrics can be imported from foreign countries and can be used to create resident ghosts. This is because the technology cannot even verify if the person in India. We will need surveillance cameras at every point of registration to take care of this possible fraud.

Comment From Chandra Sekhar

Aadhaar card was a huge opportunity for the government to improve the efficiency of governance.It was a challenging task and required great amount accuracy.The way this project was executed is a question mark on efficiency of governance.

The Hindu: Sunil, Venkatramanan, Gopinath - would you agree that Aadhaar was an opportunity to improve governance? @chandra sekhar

Comment From Guest

Freebee lovers/netas will always oppose when you want to implement some thing which might deny them the benefit.

Sunil Abraham: Any evidence to backup this statement?

Comment From Guest

if the ASDHAAR is nt necessary as per SC then why everywhere it is being preferred identity such as Subsidy, Passport etc.

Sunil Abraham: Preference is not the same as a mandatory requirement.

For more details visit https://cis-india.org/internet-governance/news/the-hindu-march-17-2015-aadhaar-an-identity-crisis

If you thought India is a country where freedom of speech and expression are fundamental rights, think twice!

praskrishna — 2015-04-04T15:52:42Z

Having contributed significantly in growing pollution and corruption indices, there's one place where India seems to hold the top spot is: imposing restrictions on social media contents. There have been over 5,800 restriction requests recorded in the second half of 2014, as per Facebook's Government Requests Report.

The article was published in Business Insider on March 17, 2015. Pranesh Prakash was quoted.

Economic Times has reported that data and content restrictions across the globe are on the rise and India seems to have topped the list. The content restrictions from India have been constantly on the rise—it rose to 5,832 from 4,960 in the first half.

Things are not any different across the globe. "The amount of content restricted for violating local law increased by 11% over the previous half, to 9,707 pieces of content restricted, up from 8,774," said Monika Bickert, Facebook's head of global policy management, and Chris Sonderby, deputy general counsel, in a statement on the social networking website.

Other countries from where Facebook has observed an increased number of content restrictions requests are Turkey and Russia. Surprisingly, FET reported that the number of content restriction requests from Pakistan came down to 54 in the second half of 2014 from 1,773 in the first half.

It is worth noting that India is the second largest market for Facebook, with 112 million users until last year, second only to the United States. While these figures are alarming, counsel for the Software Freedom Law Centre told ET , "...it would have been better if Facebook had also given us more information on the kind of data that was being asked for. Now we only have consolidated figures. So what kind of data was asked for, that would have been more useful."

Pranesh Prakash, policy director at the Centre for Internet and Society, on the other hand, feels that the number of content restriction requests is not only high on an absolute number, but even on a per-user basis.

For more details visit https://cis-india.org/internet-governance/news/business-insider-march-17-2015-if-you-thought-india-is-a-country-where-freedom-of-speech-and-expression-are-fundamental-rights-think-twice

India tops list of content restrictions requests, says Facebook

praskrishna — 2015-04-03T17:01:53Z

India has again topped the list of content restriction requests in the second half of 2014 with over 5,800 requests recorded in Facebook's Government Requests Report released on Sunday.

The article by Neha Alawadhi was published in the Economic Times on March 17, 2015. Pranesh Prakash gave his inputs.

"Overall, we continue to see an increase in government requests for data and content restrictions. The amount of content restricted for violating local law increased by 11% over the previous half, to 9,707 pieces of content restricted, up from 8,774," said Monika Bickert, Facebook's head of global policy management, and Chris Sonderby, deputy general counsel, in a statement on the social networking website.

Facebook saw a rise in content restriction requests from countries like Turkey and Russia, while requests from countries like Pakistan came down. The number of content restriction requests from Pakistan came down to 54 in the second half of 2014 from 1,773 in the first half. The number of content restriction requests from India rose to 5,832 from 4,960 in the first half.

India has been the top requestor for content restrictions in the past one and a half years, and the number of these requests and for user account data from the country have consistently been on the rise.

Facebook said that while the number of government requests for user account data remained relatively flat in the six-month period, there was an increase in data requests from "governments such as India, and decline in requests from countries such as the United States and Germany".

