We are anonymous, we are legion

India's Statement Proposing UN Committee for Internet-Related Policy

pranesh — 2011-10-31T15:28:04Z

This is the statement made by India at the 66th session of the United Nations General Assembly, in which its proposal for the UN Committee for Internet-Related Policy was presented.

66th Session of the UN General Assembly

New York. October 26, 2011.

Agenda Item 16: Information and Communications

Technologies for Development (ICT): Global Internet Governance

Statement by India

Mr. Chairman,

We thank the Secretary-General for his report on enhanced cooperation on public policy issues pertaining to the Internet, contained in document A/66/77, which provides a useful introduction to the discussions under this agenda item.

As a multi-ethnic, multi-cultural and democratic society with an open economy and an abiding culture of pluralism, India emphasizes the importance that we attach to the strengthening of the Internet as a vehicle for openness, democracy, freedom of expression, human rights, diversity, inclusiveness, creativity, free and unhindered access to information and knowledge, global connectivity, innovation and socio-economic growth.

We believe that the governance of such an unprecedented global medium that embodies the values of democracy, pluralism, inclusion, openness and transparency should also be similarly inclusive, democratic, participatory, multilateral and transparent in nature.

Indeed, this was already recognized and mandated by the Tunis Agenda in 2005, as reflected in paragraphs 34, 35, 56, 58, 59, 60, 61 and 69 of the Agenda. Regrettably, in the six long years that have gone by, no substantial initiative has been taken by the global community to give effect to this mandate.

Meanwhile, the internet has grown exponentially in its reach and scope, throwing up several new and rapidly emerging challenges in the area of global internet governance that continue to remain inadequately addressed. It is becoming increasingly evident that the Internet as a rapidly-evolving and inherently global medium, needs quick-footed and timely global solutions and policies, not divergent and fragmented national policies.

The range and criticality of these pressing global digital issues that continue to remain unaddressed, are growing rapidly with each passing day. It is, therefore, urgent and imperative that a multilateral, democratic participative and transparent global policy-making mechanism be urgently instituted, as mandated by the Tunis Agenda under the process of ‘Enhanced Co-operation’, to enable coherent and integrated global policy-making on all aspects of global Internet governance.

Operationalizing the Tunis mandate in this regard should not be viewed as an attempt by governments to “take over” or “regulate and circumscribe” the internet. Indeed, any such misguided attempt would be antithetical not only to the internet, but also to human welfare. As a democratic and open society that has historically welcomed outside influences and believes in openness to all views and ideas and is wedded to free dialogue, pluralism and diversity, India attaches great importance to the preservation of the Internet as an unrestricted, open and free global medium that flourishes through private innovation and individual creativity and serves as a vehicle for open communication, access to culture, knowledge, democratization and development.

India recognizes the role played by various actors and stakeholders in the development and continued enrichment of the internet, and is firmly committed to multi-stakeholderism in internet governance, both at the national and global level. India believes that global internet governance can only be functional, effective and credible if all relevant stake-holders contribute to, and are consulted in, the process.

Bearing in mind the need for a transparent, democratic, and multilateral mechanism that enables all stakeholders to participate in their respective roles, to address the many cross-cutting international public policy issues that require attention and are not adequately addressed by current mechanisms and the need for enhanced cooperation to enable governments, on an equal footing, to carry out their roles and responsibilities in international public policy issues pertaining to the Internet, India proposes the establishment of a new institutional mechanism in the United Nations for global internet-related policies, to be called the United Nations Committee for Internet-Related Policies (CIRP). The intent behind proposing a multilateral and multi-stakeholder mechanism is not to “control the internet’’ or allow Governments to have the last word in regulating the internet, but to make sure that the Internet is governed not unilaterally, but in an open, democratic, inclusive and participatory manner, with the participation of all stakeholders, so as to evolve universally acceptable, and globally harmonized policies in important areas and pave the way for a credible, constantly evolving, stable and well-functioning Internet that plays its due role in improving the quality of peoples’ lives everywhere.

The CIRP shall be mandated to undertake the following tasks:

Develop and establish international public policies with a view to ensuring coordination and coherence in cross-cutting Internet-related global issues;
Coordinate and oversee the bodies responsible for technical and operational functioning of the Internet, including global standards setting;
Facilitate negotiation of treaties, conventions and agreements on Internet-related public policies;
Address developmental issues related to the internet;
Promote the promotion and protection of all human rights, namely, civil, political, social, economic and cultural rights, including the Right to Development;
Undertake arbitration and dispute resolution, where necessary; and,
Crisis management in relation to the Internet.

The main features of CIRP are provided in the annex to this statement. In brief, the CIRP will comprise 50 Member States chosen on the basis of equitable geographical representation, and will meet annually for two working weeks in Geneva. It will ensure the participation of all relevant stakeholders by establishing four Advisory Groups, one each for civil society, the private sector, inter-governmental and international organizations, and the technical and academic community. The Advisory Groups will provide their inputs and recommendations to the CIRP. The meetings of CIRP and the advisory groups will be serviced by the UNCTAD Secretariat that also services the meetings of the Commission on Science and Technology for Development. The Internet Governance Forum will provide inputs to CIRP in the spirit of complementarity between the two. CIRP will report directly to the General Assembly and present recommendations for consideration, adoption and dissemination among all relevant inter-governmental bodies and international organizations. CIRP will be supported by the regular budget of the United Nations; a separate Fund would be set up by drawing from the domain registration fees collected by various bodies, in order to mainly finance the Research Wing to be established by CIRP to support its activities.

Those familiar with the discourse on global internet governance since the beginning of the WSIS process at the turn of the millennium, will recognize that neither the mandated tasks of the CIRP, nor its proposed modalities, are new. The Working Group on Internet Governance (WGIG) set up by the UN Secretary- General had explicitly recognized the institutional gaps in global internet governance and had proposed four institutional models in its report to the UN General Assembly in 2005. The contours of the CIRP, as proposed above, reflect the common elements in the four WGIG institutional models. While the excellent report of the WGIG was much discussed and deliberated in 2005, unfortunately, no concrete follow-up action was taken to give effect to its recommendations on the institutional front. We hope that this anomaly will be redressed at least six years later, with the timely establishment of the CIRP.

In order to operationalize this proposal, India calls for the establishment of an open-ended working group under the Commission on Science and Technology for Development for drawing up the detailed terms of reference for CIRP, with a view to actualizing it within the next 18 months. We are open to the views and suggestions of all Member States, and stand ready to work with other delegations to carry forward this proposal, and thus seek to fill the serious gap in the implementation of the Tunis Agenda, by providing substance and content to the concept of Enhanced Co-operation enshrined in the Tunis Agenda.

Thank you, Mr. Chairman.

***

Annex

The United Nations Committee for Internet-Related Policies (CIRP)

The United Nations Committee for Internet-Related Policies (CIRP) will have the following features:

Membership: The CIRP will consist of 50 Member States of the United Nations, chosen/elected on the basis of equitable geographical representation. It will provide for equitable representation of all UN Member States, in accordance with established UN principles and practices. It will have a Bureau consisting of one Chair, three Vice-Chairs and a Rapporteur.

Meetings: The CIRP will meet annually for two working weeks in Geneva, preferably in May/June, and convene additional meetings, as and when required. The UNCTAD Secretariat will provide substantive and logistical support to the CIRP by servicing these meetings.

Multi-stakeholder participation: Recognizing the need to involve all stakeholders in Global Internet Governance in their respective roles, the CIRP shall ensure the participation of all stakeholders recognized in the Tunis Agenda. Four Advisory Groups – one each for Civil Society, the Private Sector, Inter-Governmental and International Organisations, and the Technical and Academic Community - will be established, to assist and advise the CIRP. These Groups would be self-organized, as per agreed principles, to ensure transparency, representativity and inclusiveness. The Advisory Groups will meet annually in Geneva and in conjunction with any additional meetings of the CIRP. Their meetings will be held back-to- back with the meetings of the CIRP, so that they are able to provide their inputs and recommendations in a timely manner, to the CIRP.

Reporting: The CIRP will report directly to the UN General Assembly annually, on its meetings and present recommendations in the areas of policy and implementation for consideration, adoption and dissemination to all relevant inter-governmental bodies and international organizations. .

Research Wing: The Internet is a rapidly-evolving and dynamic medium that throws up urgent and rapidly-evolving challenges that need timely solutions. In order to deal effectively and prudently with these emerging issues in a timely manner, it would be vital to have a well-resourced Research Wing attached to the CIRP to provide ready and comprehensive background material, analysis and inputs to the CIRP, as required.

Links with the IGF: Recognizing the value of the Internet Governance Forum as an open, unique forum for multi-stakeholder policy dialogue on Internet issues, the deliberations in the IGF along with any inputs, background information and analysis it may provide, will be taken as inputs for consideration of the CIRP. An improved and strengthened IGF that can serve as a purposeful body for policy consultations and provide meaningful policy inputs to the CIRP, will ensure a stronger and more effective complementarity between the CIRP and the IGF.

Budget: Like other UN bodies, the CIRP should be supported by the regular budget of the United Nations. In addition, keeping in view its unique multi-stakeholder format for inclusive participation, and the need for a well-resourced Research Wing and regular meetings, a separate Fund should also be set up drawing from the domain registration fees collected by various bodies involved in the technical functioning of the Internet, especially in terms of names and addresses.

***

Excerpts from the Tunis Agenda

Paragraph 34 of the Tunis Agenda defines Internet Governance as “the development and application by governments, the private sector and civil society, in their respective roles, of shared principles, norms, rules, decision-making procedures, and programmes that shape the evolution and use of the Internet”.

Paragraph 35 reaffirms the respective roles of stakeholders as follows: “(a) Policy authority for Internet-related public policy issues is the sovereign right of States. They have rights and responsibilities for international Internet-related public policy issues”. (b) The private sector has had, and should continue to have, an important role in the development of the Internet, both in the technical an economic fields. (c) Civil society has also played an important role on Internet matters, especially at community level, and should continue to play such a role. (d) Intergovernmental organizations have had, and should continue to have, a facilitating role in the coordination of Internet-related public policy issues. (e) International organizations have also had and should continue to have an important role in the development of Internet-related technical standards and relevant policies.”

