We are anonymous, we are legion

Identity and Databases

praskrishna — 2014-08-07T08:32:16Z

The Centre for Internet and Society (CIS) and the Say No to UID Campaign invite you to a discussion identity, databases and facilitating technologies that explores the use of personal identifiers across databases and the potential violations of privacy on August 9, 2014 (10.30 a.m. to 1.00 p.m.) at the CIS office in Bangalore.

The discussions will specifically focus on the UID and the NPR and seek to answer:

What information is being collected and databased by each scheme?
What type of technology is needed to collect and database this information?
How and where is this information being databased?
What are the potential risks to the databasing of this information?
Are there legal safeguards protecting against misuse of this information, and if not, what safeguards are needed?
Is there a difference between the state collecting, storing, and using this information and a private entity?

For more details visit https://cis-india.org/events/identity-and-databases

Second Privacy and Surveillance Roundtable

anandini — 2014-08-09T04:10:50Z

On July 4, 2014, the Centre for Internet and Society in association with the Cellular Operators Association of India organized a privacy roundtable at the India International Centre. The primary aim was to gain inputs on what would constitute an ideal surveillance regime in India.

Introduction: About the Privacy and Surveillance Roundtables

The Privacy and Surveillance Roundtables are a CIS initiative, in partnership with the Cellular Operators Association of India (COAI), as well as local partners. From June 2014 – November 2014, CIS and COAI will host seven Privacy and Surveillance Roundtable discussions across multiple cities in India. The Roundtables will be closed-door deliberations involving multiple stakeholders. Through the course of these discussions we aim to deliberate upon the current legal framework for surveillance in India, and discuss possible frameworks for surveillance in India. The provisions of the draft CIS Privacy Bill 2013, the International Principles on the Application of Human Rights to Communication Surveillance, and the Report of the Group of Experts on Privacy will be used as background material and entry points into the discussion. The recommendations and dialogue from each roundtable will be compiled and submitted to the Department of Personnel and training

The second Privacy and Surveillance Roundtable was held in New Delhi at the India International Centre by the Centre for Internet and Society in collaboration with the Cellular Operators Association of India on the 4^th of July, 2014.

The aim of the discussion was to gain inputs on what would constitute an ideal surveillance regime in India working with theCIS Draft Privacy Protection Bill, the Report of the Group of Experts on Privacy prepared by the Justice Shah committee, and the International Principles on the Application of Human Rights to Communications Surveillance.

Background and Context: Privacy and Surveillance in India

The discussion began with the chair giving an overview of the legal framework that governs communications interception under Indian Law. The interception of telecommunication is governed by Section 5(2) of the Telegraph Act,1885 and Rule 419A of the Telegraph Rules,1951. The framework under the Act has remained the same since it was drafted in 1885. An amendment to the Telegraph Rules in 1996 in light of the directions given under PUCL v Union of India was possibly the first change to this colonial framework barring a brief amendment in 1961.

During the drafting of the Act, the only two Indian members of the drafting committee objected to the wide scope given to interception under Section 5(2). In 1968, however, the 30^th Law Commission Report studying Section 5(2) came to the conclusion that the standards in the Act may be unconstitutional given factors such as ‘public emergency’ were too wide in nature and called for a relook at the provision.

While the interception of postal mail is governed by Section 26 of the Post Office Act, 1898, the interception of modern forms of communication that use electronic information and traffic data are governed under Sections 69 and 69B of the Information Technology Act, 2000, while interception of telephonic conversations are governed by section 5(2) of the Indian Telegraph Act 1885 and subsequent rules under section 419A.

What the law ought to be?
With the shift in time, the Chair noted that the concept of the law has changed from its original colonial perspective. Cases such as Maneka Gandhi v Union of India, highlighted that an acceptable law must be one that is ‘just, fair and reasonable’. From judgments such as these, one can impute that any surveillance law should not be arbitrary and must comply with the principles of criminal procedure. Although this is ideal, recent matters that are at the heart of surveillance and privacy, such as the Nira Radia matter, currently sub-judice, will hopefully clarify the scope of surveillance that is considered permissible in India.

Why is it important now?
In India, the need to adopt a legislation on privacy came in the wake of the Indo-EU Free Trade Agreement negotiations, where a data adequacy assessment conducted by the European Commission showed that India’s data protection practices were weak. In response to this, the Department of Personnel and Training drafted a Privacy Bill, of which two drafts have been made, though the later draft has not been made available to the public.

The formation of a privacy proposal in India is not entirely new. For example in 1980, former Union minister VN Gadgil proposed a bill to deal with limiting reportage on public personalities. Much of this bill was based on a bill in the House of Lords in 1960 suggested by Lord Mancroft to prevent uncontrolled reporting. The chair notes here that in India privacy has developed comprehensively as a concept in response to the reporting practices of the media.

Although, the right to privacy has been recognised as an implicit part of the right to life under the Constitution, the National Commission to Review the Working of the Constitution set up in February 2000 suggested the addition of a separate and distinct fundamental right to privacy under Article 21 B along the same lines of Article 8 of the European Convention of Human Rights.

While these are notable efforts in the development of privacy, the Chair raised the question of whether India is merely 'inheriting' reports and negotiations, without adopting such standards into practice and a law.

Discussions

Cloud base storage and surveillance

Opening up the discussion on electronic interception, a participant asked about the applicability of a Privacy regulation to cloud based services. Cloud based storage is of increasing relevance given that the cloud permits foreign software companies to store large amounts of customer information at little or no cost.

Indian jurisdiction, however, would be limited to a server that resides in India or a service provider that originates or terminates in India. Moving the servers back to India is a possible solution, however, it could have negative economic implications.In terms of telecommunications, any communications that originate or terminate using Indian satellites are protected from foreign interception.

Before delving into further discussion, the Chair posed the question of as to what kind of society we would like to live in, contrasting the individual based society principle and the community based principle. While the former is followed by most Western Nations as a form of governance, Orientalist and/or Asian tradition follows the community based principle where the larger focus is community rights. However, it would be incorrect to say that the latter system does not protect rights such as privacy, as often Western perceptions seem to imply. For example, the Chair points out that the oldest Hindu laws such as the Manu Smriti protected personal privacy.

Regulatory models for surveillance

After the preliminary discussion, the Chair then posed the fundamental question of how a government can regulate surveillance. During the discussion, a comparison was made between the UK, the US modus operandi i.e. the rule of probable cause coupled with exhaustion of other remedies, and the Indian rule based out of Section 5(2) of the Telegraph Act, 1885. In the United States, wire taps cannot be conducted without a Judge’s authorization.For example, the Foreign Intelligence Surveillance Act, which governs foreign persons, has secret courts. In addition, a participant added that surveillance requests in the US are rarely if ever, rejected. While on paper, the US model seems acceptable, most participants are weary of the practicability of such a system in India citing that a judiciary that is shielded from public scrutiny entirely cannot be truly independent. The UK follows an interception regime regulated by the Executive, the beginnings of which lay in its Telegraph Act in 1861, which the Indian Telegraph Act is based on. However, the interception regime of the UK has constantly changed with a steady re-evaluation of the law. Surveillance in the UK is regulated by the Regulation of Investigatory Powers Act of 2000(RIPA), in addition it has draft bills pending on Data Retention and on the Admissibility of intercepted communications as evidence.

In contrast, India follows an executive framework, where the Home Secretary gives authorization for conducting wiretaps. This procedure can be compromised in emergent circumstances, where an officer not below the rank of a Joint Secretary can pass an order.

Participants agreed that the current system is grossly inadequate, and the Chair asked whether both a warrant and a judicial order based system would be appropriate for India.

Considering the judicial model as a possible option, participants thought of the level of judiciary apt for regulating matters on surveillance in India. While participants felt that High Court judges would be favourable, the immense backlog at the High Court level and the lack of judges is a challenge and risks being inefficient. If one were to accept the magistrate system, the Chair adds that there are executive magistrates within the hierarchy who are not judicial officers. To this, a participant posed the question as to whether a judicial model is truly a workable one and whether it should be abandoned. In response, a participant, iterated the Maneka Gandhi ratio that “A law must be just, fair and reasonable and be established to the satisfaction of a judicially trained mind”

It was then discussed how the alternative executive model is followed in India, and how sources disclose that police officers often use (and sometimes misuse) dedicated powers under Section 5(2), despite Rule 419A having narrowed down the scope of authority. A participant disagreed here, stating that most orders for the interception of communications are passed by the Home Secretary.

When the People’s Union for Civil Liberties challenged Section 5(2) of the Telegraph Act, the Supreme Court held that it did not stand the test of Maneka Gandhi and proposed the set-up of a review committee under its guidelines which was institutionalised following an amendment in 2007 to the Telegraph Rules.

Under Rule 419A, a review committee comprises of officials such as the Cabinet Secretary, Secretary of the Department of Telecommunications, Secretary of the Department of Law and Justice and the Secretary of Information Technology and Communication ministry at the Centre and the Chief Secretary ,the Law Secretary and an officer not below the rank of a Principal secretary at the State level. A participant suggested that the Home Secretary should also be placed in the review committee to explain the reasons for allowing the interception.

Albeit Rule 419A states that the Review Committee sits twice a month, the actual review time according to conflicting reports is somewhere between a day to a week. The government mandates that such surveillance cannot continue for more than 180 days.

In contrast to the Indian regime, the UK has a Commissioner who reviews the reasons for the interception along with the volume of communication among other elements. The reports of such interceptions are made public after the commissioner decides whether it should be classified or declassified and individuals can challenge such interception at the Appellate Tribunal.

A participant asked whether in India, such a provision exists for informing the person under surveillance about the interception. A stakeholder answered that a citizen can find out whether somebody is intercepting his or her communications via the government but did not elaborate on how.

Authorities for authorizing interception

On the subject of the regulatory model, a participant asked whether magistrates would be competent enough to handle matters on interception. It was pointed out that although this is subjective, it can be said that a lower court judge does not apply the principles of constitutional law, which include privacy, among other rights.

Having rejected the possibility of High Court judges earlier in the discussion, certain participants felt that setting up a tribunal to handle issues related to surveillance could be a good option, considering the subject matter and specialisation of judges. Yet, it was pointed out that the problem with any judicial system, is delay that happens not merely inordinately but strategically with multiple applications being filed in multiple forums. In response, a participant suggested a more federal model with greater checks and balances, which certain others felt can only be found in an executive system.

The CIS Privacy Protection Bill and surveillance

Section 6 of the CIS Privacy Protection Bill lists the procedure for applying to a magistrate for a warrant for interception. One of the grounds listed in the Bill is the disclosure of all previously issued warrants with respect to the concerned person.

Under Section 7 of the Bill, cognisable offences that impact public interest are listed as grounds for interception. Considering the wide range of offences that are cognisable, there is debate on whether they all constitute serious enough offences to justify the interception of communications. For example, the bouncing of a cheque under the Negotiable Instruments Act is a cognisable offence in public interest, but is it serious enough an offence to justify the interception of communications? How should this, then be classified so as to not make arbitrary classifications and manage national security is another question raised by the Chair.

The example of Nira Radia and the fact that the income tax authorities requested the surveillance demonstrates the subsisting lack of a framework for limiting access to information in India. A participant suggested that a solution could be to define the government agencies empowered to intercept communications and identify the offences that justify the interception of communications under Section 7 of the CIS Privacy Protection Bill.

During the discussion, it was pointed out that the Government Privacy Bill, 2011 gives a broad mandate to conduct interception that goes beyond the reasonable restrictions under Article 19 (2) of the Constitution. For example, among grounds for interception like friendly relations with other States, Security and public disorder, there are also vague grounds for interception such as the protection of the rights and freedoms of others and any other purpose mentioned within the Act.

Although the Justice Shah report did not recommend that “any other purpose within the Act” be a ground for interception, it did recommend “protection of the freedom of others” continue to be listed as a permissible ground for the interception of communications.

Meta-data and surveillance

Under Section 17 of the Draft Bill, metadata can be intercepted on grounds of national security or commission of an offence. Metadata is not protected under Rule 419A of the Telegraph Rules and a participant asked as to why this is. The Chair then posed the question to the conference of whether there should be a distinction between the two forms of data at all.

While participants agreed that Telecommunication Service Providers store meta data and not content data, there is a need according to certain participants, to circumscribe the limits of permissible metadata collection. These participants advocated for a uniform standard of protection for both meta and content data, whereas another participant felt that there needs to be a distinction between content data and meta data. Certain participants also stressed that defining what amounts to metadata is essential in this regard.

The Chair moved on to discussing the provisions relating to communication service providers under Chapter V. It was noted that this section will be irrelevant however, if the Central Monitoring System comes into force, as it will allow interception to be conducted by the Government independent of service providers.

Data Retention and Surveillance

Data can be classified into two kinds for the purposes of interception, i.e. content and Meta data. Content data represents the content in the communication in itself whereas Meta data is the information about the communication.

Telecommunications service providers are legally required to retain metadata for the previous year under the Universal Access Service Terms, although no maximum time limit on retention has been legally established.

A participant highlighted that the principle of necessity has been ignored completely in India and there is currently a practice of mass data collection. In particular, metadata is collected freely by companies, as it is not considered an invasion of privacy.

Another stakeholder mentioned that nodal officers set up under every Telecommunication Service Provider are summoned to court to explain the obtainment of the intercepted data. The participant mentions that Telecom Service Providers are reluctant to explain the process of each interception, questioning as to why Telecom Service Providers must be involved in judicial proceedings regarding the admissibility of evidence when they merely supply the data.

A participant asked as to where a Grievance Redressal mechanism can be fit in within the current surveillance framework in India. In response, it was noted that with a Magistrate model, procedure cannot be prescribed as Criminal Procedure would apply. However, if tribunals were to be created, a procedure that deals with the concerns of multiple stakeholders would be apt.

A doubt raised by a stakeholder was whether prior sanction could be invoked by public servants against surveillance. Its applicability must be seen on a case to case basis, although for the most part, prior sanction would not be applicable considering that public officials accused of offences are not be entitled to prior sanction.

Section 14 of the CIS Privacy Protection Bill prohibits the sharing of information collected by surveillance with persons other than authorised authorities in an event of national security or the commission of a cognisable offence. Participants agreed that the wording of the section was too wide and could be misused.

A participant also pointed out that in practice, such parameters on disclosure are futile as even on civil family matters, metadata is shared amongst the service provider and the individuals that request it.

With relation to metadata, a participant suggested a maximum retention period of 2 years. As pointed out earlier, Call Detail Records, a service provider must retain the information for at least one year, however, there is no limit placed on retention, and destruction of the same is left to the discretion of the service provider. Generally it was agreed by participants that a great deal more clarity is needed as currently the UASL merely states that Internet Protocol Detail Record (IPDR) should be maintained for a year.

Duties of the Service Provider

Under the CIS Privacy Protection Bill , the duties of Telecommunication Service Providers broadly includes ‘measures to protect privacy and confidentiality’ without further elaboration. A participant mentioned that applicable and specific privacy practices for different industries need to be defined. Another participant stressed that such practices should be based in principles and not based in technology - citing rapidly evolving technology and the obsolete government standards that are meant to be followed as security practices for ISPs.

Another area that needs attention according to a participant is the integrity of information after interception is conducted. Participants also felt that audit practices by Telecommunication Service Providers should be confined to examining the procedures followed by the company, and not examine content, which is currently the practice according to other participants.

