We are anonymous, we are legion

Draft International Principles on Communications Surveillance and Human Rights

elonnai — 2013-07-12T15:55:45Z

These principles were developed by Privacy International and the Electronic Frontier Foundation and seek to define an international standard for the surveillance of communications. The Centre for Internet and Society has been contributing feedback to the principles.

The principles are still in draft form. The most recent version can be accessed here. This research was undertaken as part of the 'SAFEGUARDS' project that CIS is undertaking with Privacy International and IDRC.

Our goal is that these principles will provide civil society groups, industry, and governments with a framework against which we can evaluate whether current or proposed surveillance laws and practices are consistent with human rights. We are concerned that governments are failing to develop legal frameworks to adhere to international human rights and adequately protect communications privacy, particularly in light of innovations in surveillance laws and techniques.

These principles are the outcome of a consultation with experts from civil society groups and industry across the world. It began with a meeting in Brussels in October 2012 to address shared concerns relating to the global expansion of government access to communications. Since the Brussels meeting we have conducted further consultations with international experts in communications surveillance law, policy and technology.[1]

We are now launching a global consultation on these principles. Please send us comments and suggestions by January 3rd 2013, by emailing rights (at) eff (dot) org.

Preamble
Privacy is a fundamental human right, and is central to the maintenance of democratic societies. It is essential to human dignity and it reinforces other rights, such as freedom of expression and association, and is recognised under international human rights law.[2] Activities that infringe on the right to privacy, including the surveillance of personal communications by public authorities, can only be justified where they are necessary for a legitimate aim, strictly proportionate, and prescribed by law.[3]

Before public adoption of the Internet, well-established legal principles and logistical burdens inherent in monitoring communications generally limited access to personal communications by public authorities. In recent decades, those logistical barriers to mass surveillance have decreased significantly. The explosion of digital communications content and information about communications, or “communications metadata”, the falling cost of storing and mining large sets of data, and the commitment of personal content to third party service providers make surveillance possible at an unprecedented scale.[4]

While it is universally accepted that access to communications content must only occur in exceptional situations, the frequency with which public authorities are seeking access to information about an individual’s communications or use of electronic devices is rising dramatically—without adequate scrutiny. [5] When accessed and analysed, communications metadata may create a profile of an individual's private life, including medical conditions, political and religious viewpoints, interactions and interests, disclosing even greater detail than would be discernible from the content of a communication alone. [6] Despite this, legislative and policy instruments often afford communications metadata a lower level of protection and do not place sufficient restrictions on how they can be subsequently used by agencies, including how they are data-mined, shared, and retained.

It is therefore necessary that governments, international organisations, civil society and private service providers articulate principles establishing the minimum necessary level of protection for digital communications and communications metadata (collectively "information") to match the goals articulated in international instruments on human rights— including a democratic society governed by the rule of law. The purpose of these principles is to:

Provide guidance for legislative changes and advancements related to communications and communications metadata to ensure that pervasive use of modern communications technology does not result in an erosion of privacy.
Establish appropriate safeguards to regulate access by public authorities (government agencies, departments, intelligence services or law enforcement agencies) to communications and communications metadata about an individual’s use of an electronic service or communication media.

We call on governments to establish stronger protections as required by their constitutions and human rights obligations, or as they recognize that technological changes or other factors require increased protection.

These principles focus primarily on rights to be asserted against state surveillance activities. We note that governments are required not only to respect human rights in their own conduct, but to protect and promote the human rights of individuals in general.[7] Companies are required to follow data protection rules and yet are also compelled to respond to lawful requests. Like other initiatives,[8] we hope to provide some clarity by providing the below principles on how state surveillance laws must protect human rights.

The Principles

Legality: Any limitation to the right to privacy must be prescribed by law. Neither the Executive nor the Judiciary may adopt or implement a measure that interferes with the right to privacy without a previous act by the Legislature that results from a comprehensive and participatory process. Given the rate of technological change, laws enabling limitations on the right to privacy should be subject to periodic review by means of a participatory legislative or regulatory process

Legitimate Purpose: Laws should only allow access to communications or communications metadata by authorised public authorities for investigative purposes and in pursuit of a legitimate purpose, consistent with a free and democratic society.

Necessity: Laws allowing access to communications or communications metadata by authorised public authorities should limit such access to that which is strictly and demonstrably necessary, in the sense that an overwhelmingly positive justification exists, and justifiable in a democratic society in order for the authority to pursue its legitimate purposes, and which the authority would otherwise be unable to pursue. The onus of establishing this justification, in judicial as well as in legislative processes, is on the government.

Adequacy: Public authorities should restrain themselves from adopting or implementing any measure of intrusion allowing access to communications or communications metadata that is not appropriate for fulfillment of the legitimate purpose that justified establishing that measure.

Competent Authority: Authorities capable of making determinations relating to communications or communications metadata must be competent and must act with independence and have adequate resources in exercising the functions assigned to them.

Proportionality: Public authorities should only order the preservation and access to specifically identified, targeted communications or communications metadata on a case-by-case basis, under a specified legal basis. Competent authorities must ensure that all formal requirements are fulfilled and must determine the validity of each specific attempt to access or receive communications or communications metadata, and that each attempt is proportionate in relation to the specific purposes of the case at hand. Communications and communications metadata are inherently sensitive and their acquisition should be regarded as highly intrusive. As such, requests should at a minimum establish a) that there is a very high degree of probability that a serious crime has been or will be committed; b) and that evidence of such a crime would be found by accessing the communications or communications metadata sought; c) other less invasive investigative techniques have been exhausted; and d) that a plan to ensure that the information collected will be only that information reasonably related to the crime and that any excess information collected will be promptly destroyed or returned. Neither the scope of information types, the number or type of persons whose information is sought, the amount of data sought, the retention of that data held by the authorities, nor the level of secrecy afforded to the request should go beyond what is demonstrably necessary to achieve a specific investigation.

Due process: Due process requires that governments must respect and guarantee an individual’s human rights, that any interference with such rights must be authorised in law, and that the lawful procedure that governs how the government can interfere with those rights is properly enumerated and available to the general public.[9]While criminal investigations and other considerations of public security and safety may warrant limited access to information by public authorities, the granting of such access must be subject to guarantees of procedural fairness. Every request for access should be subject to prior authorisation by a competent authority, except when there is imminent risk of danger to human life. [10]

User notification: Notwithstanding the notification and transparency requirements that governments should bear, service providers should notify a user that a public authority has requested his or her communications or communications metadata with enough time and information about the request so that a user may challenge the request. In specific cases where the public authority wishes to delay the notification of the affected user or in an emergency situation where sufficient time may not be reasonable, the authority should be obliged to demonstrate that such notification would jeopardize the course of investigation to the competent judicial authority reviewing the request. In such cases, it is the responsibility of the public authority to notify the individual affected and the service provider as soon as the risk is lifted or after the conclusion of the investigation, whichever is sooner.

Transparency about use of government surveillance: The access capabilities of public authorities and the process for access should be prescribed by law and should be transparent to the public. The government and service providers should provide the maximum possible transparency about the access by public authorities without imperiling ongoing investigations, and with enough information so that individuals have sufficient knowledge to fully comprehend the scope and nature of the law, and when relevant, challenge it. Service providers must also publish the procedure they apply to deal with data requests from public authorities.

Oversight: An independent oversight mechanism should be established to ensure transparency of lawful access requests. This mechanism should have the authority to access information about public authorities' actions, including, where appropriate, access to secret or classified information, to assess whether public authorities are making legitimate use of their lawful capabilities, and to publish regular reports and data relevant to lawful access. This is in addition to any oversight already provided through another branch of government such as parliament or a judicial authority. This mechanism must provide – at a minimum – aggregate information on the number of requests, the number of requests that were rejected, and a specification of the number of requests per service provider and per type of crime. [11]

Integrity of communications and systems: It is the responsibility of service providers to transmit and store communications and communications metadata securely and to a degree that is minimally necessary for operation. It is essential that new communications technologies incorporate security and privacy in the design phases. In order, in part, to ensure the integrity of the service providers’ systems, and in recognition of the fact that compromising security for government purposes almost always compromises security more generally, governments shall not compel service providers to build surveillance or monitoring capability into their systems. Nor shall governments require that these systems be designed to collect or retain particular information purely for law enforcement or surveillance purposes. Moreover, a priori data retention or collection should never be required of service providers and orders for communications and communications metadata preservation must be decided on a case-by-case basis. Finally, present capabilities should be subject to audit by an independent public oversight body.

Safeguards for international cooperation: In response to changes in the flows of information and the technologies and services that are now used to communicate, governments may have to work across borders to fight crime. Mutual legal assistance treaties (MLATs) should ensure that, where the laws of more than one state could apply to communications and communications metadata, the higher/highest of the available standards should be applied to the data. Mutual legal assistance processes and how they are used should also be clearly documented and open to the public. The processes should distinguish between when law enforcement agencies can collaborate for purposes of intelligence as opposed to sharing actual evidence. Moreover, governments cannot use international cooperation as a means to surveil people in ways that would be unlawful under their own laws. States must verify that the data collected or supplied, and the mode of analysis under MLAT, is in fact limited to what is permitted. In the absence of an MLAT, service providers should not respond to requests of the government of a particular country requesting information of users if the requests do not include the same safeguards as providers would require from domestic authorities, and the safeguards do not match these principles.

Safeguards against illegitimate access: To protect individuals against unwarranted attempts to access communications and communications metadata, governments should ensure that those authorities and organisations who initiate, or are complicit in, unnecessary, disproportionate or extra-legal interception or access are subject to sufficient and significant dissuasive penalties, including protection and rewards for whistleblowers, and that individuals affected by such activities are able to access avenues for redress. Any information obtained in a manner that is inconsistent with these principles is inadmissible as evidence in any proceeding, as is any evidence derivative of such information.

Cost of surveillance: The financial cost of providing access to user data should be borne by the public authority undertaking the investigation. Financial constraints place an institutional check on the overuse of orders, but the payments should not exceed the service provider’s actual costs for reviewing and responding to orders, as such would provide a perverse financial incentive in opposition to user’s rights.

Signatories

Organisations

Article 19 (International)
Bits of Freedom (Netherlands)
Center for Internet & Society India (CIS India)
Derechos Digitales (Chile)
Electronic Frontier Foundation (International)
Privacy International (International)
Samuelson-Glushko Canadian Internet Policy and Public Interest Clinic (Canada)
Statewatch (UK)

Individuals

Renata Avila, human rights lawyer (Guatemala)

Footnotes

[1]For more information about the background to these principles and the process undertaken, see https://www.privacyinternational.org/blog/towards-international-principles-on-communications-surveillance
[2]Universal Declaration of Human Rights Article 12, United Nations Convention on Migrant Workers Article 14, UN Convention of the Protection of the Child Article 16, International Covenant on Civil and Political Rights, International Covenant on Civil and Political Rights Article 17; regional conventions including Article 10 of the African Charter on the Rights and Welfare of the Child, Article 11 of the American Convention on Human Rights, Article 4 of the African Union Principles on Freedom of Expression, Article 5 of the American Declaration of the Rights and Duties of Man, Article 21 of the Arab Charter on Human Rights, and Article 8 of the European Convention for the Protection of Human Rights and Fundamental Freedoms; Johannesburg Principles on National Security, Free Expression and Access to Information, Camden Principles on Freedom of Expression and Equality.
[3]Martin Scheinin, “Report of the Special Rapporteur on the promotion and protection of human rights and fundamental freedoms while countering terrorism,” p11, available at http://www2.ohchr.org/english/issues/terrorism/rapporteur/docs/A_HRC_13_37_AEV.pdf. See also General Comments No. 27, Adopted by The Human Rights Committee Under Article 40, Paragraph 4, Of The International Covenant On Civil And Political Rights, CCPR/C/21/Rev.1/Add.9, November 2, 1999, available at http://www.unhchr.ch/tbs/doc.nsf/0/6c76e1b8ee1710e380256824005a10a9?Opendocument.
[4]Communications metadata may include information about our identities (subscriber information, device information), interests, including medical conditions, political and religious viewpoints (websites visited, books and other materials read, watched or listened to, searches conducted, resources used), interactions (origins and destinations of communications, people interacted with, friends, family, acquaintances), location (places and times, proximities to others); in sum, logs of nearly every action in modern life, our mental states, interests, intentions, and our innermost thoughts.
[5]For example, in the United Kingdom alone, there are now approximately 500,000 requests for communications metadata every year, currently under a self-authorising regime for law enforcement agencies, who are able to authorise their own requests for access to information held by service providers. Meanwhile, data provided by Google’s Transparency reports shows that requests for user data from the U.S. alone rose from 8888 in 2010 to 12,271 in 2011.
[6]See as examples, a review of Sandy Petland’s work, ‘Reality Mining’, in MIT’s Technology Review, 2008, available at http://www2.technologyreview.com/article/409598/tr10-reality-mining/ and also see Alberto Escudero-Pascual and Gus Hosein, ‘Questioning lawful access to traffic data’, Communications of the ACM, Volume 47 Issue 3, March 2004, pages 77 - 82.
[7]Report of the UN Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression, Frank La Rue, May 16 2011, available at http://www2.ohchr.org/english/bodies/hrcouncil/docs/17session/a.hrc.17.27_en.pdf
[8]The Global Network Initiative establishes standards to help the ICT sector protect the privacy and free expression of their users. See http://www.globalnetworkinitiative.org/
[9]As defined by international and regional conventions mentioned above.
[10]Where judicial review is waived in such emergency cases, a warrant must be retroactively sought within 24 hours.
[11]One example of such a report is the US Wiretap report, published by the US Court service. Unfortunately this applies only to interception of communications, and not to access to communications metadata. See http://www.uscourts.gov/Statistics/WiretapReports/WiretapReport2011.aspx. The UK Interception of Communications Commissioner publishes a report that includes some aggregate data but it is does not provide sufficient data to scrutinise the types of requests, the extent of each access request, the purpose of the requests, and the scrutiny applied to them. See http://www.intelligencecommissioners.com/sections.asp?sectionID=2&type=top.

For more details visit https://cis-india.org/internet-governance/blog/draft-intl-principles-on-communications-surveillance-and-human-rights

Statement of Solidarity on Freedom of Expression and Safety of Internet Users in Bangladesh

pranesh — 2013-01-15T11:51:44Z

This is a statement on the violent attack on blogger Asif Mohiuddin by the participants to the Third South Asian Meeting on the Internet and Freedom of Expression that took place in Dhaka, Bangladesh, on January 14–15, 2013.