India made 5,473 requests for user account data in the six months ending December 2014, second only to the United States, which made 14,274 requests in the same period. About 45% of the requests made by India led to Facebook producing some data, according to the report, while 79% of the requests made by the US were complied with.

"Of course, the figures are alarming... But it would have been better if Facebook had also given us more information on the kind of data that was being asked for. Now we only have consolidated figures. So what kind of data was asked for, that would have been more useful," said counsel for the Software Freedom Law Centre.

India is the second largest market for Facebook, with 112 million users until last year, second only to the United States. According to Pranesh Prakash, policy director at the Centre for Internet and Society, "the number of content restriction requests are not only high on an absolute number, but even on a per-user basis".

For more details visit https://cis-india.org/internet-governance/news/economic-times-march-17-2015-neha-alawadhi-india-tops-list-of-content-restrictions-requests-says-facebook

What Does Facebook's Transparency Report Tell Us About the Indian Government's Record on Free Expression & Privacy?

pranesh — 2015-04-05T05:08:37Z

Given India's online population, the number of user data requests made by the Indian government aren't very high, but the number of content restriction requests are not only high on an absolute number, but even on a per-user basis.

Further, Facebook's data shows that India is more successful at getting Facebook to share user data than France or Germany. Yet, our government complains far more about Facebook's lack of cooperation with Indian authorities than either of those countries do. I think it unfair for any government to raise such complaints unless that government independently shows to its citizens that it is making legally legitimate requests.

Since the Prime Minister of India Shri Narendra Modi has stated that "transparency and accountability are the two cornerstones of any pro-people government", the government ought to publish a transparency report about the requests it makes to Internet companies, and which must, importantly, provide details about how many user data requests actually ended up being used in a criminal case before a court, as well as details of all their content removal requests and the laws under which each request was made.

At the same time, Facebook's Global Government Requests Report implicitly showcases governments as the main causes of censorship and surveillance. This is far from the truth, and it behoves Facebook to also provide more information about private censorship requests that it accedes to, including its blocking of BitTorrent links, it's banning of pseudonymity, and the surveillance it carries out for its advertisers.

For more details visit https://cis-india.org/internet-governance/blog/what-does-facebook-transparency-report-tell-us-about-indian-government-record-on-free-expression-and-privacy

Roundtable on ICANN Accountability

praskrishna — 2015-04-03T16:54:41Z

The roundtable was organised by the Department of Electronics and Information Technology (DeitY), National Internet Exchange of India and Centre for Communication Governance, National Law University, Delhi at the Indian International Centre, New Delhi on 13 March 2015. Geetha Hariharan participated in the roundtable.

Timings	Programme
10.00 10.30	Welcome Address by Chimayi Arun, Research Director, Centre for Communication Governance at National Law University, Delhi
10.30 10.40	Introductory Remarks by Dr. Ajay Kumar (IAS) Joint Secretary, DeitY
10.45 11.15	Session I: NTIA IANA Functions' Stewardship Transition
13.15 14.30	Lunch
14.30 16.30	Session II: Accountability and Transparency at ICANN
16.30	Tea

For more details visit https://cis-india.org/internet-governance/news/roundtable-on-icann-accountability

Cybersecurity and the Internet of Things

praskrishna — 2015-03-13T02:14:59Z

US Consulate Chennai formally Invite you for a talk by David F.Heyman on March 19, 2015 in Hotel Atria, Palace Road, Bangalore. The event is being organized by the US Consulate, Chennai, Cyber Security & Privacy Foundation (CSPF) and the Centre for Internet & Society (CIS).

Note: Please register to come to the event, if you are not attending please inform us.

David Heyman, former Assistant Secretary for Policy at the U.S. Department of Homeland Security and retired Software Engineer Reimagining and Transforming Cities, Governments, and Lives with the Internet of Things For the first time in human history more people live in cities than anywhere else.

By 2050 three-fourths of the world’s population will live in cities. As more and more people move to cities, more of the world’s challenges, from emerging infectious diseases, crime, economic growth, and environmental degradation, will be concentrated in cities. Citizens will expect and demand more from their leaders; and governments will face greater pressure to provide services better, faster, cheaper to more and more, potentially with less and less resources.