A participant also mentioned that standards do not be prescribed to Telco's considering the Department of Telecommunications conducts technical audits. Another participant felt that the existing system on audits is inadequate and perhaps a different model standard should be suggested. The Chair suggests that a model akin to the Statement on Auditing Standards that has trained persons acting as auditors could fair better and give security to Telco's by ensuring immunity for proceedings based on compliance with the standards.

The next issue discussed was whether surveillance requests can be ignored by Telco's, and whether Telco's can be held liable for repeatedly ignoring interception requests. A stakeholder replied that although there are no rules for such compliance, a hierarchal acquiescence exists which negates any flexibility.

Admissibility of Evidence

The significance given to intercepted communications as evidence was the next question put forth by the Chair. For example in the US, the ‘fruit of the poisonous tree’ rule is followed where evidence that has been improperly received discredits its admissibility in law as well as further evidence found on the basis of it. In India, however, intercepted communications are accorded full evidentiary value, irrespective of how such evidence is procured. The 1972 Supreme Court Judgment of Malkani v State of Maharashtra, reiterated a seminal UK judgment, Kuruma, Son of Kanju v. R , which stated that if the evidence was admissible it is irrelevant how it was obtained.

Participants suggested more interaction with the actual investigative process of surveillance, which includes prosecutors and investigators to gain a better understanding of how evidence is collected and assessed.

Conclusions

The Roundtable in Delhi was not a discussion on surveillance trapped in theory but a practical exposition on the realities of governance and surveillance. There seemed to be two perspectives on the regulatory model both supported with workable solutions, although the overall agreement was on an organised executive model with accountability and a review system. In addition, inputs on technology and its bearing on the surveillance regime were informative. A clear difference of opinion was presented here on the kind of protection metadata should be accorded. In addition, feedback from stakeholders on how surveillance is conducted at the service provider level, highlight the need for an overhaul of the regime, incorporating multiple stakeholder concerns.

1994 4 SCC 569

The definition of telegraph was expanded with the Telegraph Laws (Amendment) Act, 1961 under Section 3 (1AA) to ‘‘telegraph’ means any appliance, instrument, material or apparatus used or capable of use for transmission or reception of signs, signals, writing, images and sounds orintelligence of any nature by wire, visual or other electro-magnetic emissions, radio waves or Hertzian waves, galvanic, electric or magnetic means.

Explanation.—’Radio waves’ or ‘Hertzian waves’ means electromagnetic waves of frequencies lower than 3,000 giga-cycles per second propagated in space without artificial guide;]

1978 AIR 597

Art 21-B-“Every person has a right to respect for his private and family life, his home and his correspondence.”, Accessed at < http://lawmin.nic.in/ncrwc/finalreport/v1ch3.htm>

Article 8 of the European Convention on Human Rights mentions

1. Everyone has the right to respect for his private and family life, his home and his correspondence.

2. There shall be no interference by a public authority with the exercise of this right except such as is in accordance with the law and is necessary in a democratic society in the interests of national security, public safety or the economic well-being of the country, for the prevention of disorder or crime, for the protection of health or morals or for the protection of the rights and freedoms of others.

Article 8 was invoked in Rajagopal v State of Tamil Nadu (1995 AIR 264)

PUCL v Union of India, (1997) 1 SCC 301

IPDR measures bandwidth and monitors internet traffic.

[1955] A.C. 197

For more details visit https://cis-india.org/internet-governance/blog/second-privacy-and-surveillance-july-4-2014

We the goondas

praskrishna — 2014-08-04T15:06:18Z

You can now be arrested in Karnataka even before you commit an offence under the IT Act. You could be in jail under the Goonda Act even if not guilty under the Indian Copyright Act. If govt thinks you are planning to send a 'lascivious' photo to a WhatsApp group, or forwarding a copyrighted song, you can be arrested.

The article by Shyam Prasad was published in the Bangalore Mirror on August 4, 2014. Sunil Abraham gave his inputs.

Have a smartphone? Run for cover. Bizarre as this might sound, the cops are going to come after you if you so much as forward a song to a friend. Forget actually doing it, any plans to do so could land you in serious trouble too. You could be labelled a 'goonda' in the eyes of the State and find yourself behind bars.

In a completely unfathomable move, Karnataka has brought most offences under the Information Technology Act, 2000, and Indian Copyright Act, 1957, under the ambit of the Goonda Act. Until now, people with a history of offences like bootlegging, drug offences and immoral trafficking could be taken into preventive custody. But the government, in its enthusiasm, while adding acid attackers and sexual predators to the law, has also added 'digital offenders'. While it was thought to be against audio and video pirates, Bangalore Mirror has found it could be directed at all those who frequent FB, Twitter and the online world, posting casual comments and reactions to events unfolding around them.

So if you are planning a digital 'offence' — which could be an innocuous opinion like the young girls' in Mumbai after the bandh declared on Bal Thackeray's death — that could attract the provisions of the Information Technology Act. You can even be taken into preventive custody like a 'goonda'. Even those given exceptions under the Indian Copyright Act can find themselves in jail for a year without being presented before a magistrate. Technically, if you are even planning to forward 'lascivious' memes and images to a WhatsApp group or forwarding a song or 'copyrighted' PDF book, you can be punished under the Goondas Act.

The law-makers clearly did not dwell much on the implications while bringing the majority of the populace within the ambit of this law. On July 28, the Karnataka Legislature passed (it took barely a minute from tabling to voice vote), 'The Karnataka Prevention of Dangerous Activities of Bootleggers, Drug-offenders, Gamblers, Goondas, Immoral Traffic Offenders, Slum-grabbers and Video or Audio Pirates, (Amendment) Bill, 2014'. The amendment adds, "Acid attackers, Depradator of Environment, Digital Offenders, Money Launderers and Sexual Predators", to the title. In common parlance, this law is known as the 'Goonda Act'.

The move has come as a shock to the legal community which has slammed it, terming it an attempt by the state to usurp central powers. The government had earlier included 'piracy' under the Goonda Act. But it was applicable only to those pirating film DVDs. Now, this will include books, film songs, music, software or anything big corporates and multinationals claim they have copyright on.

Sunil Abraham, executive director, Centre for Internet and Society, is left in no doubt that the new law is "a terrible thing". "It is a sad development. It is not just bringing the provisions of the IT Act, but also the Copyright Act, that will hurt the common man," he said.

'Digital Offenders' means "any person who knowingly or deliberately violates, for commercial purposes, any copyright law in relation to any book, music, film, software, artistic or scientific work and also includes any person who illegally enters through the identity of another user and illegally uses any computer or digital network for pecuniary gain for himself or any other person or commits any of the offences specified under sections 67, 68, 69, 70, 71, 72, 73, 74 and 75 of the Information Technology Act, 2000."

Section 67 of the IT Act will be the most dangerous for the common man with a smartphone in hand now. The section, "Publishing of information which is obscene in electronic form," includes "any material which is lascivious or appeal to the prurient interest." This could have a very broad interpretation.

Advocate Nagendra Naik says, "The Goonda Act provides for preventive arrest. In the Information Technology Act and The Copyright Act, you have to commit the offence to be arrested. But here, you can be taken into preventive custody even before you commit the said offences. In normal arrests, you can straightaway apply for bail. But under the Goonda Act, you cannot. There is a long process of review and you will be in custody at least till then. The third impact is, you can have a history sheet started against you by the police. Technically, your slips on WhatsApp will attract the Goonda Act against you."

Supreme Court advocate KV Dhananjay said the Goonda Act is a draconian piece of legislation and it necessarily mocks at the institution of courts and lawyers. "After the passage of the various amendments to the Goonda Act, Karnataka now looks like a mini North Korea where police mood swings will decide whether the ordinary citizen has any right at all," he said.

Advocate Shyam Sundar, says, "What if your smartphone has a list of repeated material sent out over days or weeks. Most people do not even know if their phones are affected by viruses which could be sending out such material. Another example is of Facebook. There are so many FB pages with pornographic content. If someone who has subscribed to such a page sends you a friend request and you accept it, that content will surface on your page. It will have a history of repetition. The amendment clearly opens up huge problems for the common people. There is no doubt of the law being grossly misused and the amendment to include provisions of the IT Act has been done without application of mind. What is lascivious appeal in the first place? A porn star has been made a film star in India. Is this not lust? Are there enough filters in place to secure your smartphone from online abuse?"

The new law will in all probability create more corruption than anything else, say experts. Dhananjay says, "Until last week, police postings in Bangalore and other bigger cities were selling for tens of lakhs. Thanks to these amendments, some postings that enforce the Goonda Act will now sell for a couple of crores. The public will not feel safe due to this draconian legislation. Those who enforce the Goonda Act, however, will become richer through corruption, thanks to the fear created by these new amendments."

One year in jail for the innocent too

Sunil Abraham gives two examples by which the amended Goonda Act will become a ruthless piece of legislation. "If I publish an image of a naked body as part of a scientific article about the human body, is it obscene or not? It will not be obscene and, if I am arrested under the IT Act, I will be produced before the magistrate within 24 hours and can explain it to him. But now, I will be arrested under the Goonda Act and need not be produced before a magistrate for 90 days. It can be extended to one year. So for one year, I will be in jail even if I have not committed any wrong. Another example pertains to bringing offences under the Copyright Act under the Goonda Act. In the Copyright Act, there is an exception for reporting, research, educational and people with disability. A visually impaired person, for example, can, without paying royalty, convert a book into another format like Braille or audio and share it with another visually impaired person on a non-profit basis. But if he is arrested under Goonda Act, he will be in jail for one year, even before he does it."

HAVE THEY READ STATUTE?
Supreme Court advocate KV Dhananjay says, "The definition of a 'digital offender' is simply laughable. I do not think that whoever asked the state government to include 'digital offence' under the Goonda Act has carefully read the Constitution of India. Under the Constitution, both copyright and telecommunications are exclusive central subjects. This means that states simply cannot make any law on these subjects." Dhananjay gives the example of payment of income tax. "You know already that only the central government can demand and collect your income taxes. Can any state government say that it will create a new law to punish its resident who defaults in payment of income tax? You would simply laugh at any such law. This new definition of 'digital offender' is no less amusing. Offences under the Information Technology Act, 2000, are exclusively punishable by the central government only. State governments have no power to say that an Act shall become an offence when it does not even have the power to regulate such an Act."

CRIMINAL LAW EXPERTS SAY
Senior designate advocate, MT Nanaiah: "This law will be too harsh. There are MLAs who do not know the meaning of cyber crime. We (advocates) will be kept busy at the cost of innocent people because of this step. It provides for arresting anyone who would allegedly be planning to do something. Finding him guilty or otherwise comes later. What happens if your phone is lost or somebody sends something from your phone without your knowledge? For the first few years, innocents will go to jail. Then the courts will probably intervene and call for modifying what is at best a bad law. A similar situation arose with Section 498(A) of IPC and Sections 3 and 4 of Dowry Prohibition Act. It was misused to such an extent that courts had to step in." Senior designate advocate and former State Public Prosecutor HS Chandramouli : "Even social legislations have been misused. And, in this case, most people are illiterate about what cyber crime is. It is mostly teenagers and college students who will feel the heat. These are the people who mostly forward material considered obscene. It is necessary to educate people through discussions, workshops in the bar associations, law college and with experts. The amendment has been passed in the Legislature without discussion, which is a tragedy. At least now, before it is gazetted, people should be warned about what is being brought into the Goonda Act. I do not know how fair adding 'digital offenders' in the Goonda Act will be to the public, but the chances of misuse are more. There are no riders or prosecution for misuse. And how many policemen know about cyber crimes? During the infamous 'kidney' case (where people were cheated and their kidneys removed) many policemen did not know the difference between kidneys and testicles."

ONE YEAR IN JAIL WITHOUT CHANCE OF BAIL FOR..

Forwarding a song from your phone
Forwarding an e-book from your email
A nude photo which the govt thinks is obscene
Any software that a company says it owns
A movie which a company says it has copyright on

For more details visit https://cis-india.org/news/bangalore-mirror-shyam-prasad-august-4-2014-we-the-goondas

'I'm going to ruin you, dear'

praskrishna — 2014-09-09T09:55:47Z

Revenge porn is sweeping across the developed world. And now it's being seen in India. The culprit, says Prasun Chaudhuri, is often a former friend, partner, relative or colleague.

This article by Prasun Chaudhuri with additional reporting by Varuna Verma in Bangalore was published in the Telegraph on August 3, 2014. Rohini Lakshane gave her inputs.

How would you feel if you casually opened a mail and found the link to a pornographic site — and it turned out to contain pictures of yourself naked? That's what Kalpana did. She clicked on a link sent to her and, to her horror, found that the face of the girl who "was available for sex" was hers. Her stomach lurched when she saw that the pictures showed her own bedroom. The site also contained her personal and contact details.

Kalpana was shattered. The subject line of the mail had said "I'm going to ruin you, dear". It had seemed like a prank. Only, it wasn't. It was a very real and malevolent attempt to destroy her reputation.

The 24-year-old Mumbai-based bank executive had become a victim of revenge porn — a new form of cybercrime in which ex-lovers or boyfriends upload intimate photos and videos of their former partners for the world to see. Mostly, the sexually explicit pictures are of women posted by jilted or spurned men.

Kalpana's photos, it was later found, were posted by her recently divorced husband, Pranay. They were taken when the two lived together.

Revenge porn is a trend sweeping across the developed world — from the US and Japan to countries in Europe. And now it's being seen in India, fuelled by the growing access to the Internet and camera-wielding mobile phones — all that is needed for taking and posting offensive pictures.

"Now that you have gadgets you tend to capture every moment of your life in pictures or videos," Calcutta-based psychiatrist J.R. Ram points out. "Not only that, you want to share these images through networking apps in your mobile phone or the Internet — without ever thinking of the consequences."

National Crimes Record Bureau (NCRB) figures — released on July 1, 2014 — show a 63.7 per cent rise in cyber offences from 2012 to 2013. During this period, the category "transmission of obscene content in electronic form" reflects a quantum jump —104.2 per cent — with 1,203 cases registered and 737 people arrested. "The data show cyber offences against women have increased sharply," NCRB director-general R.R. Verma says. "But we do not have any specific data on revenge crimes."

More and more such cases, however, are now coming to light. Kalpana lodged a complaint with the Navgarh police station in Mumbai. Ashish was arrested under a number of sections of the Indian Penal Code and the Information Technology Act.

Sneha, a 22-year-old college student from Udupi in Karnataka, also went to the police with the complaint that her ex-boyfriend had put up her photographs and videos on the Internet. M.B. Boralingaiah, superintendent of police, Manipal district, says the boy was arrested and sent to judicial custody.

"There has been an exponential rise in the number of cases of cyber revenge being reported to the police," Boralingaiah says. "This could also be because of increasing awareness of cyber laws, which prompts more people to approach the police." The Karnataka police are now setting up cyber crime police stations at regional levels across the state. Currently, only one police station, in Bangalore, deals with such crimes.

The profile of the criminal in revenge porn, Boralingaiah adds, is different from that of the average criminal plotting a scam using the Internet. In all the cases that have been reported, the accused is a former friend, partner, relative or colleague with no criminal history. They are also educated, intelligent and technologically savvy.

And that is why, despite suspicions, it is not always easy to catch the offender. The police say they have to first track down the origin of the pornographic site where the pictures are posted. "When we receive a complaint we try to locate the IP address (the unique identifier for the computer)," says Siddhartha Chakraborty, in charge of Cyber Police Station, Lalbazar, Calcutta. "But these crooks are clever enough to use some fake IP address of a distant country."