Bangladeshi blogger Asif Mohiuddin was brutally attacked in a stabbing last evening. His condition is currently said to be critical. Violent attacks on mediapersons have led to at least four deaths in the past year. This trend is now extending to those writing online.

It is the duty of societies at large to ensure that principles we universally consider sacrosanct, such as the right to life and liberty and of freedom of expression are in fact ideas, and of the government to actively protect the rights guaranteed under the Constitution of Bangladesh and to ensure they are not just words on paper.

Article 39 of the Constitution of Bangladesh—and Article 19 of the Universal Declaration of Human Rights—guarantee both the freedom of thought and conscience, as well as the right of every citizen of freedom of speech and expression, and freedom of the press.

Article 32 of the Constitution of Bangladesh—and Article 3 of the Universal Declaration of Human Rights—guarantee that no person shall be deprived of life or personal liberty except by law.

The attack on Asif Mohiuddin constitutes a violation these fundamental principle by criminals, and we request the government to act decisively to show it will not tolerate such violations.

Reporters Without Borders note that "the ability of those in the media to work freely has deteriorated alarmingly in Bangladesh, which is now ranked 129th of 179 countries in the 2011-2012 World Press Freedom Index".

In general, the situation of those working as non-professional 'citizen journalists' is even worse. In a 2010 report, the UN Special Rapporteur wrote:

"Citizen journalists are by nature more isolated, they are more vulnerable to attack than professional journalists. However, citizen journalists enjoy less protection than their counterparts in traditional media, as they do not have the support of media organizations and networks, in particular the organizational resources, including lawyers and financial resources, which can help shield them from harassment."

This reality of greater vulnerability is equally applicable to those who do not self-identify as 'citizen journalists', but use social media to express unpopular opinions.

Keeping this in mind, we call upon the government on Bangladesh to carry out swift investigations into this particular incident and bring the perpetrators to justice, and to grant greater legal support to citizen journalists and ensure better protections for all those who use the Internet as a means of expression.

For more details visit https://cis-india.org/internet-governance/blog/statement-of-solidarity-asif-mohiuddin

7th India Digital Summit 2013

praskrishna — 2013-02-13T06:32:31Z

This summitt organised by Internet and Mobile Association of India is being held in New Delhi from January 16 to 17, 2013 at the Lalit Hotel

Sunil Abraham is the moderator for Plenary Session 3: Discussion on Social Media – Freedom, Moderation or Regulation.

Click to download the agenda

Theme of the Summit

951 million mobile users with 448 million mobile data subscribers; 137 million Internet users and rural Internet growing 7x in the last two years make India one of the top three digital markets in the world. One of only top two at this scale with free market economy democratic polity; and the only one where there is still headroom for growth. The time to invest in Digital India is now.

By 2020 riding on a government investment of 4 billion USD [roughly 10 billion USD on PPP terms] Internet users is expected to be 600 million; and mobile would possibly penetrate 100% of rural India creating the largest free economy digital market in the world.

The Digital Opportunity now and in the next 5 years in India is explosive. And the need to create a Digital Economy on scale is a developmental necessity. The opportunity, however, lies in addressing the current challenges of the ability to provide: low cost connectivity, universal access, usable content, secure networks, affordable devices and enabling policy.

Building on the theme of “Creating the World’s Largest Free Market Digital Economy” the 7th India Digital Summit will focus on five tracks: Infrastructure, Regulatory Frameworks, Services & Content, Entrepreneurship / Innovation and Business 3.0.

Webcast of the Event

Day 1, January 16, 2013

Inaugural
Welcome Address Mr. Hitesh Oberoi, Chairman, IAMAI & Co-Founder and Chief Executive Officer, Info Edge India Limited Address by Chief Guest Mr. Montek Singh Ahluwalia, Deputy Chairman, Planning Commission, Government of IndiaKeynote Address by Mr. R Chandrashekhar, Chairman (TC) & Secretary , Department of Telecommunications, Ministry of Communications and IT
Plenary Session 1: 1000 digital startups a year: How to make it happen?
Session Chair and presenter: Mr. Satyan Gajwani, CEO, Times Internet Presenter ‐ Mr. Mahesh Murthy, Founder, Pinstorm and Co-founder, Seedfund Mr. Manish Vij, Founder, VUN Network Mr. Pranay Gupta, Joint CEO, Centre for Innovation Mr. Rajesh Sawhney, Founder, GSF Accelerator & Superangels Mr. Mukund Mohan, CEO in Residence, Microsoft Startup Accelerator
Business track Topic: Importance of Creativity to Digital Advertising
Session Chair and presenter Neville Taraporewalla, Sr. Director - Emerging Markets\| India, Malaysia,Thailand & Korea, Advertising and Online, Microsoft Discussion: M Mohit Hira, Senior Vice President & Regional Business Leader-Airtel, JWT Vineet Gupta, Managing Partner, 22feet Communications Arun Sharma, VP Marketing - Head Media & Rural, Bharti Airtel Vikas Tandon, Managing Director, Indigo Consulting Aditya Save, Head-Media & Digital Marketing, Marico Audience Interaction
“Lowering the barrier for mobile web - for both operators and users”
Keynote Address by Mr. Peter Panait Løjmand, Senior Vice President, Opera Software Interaction with Mr. Sanjay Goyal, Chief Executive Officer, ACL Wireless
Plenary Session 2: Cloud – Leveraging the Cloud for Business Efficiency
Session Chair and presenter Mr. Manoj Chugh, Regional President, Global Accounts-APJ, EMC Presenters: Mr. Manav Khanna, Sr. Consultant –Enterprise Security, SafeNet Inc. Mr. Jasminder Singh Gulati, Co-founder and Chief Executive Officer, Nowfloats Mr. Ravi Shankar, Chief Executive Officer, Nevales Networks Mr. Mandar Kulkarni, Vice President, Solution Engg & Pvt. Cloud Practice, Netmagic Mr. Balaka Baruah Aggarwal, Business Evangelist, Amazon Web Services Mr. Jaydeep Nargund, Head Services-India, AKAMAI Mr. Vivek Ravindran, Director-Core & App Platform, Microsoft
Email Marketing Roundtable with juvlon
Email Marketing in the Year of the Snake - 2013 Presented by Mr. Naresh Bhagtani, CEO, Juvlon, Niche Software
“Unique Identity and Its Positive Externalities for Inclusiveness"
Keynote Address by Mr. Nandan Nilekani , Chairman, UAIDI Interaction with Mr. Shubhashis Gangopadhyay, IDF research
“Bharat Broadband [NOFN]: Going extra mile with public investment”
Keynote Address by Mr. Sam Pitroda Interaction with Mr. Lalitesh Katragadda, Country Head-India Products, Google
Plenary Session 3: Discussion on Social media – Freedom, moderation or regulation
Session Chair & Moderator: Sunil Abraham, Executive Director, The Centre for Internet and Society
Discussion with: Rajesh Kalra, Chief Editor, Times Internet R Sukumar, Managing Editor, Mint Shivam Vij, Kafila.org
Track 3: The last mile of customer connect: m-Engagement from OPENHOUSE
Presenter: Mr. Ankit Singh, Senior Manager, Enterprise mobility, IMI Mobile Mr. Ramesh Raman , Senior manager, Marketing, IMI Mobile

Day 2, January 17, 2013

“Future of Apps and their Monetization”
Keynote Address by Mr. Ilja Laurs, Founder and Chairman, GetJar Moderated by : Mr. Kiruba Shankar
“Communications challenges in the age of Social media”
Keynote address by Dr Shashi Tharoor, Minister of State for Human Resource Development, Government of India Interaction with audience Moderated by Mr. R Jagannanthan
Track 4: CXOs Closed door discussion on Local Language – The Game Changer
Session moderated by Gyan Gupta, Chief Operating Officer, Dainik Bhaskar; Address by speakers Mr. Arvind Pani, Co-founder, Reverie language Technologies Mr. Ajay Gallwale, Founder, Maayboli Mr. C Mathew, DGM (Marketing), Malayala Manorama Mr. Manoj Gupta, Head, VAS & Applications, Micromax Audience Interaction Summarising by Moderator
Start-Up Unconference
A peer to peer, informal sharing of views between new entrepreneurs and start-ups of our industry
Chaired by: Mr. Sanjiv Bikhchandani, Founder and Executive Vice Chairman, Infoedge Moderator by: Kiruba Shankar
Plenary Session 5: Discussion on e-Commerce 2.0– Emerging trend
Session Chair & Moderator: Mr. Avnish Bajaj, Managing Director, Matrix Partners In Discussion with: Mr. Alok Mittal, Managing Director, Canaan Patners India Mr. Sachin Bansal, Co-founder & CEO, Flipkart Mr. Sundeep Malhotra, Chief Executive Officer, HomeShop18 Mr. Muralikrishnan B, Country Manager, eBay Mr. Mukesh Bansal, Founder, Myntra.com Mr. Ankur Warikoo, Chief Executive Officer, Groupon India
Plenary Session 6: Marketers Viewpoint – Online and Mobile Marketing
Session Chair: Mr. Upen Rai, Chief Operating Officer and Executive Director, AntFarm Presenters: Mr. Sanjay Tripathy, EVP - Head Marketing, Products and Direct Channels - HDFC Life Mr. Manish Kalra, Chief Marketing Officer, Makemytrip Mr. Vinay Bhatia, Customer Care Associate and VP - Marketing and Loyalty, Shoppers Stop Mr. Samil Malhotra, Vice President Sales and Marketing. The Lalit Suri Hospitality Group Mr. Manu Kumar Jain, Co-founder & Managing Director, Jabong
Plenary Session 7: Interaction: Attracting and retaining talent for Digital Industry
Thought sharing by Industry Leaders Interaction between Industry leaders and Students Industry Leaders: Mr. Sanjiv Bikhchandani, Founder and Executive Vice Chairman, Infoedge Mr. Deep Kalra, Founder and Chief Executive Officer, Makemytrip Mr. Anupam Mittal, Founder and Chief Executive Officer, People Group Mr. Dinesh Agarwal, Founder and Chief Executive Officer, IndiaMART Mr. Neville Taraporewalla, Sr. Director , Emerging Markets-India, Malaysia, Thailand & Korea, Advertising and Online, Microsoft Student Entrepreneurs: FMS IMT Ghaziabad IITD Moderated by Kiruba Shankar
India Digital Award Ceremony

For more details visit https://cis-india.org/news/7th-india-digital-summit-2013

Third South Asian Meeting on the Internet and Freedom of Expression

praskrishna — 2013-01-17T07:16:58Z

Internet Democracy Project, Voices for Interactive Choice & Empowerment and Global Partners & Associates are organizing this event in Dhaka on January 14 - 15, 2013.

Pranesh Prakash is moderating the session on "Understanding cyber security and surveillance in South Asia today". Chinmayi Arun is speaking in this panel.

The Third South Asian Meeting on the Internet and Freedom of Expression seeks to address the question of how freedom of expression on the Internet is best protected by taking as its starting point two of the biggest challenges for freedom of expression online in South Asia today: hate speech online on the one hand, and cyber security and surveillance on the other.

The meeting seeks to investigate how these challenges affect freedom of expression on the Internet as well as how they can be addressed most effectively while protecting free speech online. It will also touch briefly on the important question of what kind of Internet governance processes are most likely to ensure the desired outcomes materialise.

A very short history of the South Asian Meeting on the Internet and Freedom of Expression
The first South Asian Meeting on the Internet and Freedom of Expression took place in March 2011 in Delhi, and mapped the many challenges for free speech online in our region, as an input into the report on the Internet and freedom of expression of UN Special Rapporteur on Freedom of Expression, Mr. Frank La Rue.

The second South Asian Meeting, in Kathmandu in November 2011, assessed the extent to which policy and regulation in the South Asian countries complied with the recommendations Mr. La Rue made in his report.

This third meeting will now build on these earlier efforts by bringing together experts from civil society, business, the research community and other stakeholder groups from across the region to discuss two of the biggest shared challenges for freedom of expression online in South Asia today in detail: the rising visibility of hate speech on the one hand, and the impact of discourses regarding cyber security and surveillance on the other.

Why focus on hate speech and security/surveillance now?
Since UN Special Rapporteur on Freedom of Expression, Mr. Frank La Rue, presented his report on the Internet and freedom of expression to the UN Human Rights Council in June 2011, the complexity of this topic has received growing recognition. However, not all trends that La Rue had pointed out as directly affecting freedom of expression online – from access to the Internet to cyber attacks – are equally important in the South Asian region. Detailed analysis in several South Asian countries has shown that, though Internet penetration rates remain fairly low, most countries do possess, for example, the political will crucial to improve these figures. The two trends that seem to be of greatest concern in our region are that of the fight against hate speech, and the impact on freedom of expression of cyber security and surveillance measures. The latter is foregrounded for a variety of reasons ranging from the safety of individual users to national security.

Incidentally, across the region, as in many parts of the world, hate speech and cyber security have also been among the most important reasons governments have quoted to justify greater government control over the Internet. At the national level, this has at times manifested itself through the approval and implementation of legislation that has far-reaching consequences for freedom of speech online, without consulting many of the stakeholders who are affected at any point in time. At the global level, we see a growing number of proposals by governments that would effectively expand their collective powers to regulate the Internet, though with varying levels of involvement of other stakeholders envisioned.

Yet while governments' intentions when imposing censorship or approving surveillance measures may at times be in doubt, it is difficult to deny that the Internet has facilitated a new proliferation of hate speech, as well as that it has thrown up new security challenges that couldn't even be imagined before.

It is therefore our contention that the challenges of hate speech online and of ensuring cyber security in our region are real, and need to be addressed head-on if we are to strengthen and protect the right to freedom of expression online. For this reason, the meeting seeks to investigate both the precise nature of these challenges and what Internet governance mechanisms we need to evolve to ensure that they can be addressed most effectively whilst upholding and strengthening the right to freedom of expression. If we are to take the challenges the threats of hate speech and cyber security policy embody seriously yet also aim to uphold and strengthen the right to freedom of expression online, then what are the solutions we require? And who will need to be responsible for implementing them?