While delineating the respective roles of stakeholders, Paragraph 56 recognizes the need for an inclusive, multi-stakeholder approach by affirming that “The Internet remains a highly dynamic medium and therefore any framework and mechanisms designed to deal with Internet governance should be inclusive and responsive to the exponential growth and fast evolution of the Internet as a common platform for the development of multiple applications”.

Paragraph 58 recognizes “that Internet governance includes more than Internet naming and addressing. It also includes other significant public policy issues such as, inter alia, critical Internet resources, the security and safety of the Internet, and developmental aspects and issues pertaining to the use of the Internet”.

Paragraph 59 further recognizes that “Internet governance includes social, economic and technical issues including affordability, reliability and quality of service”. Paragraph 60 further recognizes that “there are many cross-cutting international public policy issues that require attention and are not adequately addressed by the current mechanisms”.

Paragraph 61 of the Tunis Agenda therefore concludes that “We are convinced that there is a need to initiate, and reinforce, as appropriate, a transparent, democratic, and multilateral process, with the participation of governments, private sector, civil society and international organisations, in their respective roles. This process could envisage creation of a suitable framework or mechanisms, where justified, thus spurring the ongoing and active evolution of the current arrangements in order to synergize the efforts in this regard”.

Paragraph 69 further recognizes “the need for enhanced cooperation in the future, to enable governments, on an equal footing, to carry out their roles and responsibilities, in international public policy issues pertaining to the Internet, but not in the day-to-day technical and operational matters, that do not impact on international public policy issues”.

***

For more details visit https://cis-india.org/internet-governance/blog/india-statement-un-cirp

India's Statement at ITU Plenipotentiary Conference, 2014

geetha — 2014-11-04T05:50:06Z

India's Draft Resolution at the ITU Plenipot, which we have previously blogged about, was not passed following discussions at the Ad Hoc Working Group on Internet-related Resolutions. Subsequently, India made a statement at the Working Group of the Plenary, emphasizing the importance of the issues and welcoming further discussions. The statement was delivered by Mr. Ram Narain, DDG-IR, Department of Telecommunications and Head of India's Delegation at PP-14. The full text of the statement is provided below.

"Chairman of Working Group Plenary, Mr Musab Abdulla, Head of Delegations, delegates, ladies and gentlemen, good morning/afternoon to you all. I was indeed impressed with the camaraderie with which discussions were held inspite of the fact that delegates discussing the issues have different cultures, languages, nuances, impressions and sometime interests.

"Governance of packet-switched data telecom Networks based on Internet Protocol (IP), popularly known as Internet, has become an important and contentious issue due to several reasons known to all of us. We put up a draft resolution to address some of these key issues pertaining to IP based networks. When we put up the proposal, I had thought that the proposal would contribute in diminishing some of the differences. These issues and their probable solutions are given in our draft resolution, document 98, about which we were ready to take constructive inputs.

"Information is power these days. The wise Lord Acton said about hundred and fifty years ago that Power tends to corrupt and absolute power corrupts absolutely. The countries in modern times have become great on the principles of equality, liberty and justice. As and when these principles were compromised great powers lost their hold. Broadband penetration and connectivity has been the important running theme of this conference. We believe this, like great empires, can only be built on the principles of fairness, justice, and equality. No Telecom Network whether IP based or otherwise can function without naming and numbering, which is the lifeline of a network. Their availability in a fair, just and equitable manner, therefore, is an important public policy issue and need to be dealt that way. We believe that respecting the principle of sovereignty of information through network functionality and global norms will go a long way in increasing the trust and confidence in use of ICT.

"There are number of existing Internet related resolutions, but they only touch the issue in general and, therefore, without focus concrete action does not happen. Our Resolution was with a view to deal with the issues in a focused manner. Some countries supported our draft resolution, while some other were not able to support it. Some stated since the proposal is a comprehensive one, dealing with number of important issues, more time is needed for them to develop a view on it. Due to the number of proposals with Ad Hoc Group lined up before our draft resolution, there was no time left for detailed discussion on the proposal. Therefore, India agreed not to press the resolution for discussion due to paucity of time, with an understanding that for these issues of concerns for many Member States, contributions can be made in various fora dealing with development of IP based networks and future networks, including ITU. India would like that discussion should take place on these issues and look forward to these discussions. We would request that this Statement is included in the records of Plenipotentiary-14 meeting.

"We would like to thank for the cooperation extended by various Member States, particularly USA, for appreciating our concerns and all those who shared our concerns and supported the draft resolution. I would also like to thank Mr. Fabio Bigi, Chairman of Ad Hoc Working Group for giving patient hearing to all us and tolerating all our idiosyncrasies and still arriving at consensus. This is because of his wisdom, which comes with experience.

Thank you all."

For more details visit https://cis-india.org/internet-governance/blog/indias-statement-at-itu-plenipotentiary-conference-2014

India's social media election battle

praskrishna — 2014-04-03T09:37:03Z

Ahead of the general elections, political parties in India are attempting to woo voters on social media for the first time.

The article by Atish Patel was published by BBC on March 31, 2014. Sunil Abraham is quoted.

Politicians are taking part in Google+ Hangouts, televised interviews organised by Facebook and using the Facebook-owned smart phone messaging app WhatsApp to connect with millions of tech-savvy urban voters.

India's 16th general election - to be held in nine phases over April and May - will be closely fought, with some observers saying social media will play a vital role in deciding which party wins the most seats.

According to a report published in April 2013 by the Internet and Mobile Association of India (IAMAI) and the Mumbai-based Iris Knowledge Foundation, Facebook users will "wield a tremendous influence" over the results of the polls in 160 of India's 543 constituencies.

It's a finding political parties have taken note of, with major contenders like the ruling Congress party and main opposition Bharatiya Janata Party (BJP) earmarking 2-5% of their election budgets for social media, according to an October 2013 study by IAMAI and Mumbai-based market researcher IMRB International.

Big data

During the last general election in 2009, social media usage in India was minuscule.

Today, however, Facebook has 93 million users and Twitter has an estimated 33 million accounts in the country. Many political parties have beefed up their online presence as a result.

The main opposition BJP's prime ministerial candidate, Narendra Modi, was among the first Indian politicians to set up a website and today is on Twitter, Facebook and Google+.

His main rival, Rahul Gandhi, the Congress party's undeclared candidate for PM, however, doesn't have a website and doesn't use any of the three major social networks.

Anti-corruption campaigner-turned-politician Arvind Kejriwal has amassed 1.5 million followers on Twitter since joining in November 2011, a year before he launched his Aam Aadmi Party (AAP) and over two years after Mr Modi, who has 3.6 million followers, opened his account.

"Now no serious politician is seen as being able to avoid social media altogether," said Congress government minister Shashi Tharoor, who until he was overtaken by Mr Modi last July, was the most followed Indian politician on Twitter.

"It does have a significant reach in certain segments of the population and as far as we're concerned, that's important enough to pay attention to and clearly the opposition is paying attention to it too," he added.

Taking a leaf from US President Barack Obama's presidential campaigns, India's parties are using tools to crunch the insurmountable amounts of information social media generates - what's known as big data analytics.


Rahul Gandhi doesn't have a website and doesn't use any of the three major social networks

Pinstorm, a digital marketing agency used by some of India's biggest companies to monitor what is being discussed online, now has political parties as clients.

From its Mumbai office, the agency has been collecting, storing and analysing tens of thousands of political statements from over 100 online platforms daily for the past six months to allow parties to find supporters and tweak their political message.

The agency is able to track conversations at national and local level, making it a useful tool for both national and regional parties.

The anti-corruption AAP, taking part in its first general election after an impressive debut in local polls in Delhi last year, uses Pinstorm to "compare how we are faring against others", said Ankit Lal, the party's social media strategist.

Professor Amit Sheth and a team of researchers at the Ohio Centre of Excellence in Knowledge-enabled Computing at Wright State University have also been tracking political sentiment online since July.

He says data collected from social media could in the future replace opinion polls, which many observers say are often rigged in India.

"With social media data, we can measure sentiments, for example, before a rally, during the rally, and post-analysis. It's much more frequent [than opinion polls]," Mr Sheth said.

'Dipstick of the elite'

There are some, however, who are doubtful about social media's expected effect.

Social media "is not a true dipstick. It really is only a dipstick of the elite," said Sunil Abraham, executive director of the Bangalore-based Centre for Internet and Society.

Sceptics believe with so many Indians illiterate and lacking internet access, particularly in rural swathes of the country, it is still essential for political leaders to hold rallies and spend on billboard and newspaper advertising to reach the majority of the 814 million-strong electorate.

Parties are also interacting with voters on their mobile devices and it makes sense.


Facebook has 93 million users in India

There are more mobile phones in India today than toilets, according to the latest census data, and just over half of the country's 1.2 billion population owns one.

"Mobile is very integral to our strategy," said Arvind Gupta, who heads the BJP's IT and social media cell.

One of the BJP's most unique electioneering tools allows potential voters to listen in on Mr Modi's rally speeches in real time on their phones from anywhere in India. "It's our own innovation," said Mr Gupta.

The number of smartphone users is growing in India and it's how most of the country's web users go online.

That's why WhatsApp, recently purchased by Facebook, is being used by the likes of the BJP and Congress to send photos, videos and messages to potential voters.

"No other medium gives as much mass, simultaneous reach as mobile phones in India today," said Milind Pathak from One97 Communications, a Delhi-based mobile marketing firm.

Political parties like AAP have signed up tens of thousands of members by urging people to give them a missed call for free - party officers then get in touch and formally enrol them as supporters.

"Looking forward, I think the medium will continue to be a heavily-invested area for a political party," Mr Pathak said.

For more details visit https://cis-india.org/news/bbc-news-india-atish-patel-indias-social-media-election-battle

India's social media crackdown reveals clumsy govt machinery

praskrishna — 2012-08-25T06:11:30Z

"High-handed" and "reckless" are some of the words used in the media to describe the government's online crackdown.

