We are anonymous, we are legion

Clicktivism & a brave new world order

nishant — 2011-04-02T01:02:51Z

THE FIRST decade of this century has been one of accelerated change. The proliferation of the Internet has ushered in ubiquitous transformations in the way we live. And yet, the more things change, the more they remain the same.

Certain human values remain sacred. As a result, more and more people have come out to voice their support for equality, justice and non-discrimination. The last ten years have seen the rise of individuals empowered by the Internet to effect change around them. Across the world people have used the power of the digital revolution to fight for issues that are relevant to them. From human rights advocacy to fighting corruption, from mobilising masses for greater participation in the electoral process to campaigning to save the environment, cyber activism has taken many shapes. These instances are shaped as much by the peoples intentions as they are by the regional contexts of the interventions. You too can become a cyber activist, but first, you must first grasp the four principles that power the participation of citizens in the processes of social change and political transformation.

The FOAF Phenomenon

As our lives become more networked because of Facebook, Twitter and Orkut, our contact lists have become more prolific and diverse than the little black book of phone numbers. We have always belonged to different groups, but now digital networks have introduced a phenomenon that is popularly called Friend of a Friend (FOAF). When you add people to your social network, you gain access to their networks and groups, forming weak but significant ties. Most people in the networks inherit at least seven levels of FOAF, thus expanding the scope of their reach. This ability to disseminate messages and ideas across a vast number of people — going viral — is the basis of cyber activism.

Power of Clicktivism

In the digital world, people who might not have the time or resources to participate directly in causes they believe in, find a way of being valuable. Platforms such as Twitter and Tumblr offer participants the ability to relay information and messages to create awareness. People who think of clicktivism as a way of shirking responsibilities in the real world fail to recognise that these clickers have been behind mass mobilisations of opinions and resources.

Virtual Reality Imitates Life

Cyber activism does not mean that the actions remain confined to online spaces. Most successful cyber activism campaigns collapse the real life-virtual reality differences. They seamlessly work in the physical and digital domains, playing on the strengths of both the spaces. They invite and mobilise people to perform actions that range from signing petitions and participating in policy making, to performing random acts of kindness and coordinating flash-mobs as signs of protest.

No Information Fatigue Please!

Even as we droop with information fatigue, there is no denying that the information highway has given us new ways of thinking about the world around us. It is easy now to find an audience for our opinions through blogging platforms such as Wordpress and Blogspot, and the rise of user-generated content sites like Wikipedia and YouTube enable people to question their own assumptions. As a multiplicity of ideas emerge, it paves the way for the rise of a more conscious citizen, aware of their rights and keen for change. At the end of the day, cyber activism is a reminder of the fact change, like charity, begins at home. And the Internet helps in building S.M.A.R.T. (Simple. Moral. Accountable.

Responsible. Transparent) structures that empower citizens to stand up for what they think is right. It reminds us that there is power in words and that powerful words can lead to transformative actions. Cyber activism foregrounds the fact that we do not inherit the world from our ancestors, we borrow it from the future generations, and that we have the power to protect and preserve it.

Read the original article in Mail Today here

For more details visit https://cis-india.org/news/clicktivism-a-brave-new-world-order

Click, Play, Watch

praskrishna — 2012-03-20T12:52:44Z

Filmmakers are casting the net for viewers and opting for online releases to reach out to a wider audience, finds Rinky Kumar in this article published in MidDay on March 18, 2012. Sunil Abraham is quoted in this.

Till some time ago, the movie-going experience was a means for people to spend quality time with their loved ones. An evening planned in detail (right from booking the tickets to buying snacks), followed by dinner was de rigueur. Today, however, that has been replaced by an evening indoors where you can watch a commercial film or a critically-acclaimed documentary within the confines of your home, thanks to online releases.

A growing phenomenon

Take the case of Marathi movie Jana Gana Mana, which released online as well as in theatres on January 26. It wasn't the only one. Oscar-nominated filmmaker Ashvin Kumar released his documentary Inshallah, Kashmir: Living Terror free of charge on YouTube on the same day. The very next month, debutant director Adeeb Rais released his film Kuch Spice To Make It Meetha, starring Purab Kohli, online on February 29.

Jana Gana Mana was the first commercial Marathi film to see an online release

Director Amit Abhyankar's Jana Gana Mana, which revolved around a teacher's relationship with the kids of the Faasi Pardi tribe in rural Maharashtra, garnered as many as 2,000 views within four days of its online release. He says, "We tied up with geodesi.com, which owns filmorbit.com, and ensured that viewers could log on to the site, select Jana Gana Mana and watch the film. While Indian viewers were charged Rs 30, people abroad had to pay $2.99. Surprisingly, only 30 per cent of the audience comprised Indians, the remaining 70 per cent were expatriates from far-flung countries like Tanzania and Israel."