Participants
Taking into account the many parallels in the shape problems of hate speech and cyber security and surveillance take across the South Asian region as a result of shared cultures and historical legacies alike, participants will be invited from Bangladesh, India, Nepal, Pakistan, Afghanistan, Sri Lanka and the Maldives. Moreover, as solutions to these problems will invariably require collaboration among various stakeholders in the Internet governance field in order to be effective, participants will be drawn from a wide variety of stakeholder groups, including civil society, business, government, academia and the media from across the region. In this way, the meeting hopes tofacilitate a South Asia wide, multistakeholder dialogue, to learn, discuss and evolve more detailed thinking on these topics for one and a half days. The meeting will come to an end with a public event at the end of the second day.

The meeting will use a variety of formats, including key note presentations, panel discussions, case studies and small group conversations.

Agenda

January 14, 2013

9.00-09.45	Welcome and introductions to participants
09.45-10.15	Introduction to the meeting: the challenge that hate speech online and cyber security/surveillance pose to freedom of expression on the Internet – Dixie Hawtin Intro: Internet governance and human rights issues in general Why is this event focussed on hate speech and surveillance?
10.15-10.45	Tea/coffee break
10.45-12.15	The challenge of hate speech on the Internet in South Asia Strengthening the right to freedom of expression to curtail hate speech (Anja Kovacs) Three country perspectives, from the Maldives (Mariyath Mohamed), Pakistan (tbc), and Bangladesh (Salim Khan) Moderator: Bishakha Datta
12.15-13:30	Lunch
13.30-14.00	Keynote: Thinking about a rights-based approach to cyber security and surveillance as it relates to speech – KS Park
14.00-15.30	Understanding cyber security and surveillance in South Asia today With Three country perspectives from Bangladesh (Mohammad Rahman), Nepal (Kailash Prasad Neupane) and India (Chinmayi Arun). Moderator: Pranesh Prakash
15.30-16:00	Tea/coffee break
16.00-17.30	Legal and ethical questions and challenges when addressing cyber security and surveillance: two case studies – Rohan Samarajiva

January 15, 2013

9.00-9.15	Introduction to day 2
9.15-9.45	Cybersecurity, surveillance and hate speech online – key issues that need to be addressed in governance in order to protect Internet freedom of expession. This session will discuss particular issues that have relevance for both cyber security debates and hate speech issues in greater depth. Four topics that will be addressed are: The question of anonimity (KS Park) Cross-border cooperation and other jurisdictional issues in context of cloud computing and crossborder data flows and storage (Aditya Rao) Domain Names and registration (Babu Ram Aryal) Intermediaries as law enforcers (Suman Pradhan) Moderator: Shahzad Ahmed
10.45-11.00	Tea/coffee break
11.00-13.00	What kind of solutions could a rights-based approach throw up to the challenges raised so far in the meeting? Open discussion in groups and plenary, following key note speaker, Bulbul Monjurul Ahsan
13.00-13.30	Summing up and thank you
13.30-15.00	Lunch
15:00 – 16:00	Meeting participants move to venue for public meeting, tea/coffee break and arrival of wider public
16.00-18.30	PUBLIC EVENT: The Internet and freedom of expression Confirmed speakers include: Abu Taher, Info Commissioner; Iftekharuzzaman, Executive Director, Transparency International Bangladesh; Sarah Hossain, Lawyer and Honorary Executive Director, BLAST; Shaheen Anam, Executive Director, Manusher Jonno Foundation; Monjurul Ahsan Bulbul, eminent journalist and CEO, Boishakhi Television; and Rohan Samarajiva, Chair and CEO, LIRNEasia.

List of Participants

Aditya Rao, Senior Associate, Amarchand Mangaldas, India
Ahmed Swapan, Executive Director, VOICE, Bangladesh
Amrit Pant, General Secretary, Computer Association of Nepal & President, Information Technology Development Society, Nepal
Anja Kovacs, Project Director, Internet Democracy Project, India
Babu Ram Aryal, President, Internet Society, Nepal Chapter, Nepal
Binaya Guragain, Coordinator of Programs, Equal Access, Nepal
Bishakha Datta, Wikimedia Foundation Board Member & Co-founder, Point of View, India
Chinmayi Arun, Assistant Professor, National Law University Delhi & Fellow, Centre for Internet and Society, India.
Dixie Hawtin, Project Manager for Digital Communications and Freedom of Expression, Global Partners and Associates, UK
Farhana Rumki, Associate Programme Coordinator, VOICE, Bangladesh
Kailash Prasad Neupane, Chief of Legal Section, Spokesperson, Secretary and Registrar, Nepal Telecommunications Authority, Nepal
Khairuzzaman Kamal, Founder Secretary General of Bangladesh Manobadhikar Sangbadik Forum & Senior Reporter at Bangladesh Sangbad Sangstha, Bangladesh
Khawaza Mainuddin, Executive Editor, ICE Business Times Magazine, Bangladesh
K S Park, Executive Director, the PSPD Public Interest Law Center & Professor, Korea University Law School, South Korea
Mariyath Mohamed, Journalist, Minivan News, Maldives
Mohammad Nazmuzzaman Bhuian Emon, Associate Professor, Department of Law, University of Dhaka, Bangladesh
Mohammad Shahriar Rahman, Assistant Professor, Department of Computer Science and Engineering, University of Asia Pacific & Head, Center for IT Security and Privacy, Bangladesh
Moiyen Zalal Chowdhury, Community Manager, Somewhere.In & Norad Fellow,Bangladesh
Monjurul Ahsan Bulbul, Chair, International Press Institute & Editor-in-chief and CEO,Boiskakhi TV, Bangladesh
Pranesh Prakash, Policy Director, Centre for Internet and Society, India
Prasanth Sunganathan, Counsel, Software Freedom Law Centre, India
Rezaur Rahman Lenin, Research Fellow, VOICE, Bangladesh
Richa Kaul Padte, Writer, India
Rohan Samarajiva, Chair and CEO, LIRNEasia, Sri Lanka
Saleem Samad, Columnist & Correspondent at Reporters without Borders, Bangladesh
Salimullah Khan, Writer and Professor, Stamford University, Bangladesh
Sana Saleem, Director, Bolo Bhi, Pakistan
Santosh Sigdel, Advocate and Vice President, Internet Society, Nepal Chapter, Nepal
Shahzad Ahmed, Country Director, Bytes for All, Pakistan
Shehla Rashid Shora, Project Officer, Internet Democracy Project, India
Shehnaz Banu, Media and Communication Officer, Alliance for Social Dialogue, Bangladesh
Soheil Zafar, Editor, Unmochan Blog & TV Producer and Researcher, 71 Television, Bangladesh
Suman Lal Pradhan, CEO, Websurfer, Nepal
Sushma Luthra, Event Coordinator, India
Syeda Fedous Jana, Managing Director and Co-Founder of Somewhere.In, Bangladesh
Tahmina Rahman, Director Bangladesh and South Asia Region, Article 19, Bangladesh
Vasana Wickremasena, Executive Director, Centre for Integrated Communication Research and Advocacy, Sri Lanka

For more details visit https://cis-india.org/news/third-south-asian-meeting-on-internet-and-freedom-of-expression

No Civil Society Members in the Cyber Regulations Advisory Committee

pranesh — 2013-01-09T17:56:57Z

The Government of India has taken our advice and reconstituted the Cyber Regulations Advisory Commitee. But there is no representation of Internet users, citizens, and consumers — only government and industry interests.

In multiple op-eds (Indian Express and Mint), I have pointed out the need for the government to reconstitute the "Cyber Regulations Advisory Committee" (CRAC) under section 88 of the Information Technology Act. That it be reconstituted along the model of the Brazilian Internet Steering Committee was also part of the suggestions that CIS sent to the government after a meeting FICCI had convened along with the government on September 4, 2012.

Section 88 requires that people "representing the interests principally affected" by Internet policy or "having special knowledge of the subject matter" be present in this advisory body. The main function of the CRAC is to advise the the Central Government "either generally as regards any rules or for any other purpose connected with this Act".

Despite this important function, the CRAC had — till November 2012 — only ever met twice, both times in 2001. The response to an RTI informed us that the body had never provided any advice to the government.

Government Not Serious

The increasing pressure on the government for botching up Internet regulations has led it to reconstitute the CRAC. However, the list of members of the committee shows that the government is not serious about this committee representing "the interests primarily affected" by Internet policy.

Importantly, this goes against the express wish of the Shri Kapil Sibal, the Union Minister for Communications and IT, who has repeatedly stated that he believes that Internet-related policymaking should be an inclusive process. Most recently, at the 2012 Internet Governance Forum he stated that we need systems that are:

"collaborative, consultative, inclusive and consensual, for dealing with all public policies involving the Internet"

Interestingly, despite the Hon'ble Minster verbally inviting civil society organizations (on November 23, 2012) for a meeting of the CRAC that happened on November 25, 2012, the Department of Electronics and Information Technology refused to send us invitations for the meeting. This hints at a disconnect between the political and bureaucratic wings of the government, at least at some levels.

Interestingly, this isn't the first time this has been pointed out. Na. Vijayashankar was levelling similar criticisms against the CRAC way back in August 2000 when the original CRAC was constituted.

Breakdown by Stakeholder Groupings

While there is no one universal division of stakeholders in Internet governance, but four goups are widely recognized: governments (national and intergovernmental), industry, technical community, and civil society. Using that division, we get:

Government - 15 out of 22 members
Industry bodies - 6 out of 22 members
Technical community / Academia - 1 out of 22 members
Civil society - 0 out of 22 members.

List of Members of Cyber Regulatory Advisory Committee

The official notification (G.S.R. 827(E)) is available on the DEIT website and came into force on November 16, 2012.

(Note: Names with ~~strikethroughs~~ have been removed from the CRAC since 2000, and those with emphasis have been added.)

Minister, Ministry of Communication and Information Technology - Chairman
Minister of State, Ministry of Communications and Information Technology - Member
Secretary, Ministry of Communication and Information Technology, Department of Electronics and Information Technology - Member
Secretary, Department of Telecommunications - Member
~~Finance Secretary - Member~~
Secretary, Legislative Department - Member
Secretary, Department of Legal Affairs - Member
~~Shri T.K. Vishwanathan, Presently Member Secretary, Law Commission - Member~~
Secretary, Ministry of Commerce - Member
Secretary, Ministry of Home Affairs - Member
Secretary, Ministry of Defence - Member
Deputy Governor, Reserve Bank of India - Member
Information Technology Secretary from the states by rotation - Member
Director, IIT by rotation from the IITs - Member
Director General of Police from the States by rotation - Member
President, NASSCOM - Member
President, Internet Service Provider Association - Member
Director, Central Bureau of Investigation - Member
Controller of Certifying Authority - Member
Representative of CII - Member
Representative of FICCI - Member
Representative of ASSOCHAM - Member
President, Computer Society of India - Member
Group Coordinator, Department of Electronic and Information Technology - Member Secretary

For more details visit https://cis-india.org/internet-governance/blog/cyber-regulations-advisory-committee-no-civil-society

Response to RTI on Decisions of the Cyber Regulation Advisory Committee

pranesh — 2013-01-09T15:26:26Z

The Department of Electronics & Information Technology, Ministry of Communications & Information Technology responded to a right to information (RTI) application filed by Saket Bisani on behalf of the Centre for Internet & Society on July 13, 2012 through notification No. 14(110)/2012-ESD, dated October 3, 2010.

No. 14(110)/2012-ESD
M/o Communiciations & Information Technology
Department of Electronics & Information Technology
Electronics Niketan, 6, CGO Complex
New Delhi-110003

Dated:3.10.2012

Subject: RTI application received from Shri Saket Biswani

With reference to your RTI application dated 13.7.12 requesting for the following information.

Question

a) Please provide me a list of the dates of each meeting of the CRAC held from October 18, 2000 till July 13, 2012?

b) Please provide me copies of the minutes of every meeting held by the Cyber Regulation Advisory Committee from October 18, 2000 till July 13, 2012.

c) Provide me the list of all policy decisions that the CRAC has advised the Central Government on under section 88(3) (a) of the Information Technology.

d) Provide me a list of all policy decisions that the CRAC has advised the Central Government on under section 88(3)(a) of the Information Technology Act, 2000.

The information as received from the custodian of the information is placed below:

Answer

a) The meetings of CRAC were held on 6^th March, 2001 and 17-18 March, 2001.

b) Minutes of these two meetings of CRAC are attached.

c) No such advice was given by CRAC to DeitY under section 88(3)(a).

d) Information is attached.

(A.K. Kaushik)
Additional Director & CPIO
(E-Security & Cyber Laws)

To: Shri Saket Bisani
No. 194, 2^nd 'C' Cross,
Domlur 2^nd Stage
Bangalore-560 071

Minutes of the First Meeting of the Cyber Regulation Advisory Committee (CRAC) held on March 6, 2001, at Electronics Niketan, under the Chairmanship of Hon’ble Minister* (IT) Shri Pramod Mahajan.

(List of Participants enclosed as Annexure-A)

The chairman welcomed the participants to the First Meeting of the Committee. In his opening remarks he hoped that the Committee would play a constructive role in the implementation of the Information Technology Act.
While introducing the Agenda (circulated ahead of the meeting), Controller of Certifying Authorities (CCA) made a short presentation on proposed "Regulation.; under section 89 of the IT Act" consisting of 18 proposed Regulations, Smart Card as token carrying Keys, and various suggested Amendments to the IT ACT 2000.
During the ensuing discussions, participants sought some time to study and collate associated inputs from their respective colleagues/specialists before offering any concrete suggestions/recommendations. Chairman agreed to the suggestions and postponed the meeting to 11:00 AM on the March 17, 2001 at the same venue. Based on the recommendation of Secretary (IT), members were requested to forward their inputs, if any, through e-mail within a weeks time to the following:

For Regulations wider section 89 of IT Act	For amendments to IT Act 2000
Shri K.N. Gupta (CCA) Room No. 4006, Electronics Niketan 6 CGO Complex New Delhi 110003 e-mail:kgupta@mit.gov.in Tele: 436 3073 Fax: 439 5982	Shri A.B. Saha (Member Secretary) Room No. 2055, Electronics Niketan 6 CGO Complex New Delhi 110003 e-mail:saha@mit.gov.in Tele: 436 0958 Fax: 436 2924

Meeting ended with a vote of thanks to the Chair.

Minutes of the Second Meeting of the Cyber Regulation Advisory Committee (CRAC) held on 17-18 March, 2001 at Electronics Niketan, New Delhi under the Chairmanship of Hon'ble Minister (IT), Shri Pramod Mahajan.