Published in Reuters on August 24, 2012. Pranesh Prakash is quoted.

Add clumsy and incompetent to the list.

The government blocked access to more than 300 web pages after mobile phone text messages and doctored website images fuelled rumours that Muslims were planning revenge attacks for violence in Assam.

Much has been said and debated on the legal and moral legitimacy of the ban. But it's also important to study how officials went about deciding what to ban.

In his analysis of leaked government directives listing web pages to be banned, Pranesh Prakash of the Centre for Internet and Society said the list consists of people and pages who are actually debunking hateful rumours.

Twitter accounts of mainstream journalists and YouTube videos containing news clips from news channels like TimesNow, NDTV and Britain's Channel4 were included.

A glance at the list also shows that the banned pages include a Google Plus search page aggregating news stories posted on the topic "Assam riots." The government might as well ban Google.com, where anyone can do the same thing and much more.

It seems the government had no set procedure in trying to trace abusive content on the web. We don't know how they drew up the lists of sites to target, but it may have happened like this:

As northeast Indians began their exodus from cities fearing attacks, ministers and top bureaucrats went into a huddle and decided in all sincerity they must stop the spread of false information.

The task of quickly identifying malicious online content was given to lower ranking officials. Since there are no set procedures on how to scour the vast virtual universe and choose which offending pages to ban, the most likely step they took was to open Google and start typing in words related to the recent unrest, apart from trawling popular social sites.

The resulting list tells us that the official who vetted the selected pages was not too committed or had minimal online skills. Some of the pages are not even web addresses.

On Friday, the Times of India newspaper website (Read here) reported that the Twitter account of junior Communications and IT minister Milind Deora was blocked instead of the Deora imposter the government was trying to target.

Such amateurishness is not restricted to technology issues alone. There are many examples of clueless officials left red-faced in the face of public scrutiny.

Last year, the country's premier investigating agency, the CBI, had to withdraw a version of its list of India's 50 Most Wanted fugitives after it was revealed that one was already in jail and another living with his family after getting bail. The Central Statistics Office made a goof-up with the index of industrial production for January 2012, revising growth to 1.14 percent after initially putting it at 6.8 percent, a huge gap.

One of the most baffling gaffes happened in 2010 when the Directorate of Advertising and Visual Publicity issued a full-page ad on the occasion of National Girl Child Day featuring the photograph of a male former Pakistan Air Chief Marshal who appeared alongside Indian cricketers Kapil Dev and Virender Sehwag.

But the cake must go to External Affairs Minister S.M. Krishna. He read out his Portuguese counterpart's speech while addressing the United Nations Security Council.

(David Lalmalsawma is a Reuters journalist. The opinions expressed here are his own and not of Reuters. You can follow him on Twitter @david_reuters)

For more details visit https://cis-india.org/news/in-reuters-com-david-lalmalsawma-aug-24-2012-indias-social-media-crackdown-reveals-clumsy-govt-machinery

India's social media "spring" masks forgotten protests

praskrishna — 2011-09-01T06:24:38Z

Irom Sharmila has been on hunger strike for 10 years to protest against military abuses, force-fed by tubes through her nose. But the tragedy for the world's longest hunger strike is that she is on the wrong side of India's digital divide.

Twitter, Facebook and aggressive private TV have helped rally India's biggest protests in decades to support civil activist Anna Hazare, a digital groundswell of a wired middle class that echoes the Arab Spring and has taken a Congress party-led government of elderly politicians by surprise.

But Sharmila, who has been on a hunger strike in Manipur to demand an end to the army's sweeping emergency powers there, has only managed a small following, a footnote in media coverage.

"We also once tried to take our fight to New Delhi ... but we did not get support from the rest of the nation," Sharmila told Tehelka magazine.

She must be frustrated. The Hazare phenomenon has rallied Indians from the start with social media. Hazare's India Against Corruption website says it has had 13 million phone calls of support. Its Facebook page has nearly 500,000 "likes".

Its leaders have tweeted each step of the whirlwind crisis, whether describing their arrests in real time or negotiations with the government, outmanoeuvring Prime Minister Manmohan Singh and his ministers at every step.

"Protest at PM's residence: 35 people detained, taken to Tughlaq Rd. PS, hundreds still there, come if you can #Janlokpal," twitter user @janlokpal sent its followers in just one example of how the movement was rallying support.

Cases like Sharmila expose the digital divide of Asia's third largest economy and underscore how a growing urban middle class may be getting its political voice heard while millions of poor remain off the digital protest map.

"This is the first time digital social media has resonated with such a large number of people," said Nishant Shah, head of research at the Centre for Internet and Society think-tank.

"But this is far more of a middle class, urban movement, than a national movement. Many people in India are excluded from it."

Twitter and Facebook are barely used in many of India's social causes, including battles over land rights that are one of India's most pressing problems involving millions of farmers.

Huge social issues in India, from caste discrimination to high food prices, from the building of dams to protests by farmers against nuclear power plants, have failed to create the kind of digital mobilisation that Hazare enjoys.

A Digital Divide

India's internet users have grown 1,400 percent between 2000 and 2010, behind only China and Vietnam among Asian countries, according to a report by Burson-Marsteller, a consulting firm.

But that masks India's low base. Internet penetration is around 8 percent in India, the lowest among major Asian countries. That compares with nearly 40 percent in China.

Out of a population of 1.2 billion, there are only 29 million people active in digital social networks. A report by Maplecroft consultancy warned that India was lagging other BRICs, Brazil, China and Russia in "digital inclusion".

"India, for example, the wealthier, more affluent segment of the population, primarily based in urban areas, has embraced the use of modern communications technology," the report said.

"The vast majority of the population has, however, been excluded from this process."

Those statistics highlight that while the middle class has found a voice, electorally the centre-left Congress party will still need to pander to its traditional vote base of millions of farmers and poor Indians ahead of a 2014 general election.

Congress, in power for most of the life of independent India, has failed to use social media tools. One minister lost his job for tweeting too frankly, in a sign of government unease over the web, and the party lags behind an opposition that has embraced Twitter.

Libya Overshadowed

So far, private TV channels have provided 24-hour coverage of the protests -- the news from Libya is hardly to be seen. Urban Indians with mobile phones in hand have dominated rallies in the open grounds where Hazare was on his second week of fasting.

Small protests across the country, from demonstrations outside ministers' houses to rallies outside metro stations, have been organised through Twitter and Facebook.

An app that can be downloaded on to smartphones running the Android operating system gives users the latest news on the campaign for a tough "Jan lokpal", or anti-corruption bill, and details of the latest meetings.

"Social media has been huge for us, it has a life of its own," said Shazia Ilmi, in charge of Hazare media strategy.

Even before Hazare was arrested last week, organisers had prepared a pre-recorded video from him that went on YouTube.

The movement does have deep roots and social media has widened the protests, if not caused them. Many of Hazare's protests have also been through word of mouth. Corruption also affects the poor more than middle classes with endemic bribes, whether permission for street food stands or driving licences.

"It's not an up and down, national movement. It is largely a middle class cause," said Sagarika Ghose, a novelist and journalist at the CNN-IBN news television channel.

"But it's hugely important one. For a younger generation, corruption has become a catch-all phrase for the failure of development."

Some activists are already criticising Hazare as a hype of an elitist social media.

"Those thronging the Ramlila grounds or marching in support of Anna in the metros are not necessarily 'the people' of the country, and it is dangerous to take the two as identical," academic Prabhat Patnaik wrote in The Hindu newspaper.

(Editing by Paul de Bendern and Alex Richardson)

This article by Alistair Scrutton was published in Reuters on 25 August 2011.

For more details visit https://cis-india.org/news/social-media-masks-forgotten-protests

India's Shame: World Reacts to FB Post Arrest

praskrishna — 2012-11-30T05:51:10Z

The arrest of 21 year old Shaheen Dhada for posting anti-Bal Thackeray comments has not only outraged Indians. The story has been picked up and reported across international media as well. Though they may not be aware of the complexities of Indian politics, the fact that young girls were arrested for an FB post has got them questioning the dwindling tolerance for the freedom of speech in India.

This was posted by Sonal Bhadoria in IndiaTimes on November 21, 2012. Pranesh Prakash is quoted.

The Wall Street Journal warns ,'You better think twice before 'Liking' your friends' comments on Facebook. It may land you in jail.' The article quotes Pranesh Prakash, policy director at the Centre for Internet and Society saying “Bal Thackeray had violated the same provisions in his lifetime,” with reference to Mr. Thackeray’s inflammatory speeches against the South Indians and Muslims.

The BBC put a question mark on India's commitment to freedom of speech by citing recent examples of the arrest of a cartoonist like Ravi Srinivasan, a 46-year-old businessman in the southern Indian city of Pondicherry, who was arrested for a tweet criticising Karti Chidambaram, son of Indian Finance Minister P Chidambaram.

UK's Daily Mail, says 'So much for freedom of speech' and questions the IT act which led to the arrest.

In a New York Times article, Pranesh Prakash questioned the arbitrariness in the application of the law saying 'There were thousands of people on Facebook, Twitter and in person who were saying the exact same kinds of things that this girl is alleged to have said'. The article also stated that Shiv Sena has a history of banning books, movies and other popular culture that are critical of the political party.

Mashable noted that several dissenters had taken to Twitter to speak out about the arrest including Milind Deora, the government minister of state, communications and information technology, who showed support for Dhadha and Renu with this tweet:

Milind Deora
@milinddeora

To learn who rules over you, simply find out who you are not allowed to criticize ~ Voltaire
It also asked 'Do you think Facebook is a good place to voice political opinions?'

The Christian Science Monitor calls the incident 'the latest in a string of crackdowns on Internet speech in the world's largest democracy'. It says, 'The other cases have included arrest of a resident of Chandigarh who complained on the Facebook page of Chandigarh police that they were not doing enough to find her stolen car; a cartoonist who posted work online protesting corruption scandals by the central government; and a professor in Kolkata who merely forwarded an email with a cartoon that was critical of West Bengal chief minister Mamata Banerjee.' The article also mentions Shaheen Dhada’s uncle, Dr. Abdullah Ghaffar Dhada stating that he had incurred losses of two million Rupees due to the ransacking of his clinic by angry Shiv Sainiks.