A still from Inshallah, Kashmir: Living Terror, which was released online by director Ashvin Kumar to bypass censorship that his previous two films faced

In fact, Abhyankar has been flooded with requests to screen his movie abroad. He claims that apart from the Maharashtra Mandal of Los Angeles, which approached him to screen the film, 28 shows of the movie have been lined up in various parts of the world till May 5.

Kuch Spice To Make It Meetha recently received the YouTube Bronze Award for Most Trending Video

Likewise, Kumar's documentary, which sees Kashmiris open up about the brutality they suffer at the hands of militants and the Indian state alike, was supposed to become pay-per-view after the first 24 hours. "But when I saw the overwhelming response (over 50,000 views in three days), we kept it free for over a week. These figures are quite impressive since it's an 80-minute film and it's a known fact that India doesn't boast speedy Internet connections. But the fact that people had the patience to watch the film is heartwarming. Also, we didn't promote the film at all, I only posted about it on Facebook," enthuses Kumar.

Rais's film got as many as 1 million hits within three days of its release. Recently it also received the YouTube Bronze Award for the Most Trending Video. This medal is given to videos that have gained huge attention over a certain span of time and are currently seeing exceptional growth in viewership.

A new medium

Why are filmmakers choosing the online medium to release their movies? Some say it gives them an opportunity to showcase their work to the audience without shelling out a lot of money, while for others it is a way of making a statement. After his two earlier films, Inshallah Football and Dazed in Doon were banned, Kumar chose the Internet to screen Inshallah Kashmir to bypass the censor authorities, take a stand against them as well as give viewers the real picture of what is happening in the strife-torn valley. "There were several reasons why I uploaded the film online. Firstly, I wanted to make a statement that pre-censorship of any art form is unnecessary in this age of the Internet when everything can be accessed easily online. Secondly, viewers didn't have to pay for watching it, and that way more people saw what was actually happening in Kashmir," he explains.

For Abhyankar, the primary motive was to reach out to a larger audience. "It's well-known that distribution of Marathi films isn't great. I was very clear that my movie should reach out to more people and shouldn't just be limited to a theatrical release." Twenty-something Rais realised that releasing Kuch Spice To Make It Meetha on the Internet was the only way for him to showcase his work as well as reach out to a large audience. "Since it is a 25-minute short film, I didn't have the option of releasing it commercially. Either I could release it online or screen it at film festivals. The movie is a quirky take on a young commitment-phobic man, so I didn't think it was a good fit for the festival circuit."

According to Rais, he understood that it wasn't an easy task to make an impact in the online world, given the sea of videos that are uploaded every minute. So he decided to market his film well. He explains, "Because the movie was made on a limited budget, I had to seek sponsorship. I tied up with around 17 or 18 brands, including Tata Housing, Bharat Matrimony.com, Miss Malini.com and Upper Crust to market the film through online contests."

Sociological change

What has led to this phenomenon? Sunil Abraham, Executive director of Centre for Internet and Society, Bengaluru, explains, "The times are changing. Earlier, creative artistes depended on intermediaries like studios, TV channels and theatres to screen their work and connect with viewers. Now, they are looking at the online medium to connect with the audience directly."

Kumar couldn't agree more. He opines that he had uploaded Inshallah Kashmir with an open mind and accepted the bouquets and brickbats with equal aplomb. "The Internet is a fairly democratic medium. Your audience shares views, opinions and abuses. While some loved the movie, others called me an Islamic fundamentalist. But I didn't mind as it was their honest opinion."

According to Abhyankar, the online medium is a boon for filmmakers as it is the only way for them to earn a considerable profit individually without sharing it with other entities. "When your movie is screened at theatres, apart from paying the satellite agencies for beaming the film, you have to incur expenses for screen prints and advertising. Later, you have to recover your money from exhibitors, which can be a long-winded process. In case of an online medium, the money is transferred directly to your account. Apart from converting the film into a format that can be viewed by everyone, you don't have to invest too much money."

Filmmakers also love that there is no pre-screening process involved online. "Only after the movie is uploaded and a user comments against objectionable or defamatory content, can it be removed from the website," informs Abraham.