(List of Participants enclosed as Annexure-A)

The chairman welcomed the participants to the second meeting of the Committee to consider further the draft regulations proposed by the Controller of Certifying Authority (CCA). ' " ~
During the ensuing discussions, following general recommendations/decisions were arrived at governing the overall formulation of the regulations that are necessary to bring about infrastructure facilitating activities envisaged under the IT Act 2000:

a) Any regulation to be framed by the Controller draws its authority only from Section 89(2) of the Act. Moreover, such regulations should complement the Rules already framed under the Section 87 of the Act.

b) To keep pace with the changing technology and standards, CCA may publicly notify/modify necessary specifications of technology, standards and procedures at regular interval (say, January of every year). Moreover, to adhere to the "principles of minimal governance", if any particular necessity emerges for inclusion of newer manifestations of any existing standard/technology/procedure, Controller should respond within ninety (90) days after receiving any specific request in writing, failing which it will deemed to have obtained his concurrence.

c) The commercial practices/interests may form the essential pedestal for the certification process. Aspects of cross-certification may preferably be left to the purview of the concerned market forces. However, the necessary interoperability will essentially be "market-driven" and not "authority-driven". This will also ensure that formulated rules and regulations stay in tune with market realities.

d) Strict adherence to open standards should be ensured to avoid emergence of monopoly of any kind.

e) Considering cost sensitiveness of the requisite digital signature certificate, families of technologies varying in convenience, reliability, availability, robustness, etc. may be allowed to inter-operate. However, CCA may undertake public awareness campaign to promote desirable best practices from time to time.

f) The minimal regulations facilitating activities envisaged in the Act is desirable. Some of the proposed provisions can also be ensured in the form of "terms & conditions" governing the operations of Certifying Authorities.

g) Emergence of guidelines governing smooth functioning may be better left to publications brought out by industry associations, public-minded professionals etc. Formulating rules and regulations in these regards should be minimal.

3. After framing the draft compilation of the requisite regulations in accordance with the conventional legal form in terms of content as well as structure with the assistance of the Ministry of Law, the regulations may be brought to the Ministry of Information Technology for approval.

4 The Committee considered the 18 regulations proposed in Agenda Item No.1 and the statement reproduced below contains the decision taken against each proposal.

SI	Item	Conclusions
1	Regulation 1 Standardising on two key-pairs for PKI in the country. Key-pair generation for subscribers by CAs.	Regulation not required. Encryption Key pair not part of the IT Act. Already covered under Rule 3, 4 & 5 of notified CA Rules. Subscriber should be at liberty to bring his key pair that CA may verify before acceptance. (Section 40 of the Act)
2	Regulation 2 Encryption key-pair of subscribers to be maintained by CAs in a database and made available to enforcement and law agencies under directions of the Controller.	Regulation not required. IT Act is silent regarding encryption.
3	Regulation 3 Disclosure Record of CA.	Disclosure may be done every six months. Necessary format for disclosure may be notified from time to time. (Para 2(f) above)
4	Regulation 4 Encryption Key Pair of CA to be made available to the Controller.	Regulation not required in accordance to conclusions against 1 & 2 above.
5	Regulation 5 Cross-Certification with foreign CAs.	As per recommendation 2(c) above.
6	Regulation 6 Terms and Conditions subject to which license shall be issued by the Controller to the prospective CAs.	Can be merged with regulation 11. As per the recommendation mentioned in 2(c) above.
7	Regulation 7 Standards that may be considered for different activities associated with the CAs functions including standardization of contents of the Certificates to be issued by CAs and standardization of the Certificate Revocation List.	As per the recommendation 2(b) above.
8	Regulation 8 Information to be made publicly available by a CA on its website. Notice of suspension or revocation of license.	CA must harness all form of networks and other practical media, and not only Internet, for disclosure to its subscriber and other interested parties.
9	Regulation 9 Standardisation of Certificate Practice Statement.	Agreed.
10	Regulation 10 Compromise of subscribers Digital Signature Key-Pair	Agreed.
11	Regulation 11 Description of classes of Certificates.	Shall be merged with regulation 6 above. In addition to 3 classes of certificates as identified by international bodies, the regulation should be open to additional classes of certificates, if required.
12	Regulation 12 Cross-Certification of CAs.	It should be market-driven. (Recommendation 2(c) above).
13	Regulation 13 Incorporation of Controllers Public Key Certificate as the "root” in all web browsers in the country.	Regulation not required. Need for integrating Controller's root key in the browsers may not be feasible.
14	Regulation 14 Minimum key length for CAs and subscribers.	Agreed for the provision of 1024 bits for subscriber/end-user and 2048 bits for CAs key pair.
15	Regulation 15 Audit of applicants to include manpower audit as well. Liability of CAs towards subscribers on account of their negligence.	Regulation not required. Audit provision has already been covered under Rule 31 of CA rules notified by MIT.
16	Regulation 16 Storage of Key-Pairs of CAs. Distribution of Key-Pairs / Certificates of subscribers by CAs.	Not to be regulated. Recommendation 2(e) above shall be followed.
17	Regulation 17 Documents to be submitted to the Controller along with the application for obtaining license to operate as CA.	Already covered under rule 10 of CA rules notified by MIT. Any additional information can be sought through the recourse of public notices from time to time.
18	Regulation 18 Upon acceptance of PKC by a subscriber, the PKC shall be published by the CA as required under the IT Act for access by the subscribers and relying parties. The CA will ensure the transmission of PKC and CRLs to the National Repository to be maintained by the Controller.	Agreed.

Meeting ended with a vote of thanks to the Chair.

Annexure - A

First sitting of the second meeting of the “Cyber Regulation Advisory Committee” held on 17th March 2001 to consider adjourned agenda of the first meeting held on 6ft March 2001

List of Participants

Sh Pramod Mahajan, Minister, Information Technology - Chairman
Sh.S.C Jain , Secretary, Legislative Department
Sh Vinay Kohli, Secretary, Ministry of Information Technology
Sh. N. Parameswaran, DDG(LR), Department of Telecommunications
Dr. Jaimini Bhagwati, Ministry of Finance
Maj.Gen. M. G. Datar, Addl.D.G, IT, Army HQ, Ministry of Defence
Sh Mukesh Mittal, Dy Secy, Ministry of Home Affairs
Sh T A Khan, Sr. Dir, NIC, Ministry of Commerce
Sh. K.R Ganapathy,CGM-IC,RBI

10. Sh.S.R-Mittal,Adviser,DIT, Reserve Bank of India

11. Sh Dewang Mehta, President, NASSCOM

12. Sh Amitabh Singhal, President, Internet Service Providers Association

13. Sh LN Behra, DIG, Director, Central Bureau of Investigation

14. Sh K N Gupta, Controller of Certifying Authority

15. Sh. Qamar Ahmed. Addl.C.P/Crime, DG Police by rotation from the States

16. Prof. R S Sirohi. I1T Delhi, Director, IIT Delhi

17. Sh.Sanjay Dhawan, ExecDirector,KPMG, Representing CII

18. Sh. M.A.J.Jeyaseelan, Secretary, FICCI

19. Sh. Subimal Bhattacharjee, Vice President ARGUS, Representing ASSOCHAM

20. Sh A B Saha, Senior Director, Ministry of IT - Member Convener

First sitting of the second meeting of the “Cyber Regulation Advisory Committee” held on 18th March 2001 to consider adjourned agenda of the first meeting held on 6ft March 2001

List of Participants

Sh Pramod Mahajan, Minister, Information Technology - Chairman
Sh.N.L. Meenu, Jt. Secretary, Legislative Department
Sh Vinay Kohli, Secretary, Ministry of Information Technology
Sh. N. Parameswaran, DDG(LR), Department of Telecommunications
Dr. Jaimoni Bhagwati, Ministry of Finance
Maj.Gen. M G Datar, Ministry of Defence
Sh Mukesh Mittal, Dy Secy, Ministry of Home Affairs
Sh T A Khan, Sr. Dir, NIC, Ministry of Commerce
Sh. K.R Ganapathy,CGM-IC,RBI

10. Sh Dewang Mehta, President, NASSCOM

11. Sh Amitabh Singhal, President, Internet Service Providers Association

12. Sh LN Behra, DIG, Director, Central Bureau of Investigation

13. Sh K N Gupta, Controller of Certifying Authority

14. Sh. Dinesh Bhatt, Dy. Police Commissioner, Delhi

15. Prof. R S Sirohi. I1T Delhi, Director, IIT Delhi

16. Sh.Sanjay Dhawan, ExecDirector,KPMG, Representing CII

17. Sh. M.A.J.Jeyaseelan, Secretary, FICCI

18. Sh. Subimal Bhattacharjee, Vice President ARGUS, Representing ASSOCHAM

19. Sh A B Saha, Senior Director, Ministry of IT - Member Convener

For more details visit https://cis-india.org/internet-governance/resources/deity-response-to-rti-on-decisions-of-crac

Clash of the cyberworlds

praskrishna — 2013-01-15T06:57:48Z

In an increasingly digital world, the issue of Internet freedom and governance has become hugely contested. Censorship and denial of access occur across the political spectrum of nations, even in liberal democracies.

The article by Latha Jishnu, Dinsa Sachan and Moyna was published in Down to Earth magazine's January 15, 2013 issue. Pranesh Prakash is quoted.

In run-up to the just-concluded World Conference on International Telecommunications in Dubai, there was a frenzied campaign to ensure that governments kept their hands off the Internet. It was feared the International Telecommunications Union, a UN body, was aiming to take control of the Internet. That hasn’t happened. But the outcome in Dubai has highlighted once again the double speak on freedom by countries that claim to espouse it and by corporations interested in protecting their interests, says Latha Jishnu, who warns that the major threat to the Internet freedom comes from the wide-ranging surveillance measures that all governments are quietly adopting. Dinsa Sachan speaks to institutions and officials to highlight the primacy of cyber security for nations, while Moyna tracks landmark cases that will have a bearing on how free the Net remains in India.

For months now a little-known UN agency, the International Telecommunication Union (ITU), has been looming large in cyberspace, portrayed as an evil force plotting to take over the Internet and threatening to destroy its freedom by rewriting archaic regulations. ITU, set up in 1865, is primarily a technical body that administers a 24-year-old treaty, International Telecommunication Regulations (ITRs), which are basic principles that govern the technical architecture of the global communication system.

	How did the 193-nation ITU, which regulates radio spectrum, assigns satellite orbits and generally works to improve telecom infrastructure in the developing world, turn into everyone’s favourite monster in the digital world? The provocation was ITU’s World Conference on International Telecommunications (WCIT) in Dubai, where ITRs were proposed to be revised. Leaked documents of the proposals made to ITU had shown that statist countries like Russia and China, known for their crackdown on Internet freedom, had put forward proposals to regulate digital “crime” and “security” aspects that are currently not regulated at the global level for want of consensus on balancing enforcement with protection of individual rights.

Other proposals were about technical coordination and the setting up of standards that enable all the devices, networks and software across the Internet to communicate and connect with one another. Although ITU secretary general Hamadoun I Touré had emphasised that the Dubai WCIT was primarily attempting to chart “a globally agreed-upon roadmap that offers future connectivity to all, and ensures sufficient communications capacity to cope with the exponential growth in voice, video and data”, there was widespread scepticism among developed countries.

Online subversion in India AT the seventh annual meeting of the Internet Governance Forum in Baku, Azerbaijan, last November, Minister for Communications and Information Technology Kapil Sibal was a star turn. He made an elevating speech about the need to put in place a “collaborative, consultative, inclusive and consensual” system for dealing with policies involving the Internet. India, with 125 million Internet users—a number that “is likely to grow to about half a billion over the next few years”—would be a key player in the cyberworld of tomorrow, he promised. According to the minister, Internet governance was an oxymoron because the concept of governance was for dealing with the physical world and had no relevance in cyberspace. These were high sounding words that crashed against the reality of India’s paranoia over online subversion. For starters, Sibal flew into a media blitz over Google’s transparency Report which ranked India second globally in accessing private details of its citizens. Even if it was a far second behind the US, it was an embarrassing revelation for the government which appears to have been rather enthusiastic in seeking information on the users of its various services. Such user data would include social networking profiles, complete gmail accounts and search terms used. In the first half of 2012, India made 2,319 requests related to 3,467 users compared with 7,969 requests by the US. Globally, Google clocked a total of 20,938 requests for user data. A few days down the line there was a public explosion over the arrest of two young women in Palghar, near Mumbai, for posting a prosaic comment on Facebook over Bal Thackeray’s death. Thanks to the deliberately vague wording of Section 66A of the IT Act, such arrests have become common and Rajya Sabha devoted a whole afternoon to discuss the impugned legislation and seek its withdrawal. Sibal’s response has been to issue guidelines on the use of this Section which civil society organisations say will do nothing to sort out matters. Then there are the IT (Intermediaries Guidelines) Rules, 2011, issued under Section 79 of the IT Act, which have been used indiscriminately by business interests to shut down websites, resulting in unbridled censorship of the Internet time and again. Although a motion for its annulment was moved in Parliament by Rajya Sabha member P Rajeeve, it was withdrawn after Sibal promised to talk to all stakeholders. A host of MPs have termed the rules a violation of right to freedom of speech besides going against the laws of natural justice. The promised meeting of stakeholders has not yielded any results and censorship on grounds of possible online piracy continues. In this regard, India is more restrained than the US which has pulled down huge numbers of domains on the ground they were violating intellectual property by selling pirated goods.

Western global powers, behemoth Internet companies, private telecom corporations and almost the entire pack of civil liberties organisations came together in a frenzied campaign to ensure that ITU kept its hands off the Internet. Massive online petitions were launched, backed by Internet companies such as search engine Google and social networking service Facebook. The Internet, they said, should not become an ITU remit because it would change the multi-stakeholder approach, which currently marks the way the Internet is governed, and replace it with government control that would curb digital freedom. Not only did the US administration oppose the revision of ITRs, the US Congress also passed a rare unanimous resolution against the WCIT proposals.

In the end, it was an anti-climax: nothing much came of these proposals. Although WCIT was marked by high drama—a walkout by the US and six European countries, a show of hands on a contested but innocuous resolution and an unexpected vote—the “final acts” (http://www.itu.int/en/wcit-12/Documents/final-acts-wcit-12.pdf) or the changes in ITRs make no mention of the I word. Not once. The 30-page document states at the outset that “these regulations do not address the content-related aspects of telecommunications” —an indirect reference to the Internet.