For more details visit https://cis-india.org/news/indiatimes-sonal-bhadoria-nov-21-2012-indias-shame-world-reacts-to-fb-post-arrest

India's section 66A scrapped: Win for free speech

praskrishna — 2015-03-26T16:19:42Z

India's Supreme Court court has struck down a law that made posting "offensive" comments on the internet a crime punishable by a jail term of up to three years. But, for the free speech campaigners, there is more work to do, writes technology writer Prasanto K Roy.

The blog post by Prasanto K. Roy was published by BBC on March 24, 2015. Pranesh Prakash was quoted.

Section 66A, inserted in 2009 into India's Information Technology [IT] Act of 2000, was sweeping and draconian, and was repeatedly abused across the country, say free speech campaigners.

It was challenged in 2012 by a law student, Shreya Singhal, then 21.

She filed a public-interest litigation in the Supreme Court, shortly after the arrest of two girls in Mumbai for a Facebook post criticising the shutdown of the city after a political leader's death.

One of the two girls had merely "liked" the post.

Earlier in the same year, a businessman in south India was arrested for tweeting that a politician had amassed much wealth.

A professor at Jadavpur University in Kolkata (formerly Calcutta) was arrested for forwarding a cartoon about West Bengal Chief Minister Mamata Banerjee. Both were charged under Section 66A, among others.

In May 2013, the Supreme Court made arrests under Section 66A tougher - it said an arrest would require the permission of senior law-enforcement officials.

'A victory'

The judgement on Tuesday was read out by Justice RF Nariman, who said Section 66A was unconstitutional and directly affected the public's right to know.

"We have no hesitation in striking it down in its entirety," he said.

The order notes that Section 66A violates an article of the Indian constitution that guarantees freedom of speech and expression.

"This judgement is a victory for anyone and everyone who uses the internet.

"I am ecstatic. It's a complete victory for us, because the Supreme Court struck it down and held it unconstitutional," Ms Singhal told BBC Hindi moments after the court scrapped the law.

Section 66A provided for up to three years in jail for anyone who sent an electronic message that was considered "grossly offensive" or caused "annoyance or inconvenience".

Justice Nariman said such terms were vague, and created a sweeping law that was open to abuse.

The apex court judgement notes that 66A was based substantially on section 66 of the UK Post Office Act of 1953, which made sending offensive or annoying messages by telephone or telegram an offence punishable by up to a month in jail.

That law, last updated in 2003, still retains the terms "annoyance" and "inconvenience".

Section 66A's creation, and much of its implementation, happened on the watch of the Congress party-led political regime that lost to Prime Minister Narendra Modi's BJP government in last year's general election.

Arun Jaitley of the BJP - the current finance minister and former opposition leader - had criticised the law in the upper house of parliament, after it was reported that the government had blocked nearly 300 websites.

Once in power, however, the BJP swung around to defending 66A in the Supreme Court, the government represented by additional solicitor general Tushar Mehta.

Arrests under Section 66A continued into 2015 - last week, a 19-year-old student in Uttar Pradesh was arrested for a Facebook post on a political leader, and spent two days in jail.

Next target

The petitioners and their many supporters, including multiple virtual support groups, are celebrating the order striking down 66A.

But there are concerns about another section - 69A - introduced in the same amendment of 2009, which has been retained.

Section 69A, which was also challenged in Ms Singhal's and others' petitions, allows the government to block online content that "threatens the security of the state" or fulfils other conditions.

Hundreds of websites and web pages have been blocked under 69A, including a government website in 2013.

The apex court's order notes that 69A is a "narrowly drawn provision with several safeguards", and has allowed the section to remain.

Pranesh Prakash of the Centre for Internet and Society says: "The Supreme Court judgement is at its best on 66A, but weaker on 69A."

The free speech campaigners say their work is not yet finished.

For more details visit https://cis-india.org/internet-governance/news/bbc-march-24-2015-indias-section-66-a-scrapped

India's Rs 400-crore Central Monitoring System to snoop on all communication

praskrishna — 2013-06-05T10:39:19Z

Latest reports confirm that the government's longstanding aim of initiating the Central Monitoring System in the country is materialising now.

This was published in Tech 2 on May 9, 2013. Pranesh Prakash is quoted.

The Times of India reports that the government began rolling out the project last month, and it lets them access all communication in the country – comprising online activities, phone calls, SMSes, social media conversations and even the geographical location of individuals. Using the Central Monitoring System, officials with the National Investigation Agency or tax officials will have access to "every byte of communication".

Pavan Duggal, an advocate with the Supreme Court, believes that the new system "is capable of tremendous abuse". He went on to say that the government hasn't revealed much on what it intends to monitor with this new system, and under what criteria.

The Centre for Development of Telematics has been given the task of putting this system in place to give government officials this crucial access to communication in the country. In his statement to the Parliament in December last year, IT minister Milind Deora had said that the Central Monitoring System will "lawfully intercept Internet and telephone services".

This system was initiated in the wake of the horrying bomb blast in Mumbai in November 2008. Post that incident, the government reportedly took on the task of making itself technologically adept to "eavesdrop on digital communications".

It would be important to quote here that the IT law – enacted in 2000, amended in 2008 and in 2011 – confers upon government officials the authority to intercept phone calls, SMSes, emails and even monitor websites. That, however, can only be done for "reasonable security practices and procedures".

For more details visit https://cis-india.org/news/tech-2-may-9-2013-indias-rs-400-crore-central-monitoring-system-to-snoop-on-all-communication

India's Proposed Map Law Prompts Outcry

praskrishna — 2016-05-29T09:30:31Z

In India, proposed legislation to ban use of maps or satellite images of the country without approval from the government has led to an outcry and triggered an online campaign called “Save The Map.”

The article by Anjana Pasricha was published in Voice of America on May 17, 2016. Pranesh Prakash was quoted.

The controversy is not just over stiff penalties of up to $15 million for a wrong depiction of India’s borders, but that in a digital era, the law would potentially disrupt a host of businesses and start-ups such as taxi-hailing services.

Reasons

The draft Geospatial Information Regulation Bill seeks to regulate the use of mapping and satellite data for two reasons: secure the country’s strategic installations from enemies and terrorists and ensure that its political boundaries are correctly depicted. The government says it will not create barriers to business.

But Internet experts say the sweeping proposed law will affect ordinary people using mobiles and laptops, all new-age companies such as food-delivery and e-commerce, apps, as well as Apple and Google map products.

Nikhil Pahwa, founder of the website MediaNama, calls location data the core fabric of all digital services.

“What the government has ended up doing is making pretty much every single app illegal because they all use geospatial data and they wont have a license. If you take a photograph, it has location data. If you use Uber to hail a cab, it uses maps and it shows taxi cabs on the map. If I WhatsApp my location to a friend to pick me from a particular location, I am generating geospatial information,” he said.

Nikhil Pahwa, founder of the website MediaNama, calls location data the core fabric of all digital services.

Complications for ordinary citizens

The draft law requires anyone wanting to use, publish or own maps or geospatial data to apply for a license, which will be considered by a security vetting committee.

The Bangalore-based Center for Internet and Society (CIS) has also slammed the new bill, saying it takes India back more than three decades when businesses were governed by a maze of bureaucratic licenses and permits.

“What it does, it puts in place a license raj for all use of mapping technologies. That just does not make sense. No other country in the world has this regressive mapping law,” said Pranesh Prakash at CIS.

Internet opposition

A volunteer-led internet campaign called “Save The Map” led by Bangalore-based tech experts, is steadily gathering momentum. It is calling on people to petition the government against the bill in its present form. It seeks to replicate an extremely successful campaign called “SavetheInternet” which built public opinion and put pressure on the government to ensure equal access to the internet.

The government has sought to calm the growing concerns, saying the bill is only in a preliminary stage and it has invited feedback and suggestions from the public until June 4.

Officials point to India’s growing security concerns, specially since an armed attack at a strategic air base in Pathankot in northern India earlier this year, allegedly mounted by Pakistan-based terrorists. Speaking to an Indian newspaper, Junior Home Minister Kiren Rijiju said the bill is necessary because “India as a responsible country must have provisions to secure its boundary and territory.

However Prakash of CIS points out that the new bill will not necessarily prevent terror groups from getting hold of geospatial data to target Indian installations because they don’t need maps generated inside India to access such information.

“They need satellite imagery and they need maps, period. Now this law does not actually prevent such maps from being created, it does not prevent satellite images of India being captured. What it does is prevent Indians from doing so. So it won't prevent foreign-based terrorists, especially state-backed terrorists, from attacking India,” he said.

Internet and public policy experts agree that the government could impose restrictions on mapping and satellite images of strategic and sensitive locations in the country.

Huge fines

The eye-popping fines of up to $15 million and jail terms of up to seven years proposed for incorrect depiction of India’s borders have also caused surprise.

India has always insisted maps should show Kashmir in the north, which is claimed by both India and Pakistan and the state of Arunachal Pradesh in the northeast, which China claims, within Indian political boundaries.

Foreign magazines and newspapers which failed to do so were only allowed to circulate in the country after the words “Boundaries of India shown in this map are not correct” were stamped over maps that did not conform to India’s interpretations of its borders.

Google already offers slightly altered versions of its maps inside India, showing the disputed regions of Kashmir and Arunachal Pradesh as part of India.

Independent political analyst Ajoy Bose said New Delhi has long been very sensitive over how these two territories are depicted. “It has always been a source of annoyance to successive governments, but this government being ultranationalist in nature is very particular about India’s geographical boundaries being correctly shown, and therefore it is taking much more drastic action,” he said.

For more details visit https://cis-india.org/internet-governance/news/voice-of-america-may-17-2016-anjana-pasricha-india-proposed-map-law-prompts-outcry

India's plan to offer citizens digital lockers poses a privacy threat, say experts

praskrishna — 2015-04-03T06:32:20Z

The Indian government launched a test version of a service called the digital locker last month that allows citizens to store scanned versions of important documents online, something that experts say poses a serious threat to people’s privacy.