Looking ahead

With the expanding reach of the Internet, filmmakers believe this trend will only grow. On their part, they are looking to explore it further. Enthused by the response to Jana Gana Mana, Abhyankar is now planning to make it available offline too. He shares, "Right now we are in talks with a company that has a unique technology whereby you don't have to visit the site and stream the movie. The technology enables viewers to get offline copies of the movie, which you can copy onto your pen drive. Once you connect your pen drive to the computer, the software will automatically connect you to the site and you have to just make the payment. In a few months time, we are also looking at releasing ad-supported versions of the film wherein viewers don't have to pay to watch the movie but will have to see it along with all the ads." As Rais, who is working on another project, Beyond Hatke, which will have an online release in October this year, says on a parting note, "Today people no longer have to go to theatres to watch a film, they can see movies on their laptops, mobile phones, while doing household chores and travelling to work. The Internet is definitely a boon for everyone."

The history of online releases

Rajshri Films released its Shahid Kapoor-Amrita Rao-starrer Vivah simultaneously in cinema halls and on the production company's official site -- Rajshri.com in 2006. The site served one million streams within seven days of its release. Each stream was priced at $9.99 approximately and the company managed to earn Rs.4.5 crore in the first week itself.
Siddharth-starrer Striker had a theatrical release in India and premiered exclusively for its foreign audiences through YouTube in 2010. While the movie was available for rent on YouTube in the US, in other foreign countries, people could view it for free on Studio18's YouTube channel.
After selling the film's soundtrack exclusively through the digital medium, the makers of F.A.L.T.U, released their movie simultaneously in Indian theatres and on the online medium for foreign audiences in 2011. Viewers had to pay a booking fee of $2.89 in order to watch the stream on www.zeetv.com/faltu.

Read the original published in MidDay

For more details visit https://cis-india.org/news/click-play-watch

Click to Change

nishant — 2012-01-03T09:35:56Z

From organising political protests and flash mobs to uploading their versions of Kolaveri Di, people brought about change with the help of the internet, writes Nishant Shah in this article published in the Indian Express on 1 January 2012.

2011 was a year of connections. At the turn of the last decade, there were many qualms that we are all becoming “alone together”. There was fear that digital webs are building societies of isolated individuals. It was presumed that as cellphones become ubiquitous, broadband becomes affordable, and the digital realm emerges as a significant arbitrator of our everyday life, human connections will lose out to digital connectivity. However, the course of the year has shown that the wide and democratic access to digital and internet technologies has led to creative forms of connections between people. Researchers have proved that the social web has decreased the social gaps between people — the six degrees of separation is now reduced to 4.7 degrees of distance.

Here is a look at five areas that changed dramatically in 2011 as digital proximities shaped closer human relations.

The Political: From the Arab Spring and the iconic gathering of people at Tahrir Square in Cairo, Egypt, to the unprecedented mobilisation of people who came out in support of Team Anna’s anti-corruption campaign in India, to the Occupy movements across the world, people reshaped themselves as citizens in 2011. The ability of social networking sites to pass messages, and to share ideas and inspire people to take to the streets has changed the world as we know it. Instead of being passive observers of political protests, thousands of people took to the streets, demanding their rights and expressing their opinions on the politics of their countries.

The Social: This was also the year of the flash mob. After the first excitement in 2003, when the first flash mob was orchestrated in Mumbai, the idea had fizzled out, facing legal opposition and social disinterest. However, in 2011, the flash mob came back with a vengeance — from the ‘slut walks’ which addressed public sexual harassment in our cities, to the organised and ‘permitted’ dance performance at the Chhatrapati Shivaji Terminus in Mumbai. Planned and executed through viral media, social web and cellphone messages, flash mobs allow people to explore new relationships with malls and roads.

The Cultural: Bollywood took to the digital world this year, with celebrity blogs and tweets about their personal lives (remember the craze around the Bachchan baby), professional relationships and upcoming movies. Movies like Ra.One experimented with social media integration, producing gaming platforms and interactive environments for fans. However, it was all eclipsed by the rage that asked the simple question: “Why this Kolaveri Di?” What started off as a promo for an upcoming film became one of the most shared videos of the year, leading to thousands of people uploading their versions of the song, recorded with cheap digital video devices.

The Economic: Perhaps one of the most dramatic changes has been the way corporate houses have started harnessing the power of the Web to go beyond just selling. While advertorials and commissioned bloggers are still going strong, there is a clear recognition that the social web might be one of the ways to influence people towards becoming more responsible citizens. Big Cinema’s magnificent “silent” national anthem that captures children with speech and hearing disability performing to Jana Gana Mana stole our hearts at the beginning of the year, and was followed quickly by Aircel’s campaign, Save Our Tigers.

The Personal: 2011 was a year of crises: natural disasters that destroyed cities in the US, Thailand, New Zealand, the nuclear crisis at the Fukushima prefecture in Japan, or the bomb blasts in Mumbai and Delhi. No matter where, netizens emerged as heroes. They created Facebook pages to mobilise resources, built Twitter hashtags to offer help, organised information mashups to keep people updated and offered help to those who needed it. People of the year, this year, were people, who showed how their spaces of leisure and entertainment are also spaces through which they can reach out to strangers online.