Once the police zero in on the IP address, it asks the web hosts to remove the offensive images, which they normally do. "But the procedure can take weeks or even months," Chakraborty adds.

Debarati Halder, a lawyer and cyber victim counsellor based at Tirunelvelli, Tamil Nadu, says she comes across 10-15 cases of revenge porn every month across the country, mostly involving college students. Often, the victims themselves take pictures while taking a shower or in their inner wear and share them with their boyfriends.

Many young women, Halder says, see such acts as symbols of independence or defiance.

"Taking 'sexy' images of themselves offers them a false sense of liberty, bypassing the repression imposed upon them in the real world," she says. "They feel relatively uninhibited in cyberspace and tend to experiment with their looks and sexuality, but are unable to determine where to draw the line."

The young are not greatly concerned with privacy and security on the Internet, Canada-based Internet safety expert Terry Cutler stresses. "They don't understand that once you send out an inappropriate photo or video, you no longer control it."

There are, according to some estimates, at least 3,000 voyeuristic websites where such pictures can be posted. The visuals are often copied and replicated across multiple porn sites, making it virtually impossible for the authorities to wipe off the digital prints. "Often these clips are available on mirror sites, web archives and caches. Video footage can also go viral on social networks and porn buffs even share these images offline," Chakraborty warns.

But people seldom think that the intimate pictures that they shoot with their lovers may one day become public. "When you're in love you trust your partner. You don't expect him to use these pictures to humiliate you when things fall apart," says Antara, a 32-year-old IT analyst in a government agency who has been a victim of revenge porn. She says that her husband, to seek a quick divorce, uploaded intimate pictures on porn sites to show that she was a woman of "bad character".

Also worrying is that a large number of women are victims of non-consensual and amateur pornography. Abir Atarthy, a Calcutta-based cyber-security expert, recently solved a case in which a college student found her pictures, shot in her bedroom, circulating on a social networking site.

"She was shocked because she not taken those pictures, nor had anybody else," Atarthy says. A thorough check revealed that a boy whose advances she had spurned had installed a hidden spy program in her laptop. "The program — capable of switching on the webcam even if the machine was offline — had been taking her snaps from her private life and sending the visuals to the youth whenever she connected to the Internet," he says.

Rohini Lakshané, a researcher at the Bangalore-based Centre for Internet and Society, describes such non-consensual acts as sexually violent crimes. "I don't like to use the term 'revenge porn', for it's an act of violence against women," she says. "Sometimes women are even raped and coerced into sex, filmed, threatened and blackmailed over the release of the footage online," Lakshané says.

The intention is to humiliate the woman and make her life miserable is the equivalent of throwing acid on her face, holds Dr Subhrangshu Aditya, a student counsellor at Jadavpur University, Calcutta. "These men can't accept rejection and it's their way to settle scores."

The victim, the experts say, doesn't just feel betrayed but often falls into depression — not just because of the ex-partner's action but because she sees herself as a partner in the crime, for the pictures uploaded may have been shot with her consent. "Their guardians also blame her for this and avoid reporting the matter to the police apprehending a bigger scandal," Halder adds.

The lawyer urges victims of such crimes to always approach the police. "Indian women have a strong legal recourse against perpetrators of revenge porn," she says. The amended 354 [C] of the Criminal Law (Amended) Act 2013, also known as the "voyeurism section", criminalises capturing and sharing images of a woman in private space. Section 66(E) of the IT Act criminalises the publication and transmission of images of an individual's private parts without his or her consent.

"These are watertight laws, strong enough to book an offender," she says, adding that the law also protects a victim's identity.

Across the world, laws are now being framed to punish cyber porn offenders. In January, Israel voted to define posting of images without consent as sexual harassment, punishable by up to five years in jail. Many states in the US already have laws against revenge porn and Britain may bring in one soon.

But perhaps the best way to prevent such crimes is by safeguarding privacy — at home and in the virtual world (see box). Cyber security expert Cutler sums it up aptly: "Just think this before you click the send button: If I were to post the visual on the Internet, would I care if it landed on the front page of a newspaper or the 8pm news?"

Some names have been changed to protect identities

How to Safeguard Your Privacy?

Get acquainted with the privacy settings of the social networks, dating and matrimonial websites you use
Do not upload any single close-shot picture on the Internet; this can be morphed and misused
Never film yourself during sexually intimate acts; even if you delete the pictures and videos these can be recovered from your device
Watch out for weird webcam activity; malicious software can easily infect your computer or phone and control the webcam
Remove your memory card from your mobile or format the hard disc of your computer before giving the device to service centres
Don't give your device to others and always lock your applications (especially picture galleries) in your mobile
Install and update antivirus and antimalware in your device

For more details visit https://cis-india.org/internet-governance/news/the-telegraph-august-3-2014-i-am-going-to-ruin-you-dear

Surat’s Massive Surveillance Network Should Cause Concern, Not Celebration

joe — 2014-09-06T03:05:13Z

The blog post examines the surveillance network of Surat, a city in Gujarat state in India.

The Surveillance System

Surat, a city in the state of Gujarat, has recently unveiled a comprehensive closed-circuit camera surveillance system that spans almost the entire city. This makes Surat the first Indian city to have a modern, real-time CCTV system, with eye-tracking software and night vision cameras, along with intense data analysis capabilities that older systems lack.

Similar systems are planned for cities across India, from Delhi to Punjab, even those that already have older CCTV programs in place. Phase I of the system, which is currently completed, consists of 104 CCTV cameras installed at 23 locations and a 280 square foot video wall at the police control room. The video wall is one of the largest in the country, according to the Times of India.

Narendra Modi, then the Gujarat chief minister, launched the project in January 2013, though the project was original conceptualized by police commissioner Rakesh Asthana, who has cited the CCTV system in Scotland Yard as his inspiration.

Phase II of the surveillance project will involve the installation of 550 cameras at 282 locations, and in the future, police plan to install over 5000 cameras across the city. Though other security systems, like those in Delhi, rely on lines from the state owned service provider MTNL, with limited bandwidth for their CCTV network, the Surat system has its own dedicated cables.

The security system was financed by a unique Public-Private Partnership (PPP) model, where a coalition of businesses, including many manufacturing units and representatives of Surat’s textile industry want to prevent crime. The many jewelers in the city also hoped it would limit thefts. In the model, businesses interested in joining the coalition contribute Rs 25 lakh as a one-time fee and the combined fees along with some public financing go to construct the city-wide system. The chairman of the coalition is always the Commissioner of Surat Police. Members of the coalition not only get a tax break, but also believe they are helping to create a safer city for their industries to thrive.

Arguments for the System

Bomb blasts in Ahmedabad in 2008 led the Gujarat police to consider setting up surveillance systems not just in Ahmedabad, according to Scroll.in, but in many cities including Surat. Terror attacks in Mumbai in 2008 and at the Delhi High Court in 2011 lent momentum to surveillance efforts, as did international responses to terror, such as the United Kingdom’s intensive surveillance efforts in response to 2005 bombing in London. The UK’s security system has become so comprehensive that Londoners are caught on camera over 300 times a day on average. The UK’s CCTV systems cost over £500 million between 2008 and 2012, and one single crime has been solved in London for every 1,000 cameras each year, according to 2008 Metropolitan Police figures.

However, citizens in London may feel safer in their surveillance state knowing that the Home Office of the United Kingdom regulates how CCTV systems are used to ensure that cameras are being used to protect and not to spy. The UK’s Surveillance Camera Code of Practice outlines a thorough system of safeguards that make CCTV implementation less open to abuse. India currently has no comparable regulation.

The combined government worries of terrorism and business owners desire to prevent crime led to Surat’s unique PPP, ournalist Suarav Datta’s article in Scroll.in continues. Though the Surat Municipal Corporation invested Rs 2 crore, business leaders demonstrated their support for the surveillance system by donating the remaining Rs 10 crore required to build the first phase system. Phase II will cost Rs 21 crore, with the state government investing Rs 3 crore and business groups donating the other Rs 18 crore. This finance model demonstrates both public and private support for the CCTV system.

Why CCTV systems may do more harm than good

Despite hopes that surveillance through CCTV systems may prevent terrorism and crime, evidence suggests that it is not as much of a golden bullet as its proponents believe. In the UK, for example, where surveillance is practice extensively, the number of crimes captured on camera dropped significantly in 2010, because there were so many cameras that combing through all the hours footage was proving to be an exercise in futility for many officers. According to Suaray Datta’s article on Scroll.in, potential offenders in London either dodge cameras or carry out their acts in full view of them, which detracts from the argument that cameras deter crime. Additionally, prosecutors allege that the CCTV systems are of little value in court, because the quality of the footage is so low that it cannot provide conclusive proof of identities.

A 2008 study in San Francisco showed that surveillance cameras produce only a placebo effect–they do not deter crime, they just move it down the block, away from the cameras. In Los Angeles, more dramatically, there was little evidence that CCTV cameras helped detect crime, because in high traffic areas the number of cameras and operators required is so high, and because the city’s system was privately funded, the California Research Bureau’s report noted that it was open to exploitation by private interests pursuing their own goals. Surat’s surveillance efforts are largely privately funded too, a vulnerability that could lead to miscarriages of justice if private security contractors were to gain to security footage.

More evidence of the ineffectiveness of CCTV surveillance comes in the Boston marathon bombing of 2013 and the attack on the Indian parliament in 2001. In the case of the Boston bombing, release of CCTV footage to the general public led to rampant and unproductive speculation about the identity of the bomber, which resulted in innocent spectators being unfairly painted with suspicion.

India’s lack of regulation over CCTV’s also makes Surat’s new system susceptible to misuse. There is currently no strong legislation that protects citizens filmed on CCTV from having their images exploited or used inappropriately. Only police will have access to the recordings, Surat officials say, but the police themselves cannot always be trusted to adequately respect the rights of the citizens they are trying to protect.

The Report of the Group of Experts on Privacy acknowledges the lack of regulations on CCTV surveillance, and recommends that CCTV footage be legally protected from abuse. However, the Report notes that regulating CCTV surveillance to the standards of the National Privacy Principals they establish earlier in the report may not be possible for a number of reasons. First, it will be difficult to limit the quantity of information collected because the cameras are simply recording video of public spaces, and is unlikely that individuals will be able to access security footage of themselves. However, issues of consent and choice can be addressed by indicating that CCTV surveillance is taking place on entryways to monitored spaces.

Surat is not the first place in India to experiment with mass CCTV surveillance. Goa has mandated surveillance cameras in beach huts to monitor the huts and deter and detect crime. The rollout is slow and ongoing, and some of the penalties the cameras are intended to enforce seem too severe, such as potentially three months in prison for having too many beach chairs. More worryingly, there are still no laws ensuring that the footage will only be used for its proper law-enforcement objectives. Clear oversight is needed in Goa just as it is in Surat. The Privacy Commissioner outlined by the Report of the Group of Experts could be well suited to overseeing the proper administration of CCTV installations, just as the Commissioner would oversee digital surveillance.

Concerns of privacy and civil liberties appear to have flown out the window in Surat, with little public debate. It is unclear that Surat’s surveillance efforts will achieve any of their desired effects, but without needed safeguards they will present an opportunity for abuse. Perhaps CCTV initiatives need to be subjected to a little bit more scrutiny.

For more details visit https://cis-india.org/internet-governance/blog/surat-massive-surveillance-network-cause-of-concern-not-celebration

July 2014 Bulletin

praskrishna — 2014-08-11T05:46:53Z

Seventh issue of the newsletter (July 2014) below:

We at the Centre for Internet & Society (CIS) welcome you to the seventh issue of the newsletter (July 2014). Archives of our newsletters can be accessed at: http://cis-india.org/about/newsletters

------------------------------
Highlights
------------------------------

Nehaa Chaudhari participated in the 28^th session of the World Intellectual Property Organisation Standing Committee on Copyright and Related Rights (WIPO-SCCR) held in Geneva from June 30 to July 4, 2014. The Centre for Internet and Society (CIS) gave its statements on the Limitations and Exceptions for Libraries and Archives and Proposed Treaty for the Protection of Broadcasting Organizations.
India became the first country to ratify the Marrakesh Treaty and the Accessible Books Consortium was launched. Nehaa Chaudhari who participated in the 28^th session of the WIPO-SCCR reports on this in a blog entry.
Vikrant Narayan Vasudeva produced a research paper on patent valuation and license fee determination as part of the Pervasive Technologies project.
Our grant application to the Wikimedia Foundation was approved. CIS has been awarded Rs. 12,000,000 for the next one year for the Access to Knowledge (Wikipedia) project.
CIS and the University of Mysore organized the Open Knowledge day in Mysore on July 15, 2014. Six volumes of Kannada Vishwakosha was re-released under the Creative Commons (CC license).
We helped the Ministry of Science and Technology draft the Open Access Policy for the DST/DBT.
The first of the seven proposed roundtable meetings on “Privacy and Surveillance” conducted by CIS in collaboration with the Cellular Operators Association of India and the Council for Fair Business Practices was held in Mumbai on June 28, 2014. Anandini K. Rathore has blogged on this.
Bedavyasa Mohanty has produced a blog entry that analyses the nuances of interception of communications under the Indian Telegraph Act and the Indian Post Office Act.
Vinayak Mithal has written a blog entry on the Constitutionality of Indian surveillance law that analyses ICANN's reactive transparency mechanism, comparing it with freedom of information best practices. He describes the DIDP and its relevance for the Internet community.
Nishant Shah speaks on the right to freedom of speech and expression in the latest interview conducted as part of the Cybersecurity series being done with a grant from the International Development Research Centre (IDRC), Ottawa.
Nishant Shah’s peer reviewed article “Asia in the Edges: A Narrative Account of the Inter-Asia Cultural Studies Summer School in Bangalore” was published in Inter-Asia Cultural Studies Journal, Volume 15, Issue 2, on July 3, 2014. Nishant gives a narrative account of the experiments and ideas that shaped the second Summer School, “The Asian Edge” hosted in Bangalore, India, in 2012.
CIS recruited two new staff members in its Bangalore office. Rohini Lakshane joined as a Program Officer in the Pervasive Technologies project and K.N. Medini joined as a Senior Accounts Officer. Their profiles can be accessed at http://cis-india.org/about/people/our-team.

----------------------------------------------
Accessibility and Inclusion
----------------------------------------------
Under a grant from the Hans Foundation we are doing two projects. The first project is on creating a national resource kit of state-wise laws, policies and programmes on issues relating to persons with disabilities in India. We compiled the National Compendium of Policies, Programmes and Schemes for Persons with Disabilities (29 states and 6 union territories). We will be publishing this soon. The draft chapters along with the quarterly reports can be accessed on the project page. The second project is on developing text-to-speech software for 15 Indian languages. The progress made so far in the project can be accessed here.

►NVDA and eSpeak

Monthly Update

Work Report for July (by Suman Dogra, July 31, 2014).

Blog Entry

India's Ratification of the Marrakesh Treaty Celebrated; Accessible Books Consortium Launched (by Nehaa Chaudhari, July 1, 2014): India became the first country to ratify the Marrakesh Treaty.

Media Coverage

SpicyIP Tidbit: India ratifies the Marrakesh Treaty for the Visually Impaired (by Thomas J. Vallianeth, Spicy IP, July 1, 2014).