The blog post was published in Scroll.in on March 19, 2015. Sunil Abraham was quoted.

Based on a similar project being tried out in Maharashtra, the service allows people with Aadhar cards to store scanned copies of their passports, birth certificates, ration cards and other important documents on remote servers. This way, people can digitally back-up important documents and also send them over the internet to others, such as potential employers or banks, for availing themselves of other services.

The service, whose test version was launched on February 12, will be optional. But it could find takers from among the about 90% of India’s households who do not own a laptop or computer and the 95% that do not have an internet connection, according to the 2011 census. Experts are concerned that sensitive data stored in a central place could be stolen or misused.

Serious threat

“Any large linked database with personal information is a serious threat to citizen's data,” said G Nagarjuna, a researcher at the Homi Bhabha Centre for Science Education in Mumbai and a member of the Free Software Movement. “There exists no agency that could secure their data till date without any possibilities of data theft.”

Digitisation is not inherently a problem, experts say. It is the kind of information stored that is. There are two kinds of information people need to be concerned about, said Sunil Abraham, executive director of the Bangalore-based Centre for Internet and Society, in an email to Scroll.in. Public domain information such as land records, pan cards and ration cards should be available to the public anyway. However, private information such as biometrics and passports are of concern.

“Unless the cryptography and architecture is organised in such a manner that only the citizen will have access there can be very serious consequences for the individual’s right to privacy,” he said.

The scheme raises the same concerns about privacy that came up during the creation of Aadhar cards, for which the government has collected biometric and identification data for 773 million citizens.

Information is power

Experts pointed to the dangers of the state having access to crucial data about citizens. The dangers are perhaps greater when the data passes into the hands of private corporations, they said.

The Indian government has not said who will run the central servers on which all the data is to be stored, but Maharashtra said in January that it would upload the data it was collecting to a private cloud service run by Microsoft.

“This is a terrible idea because it is centralising storage of personal information across silos controlled by different data controllers and also giving the citizen no control over who has access to his or her data," said Abraham.

“A blunder of the highest order is to pass this information to a cloud, and that too to a foreign company,” said Nagarjuna. “India is a sovereign republic, and hence we should assert this in the country’s digital assets as well. How secure can India be if our security is passed on to another agency that owes its allegiance to another country?”

Surykant Jadhav, joint secretary of the Directorate of Information Technology in Maharashtra, defended the scheme, comparing it to other optional services that the state provides such as online ticketing and filing of income tax returns. “The lockers are there only if people want to use it,” he said.

Cart before the horse

But the government ought to be trying to improve the basics, such as increasing computer and internet penetration, before launching value-added digital services, said Nagarjuna.

“What is the basic social or economic problem that the government is trying to solve by creating the digital lockers?” “Just as each citizen learns how to protect their assets, the digital natives of a digital society will eventually learn how to protect their digital assets. Digital India cannot be created without providing digital literacy to all the citizens. Did we do that? Once we do that, citizens will learn what is good for them, particularly for their own assets over which the government has no ownership.”

For more details visit https://cis-india.org/internet-governance/news/scroll-mridula-chari-march-19-2015-indias-plan-to-offer-citizens-digital-lockers-poses-a-privacy-threat-say-experts

India's Online Freedom Advocates Hail Court Ruling on Free Speech

praskrishna — 2015-03-27T01:43:22Z

Online freedom advocates in India are hailing a court ruling that struck down a controversial law seen as infringing free speech on the Internet. But in a country expected to have the world’s largest number of web users by 2018, some concerns about net censorship remain.

The blog post by Anjana Pasricha was published by Voice of America on March 24, 2015. Sunil Abraham is quoted.

The 24-year old law student, Shreya Singhal, who spearheaded the legal battle for overturning the harsh law, said it was the arrest of two young women in 2012 for a seemingly innocuous Facebook post that prompted her to petition the Supreme Court. One woman had criticized a shutdown in Mumbai after the death of a Hindu nationalist leader Bal Thackeray, the other “liked” her post.

Like millions of others, Singhal was alarmed at their detention because she says she could have been the one to post the innocuous comment.

“It [the law] was punishing people for expressing their views on the Internet, whereas if they did it or they did it on TV or they did nit in newspapers, they would not get arrested for the same views,” she said.

Scrapping the law on Tuesday, India's Supreme Court said the Information Technology Act was vaguely worded, and did not explain what could be “inconvenient" or “grossly offensive.” The judgment said the law was liable to have a chilling effect on free speech as it strikes at the root of liberty and freedom of expression.

The law had raised alarm bells after several people were arrested in recent years for posting “objectionable content.” In the latest instance, a 16-year-old boy in Uttar Pradesh state was arrested and released on bail for posting an “insulting” remark about regional party leader, Azam Khan. Among others who were picked up under the law were a professor in Kolkata and a cartoonist in Mumbai.

The previous government, which passed the law, said it was necessary to combat abuse and defamation on the Internet, but critics said it was used by political parties to suppress dissent and criticism.

The Supreme Court ruling also made it tougher for the government to order Internet companies to remove online content.

Sunil Abraham of Bangalore-based Center for Internet and Society says local and foreign Internet companies have faced growing pressure for putting up content deemed offensive in India.

“According to Facebook's latest transparency report, takedown requests and information requests from the Indian government continue to grow, and that is worrying. But that part of the law has been read down. Now when the government sends the takedown notice, it has to be accompany the takedown notice with a court order,” said Abraham.

But free speech campaigners say concerns about online censorship have not completely gone away. The Supreme Court has upheld a law that allows the government to block websites, saying there are sufficient safeguards.

Campaigners like Sunil Abraham think otherwise. “Lack of transparency makes it impossible for anybody to tell whether the government is censoring the Internet in a proportionate manner, whether it is working to truly address the real harms that emerge from bad content online. When the court in India bans books or movies, the judgments of these courts are made available to the public."

"But if when it comes to website blocking, this transparency requirement is missing. In fact, the law has secrecy provisions, which prevents ISP’s that receive these block orders from making them available in the public domain,” said Abraham.

The young student, Singhal, who led the legal battle, said she was “overwhelmed” at the victory for online freedom.

“We are such a diverse society in India with so many diverse and different opinions. It is inherent in us, it is part of us, this democracy, this debate we have,” she said.

Her views were echoed on Twitter and Facebook by people in India, a country of 1.2 billion people where Internet access is growing rapidly.

For more details visit https://cis-india.org/internet-governance/news/voice-of-america-march-24-2015-anjana-pascricha-indias-online-freedom-advocates-hail-court-ruling-on-free-speech

India's National ID Project Brings Pain to Those it Aims to Help

Admin — 2018-05-12T00:53:39Z

Poor management, corruption and fraud are threatening to derail the world’s largest national identity project.

The blog post by Aayush Soni was published in Ozy.com on May 11, 2018.

For Phoolmati, a resident of the Kusumpur Pahari slum in south Delhi, standing every month in a queue at the neighborhood fair-price shop was a trusted routine. When her turn came up, she would place her thumb on a scanning machine that confirmed her identity. But on a biting-cold morning this past January, she had to return home empty-handed because, the shopkeeper told her, the “server was down.”

The next day, it happened again. On her third try, Phoolmati thought she had gotten lucky when the machine scanned her thumb successfully. But she was in for a shock. “The shopkeeper told me that, according to the computer records, I’ve already taken my quota of wheat flour for the month,” she says. When she protested and showed her ration card, another form of identification, the shopkeeper wouldn’t accept it.

Left with no choice, Phoolmati had to buy wheat flour from the open market at 25 rupees per kilogram — more than 12 times the amount she usually paid at fair-price shops. She wasn’t alone. At a weekly meeting of slum residents in a temple courtyard in April, many women complained about the difficulty of buying subsidized food grains to the Satark Nagrik Sangathan (Alert Citizens Organization), a nonprofit that seeks accountability from government agencies. Nanno Devi, a 67-year-old homemaker whose fingers are wrinkled with age, said that she didn’t receive her quota of wheat flour for January because a fingerprint-scanning machine couldn’t detect her thumb impression.

Nor are the urban poor, like Phoolmati, the only ones with such complaints. Students with government scholarships, senior citizens with pensions, farmers entitled to subsidies, religious minorities and backward castes eligible for benefits, patients at public hospitals, young couples trying to get married and professionals updating their bank details are all on the front line of an unparalleled experiment that was meant to help them but is hurting them instead.

Theirs is the lived experience of Aadhaar, a unique 12-digit identity system that includes an individual’s biometrics and demographic data — and that must verify an individual’s identity for the government, increasingly, to even recognize their existence. First rolled out in 2010, it is modeled on America’s Social Security number system, with the aim that government subsidies and welfare programs reach the intended beneficiaries and aren’t siphoned off by middlemen.

But over the past three years, India’s Narendra Modi government has cajoled, pressured and often effectively forced people into enrolling for this ID, even though it isn’t required by law. Today, a person’s bank account risks being frozen if it isn’t linked to her Aadhaar number. Her PAN (permanent account number) card, used to file income tax, could be declared invalid. Mobile phone companies can disconnect her number if it isn’t authenticated through biometrics. An Aadhaar number (or an enrollment number, in case someone has already applied for it) is mandatory to open a new bank account, get a new passport, invest in mutual funds or register a marriage. A joke making the rounds on Twitter is that very soon, Aadhaar will be mandatory for a person to swipe right on Tinder.

In the absence of any privacy law, much of the concern within sections of India’s educated middle class has focused on questions about personal freedom, data security and mass surveillance. But a parallel tide of complaints is rising from those the program was meant to help, rooted in complications it has instead imposed upon them. This growing frustration is threatening to derail the initiative in a manner privacy can’t, in a nation where millions live in cramped city apartments with strangers, and the distinction between personal and public is often blurred.