More than any other force driving change over the horizon, the Internet of Things (IoT) holds the potential to connect and infuse devices, business assets, infrastructures, and other elements of a city with greater intelligence and efficiencies to drive a new era of innovation and performance. And yet, this potential is juxtaposed against a backdrop of an explosion in cybercrimes and threats facilitated by the increased linkages between the physical and cyber world that is at the heart of IoT, and which affords malicious actors anywhere in the world the potential to disrupt services and lives on a far more consequential level than ever before.

In his remarks, David Heyman, former Assistant Secretary for Policy at the U.S. Department of Homeland Security, and retired software engineer, will discuss the extraordinary potential of the IoT, the barriers to adoption, and how governments and businesses can navigate this new frontier, work together, and re-imagine and transform cities—and nations—for tomorrow.

David F. Heyman

David F. Heyman has over two decades of experience as a leader in spurring innovation, risk management, and strategy development in the public and private sector. He is a leading expert in national security and international affairs, counterterrorism, cybersecurity, building resilience, and critical infrastructure protection, with broad experience in the U.S., Europe, Middle East and Asia. Heyman’s career includes service at the highest levels of the U.S. government, working in senior positions at the White House, the U.S. Department of Energy, the U.S. Department of Homeland Security, as well as in the private sector.

Most recently, Heyman concluded five years of service as Assistant Secretary of Policy (operating as an Under Secretary equivalent) at the U.S. Department of Homeland Security (DHS). As a member of the senior management team at DHS, Heyman was responsible for the Department’s strategic planning, risk and decision analysis, policy development, and thought leadership across all five departmental mission areas: counterterrorism, border security, immigration,
cybersecurity, and building resilience to disasters. During his tenure, Heyman helped transform the Department from a budget-driven to a strategydriven organization, and instituted an enterprise risk-management architecture for managing the Department’s $60 billion budget. He oversaw and initiated the Department’s largest expansion in global engagement, and in this role, led efforts to build new strategic partnerships with the World Customs Organization, the World Economic Forum, and some of the most consequential and complicated geopolitical relationships facing the United Stated today, including China, India, the European Union, and others. Heyman designed and launched multiple domestic, bilateral, and global initiatives to bolster U.S. security and prosperity. He was the chief architect of the nation’s first National Strategy for Homeland Security—the Quadrennial Homeland Security Review—which elevated and established cyber security and building national resilience as core homeland security missions. He led efforts around five Presidential Initiatives
to: empower communities to counter violent extremism; strengthen global supply chain security; expand travel and tourism to the United States; streamline and modernize the U.S. import and export system; and develop and implement a new perimeter approach to North American Security which resulted in the Beyond the Border Initiative signed by President Obama and Canadian Prime Minister Carper.

He led the creation of the Resilient STARTM program and the Rick Rescorla National Award for Resilience, and is wellknown for drafting the policy to eliminate the color-code Homeland Security Advisory System and replace it with a more disciplined National Terrorism Advisory System, now used by the U.S. government. Previously, Heyman founded and directed the Homeland Security Program at the Center for Strategic and International Studies (CSIS), one of the nation’s leading and most influential think tanks in international security and taught security studies and science and technology policy as an adjunct professor at Georgetown University. Heyman also served as a senior advisor to Energy Secretary Bill Richardson and oversaw development and implementation of a number of energy, infrastructure and technology initiatives, including leading and establishing a new portfolio approach to manage DOE’s $7 billion in research and development (R&D) investments.

Earlier in his career, Heyman was a senior policy advisor in national security and international affairs at the White House Office of Science and Technology Policy (OSTP), and was responsible for providing science, technology, and foreign policy advice to the President’s Science Advisor and the Vice President’s National Security Advisor. Before entering government, Heyman worked for nearly a decade as a computer systems software engineer, and head of international operations for a firm developing and deploying industrial automation, robotics, and supply-chain management systems for Fortune 100 companies. Heyman holds a Bachelor’s degree in biology from Brandeis University and a Master’s in international relations and economics from the Paul H. Nitze School of Advanced International Studies at Johns Hopkins University, where he graduated with the highest level of distinction. He is currently a member of the Aspen Homeland Security Strategy Group, Aspen’s U.S.-India Strategic Dialogue, and serves as co-chair of its Cyber Task Force.

For more details visit https://cis-india.org/internet-governance/events/talk-on-cybersecurity-and-internet-of-things