-----------------------------------------------------------
Access to Knowledge
-----------------------------------------------------------
As part of the Access to Knowledge programme we are doing two projects. The first one (Pervasive Technologies) under a grant from the International Development Research Centre (IDRC) is for research on the complex interplay between pervasive technologies and intellectual property to support intellectual property norms that encourage the proliferation and development of such technologies as a social good. The second one (Wikipedia) under a grant from the Wikimedia Foundation is for the growth of Indic language communities and projects by designing community collaborations and partnerships that recruit and cultivate new editors and explore innovative approaches to building projects.

►WIPO

Participation in Event and Statements
Nehaa Chaudhari participated in the 28^th session of WIPO-SCCR held in Geneva from June 30 to July 4, 2014. The following have been the outputs from the event:

Statement on the Proposed Treaty for the Protection of Broadcasting Organizations at WIPO SCCR 28 (by Nehaa Chaudhari, July 2, 2014).
Opening Comments by India on Limitations and Exceptions for Libraries and Archives at WIPO SCCR 28 (posted by Nehaa Chaudhari, July 7, 2014). This was the statement made by the Indian delegation at WIPO-SCCR 28^th session on July 2, 2014.
Statement on the Limitations and Exceptions for Libraries and Archives at WIPO SCCR 28 (by Nehaa Chaudhari, July 3, 2014).
28th Session of the WIPO SCCR: Report on the Proposed Treaty for the Protection of Broadcasting Organizations (by Nehaa Chaudhari, July 29, 2014).

► Pervasive Technologies

Research Papers

Patent Valuation and License Fee Determination in Context of Patent Pools (by Vikrant Narayan Vasudeva, July 9, 2014). Vikrant has produced research that examines patent valuation and license fee determination in detail.
Grounds for Compulsory Patent Licensing in United States, Canada, China, and India (by Maggie Huang, July 29, 2014). In her research paper Maggie tries to answer questions about the grounds of compulsory licensing in international treaties with specific examples from America and Asia.

►Wikipedia
As part of the project grant from the Wikimedia Foundation we have reached out to more than 3500 people across India by organizing more than 100 outreach events and catalysed the release of encyclopaedic and other content under the Creative Commons (CC-BY-3.0) license in four Indian languages (21 books in Telugu, 13 in Odia, 4 volumes of encyclopaedia in Konkani and 6 volumes in Kannada, and 1 book on Odia language history in English).

Announcement
Our grant application to the Funds Dissemination Committee (FDC) of the Wikimedia Foundation was approved by its board which met in Frankfurt from May 21 to 24, 2014. CIS had requested a grant of Rs. 18,406,454 and were awarded Rs. 12,000,000 for the next one year.

The following were done this month:

Articles / Blog Entries

Aircel & Wikimedia Foundation announce Wikipedia Zero (by Dr. U.B.Pavanaja, Prajavani, July 3, 2014). As per this, users of Aircel need not pay for data for accessing Wikipedia.
ଇଣ୍ଟରନେଟରେ ଓଡ଼ିଆ ଅକ୍ଷରସଜ୍ଜା (by Subhashish Panigrahi, Samaja, July 4, 2014).
State of Odia Language in Computing and Future Steps (by Subhashish Panigrahi, Sovereign, July 7, 2014).
ଓଡ଼ିଆ ଭାଷା ବିକାଶର ରାସ୍ତା (by Subhashish Panigrahi, The Sambad, July 23, 2014).
University of Mysore Re-releases Kannada Vishwakosha (Encyclopaedia) under Creative Commons Free License (by Dr. U.B.Pavanaja, July 24, 2014). Leading English and Kannada dailies like Andolana Kannada, City Today, Deccan Herald, Hosa Diganta, Kannada Jana Mana, Kannada Prabha, Rajya Dharma, Samyukta Karnataka, The Hindu, The New Indian Express, Udayavani, Vijaya Karnataka, and Vijaya Vani published about this. Scanned versions of the published articles can be downloaded here.
Wiki Loves Pride 2014 and Adding Diversity to Wikipedia (by Dorothy Howard, Wikimedia Blog, July 25, 2014).
Doctors and Translators Are Working Together to Bridge Wikipedia's Medical Language Gap (by Subhashish Panigrahi, Global Voices, July 27, 2014). This was re-published on the Wikimedia Blog, July 30, 2014.
Classical Odia Language in the Digital Age (by Subhashish Panigrahi, Odisha Review, posted on July 28, 2014). The essay was published in the magazine’s June edition.

Event Organized

Open Knowledge Day (co-organized by Mysore University and CIS-A2K, Kuvempu Institute of Kannada Studies, University of Mysore, July 15, 2014). The event coincided with the Open Knowledge Festival in Berlin from July 15 to 17. Dr. U.B.Pavanaja conducted the event. On this occasion Mysore University released six volumes of Kannada Vishwakosha under the Creative Commons (CC) license.

Participation in Events

National Level Seminar on Computer Application and Odia Language (organized by Institute of Odia Studies and Research, July 6, 2014). Subhashish Panigrahi was a panelist.
Open Knowledge Festival 2014 (organized by Google, Omidyar, et.al., Berlin, July 15 – 17, 2014). Subhashish Panigrahi represented India as the India Ambassador of OpenGLAM local and made a presentation.
#NAMA: The Future of Indic Languages (organized by Medianama, The Oberoi Hotel, Bangalore, July 24, 2014). Subhashish Panigrahi participated in the event.

News and Media Coverage
CIS-A2K team gave its inputs to the following media coverage:

Wikipedia edit-a-thons to add content on LGBTs (by Renuka Phadnis, The Hindu, July 7, 2014).
Font problem hits Odia (by Bibhuti Barik, The Telegraph, July 7, 2014).
Four volumes of Kannada Encyclopaedia digitised (by R. Krishna Kumar, The Hindu, July 12, 2014).
‘ಕನ್ನಡ ವಿಶ್ವಕೋಶ’ಕ್ಕೆ ಇನ್ನು ಲೈಸೆನ್ಸ್ ಹಂಗಿಲ್ಲ (Prajavani, July 14, 2014).
Soon, all 14 volumes of Kannada encyclopaedia to be online (by R. Krishna Kumar, The Hindu, July 15, 2014).
ವಿಕಿಪಿಡಿಯಾಗೆ ಕನ್ನಡ ವಿಶ್ವಕೋಶ (Kannada Prabha, July 15, 2014).
ಕನ್ನಡ ವಿಶ್ವಕೋಶದ ಆರು ಸಂಪುಟ ವಿಕಿಪೀಡಿಯಾಗೆ (Udayavani, July 15, 2014).
ವಿಕಿಪೀಡಿಯಾದಲ್ಲಿ kannada ವಿಶ್ವಕೋಶ : ಈಗ ಆನ್ ಲೈನ್ ನಲ್ಲಿ 6 ಸಂಪುಟಗಳು ಮುಕ್ತ…ಮುಕ್ತ……( Just Kannada, July 15, 2014).
Six Kannada encyclopaedias released (Webindia 123, July 15, 2014).
150 Rare Books Get New Lease of Life Online, Courtesy Students (by Anila Backer, New Indian Express, July 15, 2014).
Open Access: Students help revive and digitize rare books for Malayalam Wiki Library (Spicy IP, July 15, 2014).
'Trolled' from US Congress, Wikipedia bans edits (by Narayan Lakshman, The Hindu, July 25, 2014).
Telugu Wikipedia struggles to stay afloat (by Renuka Phadnis, The Hindu, July 27, 2014).
The joys of being a Wikipedian (by Svetlana Lasrado, New Indian Express, July 29, 2014).
Kannada Wikipedia Presentation (Vijayavani, July 30, 2014).
Kannada Wikipedia Presentation for Kannada Science Writers (Prajavani, July 31, 2014).

►Openness

Blog Entries

Mozilla brings Indian Communities together Twice in One Month (by Subhashish Panigrahi, Mozilla Website, July 8, 2014).
Mozilla Brings Indian Communities Together (by Subhashish Panigrahi, Opensource.com, July 13, 2014).
Department of Biotechnology and Department of Science, Ministry of Science and Technology, Government of India, release Open Access Policy (by Anubha Sinha, July 18, 2014). We have also been acknowledged in the policy.

HasGeek Event

The Fifth Elephant (NIMHANS Convention Centre, July 25-26, 2014). CIS was a community outreach partner.

Media Coverage

Plan for open access to science research (by Renuka Phadnis, The Hindu, July 22, 2014).
Indian Govt looks to provide free access to publicly-funded research works (by Riddhi Mukherjee, Medianama, July 23, 2014).

-----------------------------------------------
Internet Governance
-----------------------------------------------

►Freedom of Expression

As part of our project on Freedom of Expression (funded through a grant from the MacArthur Foundation) to study the restrictions placed on freedom of expression online by the Indian government and contribute to the debates around Internet governance and freedom of expression at forums like ICANN, ITU, IGF, WSIS, etc., we bring you the following outputs:

Blog Entries

ICANN’s Documentary Information Disclosure Policy – I: DIDP Basics (by Vinayak Mithal, July 1, 2014).
Reading the Fine Script: Service Providers, Terms and Conditions and Consumer Rights (by Jyoti Panday, July 2, 2014).
Facebook and its Aversion to Anonymous and Pseudonymous Speech (by Jessamine Mathew, July 4, 2014).
Free Speech and Surveillance (by Gautam Bhatia, July 7, 2014).
Delhi High Court Orders Blocking of Websites after Sony Complains Infringement of 2014 FIFA World Cup Telecast Rights (by Anubha Sinha, July 8, 2014).
GNI and IAMAI Launch Interactive Slideshow Exploring Impact of India's Internet Laws (by Jyoti Panday, July 17, 2014).

FOEX Live

We are also posting a selection of news from across India implicating online freedom of expression and use of digital technology: July 7, 2014.

►Privacy

As part of our Surveillance and Freedom: Global Understandings and Rights Development (SAFEGUARD) project with Privacy International we are engaged in enhancing respect for the right to privacy in developing countries. We have produced the following outputs during the month:

Blog Entries

Models for Surveillance and Interception of Communications Worldwide (by Bedavyasa Mohanty, July 2, 2014).
The Constitutionality of Indian Surveillance Law: Public Emergency as a Condition Precedent for Intercepting Communications (by Bedavyasa Mohanty, July 4, 2014).
UK’s Interception of Communications Commissioner — A Model of Accountability (by Joe Sheehan, July 24, 2014).

Event Report

First Privacy and Surveillance Roundtable (by Anandini K Rathore, July 18, 2014).

Article

Private Censorship and the Right to Hear (by Chinmayi Arun, The Hoot, July 17, 2014). The article was also mirrored on the website of the Centre for Communication Governance.

Participation in Events

Information Influx Conference (organized by the Institute for Information Law, University of Amsterdam, July 2 – 4, 2014). Malavika Jayaram was a speaker.
Consultation to Frame Rules under the Whistle Blowers Protection Act, 2011 (organized by National Campaign for People's Right to Information and Centre for Communication Governance, National Law University, New Delhi, July 5, 2014). Bhairav Acharya participated in the event.
Best Practices Meet (organized by DSCI, Hotel Leela Palace, Bangalore, July 9, 2014). Sunil Abraham was a panelist.
Rethinking Privacy: The Link between Florida v. Jardines and the Surveillance of Nature Films (organized by Indian Institute of Technology, Madras, July 11, 2014). Bhairav Acharya gave a talk.
Region as Frame: Politics, Presence, Practice (organized by International Association for Media and Communication Research, Hyderabad, July 18, 2014). Sunil Abraham was a speaker for these panels: Governing Digital Spaces: Issues of Access, Privacy and Freedom, UNESCO panel debate, and Special Session on Research Paths In and Outside of the Academy.
ICT Awareness Program for Myanmar Parliamentarians (organized by Myanmar ICT for Development Organization, July 26 – 27, 2014, Yangon). Sunil Abraham participated in the event as a speaker and presented on Innovation Ecosystem and Thinking about Internet Regulation.

--------------------------------------
News & Media Coverage
--------------------------------------
CIS gave its inputs to the following media coverage:

Cyber-crimes shoot up 52% in India over last year (by K.V.Kurmanath, Hindu Businessline, July 2, 2014).
COAI, Centre for Internet & Society to hold pan-India meetings on privacy issues (IANS, July 4, 2014). The news was mirrored in the Times of India , NDTV, Business Standard , Economic Times , and World News.
Living in a Fish Bowl (by Shuma Raha, The Telegraph, July 16, 2014).
Terror recruiters target Indians on internet (by Sandhya Soman, July 18, 2014).
The trouble with trolls (by Vishal Mathur, Livemint, July 22, 2014).
India’s dedicated Cryptology centre gets Rs. 115 crore funding (by Harichandan Arakali, SearchSecurity.in, July 28, 2014).

►Cyber Stewards
As part of its project on mapping cyber security actors in South Asia and South East Asia with the Citizen Lab, Munk School of Global Affairs, University of Toronto and the International Development Research Centre, Canada, CIS conducted 2 new interviews. With this it has finished a total of 19 interviews:

Video Interviews

Lobsang Gyatso Sither (July 31, 2014).

Lobsang Sangay (July 31, 2014).

--------------------------------
Digital Humanities
--------------------------------
CIS is building research clusters in the field of Digital Humanities. The Digital will be used as a way of unpacking the debates in humanities and social sciences and look at the new frameworks, concepts and ideas that emerge in our engagement with the digital. The clusters aim to produce and document new conversations and debates that shape the contours of Digital Humanities in Asia:

Peer Reviewed Article

Asia in the Edges: A Narrative Account of the Inter-Asia Cultural Studies Summer School in Bangalore (by Nishant Shah, Inter-Asia Cultural Studies Journal, Volume 15, Issue 2, July 3, 2014). This is the narrative account of the experiments and ideas that shaped the second Summer School, “The Asian Edge” which was hosted in Bangalore, India, in 2012.

Blog Entry

Reading from a Distance — Data as Text (by P.P. Sneha, July 23, 2014).

-----------------------------------------------------
About CIS
-----------------------------------------------------
The Centre for Internet and Society is a non-profit research organization that works on policy issues relating to freedom of expression, privacy, accessibility for persons with disabilities, access to knowledge and IPR reform, and openness (including open government, FOSS, open standards, etc.), and engages in academic research on digital natives and digital humanities.

► Follow us elsewhere

Twitter: https://twitter.com/CISA2K
Facebook group: https://www.facebook.com/cisa2k
Visit us at: https://meta.wikimedia.org/wiki/India_Access_To_Knowledge
E-mail: a2k@cis-india.org

► Support Us
Please help us defend consumer / citizen rights on the Internet! Write a cheque in favour of ‘The Centre for Internet and Society’ and mail it to us at No. 194, 2nd ‘C’ Cross, Domlur, 2nd Stage, Bengaluru – 5600 71.

► Request for Collaboration:
We invite researchers, practitioners, and theoreticians, both organisationally and as individuals, to collaboratively engage with Internet and society and improve our understanding of this new field. To discuss the research collaborations, write to Sunil Abraham, Executive Director, atsunil@cis-india.org or Nishant Shah, Director – Research, at nishant@cis-india.org. To discuss collaborations on Indic language Wikipedia, write to T. Vishnu Vardhan, Programme Director, A2K, at vishnu@cis-india.org.

CIS is grateful to its primary donor the Kusuma Trust founded by Anurag Dikshit and Soma Pujari, philanthropists of Indian origin for its core funding and support for most of its projects. CIS is also grateful to its other donors, Wikimedia Foundation, Ford Foundation, Privacy International, UK, Hans Foundation, MacArthur Foundation, and IDRC for funding its various projects.