	Ultimately, it was a triumph of the US-led position even if 89 of the 144 eligible countries signed it. Most of the developed countries refused to sign it. Nor, unexpectedly, did India, and thereby hangs a curious tale. Officials who were privy to the negotiations told Down To Earth that India was all set to sign the new ITRs when its delegation got last-minute instructions from Delhi not to endorse them. “It was unexpected and a let-down for India and our global allies,” confesses an official of the Ministry of Communications & IT. “There was nothing in the final document that we had objections to.” According to the grapevine, Minister for Communications and Information Technology Kapil Sibal was facing pressure from two sides: the US Administration and domestically from civil society, Internet service providers and the private telecom players who had objected to India’s proposals on ITRs. The US is known to be keeping a close eye on what India decides to do on the new treaty which it can still ratify. In the Dubai treaty, the only ITR that does impinge on the Net is (Article 5B) on unsolicited bulk electronic communications or spam. But even here, what it merely states is that member-states should endeavour to take necessary measures to prevent the “propagation of unsolicited bulk electronic communications and minimize its impact on international telecommunication services.”

In many ways, what took place during the hectic days before and during the December 3-14 WCIT was in a broad sense a replay of the Cold War scenario of the good (freedom-loving countries) versus evil (authoritarian or autocratic regimes), although alliance may have shifted in the two blocs. What is clear is that a larger geopolitical fight is playing out with the Internet as disputed terrain. American analysts themselves have pointed out that the “US got most of what it wanted. But then it refused to sign the document and left in a huff.”

Even the innocuous Article 5A, which calls on members “to ensure the security and robustness of international telecommunication networks”, was interpreted by US delegation head Terry Kramer as a means that could be used by some governments to curb free speech!

As an outraged Saudi delegate said, “It is unacceptable that one party to the conference gets everything they want and everybody else must make concessions. And after having made many concessions, we are then asked to suppress the language which was agreed to. I think that that is dangerous. We are on a slippery slope.” The final outcome: all the contentious issues were relegated to resolutions, which have no legal basis.

Indeed, the US has managed to get its way on most issues: protecting the mammoth profits of its Internet companies and ensuring that control of the Internet address system, now done by a group based in the US, will not be shared with other ITU members. And, the likes of Google (2011 profit: $37.9 billion) and Facebook will not have to pay telecom companies for use of their networks to deliver content.

Challenges of securing cyberworld

E-commerce in India, where every tenth person is online, is on the rise—and, consequently, crime on the Internet. In 2011, the country’s nodal agency for handling cyber crime, Indian Computer Emergency Response Team, tackled 13,301 incidences of security breach. The incidents ran the gamut from website intrusions, phishing to network probing and virus attacks. Further, in 2009, 2010, 2011 and 2012 (until October), there were 201, 303, 308 and 294 cyber attacks respectively on sites owned by the Indian government. Most notably, hacker group Anonymous defaced the website of Union Minister of Communications and Information Technology, Kapil Sibal.

To beef up cyber security, the Union ministry plans to pump in Rs 45 crore in 2012-13. It also put up a draft cyber security policy for public comments in 2011. Currently, cases involving cyber security and crime are handled under the IT Act of 2000 (Amendment 2008) and the Indian Penal Code.

But will the government go about its business of securing the Net in a responsible manner? There is scepticism. Section 69 of the Act gives any government agency the right to “intercept, monitor or decrypt” information online. Chinmayi Arun, assistant professor of law at National Law University in Delhi, said at the Internet Governance Conference held at FICCI in October that crimes like defamation are not on the same page as cyber terrorism, and “we have to question whether they warranty invasion of privacy”. She added that the workings of the surveillance system has to be made more open to build public trust.

Pranesh Prakash, policy director at Centre for Internet and Society (CIS) in Bengaluru, draws attention to a fundamental flaw in the section. “Government is allowed to wire tap under the Telegraph Act, 1885. But the Act lays out specific guidelines for such an action. For example, you can only tap phones in the case of a ‘public emergency’ or ‘public safety’ situation. The IT Act does not put such limitations on interception of information,” he says.

Cyber security and ITU

A few months prior to the controversial World Conference on International Telecommunications in Dubai, countries, including Russia and Arab states, had proposed measures that would, through International Telecommunication Union (ITU), grant disproportional power to countries to control the Internet in the name of security measures. Several proposals, most notably those of India and Arab States, explicitly stated in the proposed Article 5A that countries should be able to “undertake appropriate measures, individually or in cooperation with other Member States” to tackle issues relating to “confidence and security of telecommunications/ICTs”. It raised alarm among civil society. US-based think tank Center for Democracy and Technology (CDT) said in its report dated September, 2012, that cyber security does not fall under the ambit of International Telecom Regulations, and some countries would misuse such privileges for “intrusive or repressive measures”.

The proposal by African member states recommended that nations should “harmonise their laws” on data retention. In other words, intermediaries would have to retain public data for a long period so that governments can access it whenever they please. With regard to this, CDT noted, “Not only do national laws on data retention vary greatly, but there is ongoing controversy about whether governments should impose data retention mandates at all.”

A clause in the Arab proposal on routing said, “A Member State has the right to know how its traffic is routed.” Currently, the way Internet works, senders and recipients do not know how data between their computers travels or is routed. However, enabling countries to have control over routing has its dangers. CDT notes, “(This) would simply not work and could fundamentally disrupt the operation of the Internet.” Internet traffic travels over an IP network. While travelling, it is fragmented into small packets. Packets generally take a different path across interconnected networks in many different countries before reaching the recipient’s computer. CDT notes providing routing information to countries would require “extensive network engineering changes, not only creating huge new costs, but also threatening the performance benefits and network efficiency of the current system”. Although routing was not part of India’s proposal, Ram Narain, deputy director general at the department of telecommunications, told Down To Earth it was one of the country’s concerns.

However, to civil society’s partial relief, such draconian cyber security clauses were not adopted in the new itr treaty. Two clauses added to the treaty, Article 5A and 5B, address some cyber security concerns. Titled “Security and robustness of networks”, Article 5A urges countries to “individually and collectively endeavour to ensure the security and robustness of international telecommunication networks”. Article 5B talks about keeping tabs on spam.

Prasanth Sugathan, senior advocate with Software Freedom Law Centre, an international network of lawyers, says while he would have preferred that the two clauses were kept out of the new treaty, they do not seem harmful. “They are a much toned down version of what Arab states and Russia had suggested,” he says.

This is one reason India, Brazil and other democracies from the developing world also want a change in ITRs. They want the Internet behemoths to pay for access to their markets so that such revenues can be used to build their own Internet infrastructure.

In the furious debate on keeping the Net free of international control even hawk-eyed civil society organisations prefer to ignore the monetary aspects of Net control. Some analysts believe that maintaining the status quo is not so much about protecting the values of the Internet as about safeguarding interests, both monetary and hegemonistic. Such an assessment may not be wide of the mark if one joins the dots. Google, says a Bloomberg report of December 10, “avoided about $2 billion in worldwide income taxes in 2011 by shifting $9.8 billion in revenues into a Bermuda shell company, almost double the total from three years before”. It also said that the French, Italian, British and Australian governments are probing Google’s tax avoidance in its borderless operations.

	What is clear, however, is that a number of countries for reasons springing from different motivations, appear determined to undermine America’s control of the outfits that now define how the Internet works. Although the US maintains that ICANN (Internet Corporation for Assigned Names and Numbers) is a private, non-profit corporation, it is overseen by the US Commerce Department. According to People’s Daily, what the US spouts about Net freedom is so much humbug. In an August 2012 report, the leading Chinese daily claimed the US “controls and owns all cyberspaces in the world, and other countries can only lease Internet addresses and domain names from the US, leading to American hegemonic monopoly over the world’s Internet”. It also highlighted a fact that has slipped below the radar. During the Iraq invasion, the US government asked ICANN to terminate services to Iraq’s top-level domain name “.iq” and thereafter all websites with the domain name “.iq” disappeared overnight. It charges the US with having “taken advantage of its control over the Internet to launch an invisible war against disobedient countries and to intimidate and threaten other countries”. While this may be true, the irony is that China, with its great firewall of censorship, is in no shape to position itself as a champion of freedom. Like other authoritarian countries, it will do everything to police the Net and control it.

The right of countries and peoples to access the Net was highlighted in Dubai when some African countries raised the issue of US control of the global Internet. Some of these, such as Sudan, have long been complaining about Washington’s sanctions that entail denial of Internet services. ITU officials point out that Resolution 69, first passed in the 2008 meeting, invoked again in 2010 and dusted off once again for the WCIT negotiations, invoked “human rights” to argue for “non-discriminatory access to modern telecom/ ICT facilities, services and applications”. Says Paul Conneally, head of Communications & Partnership Promotion at ITU, “The real target of these resolutions are US sanctions imposed on nations that are deemed bad actors. These sanctions mean that people in those countries—not just the government, mind you, but everyone, innocent and guilty alike—are denied access to Internet services such as Google, Sourceforge, domain name registrars such as GoDaddy, software and services from Oracle, Windows Live Messenger, etc.”

The catalogue of Sudan’s complaints shows at least 27 instances in 2012 when companies from Google to Microsoft and Paypal to Oracle cut off their services to the African country. This might explain why major companies would be opposed to the resolution on a right to access Internet services. Such a right would allow countries to use ITRs to compel them to provide services they might otherwise have preferred not to. But so far all such sanctions appear to have been a decision of the US Administration.

The problem of the digital divide, in fact, did not get the headlines it should have. Africa accounts for just 7 per cent of the 2.4 billion people who use the Net worldwide and penetration in the region is just 15.6 per cent of the population. Compare this with North America where over 78 per cent are linked to the digital world and Touré’s logic about the ITU’s mandate appears reasonable.

When Apple censors the drone war NETIZENS know that the Internet suffers from the depredations of government, hackers and viruses. But not many are aware that companies are as prone to taking legitimate stuff off the Net on the flimsiest grounds. In the case of Apple it could have been misplaced patriotism or plain business sense that prompted it to block an app which monitors drone strike locations in November last year. The App Store rejected the product, calling it “objectionable and crude”. Drones+ (see photo) is an application that simply adds a location to a map every time a drone strike is reported in the media and added to a database maintained by the UK’s Bureau of Investigative Journalism. Josh Begley, a graduate student at New York University, who developed the app, says it shows no visuals of war or classified information. All it does is to keep its users informed about when and where drone attacks are taking place in Pakistan and Afghanistan. “This is behavior I would expect of a company in a repressive country like China, not an iconic American company in the heart of Silicon Valley,” says a petition to the company CEO. Did Apple’s censorship have anything to do with the fact that it received huge contracts from the Pentagon? US legislators have joined the protests against Apple. The most brazen act of corporate censorship occurred in August 2012 with NASA’s livestream coverage of the Curiosity rover’s landing on Mars in the space agency’s $2.5 billion mission. A news agency, Scripps, coolly claimed as its own the public domain video posted on NASA’s official YouTube channel that documented the epic landing (see our opening visuals). “This video contains content from Scripps Local News, who has blocked it on copyright grounds. Sorry about that,” said a message on NASA’s blackened screen. So much for the strict US laws aimed at curbing online piracy!

Touré noted that the revised ITRs would see greater transparency in global roaming charges, lead to “more investment in broadband infrastructure” and help those with disabilities. But he was hopeful that the new treaty signed in Dubai would make it possible for the 4.5 billion people still offline to be connected. “When all these people come online, we hope they will have enough infrastructure and connectivity so that traffic will continue to flow freely,” Touré said.

But should ITU govern the Net? Not in its entirety, according to experts. For one, ITU until the Dubai meeting was far from being transparent and does not allow participation of civil society or other stakeholders in its negotiations unless they are part of the official delegation of the member-states. In fact, even critics of the current system, who think the system is lopsided and hypocritical, believe ITU needs to reform itself and confine to the carrier/infrastructure layer of the Internet. Nor should it get into laying down standards which is done by Internet Engineering Task Force (IETF) and the naming and numbering that is managed by ICANN.

But Conneally counters this by asking what would happen if the US decided to deny domain name root zone to Iran because of its bad human rights record. “Suppose it ordered Verisign to remove .IR from the DNS root and make it non-functional. Would we want ICANN/the Internet governance regime to be used as a political/strategic tool to reform Iran? What happens to global interoperability when the core infrastructure gets used in that way?”

Who then should ensure that the Internet is run in a free and open manner? Should it be the Internet Governance Forum (IGF)? But IGF is to be an open consultative forum that cannot by itself govern. It brings in participation for any or all Internet-related policy processes but it by itself was never supposed to do policy or governance.

Parminder Jeet Singh, executive director of ItforChange, says whoever governs is the government for that purpose. “This truism is significant in the present context, because there is an attempt by those who really control/ govern the Internet at present, largely through illegitimate and often surreptitious ways, to confuse issues around Internet governance in all ways possible, including through abuse of established language and political principles and concepts.”

ITforChange is a Bengaluru institution working on information society theory and practice, especially from the standpoint of equity, social justice and gender equality, and it is that perspective which informs Singh’s suggestions. “What we need are safeguards as, for instance, with media regulation. The Internet, of course, is much more than media. It is today one of the most important factors that can and will influence distribution of economic, social and political power. Without regulation it will always be that those who currently dominate it will take away the biggest pie.

Surveillance club

Eight Indian companies are among the 700 members of European Telecommunications Standards Institute. The group works with government and law enforcement agencies to integrate surveillance capabilities into communications infrastructure. It also hosts regular meetings on lawful interception

Wipro Technologies	Associate Service Providers
• HCL Technologies Limited	• Associate Consultancy for Co./Partnership
• Accenture Services Pvt Ltd	• Observers
• CEWiT	• Associate Research Body
• Saankhya Labs Pvt Ltd	• Associate Manufacturers
• Sasken Communication	• Associate Manufacturers
• Technologies
• SmartPlay Technologies	Associate Consultancy for Co./Partnership
• TEJAS NETWORKS LTD	• Associate Manufacturers

Other critics of the current system concede that bringing governments on board, especially authoritarian and statist powers which the digital world threatens, would give them perverse incentives to control it. But this threat should be met not by insisting that the Internet needs no governance or regulation, but by safeguards that ensure equitable access and benefits, Singh stresses.

While the jury is out on the question whether the new ITRs will make any material difference to the way, and if at all, the Net will come under added government oversight and intervention, developments elsewhere show that ITU is not the main threat to digital freedom.