If 2011 has shown us anything, it is that technologies in themselves are neither the problem nor the solution. It is the people who use them and inhabit them that shape the futures of our technology landscapes. And we might be spending more time behind an interface but that seems to make us only more human.

Read the original published by the Indian Express

For more details visit https://cis-india.org/internet-governance/click-change

Clearing Misconceptions: What the DoT Panel Report on Net Neutrality Says (and Doesn't)

pranesh — 2015-07-21T12:36:26Z

There have been many misconceptions about what the DoT Panel Report on Net Neutrality says: the most popular ones being that they have recommended higher charges for services like WhatsApp and Viber, and that the report is an anti-Net neutrality report masquerading as a pro-Net neutrality report. Pranesh Prakash clears up these and other incorrect notions about the report in this brief analysis.

Background of the DoT panel

In January 2015, the Department of Telecommunication (DoT) formed a panel to look into "net neutrality from public policy objective, its advantages and limitations," as well the impact of a "regulated telecom services sector and unregulated content and applications sector". After spending a few months collecting both oral and written testimony from a number of players in this debate, and analysing it, on July 16 that panel submitted its report to the DoT and released it to the public for comments (till August 15, 2015). At the same time, independently, the Telecom Regulatory Authority of India (TRAI) is also considering the same set of issues. TRAI received more than a million responses in response to its consultation paper — the most TRAI has ever received on any topic — the vast majority of of them thanks in part to the great work of the Save the Internet campaign. TRAI is yet to submit its recommendations to the DoT. Once those recommendations are in, the DoT will have to take its call on how to go ahead with these two sets of issues: regulation of certain Internet-based communications services, and net neutrality.

Summary of the DoT panel report

The DoT panel had the tough job of synthesising the feedback from dozens of people and organizations. In this, they have done an acceptable job. Although, in multiple places, the panel has wrongly summarised the opinions of the "civil society" deponents: I was one of the deponents on the day that civil society actors presented their oral submissions, so I know. For instance, the panel report notes in 4.2.9.c that "According to civil society, competing applications like voice OTT services were eroding revenues of the government and the TSPs, creating security and privacy concerns, causing direct as well as indirect losses." I do not recall that being the main thrust of any civil society participant's submission before the panel. That having been said, one might still legitimately claim that none of these or other mistakes (which include errors like "emergency" instead of "emergence", "Tim Burners Lee" instead of "Tim Berners-Lee", etc.) are such that they have radically altered the report's analysis or recommendations.

The report makes some very important points that are worth noting, which can be broken into two broad headings:

On governmental regulation of OTTs

Internet-based (i.e., over-the-top, or "OTT") communications services (like WhatsApp, Viber, and the like) are currently taking advantage of "regulatory arbitrage": meaning that the regulations that apply to non-IP communications services and IP communications services are different. Under the current "unified licence" regime, WhatsApp, Viber, and other such services don't have to get a licence from the government, don't have to abide by anti-spam Do-Not-Disturb regulations, do not have to share any part of their revenue with the government, do not have to abide by national security terms in the licence, and in general are treated differently from other telecom services. The report wishes to bring these within a licensing regime.
The report distinguishes between Internet-based voice calls (voice over IP, or VoIP) and messaging services, and doesn't wish to interfere with the latter. It also distinguishes between domestic and international VoIP calls, and believes only the former need regulation. It is unclear on what bases these distinctions are made.
OTT "application services" do not need special telecom-oriented regulation.
There should a separation in regulatory terms between the network layer and the service layer. While this doesn't mean much in the short-term for Net neutrality, it will be very important in the long-term for ICT regulation, and is very welcome.

On Net neutrality

The core principles of Net neutrality — which are undefined in the report, though definitions proposed in submissions they've received are quoted — should be adhered to. In the long-run, these should find place in a new law, but for the time being they can be enforced through the licence agreement between the DoT and telecom providers.
On the contentious issue of zero-rating, a process that involves both ex-ante and ex-post regulation is envisaged to prevent harmful zero-rating, while allowing beneficial zero-rating. Further, the report notes that the supposed altruistic or "public interest" motives of the zero-rating scheme do not matter if they result in harm to competition, distort consumer markets, violate the core tenets of Net neutrality, or unduly benefit an Internet "gatekeeper".

Where does the DoT panel report go wrong?