Cases of fraud, mismanagement and corruption hurting Aadhaar beneficiaries are tumbling out into the public domain almost every week. In late March, hackers used weaknesses in the Aadhaar database to steal data from a government organization that manages more than $120 billion in the pensions and savings of millions of Indians. In January, a 10-year-old girl from the Dalit community — historically at the bottom of India’s caste ladder — was denied a school scholarship because officials had misnamed her on her Aadhaar card. Last October, a farm loan waiver program in Maharashtra state ran into trouble after officials discovered that 100 farmers had the same Aadhaar identity number.

The Modi government maintains that it takes both the security of personal data and the concerns of Aadhaar beneficiaries seriously. But it is reluctant to answer any questions about identity theft, corruption, privacy or misappropriated benefits. Neither Ajay Bhushan Pandey, the current CEO of the Unique Identification Authority of India (UIDAI), which runs Aadhaar, nor Vikas Shukla, its spokesperson, responded to multiple requests for comment.

At a public rally in early May, Modi — who had himself opposed the program before he came to power in 2014 — called critics of Aadhaar “opponents of technology” unwilling to evolve with the times. Increasingly, though, many are questioning whether it’s Aadhaar’s own identity that has changed the most from when the idea first came up. “From a project of inclusion, it has become a project of exclusion,” says Usha Ramanathan, a lawyer who focuses on issues of development and poverty. Just ask Phoolmati.

Aadhaar was the brainchild of Nandan Nilekani, a former CEO of tech giant Infosys, who in a 2009 book argued that multiple forms of identification made it “difficult” to establish a “definitive identity” for India’s citizens.

A single identity linked to passports, PAN cards and other national databases, Nilekani argued, would not only solve this problem but also help eliminate the exasperating processes that India’s bureaucracy is notorious for — mountains of paper, proof of identity in triplicate and a glacial pace of work. It would help citizens avail government benefits that are rightfully theirs. Such a system would reduce a citizen’s dependence on distribution mechanisms susceptible to leakages and make “the moral scruples of our bureaucrats redundant,” Nilekani wrote. “An IT-enabled, accessible national ID system would be nothing less than revolutionary in how we distribute state benefits and welfare handouts.”

That same year, the Congress Party–led United Progressive Alliance government offered Nilekani a chance to translate his idea into reality, appointing him UIDAI chairman. Under Nilekani the UIDAI hired people from within the Indian bureaucracy as well as those outside it. The initial team of 50 included software engineers, designers and entrepreneurs from Silicon Valley as well as lawyers and policy wonks who worked at the head office in New Delhi. Each of the eight regional offices had a staff of 20.

In its early-stage avatar, the team had thought out solutions to problems such as the ones the residents of Kusumpur Pahari faced, says a policy consultant who worked with the UIDAI in 2010 and spoke on condition of anonymity. “You can use old methods and physically verify a person’s name and address [by going to their house] if biometrics aren’t working,” the consultant says. “It’s built into the architecture [of Aadhaar].” In his view, the current government under Modi — whose Bharatiya Janata Party defeated the Congress Party and came to power in 2014 — and the UIDAI setup have made a “mess” of the program. He also believes that the goal has shifted from inclusion to mass enrollment. Nilekani did not respond to a request for comment.

For sure, Aadhaar has staunch supporters too, who argue that it has helped reduce the misuse of government subsidies. In July 2017, India’s junior minister for consumer affairs, food and public distribution, C.R. Chaudhary, told the country’s Parliament that Aadhaar had helped the government delete nearly 25 million fake ration cards that the poor use to access subsidized food ingredients.

“This unnecessary fearmongering around Aadhaar is uncalled for,” says Sanjay Anandaram of iSpirit, a software industry think tank. In his view, it’s “last-mile deployment challenges” like fingerprint authentication, one-time-password systems and server glitches that need to be fixed, not Aadhaar. He juxtaposes anecdotal examples of people struggling to gain benefits with the “larger purpose” he believes Aadhaar serves. “It is a revolutionary system to ensure governance improves — especially for centrally administered programs,” he says.

The UIDAI has made some efforts too, if not to improve security of personal data then at least to allow citizens to check whether their Aadhaar identity has been misused. They can go online and view any occasions when their Aadhaar identity was used to access benefits.

But for millions of Indians dependent on subsidies, pensions, scholarships and other benefits, the concerns go well beyond privacy. Getting an Aadhaar identity can be a struggle. Earlier this year, the Punjab government conceded that it can’t process nearly 200,000 farm loan waiver claims either because intended beneficiaries don’t have Aadhaar cards or because the UIDAI is still processing their applications. At the same time, not signing on to Aadhaar is increasingly not an option. In February 2017, Chaudhary’s ministry made it mandatory for individuals to have an Aadhaar card to access subsidized food grains. Then, in October, an 11-year-old girl died of starvation in the central state of Jharkhand because the local ration dealer refused to give her family food grains for six months, as they had not linked their ration cards to Aadhaar. Facing criticism, the government asked states not to deny the poor the food grains they are entitled to, but the incident underscored how the Aadhaar initiative is cutting the needy off from subsidy access, rather than helping them, suggests Ramanathan, the lawyer. “People are dying because of Aadhaar,” she says.

But the Modi government has shown no signs of rethinking either the ways in which Aadhaar appears to hurt the poorest in Indian society or its data security protocols. Instead, it has appeared keener to target whistle-blowers pointing out weaknesses in the initiative.

It cost Rachna Khaira, a reporter, only 500 rupees ($7.50) to access the entire Aadhaar database — the names, addresses, fingerprint scans, iris scans, mobile phone numbers, email addresses, postal index numbers (PINs) and Aadhaar numbers of 830 million Indians. She “purchased” the service offered by anonymous sellers on WhatsApp and transferred the money via Paytm, a popular digital wallet company, to an “agent,” who created a “gateway” for Khaira. He then gave her a log-in ID and a password to that gateway, which allowed Khaira unrestricted access to the Aadhaar database. Her report, published in January in The Tribune, one of India’s oldest English dailies, created a national stir. Instead of trying to plug the holes the report had revealed, the UIDAI filed criminal cases against Khaira and the newspaper, accusing them of breaching privacy.

Khaira’s wasn’t the first piece of evidence to expose the vulnerability of the Aadhaar database. In May 2017, a report by the Centre for Internet and Society, a nonprofit organization, claimed that 130 million to 135 million Aadhaar numbers were published on four websites: the National Social Assistance Programme, the National Rural Employment Guarantee Scheme and two projects run by Andhra Pradesh state. “This is the largest exercise in the world of the conversion of public information into an asset and then its privatization,” says Nikhil Pahwa, editor of MediaNama and a critic of Aadhaar.

These breaches of security highlight corruption and mismanagement that belie claims the government continues to peddle. In April 2017, Ravi Shankar Prasad, India’s minister of information and technology, told Parliament that “Aadhaar is robust. Aadhaar is safe. Aadhaar is secure, and totally accountable.” The government hasn’t appeared too perturbed by privacy concerns. On July 22, 2015, Mukul Rohatgi, the then attorney general, argued before the country’s Supreme Court that “the right of privacy is not a guaranteed right under our constitution.” That set off a two-year-long hearing before a nine-judge bench of the court, which unanimously ruled in 2017 that the right to privacy was indeed a fundamental right.

The criticism from social groups Aadhaar was meant to benefit, though, has left the Modi administration on the defensive. Since the passage of the 2016 Aadhaar law, civil society activists have filed 12 petitions in the Supreme Court challenging its legality. In January, the All India Kisan Sabha, one of India’s largest farmer organizations with millions of members, petitioned the top court against government moves to link subsidies to Aadhaar identities. Some leaders from Modi’s party, the BJP, have also started questioning their own government in Parliament about cases of beneficiaries denied their due because of the Aadhaar program. The Supreme Court, which is holding regular hearings on the case, has extended indefinitely the date by which citizens must link all identity documents to their Aadhaar number, until it rules on the validity of the legislation. At stake is the trust the Indian people can place in their government.

Back in Kusumpur Pahari, much of that trust has already eroded. In his 2014 election campaign, Modi had promised to stand guard as a chaukidaar (watchman) over the country’s resources, to prevent corruption. But when someone illegally withdrew Phoolmati’s grains by using her Aadhaar identity, the watchman wasn’t able to stop the theft.

For Phoolmati and other residents of Kusumpur Pahari, their ration cards guaranteed them food, and were a rare pillar of certainty in an unstable life. The Aadhaar-linked fingerprint authentication system is a source of frustration, and they don’t want it, they make clear at their weekly meeting. They now get their ration some months, and other months they don’t. Life on the fringes of society was already tough. Aadhaar, they say, has made it harder still.

For more details visit https://cis-india.org/internet-governance/news/ozy-aayush-soni-may-11-2018-indias-national-id-project-brings-pain-to-those-it-aims-to-help

India's National Cyber Security Policy in Review

jon — 2013-07-31T10:40:22Z

Earlier this month, the Department of Electronics and Information Technology released India’s first National Cyber Security Policy. Years in the making, the Policy sets high goals for cyber security in India and covers a wide range of topics, from institutional frameworks for emergency response to indigenous capacity building.

What the Policy achieves in breadth, however, it often lacks in depth. Vague, cursory language ultimately prevents the Policy from being anything more than an aspirational document. In order to translate the Policy’s goals into an effective strategy, a great deal more specificity and precision will be required.

The Scope of National Cyber Security

Where such precision is most required is in definitions. Having no legal force itself, the Policy arguably does not require the sort of legal precision one would expect of an act of Parliament, for example. Yet the Policy deals in terms plagued with ambiguity, cyber security not the least among them. In forgoing basic definitions, the Policy fails to define its own scope, and as a result it proves remarkably broad and arguably unfocused.

The Policy’s preamble comes close to defining cyber security in paragraph 5 when it refers to "cyber related incident[s] of national significance" involving "extensive damage to the information infrastructure or key assets…[threatening] lives, economy and national security." Here at least is a picture of cyber security on a national scale, a picture which would be quite familiar to Western policymakers: computer security practices "fundamental to both protecting government secrets and enabling national defence, in addition to protecting the critical infrastructures that permeate and drive the 21st century global economy."[*] The paragraph 5 definition of sorts becomes much broader, however, when individuals and businesses are introduced, and threats like identity theft are brought into the mix.