The irony is that while cyber security is contentious in ITU, other international organisations, such as the UN Office on Drugs and Crime (UNODC) and a clutch of influential telecom industry associations, are pushing for surveillance programmes that ensure policing of a high order with sophisticated infrastructure to monitor online communications. A host of countries already have such systems in place and are pressuring countries like India to fall in line.

A UNODC report, titled ‘The use of the Internet for terrorist purposes’, has detailed how countries can and should use new technology for online surveillance—all in the name of anti-terrorism. The report discusses sensitive issues such as blocking websites and using spyware to bypass encryption and also urges countries to cooperate on an agreed framework for data retention.

At the same time, powerful industry bodies, such as ATIS (Alliance for Telecommunications Industry Solutions) and the European Telecommunications Standards Institute (ETSI), are reported to be working with government and law enforcement agencies to integrate surveillance capabilities into communications infrastructure, according to Future Tense, a project which looks at emerging technologies and how these affect society, policy and culture. It says India is under pressure from another industry organisation, the Telecommunications Industry Association (TIA), “to adopt global standards for surveillance”, calling on the country’s government to create a “centralized monitoring system” and “install state-of-the-art legal intercept equipment”.

TIA is a Washington-based trade group which brings together companies such as Nokia, Siemens Networks and Verizon Wireless, and is focused on issues related to electronic surveillance and is developing standards for intercepting VOIP and data retention alongside with ETSI and ATIS. At least seven Indian companies are members of ETSI, which is said to hold international meetings on data interception thrice a year.

Add to this chilling list the International Chamber of Commerce. It is reported to be seeking the establishment of surveillance centre hubs of several countries to help governments intercept communications and obtain data that is stored in cloud servers in foreign jurisdictions. Given this backdrop why are the US and its cohorts creating a ruckus on ITRs?

It would also mean that by focusing on ITRs and ITU as a major threat to Internet freedom civil society may be jousting at windmills.

Malice and freedom of speech

Two suits highlight the challenge of treading between the two

Among the many legal cases in India related to the use and misuse of the world wide web, two stand out for involving web giants and provoking sharp reaction. These are the cases registered in Delhi district courts in December 2011, objecting to chunks of content—portraying prominent political figures and religious places among others in a certain light—hosted on websites. One was filed by a Delhi journalist, Vinai Rai, requesting the court to press criminal charges against 21 web agencies, including Google, Facebook and Yahoo! India. The other, filed by a social activist, M A A Qasmi, was a civil suit requesting action against 22 web agencies. Both mentioned that the content on the websites was inflammatory, threat to national integrity, unacceptable, and created enmity, hatred and communal discord.

A year on, tangible impact has not been much. The number of accused in the civil case has come down to seven web agencies and in the criminal case the government is yet to issue summons to the companies concerned (see ‘The case so far’). However, these litigations are seen as landmarks in the recent history of the Internet and its interaction with societies and governments. The cases—especially off-the-record comments by the judiciary suggesting blanket ban and pre-screening of all content—provoked a debate on the freedom of expression and Indian cyber laws.

The case so far

JANUARY 13, 2012: Delhi High Court dismisses petition by Google and Facebook asking to be absolved of criminal charges filed in district court

JANUARY 20: High Court asks for reply from Delhi Police in response to plea by Yahoo! India challenging district court summons

FEBRUARY 16: Court refuses to stay proceedings against Facebook and Google but allows them to be represented by counsel

MARCH: Court dismisses criminal charges against Yahoo! India and Microsoft but says the charges can be revived if new evidence comes to light. Sets aside summons

Malicious content exists on the web and may even need to be taken down, but the laws used to remove malicious content can also be used to curb political speech, thus, infringing on the right to freedom of expression, says Prasanth Sugathan, senior advocate with Software Freedom Law Centre, an international network of lawyers.

Some like Pranesh Prakash of non-profit Centre for Internet and Society believe the IT Rules are at odds with the IT Act and give powers for censorship. He explains that the IT Act, 2000, provides for protection of intermediaries; web browsers, social networking sites and websites cannot be held responsible for what a third party publishes on their forums—“similar to the way in which we cannot sue a telephone agency or a post office for someone else making use of these platforms to harass or defame another person”. But the IT rules of 2011 watered down this protection.

Supreme Court advocate and cyber law expert Pavan Duggal explains how. The Act states once a complaint is made against certain content, the web agency hosting it must notify the person who put up the content, verify the content and judge whether it needs to be removed. But the rules state that once the web agency is notified it must remove the content within 36 hours or it could be prosecuted for not acting on the complaint. The rules have gone beyond the Act’s scope, especially vis-a-vis privacy and data protection, leaving no scope for hearing out the accused, he says.

The disjunct between the Act and the rules is being contested in various spheres, including Parliament. But there is a bright side too. Duggal believes the cases have brought pertinent issues, like free speech and privacy concerns, into the public domain. Ramanjeet Chima, policy adviser for Google, says freedom of expression is paramount for Google but the recognition of local sentiments is also being given equal weightage.

Senior advocate Sidharth Luthra, who was representing Facebook in the Delhi High Court, wonders whether the existing Indian laws are in tune with the ever-changing online world. Unwilling to comment on the case, he says the law is limited in its scope, while technology is not. Refusing to comment on the cases, the Google adviser emphasised the need to use the existing provisions of big web agencies to address grievances regarding content.

The Internet “is not the wild wild west”; all content, users and viewers can be traced, Duggal cautions. Since the Internet can impact political issues government is increasingly looking for ways to control it. “There is no ideal solution but it is evident that some monitoring and regulation are required, and in all parts of the world all regimes are in the process of addressing this,” he says.

For more details visit https://cis-india.org/news/down-to-earth-latha-jishnu-dinsa-sachan-moyna-january-15-2013-clash-of-the-cyber-worlds

Panel Discussion on E-Commerce at NLSIU

praskrishna — 2013-02-03T10:37:05Z

Pranesh Prakash was a panelist at this event held at the National Law School of India University on January 7, 2013.

Suswagata Roy posted a report of this event in Cool Age on January 19, 2013.

E-Commerce in India has brought about a revolution and has changed the way businesses are conducted. In a short period of time, E-Commerce has seen tremendous growth and has been able to generate a market for itself. This definitely seems to be just the beginning and a bright future awaits it.

Given that E-Commerce is a hot topic and has already given rise to some pertinent legal issues, the Law and Technology Committee of National Law School of India University held a panel discussion on the same on 7^th Jan, 2013 at 4 PM in the Training Centre, NLSIU Campus. The Panel, which consisted of Mr. Stephen Mathias (Partner, Kochhar and Co.), Mr. Pranesh Prakash (Policy Director, Centre for Internet and Society) and Mr. N. Vijayashankar (founder Chairman of Digital Society Foundation), focused on three issues in order to bring forth their key points.

The issues that were highlighted through the discussion were:

1. E-Commerce and Privacy: Privacy and the internet has been an important issue with which the legal community has been grappling for a long time. There are no specific legislations in India which protect privacy especially in relation to the internet. Protecting private and confidential information of the users is a primary concern of E-Commerce websites which also highlights the related issue of data protection. The customers' financial information is in special need of protection. While dealing with this issue questions like who is responsible for such protection, what data can be shared and what usage will it be put to use will have to be looked at? While dealing with privacy how the government will create a balance between protecting confidential information and providing information to the regulators to ensure no sham transactions, money laundering and tax evasion is being carried on needs to be addressed.

2. E-Commerce and its compatibility with other laws: the need for a separate Act:E-Commerce has definitely given rise to a new form of transaction. Thus, related laws such as law of contracts, law of evidence, taxation will all have to evolve to accommodate the new form of legal dealing. Contracts will have to evolve to validate such online transactions while law of evidence will have to evolve in order to sustain disputes based on such transactions. Many pertinent questions relating to intellectual property rights also arise especially in the area of copyrights. While minor amendments have been made to the Indian Evidence Act and to the Information Technology Act, they are not sufficient to handle this advanced method of conducting business. Moreover, the Information Technology Act is an enabling Act and this complicates matters even more. These issues give rise to the obvious question of needing a separate Act to regulate E-Commerce. An E-Commerce bill was drafted in 1998 which has never been given any attention and which may not be relevant anymore after the changes that technology has undergone over more than a decade.

3. E-Commerce and Cyber Crimes: E-Commerce has opened new avenues of dealing with consumers in the virtual world and thus, has opened new modes of proliferation of cyber crimes. It has resulted in an increased need to secure the laws in relation to fraud prevention, money laundering and phishing. It is imperative to look at the cyber laws in India and whether they are sufficient to deal with such issues in the wake of E-Commerce. How should the law deal with such issues and what regulatory compliances are required for E-Commerce websites in order to deal with these issues?

Thus, though E-Commerce is on the rise and is a welcome way of conducting business and has entranced many consumers, its effective utilizations and growth is viable only if a sturdy legal framework is in place. The panel discussion brought forth such issues and discussed the solutions for the same.

For more details visit https://cis-india.org/news/panel-discussion-on-e-commerce-at-nlsiu

Cool Jobs | Parmesh Shahani, Head, Godrej India Culture Lab

praskrishna — 2013-01-17T05:55:47Z

The man behind Mumbai’s most original ideas space on being a cross-pollinator

The following interview was published in LiveMint on January 4, 2013.

The Vikhroli catalyst

Parmesh Shahani, a former editorial director of Verve magazine, thought up the Godrej India Culture Lab, a cultural ideas platform, after becoming a TED Fellow in 2009, realizing then that Mumbai, or India, has no space that encourages cross-pollination of ideas around contemporary society, anthropology and culture.

Shahani, the author of Gay Bombay: Globalization, Love And (Be)Longing in Contemporary India, has earlier managed research for Massachusetts Institute of Technology (MIT) think tank related to media convergence.

Ever since Godrej’s Nisa Godrej took up his idea, the Godrej India Culture Lab has hosted a conference called Urban (Re)imagination—which it launched in 2011—talks by Japanese architect Tadao Ando, and MIT economist Abhijit Banerjee, film screenings and book readings on themes as diverse as Calcutta jazz and jugaad. Shahani says he works on weekends and looks forward to Monday mornings. Edited excerpts from an interview:

What exactly does your work involve?
My work involves identifying interesting people and ideas and then connecting them to each other—either through public talks, conferences, salons or other means of interaction. There are certain themes I am interested in exploring, such as what it means to be modern and Indian today, what it means to be young or urban, and to be connected through technology. My work often feeds directly into the larger Godrej group efforts. We have a campaign called Godrej LOUD—Live Out Ur Dreams—on MBA campuses across India with excellent results.

What is the best part of your job?

It doesn’t feel like a job. It feels like a calling, a mission, and is an incredible adventure. Each day is different—and fun. It enables me to use all the different aspects of my mind, and tap into my global networks to focus on how we are looking at the changes taking place in contemporary India. I love meeting other people who are on the same mission—the people at Gateway House, India’s first foreign policy think tank, or the Centre for Internet and Society in Bangalore, or people like Rikin Gandhi from Digital Green that trains farmers to use cameras to record their best practices and share it with each other.

What are your challenges and what more do you want to bring into the Lab?

At this moment we are more of a sandbox and catalyst. I’d like us to start producing original research soon by having full-time experts on board. We have recorded videos of all our talks of the past two years; they will go up on our website, which is under development. Finally, I’d like to attract more audiences to our events and efforts. We’ve already put our Godrej campus at Vikhroli, Mumbai, on the cultural map of the city.

What has been your favourite project here?

My favourite project has got to be the recent Museum of Memories that I curated in an abandoned 60,000 sq. ft Godrej warehouse on 15 December 2012, in collaboration with other city organizations like Junoon, Visual Disobedience, Brown Paper Bag, as well as loads of performers, artists and musicians from the city. It was a pop-up one-day only event with performances, music, theatre, tea, yoga, live art, graffiti, videos, dance, robots, alternate reality games, and more. The event bridged different spaces and it will remain very special.

For more details visit https://cis-india.org/news/livemint-january-4-2013-sanjukta-sharma-cool-jobs

Mobile Broadband: Leveraging for Business Transformation

praskrishna — 2013-01-15T08:40:21Z

Mobile India 2013 is being held at the Chancery Pavillion, Bangalore on 9 January 2013. Sunil Abraham is speaking at this event.

Mobile India 2013 is the one of the first premier conferences and will be the curtain raiser for Mobile Broadband revolution in the country. It is associated with The Fifth International Conference on COMmunication Systems NETworkS (COMSNETS), the world’s premier international conference on networking and communications technology innovation.

Keynote Speeches

Keynote - 1: Prof. Bhaskar Ramamurthi , Director, IIT Madras will deliver the joint keynote speech for COMSNETS 2013 and Mobile India 2013.
Keynote - 2 : Sanjay Nayak , Chief Executive Officer & Managing Director, Tejas Networks. Tejas Networks.

Mobile India 2013 will try to unravel the mysteries in the following sessions.

Session 1: Enterprises on the move

"For a preview, read http://yourstory.in/2012/12/enterprises-on-the-move/ "

Enterprises are exploring ways to leverage the power of smart devices, the cloud, and broadband to be agile, flexible, and productive. The IT managers in organizations are challenged to support variety of devices (viz. BYOD) within the organization, at the same time providing the required organizational security and performance support to the employees. This session will deliberate on the challenges and opportunities of today's networked world for enterprises on the move.

Panelists: Ashvin Vellody , Director - Management Consulting, KPMG India; Dr. K.K. Ramakrishnan , Distinguished Member of the Technical Staff, AT&T Labs Research, USA; Puneet Gupta , AVP and Head of Mobility Research, Infosys SET Labs; Sai Pratyush, Head-Enterprise Products, Tata Teleservices; E. Manikandan , Head-Channels and Alliances, Ramco Systems; Umesh Sachdev , Co-founder and CEO, Uniphore ; Yathish, L, N. , CTO, Huawei Technologies

Moderator: Swami Krishnan , VP and Head-Marketing, Sasken Communication Technologies

Session 2: Massively Open Online Education

"For a preview, read http://yourstory.in/2012/12/massively-open-online-education/ ".

Online and Internet based education has permeated in to schools and colleges today. Massively Open On-line Course (MOOC) initiatives such as National Programme on Technology Enhanced Learning (NPTEL) in India and those by leading institutions such as MIT and Stanford in the US are democratizing education and making it available globally over the Internet. In India, the Government has been an early adopter and both academia and industry have begun taking this initiative further. However, limited access to wired broadband and computers have restricted reach for providing online education. Can the ubiquitous mobile solve this problem?
In this session, experts will deliberate in detail on the opportunities and challenges in providing education through mobile networks and wireless devices. Are these scalable and monetizable? What are the implications for traditional educational methodologies? What are the transformations this will bring to the publishing industry?