The proposal by the DoT panel of a licensing regime for VoIP services is a terrible idea. It would presumptively hold all licence non-holders to be unlawful, and that should not be the case. While it is in India's national interest to want to hold VoIP services to account if they do not follow legitimate regulations, it is far better to do this through ex-post regulations rather than an ex-ante licensing scheme. A licensing scheme would benefit Indian VoIP companies (including services like Hike, which Airtel has invested in) over foreign companies like Viber. The report also doesn't say how one would distinguish between OTT communication services and OTT application services, when many apps such as food ordering apps, including text chat facilities. Further, VoIP need not be provided by a company: I run my own XMPP servers, which is a protocol used for both text and video/voice. Will a licensing regime force me to become a licence-holder or will it set a high bar? The DoT panel report doesn't say. Will there be a revenue-sharing mechanism, as is currently the case under the Unified Licence? If so, how will it be calculated in case of services like WhatsApp? These questions too find no answer in the report. All in all, this part of the report's analysis is found to be sadly wanting.
Many important terms are left undefined, and many distinctions that the report draws are left unexplained. For instance, it is unclear on what regulatory basis the report distinguishes between domestic and international VoIP calls — which is an unenforceable (not to mention regulatorily unimportant) distinction — or between regulation of messaging services and VoIP services, or what precisely they mean by "application-agnostic" and "application-specific" network management (since different scholars on this issue mean different things when they say "application").

What does the DoT panel report mean for consumers?

Not too much currently, since the DoT panel report is still just a set of recommendations by an expert body based on (invited) public consultations.
Does it uphold Net neutrality? The DoT panel report is clear that they strongly endorse the "core principles of Net neutrality". On the issue of "zero-rating", the panel proposes some sound measures, saying that there should be a two-part mechanism for ensuring that harmful zero-rating doesn't go through: First, telecom services need to submit zero-rating tariff proposals to an expert body constituted by DoT; and second consumers will be able to complain about the harmful usage of zero-rating by any service provider, which may result in a fine. What constitutes harm / violation of Net neutrality? The panel suggests that any tariff scheme that may harm competition, distorts the consumer market, or violates the core principles of Net neutrality is harmful. This makes sense.
Will it increase cost of access to WhatsApp and Viber? Well, one the one hand, zero-rating of those services could decrease the cost of access to WhatsApp and Viber, but that might not be allowed if the DoT panel recommendations are accepted, since that would possibly be judged to harm competition and distort the consumer markets. The DoT panel has also recommended bringing such services within a licensing framework to bridge the "regulatory arbitrage" that they are able benefit from (meaning that these services don't have to abide by many regulations that a telecom provider has to follow). Whether this will lead to WhatsApp and similar services charging depends on what kinds of regulations are placed on them, and if any costs are imposed on them. If the government decides to take the approach they took to ISPs in the late 90s (essentially, charging them Re. 1 as the licence fee), doesn't impose any revenue sharing (as they currently require of all telecom services), etc., then there needn't be any overly burdensome costs that WhatsApp-like services will need to pass on to consumers.

What misunderstandings do people have?

There are multiple news reports that the DoT panel has recommended increased charges for domestic VoIP calls, or that ISPs will now be able to double-charge. Both of these are untrue. The DoT panel's recommendations are about "regulatory arbitrage" and licensing, which need not be related to cost.
There is a fear that the exception from net neutrality of "managed services and enterprise services" is a "loophole", or that exceptions for "emergency services" and "desirable public or government services" are too vague and carry the potential of misuse. If one goes by the examples that the panel cites of managed services (e.g., services an ISP provides for a private company separately from the rest of the Internet, etc.), these fear seems largely misplaced. We must also realize the the panel report is a report, and not legislation, and the rationale for wanting exemptions from Net neutrality are clear.
The DoT panel has given the go-ahead for zero-rating. Once again, this is untrue. The panel cites instances of zero-rating that aren't discriminatory, violative of Net neutrality and don't harm competition or distort consumer markets (such as zero-rating of all Internet traffic for a limited time period). Then it goes on to state that the regulator should not allow zero-rating that violates the core principles of Net neutrality.

What's missing in the Net neutrality debate is nuance. It's become a debate in which you are either for Net neutrality or against it. However, none of the underlying components of Net neutrality — a complex mix of competition policy, innovation policy, the right to freedom of expression, etc. — are absolutes; therefore, it is clear that Net neutrality cannot be an absolute either.

For more details visit https://cis-india.org/internet-governance/blog/clearing-misconceptions-dot-panel-net-neutrality

Clear and Present Danger: Attempts to Change Internet Governance and Implications for Press Freedom

praskrishna — 2012-06-29T03:59:39Z

The event was organised by National Endowment for Democracy in Washington, D.C., on June 26, 2012. Emma Llansó, Rebecca MacKinnon, Emin Milli, Susan Morgan and Katitza Rodriguez were the speakers.