For more details visit https://cis-india.org/about/newsletters/july-2014-bulletin

India’s dedicated Cryptology centre gets Rs. 115 crore funding

praskrishna — 2014-07-29T07:18:08Z

Work on India's first dedicated cryptology centre – plans for which were first announced in June 2012 – will likely accelerate as the project has gained initial funding of Rs. 115 crore from the federal government, stepping up the nation's efforts to stay on top of an area critical to its military and financial interests.

The blog post by Harichandan Arakali was published in SearchSecurity.in on July 28, 2014. Sunil Abraham gave his inputs.

The research facility, called the RC Bose Centre For Cryptology and Security, is to be built on the campus of the Indian Statistical Institute at Kolkata, where there is already ongoing cryptology research and consultancy work, albeit on a smaller scale, according to professor Rana Barua, the centre's head.

In a world where electronic transactions and access to an ever-increasing number of places, installations and objects have made physical borders less relevant, the task of securing them against threats means strong encryption of data is critical to national defense.

"This centre is of course a welcome initial step, but it can't be the only thing. We will have to, ideally, take a billion dollars from some of the big funds, such as the Universal Service Obligation fund or from the next (wireless) spectrum auctions, and throw it at cryptography," said Sunil Abraham, director for policy at the Centre for Internet and Society, a non-profit research organisation.

"If the country takes our military superiority seriously, then when it comes to cyber wars, without having an upper hand in cryptography, there is no use discussing anything else," he added.

The new cryptology centre will focus on basic research, but take on applied work for India's defense needs and those of its financial institutions, professor Barua said, developing algorithms, testing encryption products for robustness, detecting vulnerabilities and so on.

The center will augment indigenous capabilities in cryptology and information security, Bimal K Roy, director of the India Statistical Institute told India's Press Trust, which reported the funding earlier this month.

"It is an important element of the overall efforts and framework to enhance capabilities to ensure holistic security of the Indian cyber space. With an eminent body of world class experts, it will act as a hub for all cryptographic requirements, cutting edge research and technology development within the country," Press Trust cited Roy as saying.

Once centre is up and running and, over the next two years, it will have the infrastructure to allow more than 30 researchers to work, but "the problem of course is to get good researchers in this area," Barua said.

Pretty much all the best mathematicians in the world today work with the US government either directly or as part of the American academia and via research projects funded by the US government, said the Centre for Internet and Society's Abraham.

Given that most of the standards used today are those set by the National Institute of Standards and Technology (NIST), the US standard-setting organisation, "we should ensure that our participation at NIST is of the highest quality and we need an army of mathematicians," he said.

However, in India there may be a small number of mathematicians who are capable of the highest level of cryptology research. Even if there are more, there is another problem for them to keep abreast of the latest advances.

In the past, maths used to be an open science and all advances would be published and available for peers to learn from each other. With the militarisation of the areas of maths that deal with cryptology, the latest research isn't available and mathematicians have to essentially work things out on their own as well as conjecture what others might be doing.

Today, every country other than the US faces a shortage of skilled cryptographers, according to Abraham: "Everybody is in the soup, but India is in worse soup because we went with this engineering craze instead of pure sciences and math, we've ignored building capacity in that area."

For more details visit https://cis-india.org/news/search-security-july-28-2014-harichandan-arakali-indias-dedicated-cryptology-centre-gets-funding

Multi-stakeholder Internet Governance: The Way Ahead

praskrishna — 2014-07-29T07:08:04Z

The Centre for Internet and Society (CIS) in partnership with Software Freedom Law Centre (SFLC.in) is organizing a workshop "Multi-stakeholder Internet Governance: The Way Ahead" on August 6, 2014, 10.30 a.m. to 12.00 p.m., at during the APrIGF event to be held at Crown Plaza, Greater Noida.

Thematic Area of Interest

Enhanced Cooperation & the Multi-stakeholder model

Introduction:
Today, multi-stakeholderism is the catchphrase in Internet governance. With the display of a multi-stakeholder model at NETmundial, controversies and opinions regarding the meaning, substance and benefits of multi-stakeholderism have deepened. As the recent meeting of the Working Group on Enhanced Cooperation of the United Nations Commission on Science, Technology and Development demonstrates, questions and concerns regarding meaning of multi-stakeholderism, the

legitimacy and desirability of its processes, and the successes and disappointments of its outcomes now dominate the discussion. At this juncture, clarity and consensus are imperative to determine the future of multi-stakeholderism in Internet governance.

Roles and responsibilities of stakeholders:
The debates surrounding stakeholder-roles in Internet governance began with ¶ 49 of the Geneva Declaration of Principles and ¶ 35 of the Tunis Agenda, which delineated clear roles and responsibilities. It created a ‘contributory’ multi-stakeholder model, where states held sovereign authority over public policy issues, while business and civil society were contributed to ‘important roles’ at the ‘technical and economic fields’ and the ‘community level’, respectively. At the same time, it set forth an agenda for enhanced cooperation.

As the WGEC meeting (April 30-May 2, 2014) demonstrated, there is as yet no consensus on stakeholder-roles. Certain governments remain strongly opposed to equal roles of other stakeholders, emphasizing their lack of accountability and responsibility. Civil society is similarly splintered, with a majority opposing the Tunis Agenda delineation of stakeholder-roles, while others remain dubious of permitting the private sector an equal footing in public policy-making. Still others question the wisdom of seeking a ‘fix’ when ‘nothing is broken’. In this session, we aim to interrogate the benefits and disadvantages of an ‘equal footing’ model, as opposed to a ‘contributory’ model.

Specific Issues of Discussions & Description

Who are the stakeholders? Should a multi-stakeholder model of Internet governance grant all stakeholders ‘equal footing’? Should such ‘equal footing’ be relegated to issues other than substantive public policy-making? On the other hand, is a ‘contributory’ model safer? Are states better equipped to represent interests inclusively? How can governments and businesses best perform their role as trustees of the public interest of interest users?

In view of the formidable consolidation by the private sector at NETmundial, while civil society splintered on issues of intellectual property and intermediary liability, can a ‘participative model’ better prevent detrimental outcomes?

Multi-stakeholderism beyond NETmundial:
As important as the meaning of multi-stakeholderism is the process of its execution. The need to fashion safe and sustainable processes for multi-stakeholder participation was highlighted by the successes and failures of private sector and civil society at NETmundial. From the ICANN and IGF models to stakeholder coalitions, premeeting coordination and governmental policy participation, this session shall expand on the quest for effective and beneficial stakeholder participation and representation in both the ‘equal footing’ and ‘contributory’ models, with a focus on enhancing developing country participation.

Particularly, lessons that Internet governance may draw from multi-stakeholder governance processes across areas shall be discussed. For instance, deliberative democracy, enterprise associations or unions (such as in the International Labour Organisation) may all be of value. Similarly, multi-stakeholder processes in environmental and corporate governance and the development sector may benefit Internet governance. In determining the value of these processes to Internet governance, public interest of users is an important consideration. The capability and initiative of governments to implement an effective bottom-up model of Internet governance is equally important and will be considered.

We aim to conduct a 90-minute workshop (2 panels of 45 minutes each), inclusive of 15-30 minutes in all for Q&A from audience, panellists and moderators.

For more details visit https://cis-india.org/internet-governance/events/multi-stakeholder-internet-governance-the-way-ahead

Minimising Legal Risks of Online Intermediaries while Protecting User Rights

praskrishna — 2014-07-29T07:50:51Z

The Centre for Internet and Society (CIS) in partnership with Software Freedom Law Centre (SFLC.in) is organizing a workshop during the APrIGF event to be held at Crown Plaza, Greater Noida on August 5, 2014, 3.30 p.m. to 5.00 p.m. Jyoti Panday will be a panelist.

Thematic Area of Interest

Internet business in the Asia Pacific region

Consumer protection for users of global Internet services

Internet for socio-economic development

Specific Issues of Discussions & Description

Internet usage in the Asia Pacific region has been growing at a phenomenal rate and online service providers have benefited enormously from this growth. However, the region poses challenges for online service providers in terms of legal risks involved with respect to user generated content. Across the world from Europe to the US, it has been an accepted policy that service providers on the Internet cannot be held liable for user-generated content and this principle has found place in legislations enacted in this field in most countries. However, the Asian region has often seen blocking of services and websites due to user-generated content that is deemed to be illegal. There needs to be a debate on safe harbour provisions for intermediaries and the take-down provisions in legislations to ensure that the right to freedom of expression of citizens are protected while maintaining an environment that permits innovation in this space.

The workshop will also consider the different classes of intermediaries, how they differ functionally and if their differing roles should bear an impact on their responsibility with regards to protection of rights of users. Traditional models of consumer protection are based on distinguishing the roles and responsibilities of suppliers, facilitators and consumers. While developing consumer protection models for online intermediary platforms, their evolving roles and responsibilities as a supplier and a facilitator need to be considered. Intermediary platforms have also created and highlighted new consumer relations and issues that call for robust and fluid reddressal mechanisms.

The need to reflect on reddressal mechanisms for consumer issues pertaining to online intermediaries is also necessary, given the economic implications associated with intermediary liability. Failure to protect intermediaries stems innovation and restricts growth of start-ups and small to medium enterprises in the digital economy and has negative financial implications. Moreover, intermediaries are crucial in connecting developing countries to global markets and a failure to protect them, creates a barrier to information exchange and capacity building.

The panel will discuss the following issues:

Take-down procedures and Put-back provisions used in various countries in the region
Safe-harbour provisions for intermediaries
Need for classification of Intermediaries for the purpose of a take-down regime and user rights
Rights of users of services provided by online intermediaries
Recommendations for a balanced intermediary liability regime

Expected Format and Confirmed Panel Members

The workshop will be a ninety minute panel divided in two sessions of forty five minutes each. The proposed panel includes:

Mishi Choudhary (Moderator) SFLC.IN Civil Society India
Mishi Choudhary is the founding director of SFLC India. She started working with SFLC in New York following the completion of her fellowship during which she earned her LLM from Columbia Law School and was a Stone Scholar. In addition to her LLM, she has an LLB and a bachelors degree in political science from the University of Delhi, India.

Jyoti Panday, Center for Internet and Society, Civil Society, India
Jyoti Panday is Programme Officer at the Centre for Internet and Society working on Internet governance and on issues related to the role and responsibility of intermediaries in protecting user rights and freedom of expression. She has experience in strategy, campaign management and research on issues and processes related to the development agenda, sustainability and democracy. She has completed her MSc in Public Policy from Queen Mary, University of London.

Shahzad Ahmed, Bytes for All Pakistan, Civil Society, Pakistan
Shahzad Ahmad is the Country Coordinator of Bytes for All, Pakistan and founder of the Digital Rights Institute (DRI). He is currently working on issues of ICT policy advocacy, internet rights and freedom of expression. He is a development communications expert and is at the forefront of the Internet Rights movement in Pakistan.

Mr. Ahmad is a Diplo Fellow, Executive Board Member of the Association for Progressive Communications, Advisory Board Member of .PK ccTLD and a member of the International Advisory Board of Privacy International, UK. He regularly contributes to various publications and research studies on ICTs for development, freedom of expression and gender related issues. Widely travelled, he regularly participates in various forums at local, regional and global level. Mr. Ahmad maintains a strong engagement with broader civil society networks and strongly believes in participation and openness.

Professor KS Park, Korea University Law School Professor
One of the founders of Open Net Korea, Professor Park has written and is active in internet, free speech, privacy, defamation, copyright, international business contracting, etc. He has given expert testimonies in high-profile free speech cases including the /Minerva /case, the internet real name verification case, the military’s subversive book blacklisting case, the newspaper consumers’ boycott case, and the Park Jung-Geun Retweet case. As a result, the “false news” crime and the internet real name verification laws were struck down as unconstitutional, Park Jung-Geun and Minerva acquitted, the soldiers challenging book blacklisting reinstated, the newspaper boycotters acquitted partially as to the “secondary boycotting” charge (2010-2013).

Since 2006, he serves as the Executive Director of the PSPD Law Center, a non-profit entity that has organized several impact litigations in the areas of free speech, privacy, and copyright. There, the Law Center won the world’s first damage lawsuit against a copyright holder for “bad faith” takedown (2009) and the first damage lawsuit against a portal for warrantless disclosure of the user identity data to the police (2012).

Arvind Gupta, National Head-Information and Technology, Government/ BJP Political party, India
National Head, BJP Information Technology Cell

Faisal Farooqui, CEO, MouthShut.com, Private Sector, India
Faisal Farooqui is a highly recognized entrepreneur who is among the trailblazers of his generation. Faisal has founded and managed two successful Internet and technology companies -MouthShut.com, India's largest consumer review and social media portal and Zarca Interactive, a Virginia based enterprise survey and feedback company.

Ramanjit Singh Chima, Google, Private Sector, India
Raman Jit Singh Chima serves as Policy Counsel and Government Affairs Manager for Google, based in New Delhi. He currently helps lead Google'spublic policy and government affairs work in India. He is a graduate of the Bachelors in Arts and Law (Honours) programme of the National Law School of India University, Bangalore. While at the National Law School, he was Chief Editor of the Indian Journal of Law and Technology. He has studied Internet regulation as an independent research fellow with the Sarai programme of the Centre for the Study of Developing Societies and contributed to Freedom House's 2009 Freedom on the Internet report.

Apar Gupta, Legal, India
Apar Gupta is a practicing lawyer in Delhi working as a Partner at the law firm of Advani & Co. His practice areas include, commercial litigation and arbitration with a focus on technology and media. Apar as a retained counsel, represents an internet industry organisation in government affairs, including consultations on draft laws and policies which effect the sector. These issues include legal risks of intermediaries, media freedom and consumer rights. He has completed his masters in law from Columbia Law School, New York and has written columns for the Business Standard, Indian Express and the Pioneer on legal issues. Apar also is a visiting faculty at National Law University, Delhi.

Full Name, Affiliation and Contact Details of the Workshop Organizer

The workshop will be jointly organised by SFLC.IN and the Centre for Internet & Society, India. The details of the contact person for the workshop is given below:

Name: Ms. Mishi Choudhary, Executive Director, SFLC.IN I
E: mishi@softwarefreedom.org
Jyoti Panday—Centre for Internet & Society, India
E: jyoti@cis-india.org

For more details visit https://cis-india.org/internet-governance/events/minimising-legal-risks-of-online-intermediaries-while-protecting-user-rights

Information Influx Conference

praskrishna — 2014-07-28T06:31:40Z

Malavika Jayaram was a speaker at the event organized by the Institute for Information Law, University of Amsterdam from July 2 to 4, 2014.

Click to read the full details here.

When IViR set up its research 25 years ago, the digital transition was just starting to gather speed. Since then, our societies have been undergoing enormous changes in the modes of expression, organization and (re)use of information. Traditional roles of producers, intermediaries, users and governments blur and are recast. Information is the central building block of market economies. New ways of creating, disseminating and using it impact the workings of democracy, of science and education, creativity and culture.

Information Influx will bridge disciplines, regions and institutional perspectives to confront the major challenges of developing the rules that govern the expression, organization and re(use) of information in our society – as the central aspects of IViR’s Research Programme.