Panelists: Dr. Gautam Shroff , VP and Chief Scientist, TCS; Srikanth B. Iyer , COO, Pearson Education Services; Rohit Kumar , MD, Elsevier India; Sunil Abraham, Executive Director, Centre for Internet and Civil Society; Arun Prabhudesai , CTO, myopencourses.com

Moderator: Prof. D. Manjunath , Professor, IIT Bombay

Session 3: Innovation Workshop

In the concluding session of the day, a workshop on mobile innovations will be conducted wherein several start-up firms will show case their unique innovations in the mobile space and share their experiences on ideation, fund mobilization, monetization models, and scale-up for sustainability.

Panelists: MintM ( Sachin Garg , Founder); Robots Alive ( Abheek Bose , Founder); Twaang
( Vishnu Raned , Founder); JanaCare , ( Sidhant Jena , Co-founder), AstralPad (Rahul Singh)
Moderator: Madanmohan Rao , Director-Research, Yourstory.in

Event Chairs

Dr. V. Sridhar (sridhar.varadharajan@sasken.com), Sasken Communication Technologies, India
S.R. Raja (rajaraghavan.setlur@sasken.com)

Register here for Mobile India 2013

For more details visit https://cis-india.org/news/mobile-india-2013

Indian government websites: Gold mine for cybercriminals

praskrishna — 2014-01-31T06:18:12Z

If you are a cybercriminal trying to commit identity theft or digitally impersonate a citizen, you have help from the unlikeliest of sources — the Government of India.

The article by Srutijith KK was published in the Times of India on January 3, 2014. Sunil Abraham is quoted.

Various government agencies have put vast amount of personal information online, often with little barrier to access and with hardly any provision to prevent their misuse.

Combine a few of these databases and you have a gold mine of information on India's citizens, including some of its wealthiest residents, whose bank accounts are of special interest to thieves. "If I want to target someone, I now have access to so much detail that shouldn't have been in public. Hackers with good social engineering skills will be able to call a call centre and impersonate a person. And from a stalking perspective, it has implications for not just celebrities, but anybody with a jilted lover, a political rival, and so on," said Binoo Thomas, a digital security expert at McAfee Labs.

For example, if somebody wants to get personal details of some of India's richest people, he would simply need to click on the LPG transparency links on Indane, Bharat Gas and HP portals and narrow the search to the South Mumbai region. Many gas agencies have their area of service in their names, such as Bandra Gas Agency or Colaba Gas Agency.

Select one of these gas agencies and you have a list of all the customers, with their consumer number, address and, in many cases, a mobile number. This database is also searchable by name. You can quickly search for any famous surname and be rewarded with a consumer number, residence address and in many cases, a mobile phone number.

A cursory search gave ET the mobile number and full residential address of the well-known matriarch of a famous business family. A search under the Bandra Gas Agency promptly showed the full residential address of a famous Bollywood actress. Your next stop could be the website of the Election Commission of India, which has asked all state Election Commissions to place the entire voter rolls online.

The voter roll also has the full residential address, age and gender of a person. A quick search on the MTNL Mumbai directory online will reveal the landline number for a person. With a little bit of luck and time to troll social networks such as Facebook and LinkedIn, a skilled cybercriminal can discern your date of birth and professional details.

Date of birth, phone number, alternate number and billing address are the details many telephone companies and banks use to determine whether a person calling its customer helpline is indeed who she says she is. This kind of information also allows a hacker to design effective phishing attacks, which lures a person into revealing information such as passwords or credit card numbers. An email that lists accurate personal information appears authoritative and has greater likelihood of being trusted by a recipient.

Thread of identity theft
This kind of crime has been on the rise. In December, US Department of Justice estimated that $24.7 billion were lost to identity theft in 2012, as 11.5 million Americans found themselves defrauded. Similar data is unavailable for India. "Privacy has become a matter of personal security. As the state has been pushed to function in a more transparent manner, authorities are making the details about us transparent instead! The data protection principles are well evolved all over the world.

All of these data controllers are in violation of every good principle. We don't need to wait for a law to observe these principles," said Usha Ramanathan, an independent law researcher specialising in privacy, surveillance and related issues. The ministry of rural development, which administers the Mahatma Gandhi National Rural Employment Guarantee Scheme, goes a step further, and places online the bank account numbers and IFSC codes for all its beneficiaries.

RTI requirements
The justification for publishing this kind of data online is typically section 4 of the RTI Act, which requires all government departments to proactively publish details of subsidy programmes, including details of the subsidy availed. However, section 8(1) of the same Act says that personal information that invades privacy of an individual need not be published unless an appellate authority decides that a larger public interest is served by it. It's unclear what public interest is served by the publication of full residential address, mobile number or bank accounts by various agencies.

In some cases, like the MNREGS and the voter rolls, sector-specific laws also apply. "Going by the provisions of the MGNREGA, which mandates proactive disclosures, we keep all processes in the public view... We have not perceived any threat in displaying bank account numbers of wage seekers, most of which have been opened for receiving wages," said R Subrahmanyam, the joint secretary at the ministry of rural development who heads the MNREGA division.

The petroleum ministry did not respond to an email requesting comment. In an emailed response, Chief Election Commissioner VS Sampath referred to Rule 33 of the Registration of Elector Rules, 1960, to establish that the voter roll was a public document. "Thus it can be seen that Electoral Roll is a public document which is available to the public for inspection. The Commission has, therefore, given instructions to put this public document on the website to facilitate inspection by public. When law stipulates that it is a public document, the public has a right to access it," he said. But no law states that anonymising techniques or relevant barriers to accessing private information should not be deployed.

Legal vacuum
India does not have an omnibus privacy law that overrides sector specific legislation. According to Sunil Abraham of the Bangalore-based thinktank Centre for Internet and Society, there are some 50 different laws that have a privacy element in India. The Department of Personnel and Training has been working on a draft privacy law for three years now.

"We need to think of this problem in the light of the privacy law that is being drafted. Traditionally and culturally our view of privacy has been different. A more explicit understanding of the privacy needs of the citizens is certainly welcome. Section 43A of the IT Act has provisions for data protection," said J Satyanarayana, secretary at the department of information technology.

But 43A applies only to corporations, and government agencies are not bound by it. Apart from the central government agencies, several state government agencies and schemes also collect and store personal information. But no standard protocol binds them in deciding who shall have access and who shall not.

For more details visit https://cis-india.org/news/the-times-of-india-january-3-2014-sruthijit-kk-indian-govt-websites-gold-mine-for-cybercriminals

2012 in Review: Biometric ID Systems Grew Internationally...and So Did Concerns about Privacy

praskrishna — 2013-01-17T04:40:00Z

As the year draws to a close, EFF is looking back at the major trends influencing digital rights in 2012 and discussing where we are in the fight for free expression, innovation, fair use, and privacy.

The blog entry was published in Right Side News on January 1, 2013

Around the world, systems of identification that employ automatic recognition of individuals’ faces, fingerprints, or irises are gaining ground. Biometric ID systems are increasingly being deployed at international border checkpoints, by governments seeking to implement national ID schemes, and by private-sector actors. Yet as biometric data is collected from more and more individuals, privacy concerns about the use of this technology are also attracting attention. Below are several examples of the year’s most prominent debates around biometrics.

FRANCE: In early March, the French National Assembly (Assemblée Nationale) passed a law proposing the creation of a new biometric ID card for French citizens, saying the measure would combat “identity fraud.” Embedded in the cards would be a compulsory chip containing personal information such as fingerprints, a photograph, home addresses, height, and eye color. All of this information would be stored in a central database. French Senator François Pillet called the initiative a time bomb for civil liberties. Near the end of March, however, the French Constitutional Council ruled that the new law proposing the introduction of a new biometric ID for French citizens was unconstitutional.

MEXICO: Documents obtained by EFF under Mexico’s Transparency and Access to Information Act show that as of May, nearly 4 million minors had been enrolled into registries associated with a new Mexican ID card for youths. Billed as a document that can help streamline registration in schools and health facilities, Mexico’s Personal ID Card for minors comes embedded with digital records of iris images, fingerprints, a photograph, and a signature. Despite concerns about privacy implications raised by organizations such as the Federal Institute for Access to Public Information, the Mexican government is now poised to launch the next step of the project - extending the ID cards to adults.
EUROPEAN UNION: The issue of privacy concerns surrounding biometric passports in Europe made its way to the European Court of Justice (ECJ), the highest court in the European Union. In September, the Dutch Council of State (Raad van State, the highest Dutch administrative court) asked the ECJ to decide if the regulation requiring fingerprints in passports and travel documents violates citizens’ right to privacy. The case entered a Dutch court after three Dutch citizens were denied passports, and another citizen was denied an ID card, for refusing to provide their fingerprints. The ECJ ruling will play an important role in determining the legality of including biometrics in passports and travel documents in the European Union.
INDIA: The Unique Identity Authority of India (UIDAI) continued collecting fingerprints, facial photographs, and iris scans from Indian residents for its massive unique ID endeavor, known as Aadhaar, which will result in the world’s largest biometric database and will compile 10 times as much data as all of Facebook.

The program is moving forward at a rapid clip despite privacy concerns raised by advocates such as the Centre for Internet and Society in India, and the Indian Parliament. In addition, a slew of other government agencies have moved ahead with biometric collection programs of their own. And just this past week, Visa and a group of Indian banks unveiled the “Saral Money” account, which links individuals’ Aadhaar numbers with credit card transactions and introduces a further complication into the privacy concerns inherent in this massive e-government endeavor.

Source: EFF

For more details visit https://cis-india.org/news/rightsidenews-rebecca-bowe-january-1-2013

Mining the Web Collective

sharath — 2013-01-06T23:48:20Z

In March 2012, Dr Bruno Latour and his team from the Sciences Po Media Lab organized a workshop that assembled a selected group of researchers from India to explore methods of Controversy Mapping. It was hosted by Dr J. Srinivasan, Director of the Divecha Centre for Climate Change at the Indian Institute of Science, Bangalore, India.

While the context of this workshop focussed on deciphering and mapping opinions related to academic controversies surrounding climate change, the very same techniques of deploying digital tools to crawl through associated content on the websphere, maybe used to map any other controversy that has been actively influencing public and political opinion.

As one of the participants in the workshop, in an attempt to make my interpretation as accessible as possible to a wider inter-disciplinary audience, below is my own assimilation and extrapolation of the musings and discussions that entailed. Further I have drawn out limitations and future directions towards more viable paradigms that augment the mapping and democratization of public opinion.

The session drew an outset around how new digital tools could aid researchers by enabling them to quickly see an individual entity’s data as well as it’s associated aggregates, and register all of this within a single view in real-time. Contrasting the traditional methods of data collection through individual surveys, new digital methods can almost instantaneously bridge the gap between the individual and the collective and help us answer the question that Latour poses in his most recent paper that revisits social theory around the Tardean concept of reciprocally connected ‘monads’ -- ''.... is there an alternative to the common sense version that distinguishes atoms, interactions and wholes as successive sequences (whatever the order and the timing)? An alternative that should not oblige the inquirer to change gears from the micro to the macro levels ..... but remains fully continuous ...'' [Latour et al , 2012].

Encompassing the Collective

The geometric basis of the universe as expressed by Edgar Allan Poe, asserts that the ‘universe.. is a sphere of which the centre is everywhere and circumference nowhere’ (Eureka, p 20) This is essentially a post-Euclidean conception of space, in line with the view of early 20th century physicist Alexander Friedmann who posits that the ‘universe is not finite in space, but neither does space have any boundary’ and so the centre of the universe is relative to every single atom — hence every single observer.

In many ways, the process of data collection and visualization that was carried out at the workshop tried at best to mimic this geometric basis of space. By starting with a single entity (say, mammals) the empiricist begins with nothing more than a named 'label'. One then extends the specification of this entity, by populating a list with an increasing number of elements. This process of 'learning' about an entity is essentially an infinite process, as many abstract associations maybe permitted to enter the list. However, the observer stops this iterative process at a point when he feels that he has enough knowledge to describe the entity within the (seemingly finite) 'scope' of study. What we then have is a highly individualized point of view with respect to one entity that has a view of all it's associated attributes.

It is worth noting here that the attributes themselves can be looked at as individualized entities, and vice versa, from their own view point, depending on the way in which one navigates, thereby making the map invertible. For instance while 'egg-laying' maybe one of the attributes of a 'mammal', if we navigated to define 'egg-laying' to be our starting entity, it's view point can contain attributes like 'mammals' and 'birds'. This process is entirely different from the bottom up approach of constructing a general view by combining individual counterparts. In fact, there is no one general view here, as the picture is an exploded graph emanating from a single entity's view point, each to it's own 'umwelt'.[Kaveli et al, 2010].

(Re)formation of Opinion

The formation of a fundamental percept in the human brain, for instance, during the cognitive activity of reading a text, is in itself a bottom-up serial process where individual words progressively make up semantic associations to form a meaningful structure (just as this sentence), along with contextual association with previously acquired knowledge. This capacity limit for information processing [Rene and Ivanoff, 2005] which is a prerequisite for our highly focussed mechanism of attention is the reason why we cannot capture the entire star map within a single glance at the night sky.

Somewhere down this iterative line of observing an entity, and not having access to all of its attributes in entirety, leads to over-specification and an entanglement with isolated systems, thereby falling into a local maxima as opposed to a global solution. This is the basis of opinion formation and by envisaging it as a 'closed' object it is transformed into a percept, open to interpretation and often conflicting with another, thereby resulting in a controversy.

One of the objectives of the controversy mapping workshop was to transform the 'immutable' percept surrounding a controversy into a visual map that all at once registers weblinked attributes surrounding it, to give us a possibly emergent and unbiased picture.

The Method to the Madness

The process of framing of a ‘controversial topic’ and the collation of massive data and links on the internet that surround the topic could indeed be a cumbersome task. An informed approach is thus required in order to achieve a meaningful result.

Firstly, one needs to consider reliable sources and means of knowledge production that provide enough fuel to kindle the analysis of the controversy. One needs to move on from casual matters of opinion or statements (such as “the cumulative effects of CFC result in ozone layer depletion”) to identifying a hypothesis or theory that is being actively contested by academicians and experts through research and publication. This serves to outline an important preliminary sketch of the controversy that exists within the community.