Pranesh Prakash participated in the event. Susan Morgan from Global Network Initiative was the moderator.

More details are published on the National Endowment for Democracy website.

For more details visit https://cis-india.org/news/clear-and-present-danger

Clause 12 Of The Data Protection Bill And Digital Healthcare: A Case Study

amber — 2022-03-01T15:07:44Z

In light of the state’s emerging digital healthcare apparatus, how does Clause 12 alter the consent and purpose limitation model?

The blog post was published in Medianama on February 21, 2022. This is the second in a two-part series by Amber Sinha.

In the previous post, I looked at provisions on non-consensual data processing for state functions under the most recent version of recommendations by the Joint Parliamentary Committee on India’s Data Protection Bill (DPB). The true impact of these provisions can only be appreciated in light of ongoing policy developments and real-life implications.

To appreciate the significance of the dilutions in Clause 12, let us consider the Indian state’s range of schemes promoting digital healthcare. In July 2018, NITI Aayog, a central government policy think tank in India released a strategy and approach paper (Strategy Paper) on the formulation of the National Health Stack which envisions the creation of a federated application programming interface (API)-enabled health information ecosystem. While the Ministry of Health and Family Welfare has focused on the creation of Electronic Health Records (EHR) Standards for India during the last few years and also identified a contractor for the creation of a centralised health information platform (IHIP), this Strategy Paper advocates a completely different approach, which is described as a Personal Health Records (PHR) framework. In 2021, the National Digital Health Mission (NDHM) was launched under which a citizen shall have the option to obtain a digital health ID. A digital health ID is a unique ID and will carry all health records of a person.

A Stack Model for Big Data Ecosystem in Healthcare

A stack model as envisaged in the Strategy Paper, consists of several layers of open APIs connected to each other, often tied together by a unique health identifier. The open nature of APIs has the advantage that it allows public and private actors to build solutions on top of it, which are interoperable with all parts of the stack. It is however worth considering both the ‘openness’ and the role that the state plays in it.

Even though the APIs are themselves open, they are a part of a pre-decided technological paradigm, built by private actors and blessed by the state. Even though innovators can build on it, the options available to them are limited by the information architecture created by the stack model. When such a technological paradigm is created for healthcare reform and health data, the stack model poses additional challenges. By tying the stack model to the unique identity, without appropriate processes in place for access control, siloed information, and encrypted communication, the stack model poses tremendous privacy and security concerns. The broad language under Clause 12 of the DPB needs to be looked at in this context.

Clause 12 allows non-consensual processing of personal data where it is necessary “for the performance of any function of the state authorised by law” in order to provide a service or benefit from the State. In the previous post, I had highlighted the import of the use of only ‘necessity’ to the exclusion of ‘proportionality’. Now, we need to consider its significance in light of the emerging digital healthcare apparatus being created by the state.

The National Health Stack and National Digital Health Mission together envision an intricate system of data collection and exchange which in a regulatory vacuum would ensure unfettered access to sensitive healthcare data for both the state and private actors registered with the platforms. The Stack framework relies on repositories where data may be accessed from multiple nodes within the system. Importantly, the Strategy Paper also envisions health data fiduciaries to facilitate consent-driven interaction between entities that generate the health data and entities that want to consume the health records for delivering services to the individual. The cast of characters involve the National Health Authority, health care providers and insurers who access the National Health Electronic Registries, unified data from different programmes such as National Health Resource Repository (NHRR), NIN database, NIC and the Registry of Hospitals in Network of Insurance (ROHINI), private actors such as Swasth, iSpirt who assist the Mission as volunteers. The currency that government and private actors are interested in is data.

The promised benefits of healthcare data in an anonymised and aggregate form range from Disease Surveillance to Pharmacovigilance as well as Health Schemes Management Systems and Nutrition Management, benefits which have only been more acutely emphasised during the pandemic. However, the pandemic has also normalised the sharing of sensitive healthcare data with a variety of actors, without much thinking on much-needed data minimisation practises.

The potential misuses of healthcare data include greater state surveillance and control, predatory and discriminatory practices by private actors which rely on Clause 12 to do away with even the pretense of informed consent so long as the processing of data is deemed necessary by the state and its private sector partners to provide any service or benefit.

Subclause (e) in Clause 12, which was added in the last version of the Bill drafted by MeitY and has been retained by the JPC, allows processing wherever it is necessary for ‘any measures’ to provide medical treatment or health services during an epidemic, outbreak or threat to public health. Yet again, the overly-broad language used here is designed to ensure that any annoyances of informed consent can be easily brushed aside wherever the state intends to take any measures under any scheme related to public health.