Wednesday 2 July

13.00 – 16.30

Information Influx Young Scholars Competition:

13.00 – 15.00

Welcome by Prof. Mireille van Eechoud & Dr. L. Guibault

Catherine Doldirina (Joint Research Centre EC) – Open data and Earth observations: the case of opening access to and use of EO through the Global Earth Observation System of Systems
Comments by Prof. Mark Perry

Jenny Metzdorf (University of Luxembourg) – The implementation of the Audiovisual Media Services Directive by national regulatory authorities – National reponses to regulatory challenges
Comments by Dr. Tarlach McGonagle

Harry Halpin (MIT/W3C) – No Safe Haven: The Storage of Data Secrets
Comments by Dr. Philippe Aigrain

15.00 – 15.15
Refreshments break

15.15 – 16.30

Ellen Wauters (ICRI – University of Leuven) – Social Networking Sites’ Terms of Use: addressing imbalances in the user-provider relationship through ex ante and ex post mechanisms
Comments by Dr. Chantal Mak

Nicolo Zingales (Tilburg University) – Virtues and perils of anonymity: should intermediaries bear the burden?
Comments by Prof. Joel Reidenberg

Closing remarks

17.00 – 18.30

Information Influx public opening:

Welcome Louise Gunning-Schepers (University of Amsterdam), Edgar du Perron (University of Amsterdam) and Bernt Hugenholtz (Institute for Information Law)
Keynote – Degrees of Freedom: Sketches of a political theory for an age of deep uncertainty and persistent imperfection – prof. Yochai Benkler (Harvard Law School)
Young Scholars Award ceremony
Speech by Neelie Kroes (Vice-President of the European Commission) – Our Single Market is Crying out for Copyright Reform!

19.00 – 22.00

IViR 25th birthday soirée – by invitation

Thursday 3 July

9.00 – 10.00

Keynote – Governance, Function and Form – prof. Deirdre Mulligan (University of California, Berkeley)

As data and technology to wield it become pervasive, privacy protection must take new forms. Traditional models of governance centered on state actors, and human oversight do not scale to today’s challenges. Drawing from several research projects Mulligan suggests that focusing on roles and functions, rather than traditional forms and actors, can assist us in leveraging the potential of a range of human and technical actors towards privacy’s protection.

10.30 – 12.30

Parallel sessions:

12.30 – 13.45

Lunch

13.45 – 14.30

Julian Oliver & Danja Vasiliev

14.30 – 16.30

Parallel sessions:

17.00 – 18.00

Keynote – Copyright as Innovation Policy – Fred von Lohmann (Google)

Copyright has historically been concerned with encouraging commercial cultural production. Thanks to digital technology, however, copyright law today finds itself called upon to take on additional unfamiliar roles, including fostering technological innovation and encouraging amateur creative expression. The talk will suggest some ways that copyright can successfully grow into these new roles.

19.00 – 22.00

Conference Dinner

Friday 4 July

9.00 – 10.00

Keynote – Datafication, dataism and dataveillance – prof. José van Dijck (University of Amsterdam)

The popularization of datafication as a neutral paradigm is carried by a widespread belief and supported by institutional guardians of trust. That notion of trust becomes problematic when it leads to dataveillance by a number of institutions that handle people’s (meta)data. The interlocking of government, business, and academia in the adaptation of this ideology (“dataism”) prompts us to look more critically at the entire ecosystem of connective media.

10.30 – 12.30
Parallel sessions:

12.30 – 14.00

Buffet Lunch, plus: Brown bag lunch with Rob Frieden – Net Neutrality: One step beyond

14.00 – 15.00

Keynote – Intellectual Property: Two Pasts and A Future – prof. James Boyle (Duke Law School)

Twenty years from now, will our children look up from their digital devices and ask “Daddy, did anyone ever own a book”? In his keynote speech, James Boyle will trace the past lives of intellectual property, the battles fought, the technologies regulated. Can we find hints of the future in the battles of our past? Boyle’s answer is yes, and that answer should give us pause.

15.30 – 17.30

Parallel sessions:

17.30 – 18.30

Farewell drinks

Parallel sessions

Rights in the mix

Among amateur and professional creators alike there is a manifest need to not only share but also remix existing works. The panel discusses how adequately open content licensing systems support these needs. It also looks to how well this licensing system fits in the wider legal framework.

prof. Séverine Dusollier (University of Namur) (moderator)
Paul Keller (Kennisland)
prof. Daniel Gervais (Vanderbilt Law School)
prof. Volker Grassmuck (Lüneburg University)

Behavioural targeting – If you cannot control it, ban it?

The discussion about the potential pitfalls of behavioural targeting practices and the problems it may create for users and user rights continues in full force. The growing evidence of the ineffectiveness of the existing informed-consent-approach to regulation can no longer be ignored. Is it time for the regulator to move to more drastic means and ban certain behavioural targeting practices, and if so, which practices?

prof. Chris Hoofnagle (University of California, Berkeley) (moderator)
prof. Neil Richards (Washington University)
Frederik Borgesius (Institute for Information Law)
prof. Joseph Turow (University of Pennsylvania)
prof. Mireille Hildebrandt (University of Nijmegen)
dr. Tal Zarsky (University of Haifa)

Tomorrow’s news: bright, mutualized and open?

As public debate becomes more diversified, crowded, interactive, noisy and technology-dependent than ever before, what survival strategies are being devised for the news as we know it? Are existing expressive and communicative rights, and related duties and responsibilities, fit-for-purpose in increasingly digitized and networked democratic societies? Will tomorrow’s news still be worth tuning into?

dr. Tarlach McGonagle (Institute for Information Law) (moderator)
dr. Susanne Nikoltchev (European Audiovisual Observatory)
Aidan White (Ethical Journalism Network)
dr. Luís Santos (University of Minho)
dr. Eugenia Siapera (Dublin City University)
Gillian Phillips (The Guardian)

Filtering away infringement: copyright, injunctions and the role of ISPs

Can technology solve the problem of intermediary liability for online copyright infringement? If so, should technology be allowed to determine law? This panel shall focus on the issue of injunctions imposed on online intermediaries to force them to adopt measures that filter or block copyright infringements by third parties on their websites.

prof. Bernt Hugenholtz (Institute for Information Law) (moderator)
prof. Dirk Visser (University of Leiden)
Remy Chavannes (Brinkhof)
Fred von Lohmann (Google)
Sir Richard Arnold (High Court UK)
prof. Niva Elkin-Koren (University of Haifa)
prof. Reto Hilty (Max Planck Institute)

Mass-digitization and the conundrum of online access

Cultural heritage institutions face difficulties providing online access to digitized materials in their collections. This session examines a number of pressing issues, taking a trans-Atlantic perspective. When does digitization in public-private partnerships pose a threat to access to public domain materials? What ways are there to manage rights clearance of copyrighted materials and deal with territoriality?

prof. Martin Senftleben (VU University Amsterdam) (moderator)
prof. Pamela Samuelson (University of California, Berkeley)
dr. Elisabeth Niggemann (Deutsche Nationalbibliothek)
prof. Martin Kretschmer (Glasgow University)

The algorithmic public: towards a normative framework for automated media

In the online media, decisions about what users get to see (or not to see) are increasingly automated, through the use of smart algorithms and extensive data about users’ preferences and online behaviour. This raises a number of fundamental questions about freedom of expression, editorial integrity and user autonomy. Leading thinkers will debate algorithmic decision-making in online media and explore the contours of a much needed normative framework for automated media.

prof. Natali Helberger (Institute for Information Law) (moderator)
dr. Joris van Hoboken (New York University)
prof. Wolfgang Schulz (Hans-Bredow-Institut)
prof. Niva Elkin-Koren (University of Haifa)
dr. Bernhard Rieder (University of Amsterdam)

Accountability and the public sector data push

Initiatives to make governments more ‘transparent’ abound. Freedom of information laws are reconfigured to push out ever more information to citizens and businesses. Promises of benefits abound too: better accountability and increased participation, as well as efficiency gains and new business opportunities. Can and should the next generation of freedom of information laws serve both political-democratic objectives and economic ones?

prof. Mireille van Eechoud (Institute for Information Law) (moderator)
Chris Taggart (Open Corporates)
Helen Darbishire (Access Info)
prof. Deirdre Curtin (University of Amsterdam)
dr. Ben Worthy (Birkbeck University College London)
Jonathan Gray (Open Knowledge Foundation / University of London)

A new governance model for communications security?

Today, the vulnerable state of electronic communications security dominates headlines across the globe, while money and power increasingly permeate the policy arena. 2013 has seen no less than five sweeping legislative initiatives in the E.U., while the U.S. seems to trust in the market to deliver. Amidst these diverging approaches, how should communications security be regulated?

Axel Arnbak (Institute for Information Law) (moderator)
prof. Deirdre Mulligan (University of California, Berkeley)
prof. Ian Brown (Oxford University)
prof. Michel van Eeten (Delft university of technology)
Amelia Andersdotter (European Parliament)
Ashkan Soltani (independent researcher)

Global information flows and the nation state

Information flows contest the physical spaces in which the nation state has been deemed a sovereign for almost five centuries. This tension dominates nearly all areas of information law, from data protection and IP enforcement to mass surveillance by national intelligence agencies. This session reflects on the broader challenges that territoriality presents for information law today.

prof. Urs Gasser (Harvard) (moderator)
prof. Joel Reidenberg (Fordham Law School)
prof. Graeme Dinwoodie (Oxford University)
Malavika Jayaram (Harvard)
Hielke Hijmans (Vrije Universiteit Brussel)

United in diversity – the future of the public mission

Digital technologies and the information economy create fascinating new opportunities but also pose fundamental challenges to the fulfilment of the public mission of the media, public archives and libraries alike. This panel is a step towards establishing a dialogue between the three institutions: to explore the congruence between their missions, and their responses to critical issues such as technological convergence, the changing habits of users, the growing abundance of content and their relationship to new information intermediaries, such as search engines, social networks or content platforms.

prof. Natali Helberger (Institute for Information Law) (moderator)
prof. Klaus Schönbach (University of Vienna)
prof. Frank Huysmans (University of Amsterdam)
prof. Egbert Dommering (Institute for Information Law)
Maarten Brinkerink (Netherlands Institute for Sound and Vision)
Richard Burnley (European Broadcasting Union)

Legalizing file-sharing: an idea whose time has come – or gone?

Alternative compensation systems are designed to legalize and monetize online copyright restricted acts of distributing and consuming content. Empirical evidence shows that end-users strongly support paying flat-rate fees for the ability to legally download and share content. So what prevents us from introducing such schemes? The group of experts convened debates the future of alternative compensation systems in light of current legal, business and technology trends.

prof. Bernt Hugenholtz (Institute for Information Law) (moderator)
prof. Neil Netanel (University of California, Los Angeles)
prof. Alexander Peukert (University of Frankfurt)
dr. Philippe Aigrain (Quadrature du Net)
prof. Séverine Dusollier (University of Namur)

Assembly (Information influx)

Taking legal cases and controversies involving intellectual property, art collective Agency composes a growing list of “Things” that resist the split between “nature” and “culture”, a split that intellectual property relies upon. From the list of over a 1,000 Things, Agency calls forth Thing 002094, the copyright controversy Être et Avoir, to jointly speculate upon. The purpose is less to re-enact the judgment and more to prolong hesitation.

Agency
Severine Dusollier
Wilco Kalff
Sanne Rovers
Margot van de Linde
Arnisa Zeqo

Big brother is back

The debate about the pervasive surveillance of the online environment is roaring. Considering what we know now, what better metaphor is there than to conclude that we live in the world of Big Brother? This session will bring together leading thinkers and doers related to power and control in the communication environment, who will provide critical input on the way we think and speak about information freedom and control. Should we aspire to tame Big Brother or should we think differently about the problem?

Axel Arnbak (Institute for Information Law) (moderator)
dr. Joris van Hoboken (New York University) (moderator)
John McGrath (National Theatre of Wales)
dr. Seda Gürses (New York University)
Hans de Zwart (Bits of Freedom)

Who owns the World Cup? The case for and against property rights in sports events

Sports have important economic, social and cultural dimensions. What is the optimal form of legal protection of sports events considering the public-private nature of sports? The focus of debate will be on football because of its major relevance in Europe in terms of diffusion, commercial exploitation, and social impact; but we can expect many insights to hold true for other sports as well.

prof. Bernt Hugenholtz (Institute for Information Law) (moderator)
prof. Lionel Bently (University of Cambridge)
prof. Dirk Voorhoof (Ghent University)
prof. Peter Jaszi (American University Washington)
prof. Graeme Dinwoodie (Oxford University)
prof. Egbert Dommering (Institute for Information Law)
prof. Alan Bairner (Loughborough University)

Associated events

Invitation only:
Wednesday 2 July: Big Breakfast with Joseph Turow & Tal Zarksy – Ethical, normative, social and cultural implications of profiling & targeting in an era of big data – towards a research agenda, Institute for Information Law (IViR) & Amsterdam School of Communication Research (ASCoR), East India House, room E0.02, 09.00-12.00 a.m.

Public event:

Friday 4 July: Lecture James Boyle & Marjan Hammersma about cultural heritage and the public domain
More information and registration at:
Cultural heritage institutions as guardians of public domain works in the digital environment, Rijksmuseum & Kennisland in cooperation with IViR, Rijksmuseum Auditorium, 18.00-20.00 p.m.

About IViR

The Institute for Information Law (IViR) is a centre of excellence in academic research which consistently seeks to further our understanding of how legal norms reflect and shape the creation, dissemination and use of information in our societies. That is the ambition at the heart of the many research initiatives IVIR has undertaken since its foundation in 1989. The urgency of taking an interdisciplinary and international approach has only grown in the past decades. It is crucial if we want to understand and evaluate the rapidly evolving complex and myriad legal norms that govern information relations in markets, in social and in political spaces. With over 30 researchers, teachers and support staff based in our offices in the historic centre of Amsterdam, we have the critical mass to broach key regulatory challenges of today’s information society.

Our focus on information relations deliberately cuts across traditional boundaries in legal scholarship. We bring together insights from constitutional law, human rights, public administration, intellectual property, contract and property law, and competition law. Our functional approach enables fruitful collaboration with experts from an array of academic disciplines, in information and communications technology, economics, media studies, political science and the arts.

Continuing a long Dutch tradition of openness towards the world, our work has a strong international orientation. It shows in the topics we study, the strong global network of affiliations we have in academia and the wonderful dynamic mix of upcoming and experienced researchers from all over Europe and beyond that make up IViR.

With each consecutive research programme we prioritize legal developments that fascinate us, and translate them into a variety of research projects. This includes doctoral research, research for policymakers at national, European and international level, and projects funded through national and European research grant programmes. Our current research programme and an overview of research projects can be found here. Doctoral dissertations, journal articles, books, case comments, studies, reports, lectures, debates, workshops, conferences and summer schools are the staple means of communicating what we do. Browse our publications here.

Media reports and conference outputs will be posted on the IViR website

For more details visit https://cis-india.org/news/information-influx-conference

The trouble with trolls

praskrishna — 2014-07-28T05:42:36Z

Social networking sites give trolls the ability to hide their real identity and cause grief to others. Here is what you need to do if you face an online attack.

The article by Vishal Mathur was published in Livemint on July 22, 2014. Sunil Abraham gave his inputs.

Social networking sites give trolls the ability to hide their real identity and cause grief to others. Here is what you need to do if you face an online attack.