Secondly, it is essential to remember that specialized researchers do not exist in self-centered isolation but often operate in tandem with multiple stakeholders, investors, donors, sponsors and a diverse audience that they cater to through articles, books, research projects and published journals. For instance, several theorists who are into the business of developing a so-called ‘language of critique’ often ensure through working group meetings that a selected group of researchers are on the ‘same page’ while using common words to canvass a spearhead towards prospective calls from popular journals. At other times, one may perceive a very direct link between mainstream press and cutting-edge research. This group comprising allies and endorsers are an important constituent of the mapping process as they provide key points of entry into the controversy.

Further, as more and more data relating to a controversy is accrued, one must decipher not only how the position of the controversy is being dynamically shaped over time along with its stakeholders but also be able to extrapolate how and why its current position of uncertainty might evolve. This would involve identifying potential points of contention that could respark a debate over an issue that has reached near closure.

Mapping the Controversy around ‘Anthropocene’

The topic chosen by my group (which consisted of scholars Neesha Dutt, Muthatha Ramanathan and Prasanna Kolte) was ‘Anthropocene’, a geo-chronological term that was informally introduced by a Nobel laureate in the field of atmospheric chemistry, Paul Crutzen, at a dinner party. ‘Anthropocene’ apparently marks the post industrial period as a time window that represents the impact that human activities have had on earth’s ecological systems, thereby affecting climate change. The widespread acceptance and popularity of the the word has even seen a move to officially recognize ‘Anthropocene’ as geological unit of time, complemented by a number of dubious research projects that assume the ‘anthropocenic’ view of climate change. The tools used were Navicrawler to populate a massive list of webpages that featured the keyword and other landing websites that each of the webpages point to. The context of the websites based on their content were labelled manually and no native text parsing and analysis was used. An interconnected visual graph structure was then obtained using Gephi, a software that uses Force Layout -2 , a graph layout algorithm for network visualization. [M. Bastian et al, 2009].

Future Directions

Including a layer of geographical representation to the formation and spread of an opinion is a key direction towards which opinion mining and controversy mapping is headed. A limiting factor while crawling articles over the web using currently available digital tools is the inaccurate representation of geographical source. An article posted in a popular science blog in India, may actually have its server hosted in California and this fact may often be abstracted to our crawler.

Furthermore, apart from the geographical source of a web article, an interesting direction would be to employ geo-located public opinion interfaces to collect a sample set of public opinion related to an issue, across diverse geographical locations in realtime. This would serve as valuable layer to overlay onto the controversy web map.

Another constraint of the digital methods referred to here within, is the medium specific approach that does not look beyond the sample space of the internet. Listening to and analyzing internet social media dynamics and combing large data sets to churn out a report is not much of a challenge. Cross media influences in public and political opinion have become increasingly clear with television broadcasts and newspaper reports directly contributing to discussions that happen on internet forums and websites. Take for instance Blue Fin Labs that started off within the Cognitive Machines group of MIT Media Lab. Initially known as the Human Speechome project which used deep machine learning algorithms to map out relationships between spoken word and context, Blue Fin Labs now applies the same technique to map internet comments and posts to corresponding audio-visual stimuli in television broadcasts that caused those comments to be made on the web.

Video

Data visualization of connecting the social graph to the TV content graph

References

Cappi, Alberto (1994). "Edgar Allan Poe's Physical Cosmology". The Quarterly Journal of the Royal Astronomical Society 35: 177–192
Castells, M. (2000). Materials for an exploratory theory of the network society. British Journal of Sociology Vol. No. 51 Issue No. 1 (January/March 2000).
Edgar Allen Poe (1848) ‘Eureka : A Prose Poem'.
Kull, Kaveli 2010. Umwelt. In: Cobley, Paul (ed.), The Routledge Companion to Semiotics. London: Routledge, 348–349.
Latour, B. et al 2012 “The Whole is Always Smaller Than It’s Parts A Digital Test of Gabriel Tarde’s Monads” British Journal of Sociology (forthcoming)http://www.bruno-latour.fr/sites/default/files/123-WHOLE-PART-FINAL.pdf
M. Bastian, S. Heymann, and M. Jacomy, “Gephi: an open source software for exploring and manipulating networks,” in International AAAI Conference on Weblogs and Social Media. Association for the Advancement of Artificial Intelligence, 2009.
M. E. J. Newman, “Analysis of weighted networks,” 2004, arxiv:cond-mat/0407503.
Reynolds, C. W. (1987) Flocks, Herds, and Schools: A Distributed Behavioral Model, in Computer Graphics, 21(4) (SIGGRAPH '87 Conference Proceedings) pp. 25-34.
Rene Marois and Jason Ivanoff, Capacity limits of information processing in the brain, TRENDS in Cognitive Sciences Vol.9 No.6 June 2005
T. M. J. Fruchterman and E. M. Reingold, “Graph drawing by force-directed placement,” Softw: Pract. Exper., vol. 21 no. 11, pp. 1129–1164, Nov. 1991.

For more details visit https://cis-india.org/internet-governance/blog/mining-the-web-collective

The year social media came of age in India

praskrishna — 2012-12-31T03:33:19Z

Sambhavi Saxena, 19, was at Jantar Mantar on December 25 protesting against Nirbhaya's brutal rape when Delhi Police swooped down, rounded her up along with other agitators and took them to the Parliament Street police station. Sambhavi fired tweet after tweet even as she was bundled into a van.

The article by Javed Anwer and Rukmini Shrinivasan was published in the Times of India on December 31, 2012. Sunil Abraham is quoted.

She went on broadcasting to the world all that was happening around her. "Illegally being held here at Parliament St Police Station Delhi w/ 15 other women. Terrified, pls RT," she tweeted. It worked. In a flash, more than 1,700 people retweeted her SOS. Social media analytics firm Favstar later said the message reached over two lakh people.

Police later contested many of Sambhavi's claims. Yet, there was no denying it was her voice that was heard. Her tweets triggered a social media frenzy. The media reacted swiftly. Lawyers volunteered, activists landed up at the police station. Celebrities condemned the action. The police stood no chance.

For the government and keepers of law, it was a PR disaster. They had lost a battle they were accustomed to winning hands down. Now, there was a pesky entity — the public — seeking to change the rules of the game. A teenager armed with a smartphone had used the magic platform called social media to devastating effect, catching the agents of the state flatfooted.

India might have tasted the power of the smartphone first in 2011 when Anna Hazare's stinging anti-corruption message rode the social media wave. But this year saw social media creating a new phenomenon — the rise of the virtually connected Indian youth — which is likely to redraw the terms of engagement between the state and its urban population.

The networking tool that's now a weapon

Finance minister P Chidambaram recently tried to sum up the phenomenon by likening social media-driven snap protests to a flash-mob phenomenon. "Flash mob is a new phenomenon... sometimes they gather to dance and sing. But sometimes they gather to protest... I don't think we are fully prepared to deal with it." Going by the last fortnight, when the government fumbled in dealing with widespread protests over Nirbhaya, the minister's admission was an understatement. Let alone being "fully prepared", they didn't have a clue.

The unbridling of the power of the social media was undoubtedly a top, if not no. 1, trend of 2012 in India. In many cases, it set the agenda of public discourse. As in Palghar, where young Shaheen Dhada's Facebook comment on the shutdown of Mumbai after Bal Thackeray's death kicked off a storm, the virtual world triggered several real-world controversies.

In fits and starts, politicians and the government realized the folly of not joining the fast-unfolding revolution, the exceptions being the Twitter-savvy Shashi Tharoor and Omar Abdullah. The @PMOIndia Twitter handle was born, and today 3.5 lakh people follow it. A host of politicians soon hopped on, realizing the freedom the platform offered for comment on issues, which TV studios didn't.

For Bollywood celebs and cricketers, it became a great way to keep in touch with fans. But the real power of this irreverent and often insolent medium lay with the young aam admi who used social media fearlessly. They voiced their opinion and unsparingly ridiculed leaders with hashtags like #theekhai, making powerful headlines out of what otherwise would have been just whistling in the air.

What's the USP of the social media? On this platform, free speech is unhindered. It's a virtual megaphone with a global reach, as the numbers show. Whether it's Twitter or Facebook, India is a huge presence. Facebook has more than 65 million active users here, putting the country among the top five worldwide in terms of users. Twitter, which has 200 million active users globally, doesn't provide country-specific numbers. But SemioCast, a Paris-based research firm, said in a report in July that India had around 18 million Twitter accounts, placing it sixth among the biggest Twitter nations.

A lot of this social media boom happened in 2012. Research firm SocialBakers estimated in November that the number of Indian Facebook users swelled by 14 million in the past six months. While internet penetration in India is just 11% — three times lower than the global average — around 137million users make the country third biggest in terms of web-connected citizens. Most of these users are urban and young. A Comscore report says 75% of web users here are under-35.

Unlike youngsters in many other countries, Indians are politically active on the web. A Pew Research study this December established that nearly 45% of Indian web users, most of them from urban areas, connect on social media to discuss politics. Only Arab countries scored higher than India on this account. The numbers are backed by GlobalWebIndex, which noted in a September report that India is the third most socially active country with around 78 points.

But this unfettered, unfiltered flow of information and messages showed its ugly side as well. The mischievous rumour-mongering in the wake of the Assam riots was a case in point, as MMSs and incendiary text messages triggered an exodus of people belonging to the northeast from Bangalore, Pune, Chennai and Hyderabad.

Facebook and Twitter started off as friendship and networking tools. But, they have evolved into potent weapons of social mobilization. In a way, India Against Corruption can be credited with starting it in mid-2010. "If you have a worthy cause, social media provides you an unbiased, unfiltered avenue," says Shivendra Chauhan, social media manager for the outfit. "Without it, we wouldn't have got the kind of overwhelming support we received from the youth."

But Sunil Abraham, executive director of the Bangalore-based Centre for Internet and Society, cautions against being overly technologically deterministic. "Technology doesn't have agency; human beings do. Transferring energy from social media on to the streets isn't something that'll happen every time. It depends on whether the message resonates," he says.

While the anti-corruption movement ran on a sophisticated social media strategy and campaign, the ongoing anti-rape protests have no single organizer or banner, just a message that resonates, says Abraham. On the other hand, when Anonymous India called for boots on the ground at its protests against internet censorship, the turnout was poor, far lower than the number of hashtags on Twitter would have indicated, he adds.

Abraham points out there are close linkages between internet, text messages, social media and mainstream media. "These channels leak into each other and the causal connection becomes unclear," he says. Madhuresh Kumar, national coordinator of the National Alliance of People's Movements (NAPM), an umbrella organization of grassroots movements of the marginalized, agrees. "We use social media, not so much to mobilize people to come to our protests, but to mobilize the mainstream media."

The message determines the power of the medium. If it's something that connects viscerally, like the Nirbhaya protests, its power and reach can be beyond imagination. If it is a more niche message, like an SOS for a dwindling fish species, it will reach a smaller, targeted audience such as environmentalists. But it will reach — unhindered in the palm of your hand.

Look at it any which way, it is here to stay. So, it's time for the state to learn to deal with the new power of the ordinary citizen.

For more details visit https://cis-india.org/news/times-of-india-december-31-2012-javed-anwer-and-rukmini-shrinivasan-the-year-social-media-came-of-age-in-india

A note of dissent on cash transfers and UID

praskrishna — 2012-12-31T03:15:26Z

The following is the text of a note released by 208 scholars, activists and concerned citizens on the United Progressive Alliance government’s plan to introduce cash transfers linked to the Aadhaar (UID) numbers of beneficiaries:

This Op-ed was published in the Hindu on December 31, 2012. Sunil Abraham was one of the signatories.

We support cash transfers such as old age pensions, widow pensions, maternity entitlements and scholarships. However, we oppose the government’s plan for accelerated mass conversion of welfare schemes to UID-driven cash transfers. This plan could cause havoc and massive social exclusion. We demand the following:

1. No replacement of food with cash under the Public Distribution System (PDS).

The PDS is a vital source of economic security and nutrition support for millions of people. It should be expanded and consolidated, not dismantled.

2. Immediate enactment of a comprehensive National Food Security Act, including universal PDS.

Instead of diverting the public’s attention with promises of mass cash transfers before the 2014 elections, the government should redeem its promise to enact a National Food Security Act (NFSA).

3. Cash transfers should not be a substitute for public services.

While some cash transfer schemes are useful, they should complement, not be a substitute for the provision of public services such as health care, school education, water supply, basic amenities, and the PDS. These services remain grossly underfunded.

4. Expand and improve appropriate cash transfers without waiting for UID.

There is no need to wait for UID to expand and improve positive cash transfer schemes such as pensions, scholarships and maternity entitlements. For instance, social security pensions should be increased and universalised.

5. No UID enrolment without a legal framework.

Millions of people are being enrolled for UID without any legal safeguards. The UIDAI’s draft bill has been rejected by a parliamentary standing committee. UID enrolment should be halted until a sound legal framework is in place.

6. All UID applications should be voluntary, not compulsory.

UID should never be a condition for anyone to access any entitlements or public services. A convenient alternative should always be available.

7. UID should be kept out of the PDS, NREGA and other essential entitlement programmes for the time being.

Essential services are not a suitable field of experimentation for a highly centralised and uncertain technology. Other applications (e.g. to tax evasion) should be tried first.

List of signatories: Sunil Abraham, Centre for Internet and Society; Amiya Kumar Bagchi, Vice-Chancellor, Tripura University; Kiran Bhatty, Senior Fellow, Centre for Policy Research; Nikhil Dey, Mazdoor Kisan Shakti Sangathan; Jean Drèze, Visiting Professor, Allahabad University; S.S. Gill, Director General, CRRID, Chandigarh; Reetika Khera, Assistant Professor, Indian Institute of Technology, Delhi; A.K. Shiva Kumar, Economist; Lawrence Liang, Alternative Law Forum; Nivedita Menon, Professor, Jawaharlal Nehru University; R. Nagaraj, Professor, Indira Gandhi Institute of Development Research; Farah Naqvi, Writer and Activist; Dr. K. Srinath Reddy; Shantha Sinha, National Commission for the Protection of Child Rights; M.S. Swaminathan, Member of Parliament, Rajya Sabha; Sharmila Tagore; Vamsi Vakulabharanam, Reader, University of Hyderabad; Bezwada Wilson, Safai Karamchari Andolan and 190 others.

For more details visit https://cis-india.org/news/the-hindu-december-31-2012-op-ed-a-note-of-dissent-on-cash-transfers-and-uid