Effectively, how does the framework under Clause 12 alter the consent and purpose limitation model? Data protection laws introduce an element of control by tying purpose limitation to consent. Individuals provide consent to specified purposes, and data processors are required to respect that choice. Where there is no consent, the purposes of data processing are sought to be limited by the necessity principle in Clause 12. The state (or authorised parties) must be able to demonstrate necessity to the exercise of state function, and data must only be processed for those purposes which flow out of this necessity. However, unlike the consent model, this provides an opportunity to keep reinventing purposes for different state functions.

In the absence of a data protection law, data collected by one agency is shared indiscriminately with other agencies and used for multiple purposes beyond the purpose for which it was collected. The consent and purpose limitation model would have addressed this issue. But, by having a low threshold for non-consensual processing under Clause 12, this form of data processing is effectively being legitimised.

For more details visit https://cis-india.org/internet-governance/blog/medianama-february-21-2022-amber-sinha-data-protection-bill-digital-healthcare-case-study

Class attendance rises after restriction on Internet use

radha — 2011-04-02T14:58:35Z

by Neha Bhayana, Hindustan Times (Mumbai, September 06, 2009)

When IIT-Bombay restricted Internet use on campus in March 2007, the decision created a furore.
The premier engineering institute was accused of taking students to the Dark Ages and likened with Chinese clinics that use shock therapy to ‘cure’ Internet addicts.
The American Psychiatric Association is now considering including Internet Addiction Disorder as a formal diagnosis.
Experts around the world are debating whether governments should monitor Internet use so that people don’t become addicted to the Web.
IIT-Bombay’s student welfare dean Prakash Gopalan is glad they had the foresight to keep a check on Internet use. “The attendance in morning classes has gone up, more students are participating in sporting and cultural activities and they are seen socialising in the common rooms,” he said.
IITians are not allowed to use the Net between midnight and 7 am. The institute had restricted its use after two suicides in 2005-06 were linked to it.
Nishant Shah from The Centre for Internet and Society at Bangalore, however, said the regulations were unnecessary.
“Internet is just a gateway. There is nothing wrong with the technology. We should educate people to make their engagement with the Internet more productive,” he said.
Reformed Net addicts Ramya (30), and Moksh Juneja (27) said there is no need to have regulations. “Adults should be allowed to decide what is best for them. It is not fair to govern Internet use,” said Ramya, who restricted her Internet use because of neck pain.

For more details visit https://cis-india.org/news/class-attendance-rises-after-restriction-on-internet-use

Clash of the cyberworlds

praskrishna — 2013-01-15T06:57:48Z

In an increasingly digital world, the issue of Internet freedom and governance has become hugely contested. Censorship and denial of access occur across the political spectrum of nations, even in liberal democracies.

The article by Latha Jishnu, Dinsa Sachan and Moyna was published in Down to Earth magazine's January 15, 2013 issue. Pranesh Prakash is quoted.

In run-up to the just-concluded World Conference on International Telecommunications in Dubai, there was a frenzied campaign to ensure that governments kept their hands off the Internet. It was feared the International Telecommunications Union, a UN body, was aiming to take control of the Internet. That hasn’t happened. But the outcome in Dubai has highlighted once again the double speak on freedom by countries that claim to espouse it and by corporations interested in protecting their interests, says Latha Jishnu, who warns that the major threat to the Internet freedom comes from the wide-ranging surveillance measures that all governments are quietly adopting. Dinsa Sachan speaks to institutions and officials to highlight the primacy of cyber security for nations, while Moyna tracks landmark cases that will have a bearing on how free the Net remains in India.

For months now a little-known UN agency, the International Telecommunication Union (ITU), has been looming large in cyberspace, portrayed as an evil force plotting to take over the Internet and threatening to destroy its freedom by rewriting archaic regulations. ITU, set up in 1865, is primarily a technical body that administers a 24-year-old treaty, International Telecommunication Regulations (ITRs), which are basic principles that govern the technical architecture of the global communication system.

	How did the 193-nation ITU, which regulates radio spectrum, assigns satellite orbits and generally works to improve telecom infrastructure in the developing world, turn into everyone’s favourite monster in the digital world? The provocation was ITU’s World Conference on International Telecommunications (WCIT) in Dubai, where ITRs were proposed to be revised. Leaked documents of the proposals made to ITU had shown that statist countries like Russia and China, known for their crackdown on Internet freedom, had put forward proposals to regulate digital “crime” and “security” aspects that are currently not regulated at the global level for want of consensus on balancing enforcement with protection of individual rights.