Though social networks were not designed with the intention of letting someone anonymously abuse another online, the reality is that people utilize the ability to hide behind online identities to threaten other users. These could be veiled attacks, direct abuse, or even threats to “cause bodily harm”. What can you do if you’re trolled and threatened on any social network? Follow our five-step guide. Avoid conversation if you can The responses could come in relation to something you may have just posted online. Or perhaps it could be just a random trolling attempt, to get a response from you. It is important to understand and identify such intentions. And as difficult as it may be, do not respond. Getting into a direct interaction with a bully only makes things worse. Report to the social network You should report any instance of cyber bullying or harassment to the host social network—the website or forum on which the interaction happened. There are various methods of getting in touch with the moderators—customer support email, contact submission forms or even via phone, in certain locations. Describe the problem in detail, and persist till the offending account is blocked from the platform. “Most social networks have systems that allow you to report abusive content and users. However, there is great variance in the speed with which they respond across different platforms, jurisdictions, etc.,” says Sunil Abraham, executive director at the Bangalore-based non-profit research organization Centre for Internet and Society. New Delhi-based Anja Kovacs, project director, at civil society organization Internet Democracy Project, adds: “Blocking and reporting an account can be two ways to stop harassment on some social networks, but on other platforms, such as Twitter, it is possible for the person to immediately make a new account under a different username, meaning that these measures do not necessarily stop the harassment.” Ankhi Das, director, public policy, India and South Asia at social network Facebook, says: “Every reported piece of content is reviewed. Serial offenders are notified for non-compliance.” Facebook’s Community Standards, that prevent harassment and offensive posts, have an 11-point categorization for reported content—violence and threats, hate speech, graphic content, bullying and harassment, to name some. Raheel Khursheed, head of news, politics and government at Twitter India, did not respond to our mail about how Twitter handles trolls at the time of going to press. On blogs and forums, it may be a bit easier to deal with trolling and abuse. If it is your own blog, you can delete comments and block users. If it is a forum, the administrator can do it for you. But, with social networks having millions of users, it is not possible to have one administrator managing it all. And it is not just Facebook and Twitter, all social networks have a method by which you can register your complaint. LinkedIn, for example, automatically blocks a user who gets multiple “I don’t know” responses to invitations to connect. There is a strong monitoring policy where any reported content (recommendations or direct messages) is examined and immediate warnings are sent out to offending parties. Keep a copy of the offensive posts Be it a post, or a series of posts, direct message or even an offending photograph, always save it for future reference. Never assume that the matter will end soon, and always prepare for the worst. Don’t ignore privacy settings Most people start using Facebook, Twitter and other social networks without paying much attention to the privacy settings—what content people can see on your page, and who can directly contact you. Be conservative in sharing information—the less you share, the lower the chances of someone picking on you. “Avoid friending or linking to people whom you don’t know in real life unless you are certain of the chain of trust that exists between you and the unknown person,” says Abraham. New Delhi-based cyber lawyer Apar Gupta, adds: “The privacy settings on most social networking platforms allow users to prevent (restrict) the audience for their posts as well as strangers from contacting them. This will prevent most cases of online harassment.” Get help from the law In case social networks are not able to effectively block a user, or are in some way unwilling to do so, take help from the law-enforcement authorities. File an FIR in the nearest police station. Unfortunately, the progress may not be very smooth. The reality is that not every law-enforcement officer may know about social networking sites. “You could try and go to the police, but without support from the social network platform, they are often at a loss to do much themselves,” warns Kovacs. The police may look for hints of threat to cause bodily harm or worse still, to life. In such cases, they may recommend the case to the Cyber Crime Cell of the Central Bureau of Investigation. “Generally, while the substantive offences do exist under law, the process for having them enforced is deficient. These are deeper structural problems of delay, investigation and conviction which are prevalent across criminal justice or civil litigation,” clarifies Gupta. Officials at the Cyber Crime Cell say they take up cases after reference from the local police, who file the report first and do a preliminary level of investigation. But it is important to realize that only the police and the law-enforcement agencies have the right to demand further details about the perpetrator from the social networks, starting with profile details and Internet Protocol (IP) addresses, which will help track the person down. Das clarifies: “Facebook has a point-of-contact system through which the law-enforcement agencies tell us what the actual case is, depending on severity. The police may ask us to take down particular content, or even ask for user information like IP info, to prevent real crime.” According to Facebook’s Government Requests Report for July-December 2013, the network restricted access to 4,765 pieces of content after requests from the Indian government and law-enforcement agencies.

Though social networks were not designed with the intention of letting someone anonymously abuse another online, the reality is that people utilize the ability to hide behind online identities to threaten other users. These could be veiled attacks, direct abuse, or even threats to “cause bodily harm”. What can you do if you’re trolled and threatened on any social network? Follow our five-step guide.

Avoid conversation if you can
The responses could come in relation to something you may have just posted online. Or perhaps it could be just a random trolling attempt, to get a response from you. It is important to understand and identify such intentions. And as difficult as it may be, do not respond. Getting into a direct interaction with a bully only makes things worse.

Report to the social network
You should report any instance of cyber bullying or harassment to the host social network—the website or forum on which the interaction happened. There are various methods of getting in touch with the moderators—customer support email, contact submission forms or even via phone, in certain locations. Describe the problem in detail, and persist till the offending account is blocked from the platform. “Most social networks have systems that allow you to report abusive content and users. However, there is great variance in the speed with which they respond across different platforms, jurisdictions, etc.,” says Sunil Abraham, executive director at the Bangalore-based non-profit research organization Centre for Internet and Society. New Delhi-based Anja Kovacs, project director, at civil society organization Internet Democracy Project, adds: “Blocking and reporting an account can be two ways to stop harassment on some social networks, but on other platforms, such as Twitter, it is possible for the person to immediately make a new account under a different username, meaning that these measures do not necessarily stop the harassment.” Ankhi Das, director, public policy, India and South Asia at social network Facebook, says: “Every reported piece of content is reviewed. Serial offenders are notified for non-compliance.” Facebook’s Community Standards, that prevent harassment and offensive posts, have an 11-point categorization for reported content—violence and threats, hate speech, graphic content, bullying and harassment, to name some. Raheel Khursheed, head of news, politics and government at Twitter India, did not respond to our mail about how Twitter handles trolls at the time of going to press. On blogs and forums, it may be a bit easier to deal with trolling and abuse. If it is your own blog, you can delete comments and block users. If it is a forum, the administrator can do it for you. But, with social networks having millions of users, it is not possible to have one administrator managing it all. And it is not just Facebook and Twitter, all social networks have a method by which you can register your complaint. LinkedIn, for example, automatically blocks a user who gets multiple “I don’t know” responses to invitations to connect. There is a strong monitoring policy where any reported content (recommendations or direct messages) is examined and immediate warnings are sent out to offending parties.

Keep a copy of the offensive posts
Be it a post, or a series of posts, direct message or even an offending photograph, always save it for future reference. Never assume that the matter will end soon, and always prepare for the worst.

Don’t ignore privacy settings
Most people start using Facebook, Twitter and other social networks without paying much attention to the privacy settings—what content people can see on your page, and who can directly contact you. Be conservative in sharing information—the less you share, the lower the chances of someone picking on you. “Avoid friending or linking to people whom you don’t know in real life unless you are certain of the chain of trust that exists between you and the unknown person,” says Abraham. New Delhi-based cyber lawyer Apar Gupta, adds: “The privacy settings on most social networking platforms allow users to prevent (restrict) the audience for their posts as well as strangers from contacting them. This will prevent most cases of online harassment.”

Get help from the law
In case social networks are not able to effectively block a user, or are in some way unwilling to do so, take help from the law-enforcement authorities. File an FIR in the nearest police station. Unfortunately, the progress may not be very smooth. The reality is that not every law-enforcement officer may know about social networking sites. “You could try and go to the police, but without support from the social network platform, they are often at a loss to do much themselves,” warns Kovacs. The police may look for hints of threat to cause bodily harm or worse still, to life. In such cases, they may recommend the case to the Cyber Crime Cell of the Central Bureau of Investigation. “Generally, while the substantive offences do exist under law, the process for having them enforced is deficient. These are deeper structural problems of delay, investigation and conviction which are prevalent across criminal justice or civil litigation,” clarifies Gupta. Officials at the Cyber Crime Cell say they take up cases after reference from the local police, who file the report first and do a preliminary level of investigation. But it is important to realize that only the police and the law-enforcement agencies have the right to demand further details about the perpetrator from the social networks, starting with profile details and Internet Protocol (IP) addresses, which will help track the person down. Das clarifies: “Facebook has a point-of-contact system through which the law-enforcement agencies tell us what the actual case is, depending on severity. The police may ask us to take down particular content, or even ask for user information like IP info, to prevent real crime.” According to Facebook’s Government Requests Report for July-December 2013, the network restricted access to 4,765 pieces of content after requests from the Indian government and law-enforcement agencies.

For more details visit https://cis-india.org/news/livemint-july-22-2014-vishal-mathur-the-trouble-with-trolls

ICT Awareness Program for Myanmar Parliamentarians in Yangon

praskrishna — 2014-07-29T09:37:26Z

Myanmar ICT for Development Organization-MIDO conducted ICT policy training for multi- party parliamentarian representatives in Yangon on July 26 and 27, 2014. Sunil Abraham presented on Innovation Ecosystem and Thinking about Internet Regulation.

Sunil's Presentations

Schedule

Day 1	Topic	Resource Person
0930-1030	What is the significance of ICTs to legislators?	Rohan Samarajiva (RS)
1030-1115	Stories from the field: What do poor people do with ICTs?	Helani Galpaya (HG)
1115-1145	Break
1145-1245	Legislation, policies, plans, strategies, regulation	RS
1245-1330	Modalities of making and implementing ICT policy	RS and HG
1330-1430	Lunch	Videos
1430-1530	What is independent regulation? Why is it needed for sector growth	RS
1530-1600	Break
1600-1700	Panel discussion: How social media can be used in public life	Sunil Abraham (SA), RS & Charitha Herath (CH)
Day 2
930-1030	Regulation of online speech	Nay Phone Latt (NPL)
1030-1100	Break
1100-1200	How to think about Internet policy	SA; counterpoint by CH
1200-1300	Hope in the heart and money in the pocket: Results of effective policy	RS
1300-1400	Lunch	Videos

We plan to have simultaneous interpretation. There will be time for discussion within each session.

Brief descriptions of sessions

What is the significance of ICTs to legislators?

Rohan Samarajiva

This is the introduction, wherein we bring out the economic, social and political significance of ICTs. Why legislators should pay attention to the subject.

Stories from the field: What do poor people do with ICTs?

Helani Galpaya

Here we present the findings of how the poor use ICTs, using demand-side data (both quant and quality) from Myanmar and countries in similar circumstances.

Legislation, policies, plans, strategies, regulation

In this session, a former policy advisor/regulator will present a perspective on the important distinctions between legislation, policies, plans, strategies, and regulation.

Modalities of making and implementing ICT policy

RS and HG

Here we will delve into the practical details of making policy and of implementing policy, using examples.

What is independent regulation? Why is it needed for sector growth

Progress in electronic connectivity is the foundation that will reduce the frictions in the Myanmar economy, create jobs and exports and enable social, political and economic innovations. This requires massive investments, most of which will be private and most of which will come from outside the country. What legislators need to know about creating an environment that will attract and retain foreign investment in a globalized economy will be discussed.

How social media can be used in public life

Sunil Abraham, RS and Charitha Herath

In the panel discussion, SA will pose questions to a policy advisor who has used social media in a political campaign and a social media savvy current government official.

How to think about Internet policy

SA; counterpoint by CH

A leading advocate of enlightened Internet policy, Sunil Abraham of the Center for Internet and Society in Bangalore, India, will present his ideas, highlighting the international dimension of Internet policy. CH will share his perspectives as a serving government official.

Regulation of online speech

Nay Phone Latt

Here, Myanmar’s leading blogger and founder of MIDO will discuss the current concerns with legislation that seeks to control online speech.

Hope in the heart and money in the pocket: Results of effective policy

Results of effective policy implementation will be discussed with reference to specific country experiences.

Resource persons

Rohan Samarajiva, PhD, (program director) is founding Chair of LIRNEasia, an ICT policy and regulation think tank active across emerging Asian and Pacific economies. He was Team Leader at the Sri Lanka Ministry for Economic Reform, Science and Technology (2002-04) responsible for infrastructure reforms, including participation in the design of the USD 83 million e-Sri Lanka Initiative. He was Director General of Telecommunications in Sri Lanka (1998-99). In this capacity, he established the Telecom Regulatory Commission of Sri Lanka; conducted the first public hearing and public notice proceedings; successfully concluded a license-violation proceeding; and laid the foundation for a competitive market. He was also a founder director of the ICT Agency of Sri Lanka (2003-05), Honorary Professor at the University of Moratuwa in Sri Lanka (2003-04), Visiting Professor of Economics of Infrastructures at the Delft University of Technology in the Netherlands (2000-03) and Associate Professor of Communication and Public Policy at the Ohio State University in the US (1987-2000). Dr. Samarajiva was also Policy Advisor to the Ministry of Post and Telecom in Bangladesh (2007-09).

Sunil Abraham is the Executive Director of Bangalore based research organization, the Centre for Internet and Society. He founded Mahiti in 1998, a company committed to creating high impact technology and communications solutions. Today, Mahiti employs more than 50 engineers. Sunil continues to serve on the board. Sunil was elected an Ashoka fellow in 1999 to 'explore the democratic potential of the Internet' and was also granted a Sarai FLOSS fellowship in 2003. Between June 2004 and June 2007, Sunil also managed the International Open Source Network, a project of United Nations Development Programme's Asia-Pacific Development Information Programme serving 42 countries in the Asia-Pacific region.

Helani Galpaya is LIRNEasia’s Chief Executive Officer. Helani leads LIRNEasia’s 2012-2014 IDRC funded research on improving customer life cycle management practices in the delivery of electricity and e-government services using ICTs. She recently completed an assessment of how the poor in Bangladesh and Sri Lanka use telecenters to access government services. For UNCTAD and GTZ she authored a report on how government procurement practices can be used to promote a country’s ICT sector and for the World Bank/InfoDev Broadband Toolkit, a report on broadband strategies in Sri Lanka. She has been an invited speaker at various international forums on topics ranging from m-Government to ICT indicators to communicating research to policy makers. Prior to LIRNEasia, Helani worked at the ICT Agency of Sri Lanka, implementing the World-Bank funded e-Sri Lanka initiative. Prior to her return to Sri Lanka, she worked in the United States at Booz & Co., Marengo Research, Citibank, and Merrill Lynch. Helani holds a Masters in Technology and Policy from the Massachusetts Institute of Technology, and a Bachelor’s in Computer Science from Mount Holyoke College, USA.

Charitha Herath has served as Secretary, Ministry of Mass Media and Information in the Government of Sri Lanka since 2012. Prior to his present appointment, he was the Chairman of the Central Environment Authority. Currently on secondment for national services from his permanent academic position as a Senior Lecturer in the Department of Philosophy and Psychology at the University of Peradeniya in Sri Lanka, he continues to work on his academic research, specializing in governments and politics in Asia, ethnic studies, cultural psychology, social and political philosophy, with his main focus on political psychology. More detail at http://charithaherath.wordpress.com/about-2/

Nay Phone Latt is the Co-founder and Executive Director of Myanmar ICT Development Organization (MIDO). He graduated from Yangon Technological University with a civil engineering degree in 2004. He co-founded the Myanmar Blogger Society in 2007. Award winner of PEN Barbara Goldsmith Award and RFS’s Cyber Dissidents Award. Former Political Prisoner. CEC Member of Myanmar Journalists Association(MJA) Chief Editor of ThanLwinAinMat Online Magazine (www.thanlwin.com). Member of Board of Directors of House of Media & Entertainment (HOME).