Here the Policy runs afoul of a common pitfall: conflating threats to the state or society writ large (e.g. cyber warfare, cyber espionage, cyber terrorism) with threats to businesses and individuals (e.g. fraud, identity theft). Although both sets of threats may be fairly described as cyber security threats, only the former is worthy of the term national cyber security. The latter would be better characterized as cyber crime. The distinction is an important one, lest cyber crime be “securitized,” or elevated to an issue of national security. National cyber security has already provided the justification for the much decried Central Monitoring System (CMS). Expanding the range of threats subsumed under this rubric may provide a pretext for further surveillance efforts on a national scale.

Apart from mission creep, this vague and overly broad conception of national cyber security risks overwhelming an as yet underdeveloped system with more responsibilities than it may be able to handle. Where cyber crime might be left up to the police, its inclusion alongside true national-level cyber security threats in the Policy suggests it may be handled by the new "nodal agency" mentioned in section IV. Thus clearer definitions would not only provide the Policy with a more focused scope, but they would also make for a more efficient distribution of already scarce resources.

What It Get Right

Definitions aside, the Policy actually gets a lot of things right — at least as an aspirational document. It certainly covers plenty of ground, mentioning everything from information sharing to procedures for risk assessment / risk management to supply chain security to capacity building. It is a sketch of what could be a very comprehensive national cyber security strategy, but without more specifics, it is unlikely to reach its full potential. Overall, the Policy is much of what one might expect from a first draft, but certain elements stand out as worthy of special consideration.

First and foremost, the Policy should be commended for its commitment to “[safeguarding] privacy of citizen’s data” (sic). Privacy is an integral component of cyber security, and in fact other states’ cyber security strategies have entire segments devoted specifically to privacy. India’s Policy stands to be more specific as to the scope of these safeguards, however. Does the Policy aim primarily to safeguard data from criminals? Foreign agents? Could it go so far as to protect user data even from its own agents? Indeed this commitment to privacy would appear at odds with the recently unveiled CMS. Rather than merely paying lip service to the concept of online privacy, the government would be well advised to pass legislation protecting citizens’ privacy and to use such legislation as the foundation for a more robust cyber security strategy.

The Policy also does well to advocate “fiscal schemes and incentives to encourage entities to install, strengthen and upgrade information infrastructure with respect to cyber security.” Though some have argued that such regulation would impose inordinate costs on private businesses, anyone with a cursory understanding of computer networks and microeconomics could tell you that “externalities in cybersecurity are so great that even the freest free market would fail”—to quote expert Bruce Schneier. In less academic terms, a network is only as strong as its weakest link. While it is true that many larger enterprises take cyber security quite seriously, small and medium-sized businesses either lack immediate incentives to invest in security (e.g. no shareholders to answer to) or more often lack the basic resources to do so. Some form of government transfer for cyber security related investments could thus go a long way toward shoring up the country’s overall security.

The Policy also “[encourages] wider usage of Public Key Infrastructure (PKI) within Government for trusted communication and transactions.” It is surprising, however, that the Policy does not mandate the usage of PKI. In general, the document provides relatively few details on what specific security practices operators of Critical Information Infrastructure (CII) can or should implement.

Where It Goes Wrong

One troubling aspect of the Policy is its ambiguous language with respect to acquisition policies and supply chain security in general. The Policy, for example, aims to “[mandate] security practices related to the design, acquisition, development, use and operation of information resources” (emphasis added). Indeed, section VI, subsection A, paragraph 8 makes reference to the “procurement of indigenously manufactured ICT products,” presumably to the exclusion of imported goods. Although supply chain security must inevitably factor into overall cyber security concerns, such restrictive acquisition policies could not only deprive critical systems of potentially higher-quality alternatives but—depending on the implementation of these policies—could also sharpen the vulnerabilities of these systems.

Not only do these preferential acquisition policies risk mandating lower quality products, but it is unlikely they will be able to keep pace with the rapid pace of innovation in information technology. The United States provides a cautionary tale. The U.S. National Institute of Standards and Technology (NIST), tasked with producing cyber security standards for operators of critical infrastructure, made its first update to a 2005 set of standards earlier this year. Other regulatory agencies, such as the Federal Energy Regulatory Commission (FERC) move at a marginally faster pace yet nevertheless are delayed by bureaucratic processes. FERC has already moved to implement Version 5 of its Critical Infrastructure Protection (CIP) standards, nearly a year before the deadline for Version 4 compliance. The need for new standards thus outpaces the ability of industry to effectively implement them.

Fortunately, U.S. cyber security regulation has so-far been technology-neutral. Operators of Critical Information Infrastructure are required only to ensure certain functionalities and not to procure their hardware and software from any particular supplier. This principle ensures competition and thus security, allowing CII operators to take advantage of the most cutting-edge technologies regardless of name, model, etc. Technology neutrality does of course raise risks, such as those emphasized by the Government of India regarding Huawei and ZTE in 2010. Risk assessment must, however, remain focused on the technology in question and avoid politicization. India’s cyber security policy can be technology neutral as long as it follows one additional principle: trust but verify.

Verification may be facilitated by the use of free and open-source software (FOSS). FOSS provides security through transparency as opposed to security through obscurity and thus enables more agile responses to security responses. Users can identify and patch bugs themselves, or otherwise take advantage of the broader user community for such fixes. Thus open-source software promotes security in much the same way that competitive markets do: by accepting a wide range of inputs.

Despite the virtues of FOSS, there are plenty of good reasons to run proprietary software, e.g. fitness for purpose, cost, and track record. Proprietary software makes verification somewhat more complicated but not impossible. Source code escrow agreements have recently gained some traction as a verification measure for proprietary software, even with companies like Huawei and ZTE. In 2010, the infamous Chinese telecommunications giants persuaded the Indian government to lift its earlier ban on their products by concluding just such an agreement. Clearly trust but verify is imminently practicable, and thus technology neutrality.

What’s Missing

Level of detail aside, what is most conspicuously absent from the new Policy is any framework for institutional cooperation beyond 1) the designation of CERT-In “as a Nodal Agency for coordination of all efforts for cyber security emergency response and crisis management” and 2) the designation of the “National Critical Information Infrastructure Protection Centre (NCIIPC) to function as the nodal agency for critical information infrastructure protection in the country.” The Policy mentions additionally “a National nodal agency to coordinate all matters related to cyber security in the country, with clearly defined roles & responsibilities.” Some clarity with regard to roles and responsibilities would certainly be in order. Even among these three agencies—assuming they are all distinct—it is unclear who is to be responsible for what.

More confusing still is the number of other pre-existing entities with cyber security responsibilities, in particular the National Technical Research Organization (NTRO), which in an earlier draft of the Policy was to have authority over the NCIIPC. The Ministry of Defense likewise has bolstered its cyber security and cyber warfare capabilities in recent years. Is it appropriate for these to play a role in securing civilian CII? Finally, the already infamous Central Monitoring System, justified predominantly on the very basis of cyber security, receives no mention at all. For a government that is only now releasing its first cyber security policy, India has developed a fairly robust set of institutions around this issue. It is disappointing that the Policy does not more fully address questions of roles and responsibilities among government entities.

Not only is there a lack of coordination among government cyber security entities, but there is no mention of how the public and private sectors are to cooperate on cyber security information—other than oblique references to “public-private partnerships.” Certainly there is a need for information sharing, which is currently facilitated in part by the sector-level CERTS. More interesting, however, is the question of liability for high-impact cyber attacks. To whom are private CII operators accountable in the event of disruptive cyber attacks on their systems? This legal ambiguity must necessarily be resolved in conjunction with the “fiscal schemes and incentives” also alluded to in the Policy in order to motivate strong cyber security practices among all CII operators and the public more broadly.

Next Steps

India’s inaugural National Cyber Security Policy is by and large a step in the right direction. It covers many of the most pressing issues in national cyber security and lays out a number of ambitious goals, ranging from capacity building to robust public-private partnerships. To realize these goals, the government will need a much more detailed roadmap.

Firstly, the extent of the government’s proposed privacy safeguards must be clarified and ideally backed by a separate piece of privacy legislation. As Benjamin Franklin once said, “Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety.” When it comes to cyberspace, the Indian people must demand both liberty and safety.

Secondly, the government should avoid overly preferential acquisition policies and allow risk assessments to be technologically rather than politically driven. Procurement should moreover be technology-neutral. Open source software and source code escrow agreements can facilitate the verification measures that make technology neutrality work.

Finally, to translate this policy into a sound strategy will necessarily require that India’s various means be directed toward specific ends. The Policy hints at organizational mapping with references to CERT-In and the NCIIPC, but the roles and responsibilities of other government agencies as well as the private sector remain underdetermined. Greater clarity on these points would improve inter-agency and public-private cooperation—and thus, one hopes, security—significantly.

[*]. Melissa E. Hathaway and Alexander Klimburg, “Preliminary Considerations: On National Cyber Security” in National Cyber Security Framework Manual, ed. Alexander Klimburg, (Tallinn, Estonia: Nato Cooperative Cyber Defence Centre of Excellence, 2012), 13

For more details visit https://cis-india.org/internet-governance/blog/indias-national-cyber-security-policy-in-review

India's Latest Data Leak: People's Aadhaar Number And Bank Account Are Just One Google Search Away

Admin — 2018-07-13T15:18:46Z

Even Truecaller doesn't reveal this much.

The article by Gopal Sathe was published in Huffington Post on July 12, 2018.

Imagine being able to hack someone's personal data simply by entering their mobile phone number into a Google search. There is a website of the Andhra Pradesh government that's leaking people's phone numbers, Aadhaar numbers, father's names, passbook and bank account numbers, and the district and mandal where they live - all the link to all this information is the first result you get when you search for the phone numbers of people in the database.

The Andhra government has been leaking the personal data of more than 23,000 farmers who have received subsidies from the Andhra Pradesh Medicinal and Aromatic Plants Board, and organisation that encourages the growth of Ayurvedic medicines in the state. The subsidies are offered to farmers and tribals in the state, and all their personal data is available on an open database on an Andhra Government website.