For more details visit https://cis-india.org/news/ict-awareness-program-for-myanmar-parliamentarians-yangon

UK’s Interception of Communications Commissioner — A Model of Accountability

joe — 2014-07-24T06:08:53Z

The United Kingdom maintains sophisticated electronic surveillance operations through a number of government agencies, ranging from military intelligence organizations to police departments to tax collection agencies. However, all of this surveillance is governed by one set of national laws outlining specifically what surveillance agencies can and cannot do.

The primary law that governs government investigations is the Regulation of Investigatory Powers Act 2000, abbreviated as RIPA 2000.

To ensure that this law is being followed and surveillance operations in the United Kingdom are not conducted illegally, the RIPA 2000 Part I establishes an Interception of Communications Commissioner, who is tasked with inspecting the surveillance operations, assessing their legality, and compiling an annual report to for the Prime Minister.

On April 8, 2014 the current Commissioner, Rt Hon. Sir Anthony May, laid the 2013 annual report before the House of Commons and the Scottish Parliament. In its introduction, the report notes that it is responding to concerns raised as a result of Edward Snowden’s actions, especially misuse of powers by intelligence agencies and invasion of privacy. The report also acknowledges that the laws governing surveillance, and particularly RIPA 2000, are difficult for the average citizen to understand, so the report includes a narrative outline of relevant provisions in an attempt to make the legislation clear and accessible. However, the report points out that while the Commissioner had complete access to any documents or investigative records necessary to construct the report, the Commissioner was unable to publish surveillance details indiscriminately, due to confidentiality concerns in a report being issued to the public. (It is worth noting here that though the Commissioner is one man, he has an entire agency working under him, so it is possible that he himself did not do or write all of that the report attributes to him). As a whole, the report outlines a series of thorough audits of surveillance operations, and reveals that the overwhelming majority of surveillance in the UK is conducted entirely legally, and that the small minority of incorrectly conducted surveillance appears to be unintentional. Looking beyond the borders of the United Kingdom, the report represents a powerful model of a government initiative to ensure transparency in surveillance efforts across the globe.

The Role of the Commissioner

The report begins in the first person, by outlining the role of the Commissioner. May’s role, he writes, is primarily to audit the interception of data, both to satisfy his own curiosity and to prepare a report for the Prime Minister. Thus, his primary responsibility is to review the lawfulness of surveillance actions, and to that end, his organization possesses considerable investigative powers. He is also tasked with ensuring that prisons are legally administrated, though he makes this duty an afterthought in his report.

Everyone associated with surveillance or interception in the government must disclose whatever the commissioner asks for. In short, he seems well equipped to carry out his work. The Commissioner has a budget of £1,101,000, almost all of which, £948,000 is dedicated to staff salaries.

The report directly addresses questions about the Commissioner’s ability to carry out his duties. Does the Commissioner have full access to whatever materials or data it needs to conduct its investigations, the report asks, and it answers bluntly, yes. It is likely, the report concludes, that the Commissioner also has sufficient resources to adequately carry out his duties. Yes, the Commissioner is fully independent from other government interests; the commissioner answers his own question. Finally, the report asks if the Commissioner should be more open in his reports to the public about surveillance, and he responds that the sensitivity of the material prohibits him from disclosing more, but that the report adequately addresses public concern regardless. There is a degree to which this question and answer routine seems self-congratulatory, but it is good to see that the Commissioner is considering these questions as he carries out his duties.

Interception of Communications

The report first goes into detail about the Commissioner’s audits of communications interception operations, where interception means wiretapping or reading the actual content of text messages, emails, or other communications, as opposed to the metadata associated with communications, such as timestamps and numbers contacted. In this section, the report outlines the steps necessary to conduct an interception, outlining that an interception requires a warrant, and only a Secretary of State (one of five officials) can authorize an interception warrant. Moreover, the only people who can apply for such warrants are the directors of various intelligence, police, and revenue agencies. In practice, the Secretaries of State have senior staff that read warrant applications and present those they deem worthy to the Secretary for his or her signature, as their personal signature is required for authorization.

For a warrant to be granted, it must meet a number of criteria. First, interception warrants must be necessary in the interests of national security, to prevent or detect serious crime, or to safeguard economic wellbeing of the UK. Additionally, a warrant can be granted if it is necessary for similar reasons in other countries with mutual assistance agreements with the UK. Warrants must be proportionate to the ends sought. Finally, interception warrants for communications inside the UK must specify either a person or a location where the interception will take place. Warrants for communications outside of the UK require no such specificity.

In 2013, 2760 interception warrants were authorized, 19% fewer warrants than in 2012. The Commissioner inspected 26 different agencies and examined 600 different warrants throughout 2013. He gave inspected agencies a report on his findings after each inspection, so they could see whether or not they were following the law. He concluded that the agencies that undertake interception “do so lawfully, conscientiously, effectively, and in our national interest.” Thus, all warrants adequately meet the application and authorization requirements outlined in RIPA 2000.

Communications Data

The report goes on to discuss communications data collection, where communications data refers to metadata–not the content of the communications itself, but data associated with it, such as call durations, or a list of email recipients. The Commissioner explains that metadata is easier to obtain than an interception warrant. Designated officials in their respective surveillance organization read and grant metadata warrant applications, instead of one of the Secretaries of State who could grant interception warrants. Additionally, the requirements for a metadata warrant are looser than for interception warrants. Metadata warrants must still be necessary, but necessary for a broader range of causes, ranging from collecting taxes, protecting public health, or for any purpose specified by a Secretary of State.

The relative ease of obtaining a metadata warrant is consistent with a higher number of warrants approved. In 2013, 514,608 metadata warrants were authorized, down from 570,135 in 2012. Local law enforcement applied for 87.5% of those warrants while intelligence agencies accounted for 11.5%. Only a small minority of requests was sent from the revenue office or other departments.

The purposes of these warrants were similarly concentrated. 76.9% of metadata warrants were issued for prevention or detection of crime. Protecting national security justified 11.4% of warrants and another 11.4% of warrants were issued to prevent death or injury. 0.2% of warrants were to identify people who had died or otherwise couldn’t identify themselves, 0.11% of warrants were issued to protect the economic wellbeing of the United Kingdom, and 0.02% of warrants were associated with tax collection. The Commissioner identified less than 0.01% of warrants as being issued in a miscarriage of justice, a very low proportion.

The Commissioner inspected metadata surveillance efforts, conducting 75 inspections in 2013, and classified the practices of those operations inspected as good, fair or poor. 4% of operations had poor practices. He noticed two primary errors. The first was that data was occasionally requested on an incorrect communications address, and the second was that he could not verify that some metadata was not being stored past its useful lifetime. May highlighted that RIPA 2000 does not give concrete lengths for which data should be stored, as Section 15(3) states only that data must be deleted “as soon as there are no longer grounds for retaining it as necessary for any of the authorized purposes.” He noted that he was only concerned because some metadata was being stored for longer periods than associated interception data. As May put it, “I have yet to satisfy myself fully that some of these periods are justified and in those cases I required the agencies to shorten their retention periods or, if not, provide me with more persuasive reasons.” The Commissioner seems determined that this practice will either be eliminated or better justified to him in the near future.

Indian Applications

The United Kingdom’s Interception of Communications Commissioner has similar powers to the Indian Privacy Commissioner suggested by the Report of the Group of Experts on Privacy. Similar to the United Kingdom, it is recommended that a Privacy Commissioner in India have investigative powers in the execution of its charter, and that the Privacy Commissioner represent citizen interests, ensuring that data controllers are in line with the stipulated regulations. The Report also broadly states that “with respect to interception/access, audio & video recordings, the use of personal identifiers, and the use of bodily or genetic material, the Commissioner may exercise broad oversight functions.” In this way, the Report touches upon the need for oversight of surveillance, and suggests that this responsibility may be undertaken by the Privacy Commissioner, but does not clearly place this responsibility with the Privacy Commissioner. This raises the question of if India should adopt a similar model to the United Kingdom – and create a privacy commissioner – responsible primarily for overseeing and enforcing data protection standards, and a separate surveillance commissioner – responsible for overseeing and enforcing standards relating to surveillance measures. When evaluating the different approaches there are a number of considerations that should be kept in mind:

Law enforcement and security agencies are the exception to a number of data protection standards including access and disclosure.
There is a higher level of ‘sensitivity’ around issues relating to surveillance than data protection and each needs to be handled differently.
The ‘competence’ required to deliberate on issues related to data protection is different then the ‘competence’ required deliberating on issues related to surveillance.

Additionally, this raises the question of whether India needs a separate regulation governing data protection and a separate regulation governing surveillance.

Allegations of Wrongdoing

It is worth noting that though May describes surveillance operations conducted in compliance with the law, many other organizations have accused the UK government of abusing their powers and spying on citizens and internet users in illegal ways. The GCHQ, the government’s communications surveillance center has come under particular fire. The organization has been accused indiscriminate spying and introducing malware into citizen’s computers, among other things. Led by the NGO Privacy International, internet service providers around the world have recently lodged complaints against the GCHQ, alleging that it uses malicious software to break into their networks. Many of these complaints are based on the information brought to light in Edward Snowden’s document leaks. Privacy International alleges that malware distributed by GCHQ enables access to any stored content, logging keystrokes and “the covert and unauthorized photography or recording of the user and those around him,” which they claim is similar to physically searching through someone’s house unbeknownst to them and without permission. They also accuse GCHQ malware of leaving devices open to attacks by others, such as identity thieves.

Snowden’s files also indicate a high level of collaboration between GCHQ and the NSA. According to the Guardian, which analyzed and reported on many of the Snowden files, the NSA has in past years paid GCHQ to conduct surveillance operations through the US program called Prism. Leaked documents report that the British intelligence agency used Prism to generate 197 intelligence reports in the year to May 2012. Prism is not mentioned at all in the Interception of Communications Commissioner’s report. In fact, while the report’s introduction explains that it will attempt to address details revealed in Snowden’s leaked documents, very little of what those documents indicate is later referenced in the report. May ignores the plethora of accusations of GCHQ wrongdoing.

Thus, while May’s tone appears genuine and sincere, the details of his report do little to dispel fears of widespread surveillance. It is unclear whether May is being totally forthcoming in his report, especially when he devotes so little energy to directly responding to concerns raised by Snowden’s leaks.

Conclusion

May wrapped up his report with some reflections on the state of surveillance in the United Kingdom. He concluded that RIPA 2000 protects consumers in an internet age, though small incursions are imaginable, and especially lauds the law for it’s technological neutrality. That is, RIPA 2000 is a strong law because it deals with surveillance in general and not with any specific technologies like telephones or Facebook, use of which changes over time. The Commissioner also was satisfied that powers were not being misused in the United Kingdom. He reported that there have been a small number of unintentional errors, he noted, and some confusion about the duration of data retention. However, any data storage mistakes seemed to stem from an unspecific law.

Despite May’s report of surveillance run by the books, other UK groups have accused GCHQ, the government’s communications surveillance center, of indiscriminate spying and introducing malware into citizen’s computers. Privacy International has submitted a claim arguing that a litany of malware is employed by the GCHQ to log detailed personal data such as keystrokes. The fact that May’s report does little to disprove these claims casts the Commissioner in an uncertain light. It is unclear whether surveillance is being conducted illegally or, as the report suggests, all surveillance of citizens is being conducted as authorized.

Still, the concept of a transparency report and audit of a nation’s surveillance initiatives report is a step towards government accountability done right, and should serve as a model for enforcement methods in other nations. May’s practice of giving feedback to the organizations he inspects allows them to improve, and the public report he releases serves as a deterrent to illegal surveillance activity. The Interception of Communications Commissioner–provided he reports truthfully and accurately–is what gives the safeguards built into the UK’s interception regime strength and accountability. In other nations looking to establish privacy protections, a similar role would make their surveillance provisions balanced with safeguards and accountability to ensure that the citizens fundamental rights–including the right to privacy–are not compromised.

For more details visit https://cis-india.org/internet-governance/blog/uk-interception-of-communications-commissioner-a-model-of-accountability

Information & Communication Technology in Making a Healthy Information Society with special reference to use of ICTS in Educational Technology

praskrishna — 2014-07-18T09:06:20Z

The Department of Computer Science, Andhra Loyola College in collaboration with the Department of Computer Science, Krishna University will be organizing a UGC-sponsored National Seminar on August 11 and 12, 2014 at Andhra Loyola College in Vijayawada.

T. Vishnu Vardhan, Programme Director, Access to Knowledge from the Centre for Internet and Society will be giving a key note address at this event.

See the invitation below:

For more details visit https://cis-india.org/news/information-communication-technology-in-making-a-healthy-information-society-with-special-reference-to-use-of-icts-in-educational-technology

Terror recruiters target Indians on internet

praskrishna — 2014-07-18T06:57:56Z

What's in a name? If it indicates your religious identity, then you could get trolled by strangers wanting to draw you in with videos on the importance of archaic customs and doctored accounts of world history.

The article by Sandhya Soman was published in the Times of India on July 18, 2014. Sunil Abraham gave his inputs.

City-based lawyer Shakeel Ahmed recently took one such bait on the Holocaust from a stranger on WhatsApp just to know what kind of propaganda is in circulation.

"I can laugh at such videos and false images but they might confuse youngsters," says Ahmed. Online baiting to lure sympathizers and recruits by seasoned extremists has been on the police radar. If the four youngsters from Thane and Kalyan are indeed now in Iraq fighting for the Islamic militia ISIS, then a good part of their indoctrination could have happened online, say experts.

ISIS is known to have an aggressive social media policy, including an Arabic-language Twitter app, to spread their message and recruit supporters even after the Iraqi government curtailed internet in areas captured by the group recently. "There are many websites, including jihadi ones, favoured by people with extremist leanings," says Anti-Terrorism Squad (ATS) chief Himanshu Roy. Often, the initial contact is made on social networking sites and messenger services.

"The organizations spot youngsters and befriend them before inviting the trusted select to closed chat rooms," says K P Raghuvanshi, senior police official and former ATS head.

The discussion ranges from arranging finance to direct involvement, says Roy. "We have reason to believe that these four boys, who are all educated and come from reasonably well-off families, would have visited such sites and exchanged views with others," he says, refusing to elaborate. The youngsters are supposed to have been in touch with each other.

Those without a wide social network are easy targets, says Sunil Abraham, executive director of Centre for Internet and Society, a research organization. "If, as a young Muslim, you are in touch with only your friends and family, you might believe the false information that enters your circle of trust," he says. Contrary to belief, you don't meet a variety of people on social media. "Unless you have a critical understanding of internet, the medium with its interactivity and multi-media potential could aid propaganda," he says.

It was terrorist group Al-Qaeda that started using technology effectively since 2001. Its supporters came together to upload good quality videos of beheadings and suicide bombings to grab attention. Now, there is a variety of 'jihadist' software to prevent detection, whether it is a plug-in for instant messaging service, encryption for text messages or a stealth online network, according to media reports.

In India, terrorists took to technology in a big way from 2008 onwards when Indian groups like Indian Mujahideen recruited educated people, says an official. "Even a man who didn't know English, learnt to type Hindi using English alphabets and send and receive attachments," says the officer.

While officials say that it is difficult to monitor all the online activity, Roy says that ATS will tackle it. "This is the first instance of youngsters from Maharashtra going out to fight some other war," he says.

For more details visit https://cis-india.org/news/the-times-of-india-july-18-2014-sandhya-soman-terror-recruiters-target-indians-on-internet