The information is not behind any access control, and you can see all the records, click on them to get the details of anyone, or download everything as an Excel sheet. But what's perhaps worse is that simply by searching for the phone numbers of many of these farmers, we were able to find the detailed information about them. HuffPost India randomly chose a dozen farmers, and in each case, this database was the first result for their phone number on Google.

That's the most concerning part - in most cases, even when the information has leaked, it isn't readily apparent to people. You have to know the website address, or at the very least spend some time poring through dashboards. In the case of this latest leak, all you need is the person's phone number, and all their information is made visible. HuffPost India has reported this issue to the AP government, much like earlier leaks, although at the time of writing the data is still available online.

Who's held responsible?

This is just the latest in a long line of leaks from AP - in just the last few months, we've reported on a website that let you geo-locate homes on the basis of caste and religion; while another tracked all the medicines people buy, such as generic viagra, along with their phone numbers; and one that tracked pregnant women in ambulances in real time.

A government official we spoke to in AP Secretariat said that while all the departments have been digitised, an understanding of security - and privacy - is yet to come. "Even if you tell them, 'this data is not something you can publish', they disagree and say that it is needed for the beneficiaries to be able to access their own information," he explained.

Karan Saini, a security analyst and consultant who writes on issues of web security and privacy, told HuffPost that the various government departments are generally unresponsive when breaches like this are brought up.

"Lack of outreach is an issue with all of these organisations," said Saini. "NCIIPC is the only one that can even be found by someone looking at the surface. [These organisations] are hard to get a response from."

One reason for this, said Srinivas Kodali, a security researcher who has revealed a tremendous amount of leaks in the AP system, is that there is no official system of accountability in the government when it comes to data leaks.

In May 2017, the AP government passed the Andhra Pradesh Core Digital Data Authority Act, under which in section 37 it states that no legal proceeding shall lie against any officer or employee for anything which is in good faith done. What this means is that leaks and breaches are not something any official in the government can be held responsible for.

This act came out less than a month after the Centre for Internet and Society in Bengaluru published a report stating that 13 crore Aadhaar numbers were leaked - of which 2 crore were from Andhra Pradesh.

A lack of (human) resources

AP officials do acknowledge the problem. "There is a major shortage of cybersecurity professionals, and hiring them is a challenge," said V Premchand, head of the Andhra Pradesh Technology Service, who is in charge of the ongoing security work in the state. AP has seen a major security audit in May this year, and a privacy audit was announced last month.

"The work is ongoing but it is not something that can happen overnight," Premchand explained. However, others argue that the government isn't doing enough to make use of existing manpower. Unlike other countries, the Indian government does not have any real bug bounty program, where security researchers are incentivised to report weaknesses to organisations for cash rewards and recognition.

Sai Krishna Kothapalli, a student at IIT Guwahati and a security researcher, told HuffPost that the government actively discourages security experts from providing their support, rather than encouraging them.

"The US Department of Defense and others have a responsible disclosure program and a lot of people from India take part in that," he said. "Our talent is being used by them instead because the government here does not reply at all."

"India's top hackers are being employed by people outside the country, even though we have the talent here, because will you spend the time and effort to be ignored here, or report issues to a US company and make thousands of dollars instead?"

However, security audits in India are only being carried out by agencies that have been empaneled, and most of the hackers active here don't have the certification, he added. "They're too busy actually doing the work, while these big companies do audits, and leave all kinds of security issues behind."

For more details visit https://cis-india.org/internet-governance/news/huffington-post-gopal-sathe-july-12-2018-indias-latest-data-leak-is-so-basic-that-peoples-aadhaar-number-bank-account-and-fathers-name-are-just-one-google-search-away

India's landmark online speech ruling is step toward greater press freedom

praskrishna — 2015-03-29T00:55:35Z

In an historic decision, India's Supreme Court on Tuesday struck down part of a law used to silence criticism and free expression. While this marks a pivotal victory that has been welcomed in many quarters, many challenges remain for press freedom in the country.

The blog post by Sumit Galhotra was published by CPJ (Committee to Protect Journalists) on March 28, 2015. Pranesh Prakash is quoted.

Section 66A of the Information Technology Act--the vaguely worded provision struck down by the court--criminalized online speech deemed "grossly offensive" or "menacing," along with information for the purpose of causing "annoyance" or "inconvenience." Individuals convicted under the provision could face up to three years in prison. This law, along with others that remain on the books, has allowed India to become a paradise for the offended.

The law was challenged by a public interest litigation mounted by Shreya Singhal, in 2012. Singhal, who had just returned to Delhi from her studies in the U.K., was infuriated at how the law was being used to stifle debate and criticism in her home country, according to reports.

The September 2012 arrest of cartoonist Aseem Trivedi, on a range of charges including one under Section 66A, over his cartoons on politics and corruption, caught Singhal's attention. A few weeks later, she learned of the arrest of 21-year-old Shaheen Dhada, who questioned on Facebook the shutdown of Mumbai following the death of a politician, Singhal said. Dhada's friend, Renu Srinivasan, who had merely "liked" the comment, was arrested under the law. According to news reports, both were charged. These cases sparked a national debate on the space for free expression in the world's largest democracy, and led Singhal to challenge the law, she told reporters.

"It's a big victory," Singhal, who is currently studying law in Delhi, told the media following Tuesday's decision. "The Internet is so far-reaching and so many people use it now, it's very important for us to protect this right."

India is expected to overtake the U.S. as the second largest population of Internet users in the world, behind only China, according to the Internet and Mobile Association of India, a nonprofit group representing the Web and mobile industry. As Internet usage accelerates in India, thanks in large part to the widespread use of mobile devices, there has been an ongoing debate on how best to policeit in a country that has to contend with frequent episodes of violence, civil unrest, and terrorist attacks.


Karuna Nundy, an advocate at the Supreme Court of India who helped the legal challenge, says the country has several laws that are a threat to press freedom. (Geoffrey King)

Lawrence Liang, a lawyer and researcher at the Bangalore-based Alternative Law Forum, an Indian legal research organization, shared in Singhal's welcoming of the decision. "It is important to note that this is the first judgment in decades in which the Supreme Court has struck down a legal provision for violating freedom of speech, and in doing so, it simultaneously builds upon a rich body of free speech cases in India and paves the way for a jurisprudence of free speech in the 21st century, the era of the Internet and social media," he told CPJ.

Pranesh Prakash, policy director at Bangalore-based Centre for Internet and Society, an organization that focuses on issues of digital pluralism, called the judgment "a moral victory." He said the decision "furthers free speech jurisprudence in India, but also in all those other countries where an Indian precedent would be important," including many countries in Asia, and places such as South Africa.

As part of the judgment, the court narrowed its reading of Section 79 of the IT Act, under which private parties could submit notice-and-takedown orders directly to Internet intermediaries. The court held that intermediary liability can be pursued only through a court order or other government order, reports said.

Liang told CPJ the judgment falls short in some areas. The Supreme Court's 123-page judgment kept in place Section 69A of the IT Act and Information Technology Rules 2009 that allows the government to block websites if the content in question has the potential to create communal discord, social disorder, or impact India's relations with other countries, according to news reports.

"I would say that if there is missed opportunity in the judgment, it is the clarification of the process of blocking websites. If Section 66A was found to be arbitrary in that its scope covered protected and unprotected speech, then the procedure for blocking websites as laid out in Section 69A is also beset with similar problems," Liang said.

According to Chinmayi Arun, research director at the Centre for Communications Governance at the National Law University in Delhi, the 2009 rules require blocking requests and implementation to be kept confidential. "This means that speakers will have no way of finding out that the government has ordered intermediaries to block their content. Speakers will therefore not be able to question unconstitutional blocking orders before the judiciary--this is a clear interference with their constitutional rights," she told CPJ via email, referring to online users who could fall foul of the law.

Academic in me: As a matter of legal & constitutional analysis, the SC judgment is at its best on #66A, but weaker on 69A & weakest on 79.
-- Pranesh Prakash (@pranesh_prakash) March 24, 2015

For some journalists, the decision highlights how virtually no national party in India, including the ruling Bharatiya Janata Party (BJP), is a champion of these rights. In a piece for independent news website Scroll, journalist Shivam Vij criticizes the current Narendra Modi-led government for missing an opportunity by not acting decisively to address the problematic law. "It has become routine for India's politicians to avoid taking tough political decisions if they can be left to the courts," he said. "When in power, the BJP is as happy as the Congress to have at its disposal laws that can muzzle voices of dissent."

Trivedi told CPJ he agreed that the previous and current government did little to address abuses of the law. Trivedi, who up until the court decision, faced charges under Section 66A, and had joined Singhal as a petitioner in the case, added: "This decision marks a strong first step." The cartoonist's lawyer, Vijay Hiremath, told CPJ that the Section 66A charge has now been removed, but Trivedi still faces charges under the National Emblem Act.

While the striking down of Section 66A is a step in the right direction, many challenges remain for press freedom in India. Karuna Nundy, an advocate at the Supreme Court of India, who was at the forefront of the legal challenge, told CPJ numerous colonial-era laws, particularly in India's penal code, continue to pose threats to free speech and press freedom in India. CPJ has long documented cases of Indian journalists being threatened with sedition, defamation, and laws that criminalize "outraging religious sentiment."

Actually, next step(s): a review of the constitutionality of sedition, challenge criminal defamation, constitutionalise civil defamation.
-- Gautam Bhatia (@gautambhatia88) March 24, 2015

But Nundy expressed optimism for the challenges ahead for press freedom in India and elsewhere. She said the judgment shows, "If you do the work, you take the trouble, you make the challenge, you can achieve the kinds of values that you stand for. That is the work that is the duty of all us as national citizens and citizens of the world."

[Geoffrey King, CPJ Internet Advocacy Coordinator, contributed to this report from Manila]

For more details visit https://cis-india.org/internet-governance/news/cpj-march-28-2015-sumit-galhotra-indias-landmark-online-speech-ruling-is-step-toward-greater-press-freedom