Other proposals were about technical coordination and the setting up of standards that enable all the devices, networks and software across the Internet to communicate and connect with one another. Although ITU secretary general Hamadoun I Touré had emphasised that the Dubai WCIT was primarily attempting to chart “a globally agreed-upon roadmap that offers future connectivity to all, and ensures sufficient communications capacity to cope with the exponential growth in voice, video and data”, there was widespread scepticism among developed countries.

Online subversion in India AT the seventh annual meeting of the Internet Governance Forum in Baku, Azerbaijan, last November, Minister for Communications and Information Technology Kapil Sibal was a star turn. He made an elevating speech about the need to put in place a “collaborative, consultative, inclusive and consensual” system for dealing with policies involving the Internet. India, with 125 million Internet users—a number that “is likely to grow to about half a billion over the next few years”—would be a key player in the cyberworld of tomorrow, he promised. According to the minister, Internet governance was an oxymoron because the concept of governance was for dealing with the physical world and had no relevance in cyberspace. These were high sounding words that crashed against the reality of India’s paranoia over online subversion. For starters, Sibal flew into a media blitz over Google’s transparency Report which ranked India second globally in accessing private details of its citizens. Even if it was a far second behind the US, it was an embarrassing revelation for the government which appears to have been rather enthusiastic in seeking information on the users of its various services. Such user data would include social networking profiles, complete gmail accounts and search terms used. In the first half of 2012, India made 2,319 requests related to 3,467 users compared with 7,969 requests by the US. Globally, Google clocked a total of 20,938 requests for user data. A few days down the line there was a public explosion over the arrest of two young women in Palghar, near Mumbai, for posting a prosaic comment on Facebook over Bal Thackeray’s death. Thanks to the deliberately vague wording of Section 66A of the IT Act, such arrests have become common and Rajya Sabha devoted a whole afternoon to discuss the impugned legislation and seek its withdrawal. Sibal’s response has been to issue guidelines on the use of this Section which civil society organisations say will do nothing to sort out matters. Then there are the IT (Intermediaries Guidelines) Rules, 2011, issued under Section 79 of the IT Act, which have been used indiscriminately by business interests to shut down websites, resulting in unbridled censorship of the Internet time and again. Although a motion for its annulment was moved in Parliament by Rajya Sabha member P Rajeeve, it was withdrawn after Sibal promised to talk to all stakeholders. A host of MPs have termed the rules a violation of right to freedom of speech besides going against the laws of natural justice. The promised meeting of stakeholders has not yielded any results and censorship on grounds of possible online piracy continues. In this regard, India is more restrained than the US which has pulled down huge numbers of domains on the ground they were violating intellectual property by selling pirated goods.

Western global powers, behemoth Internet companies, private telecom corporations and almost the entire pack of civil liberties organisations came together in a frenzied campaign to ensure that ITU kept its hands off the Internet. Massive online petitions were launched, backed by Internet companies such as search engine Google and social networking service Facebook. The Internet, they said, should not become an ITU remit because it would change the multi-stakeholder approach, which currently marks the way the Internet is governed, and replace it with government control that would curb digital freedom. Not only did the US administration oppose the revision of ITRs, the US Congress also passed a rare unanimous resolution against the WCIT proposals.

In the end, it was an anti-climax: nothing much came of these proposals. Although WCIT was marked by high drama—a walkout by the US and six European countries, a show of hands on a contested but innocuous resolution and an unexpected vote—the “final acts” (http://www.itu.int/en/wcit-12/Documents/final-acts-wcit-12.pdf) or the changes in ITRs make no mention of the I word. Not once. The 30-page document states at the outset that “these regulations do not address the content-related aspects of telecommunications” —an indirect reference to the Internet.

	Ultimately, it was a triumph of the US-led position even if 89 of the 144 eligible countries signed it. Most of the developed countries refused to sign it. Nor, unexpectedly, did India, and thereby hangs a curious tale. Officials who were privy to the negotiations told Down To Earth that India was all set to sign the new ITRs when its delegation got last-minute instructions from Delhi not to endorse them. “It was unexpected and a let-down for India and our global allies,” confesses an official of the Ministry of Communications & IT. “There was nothing in the final document that we had objections to.” According to the grapevine, Minister for Communications and Information Technology Kapil Sibal was facing pressure from two sides: the US Administration and domestically from civil society, Internet service providers and the private telecom players who had objected to India’s proposals on ITRs. The US is known to be keeping a close eye on what India decides to do on the new treaty which it can still ratify. In the Dubai treaty, the only ITR that does impinge on the Net is (Article 5B) on unsolicited bulk electronic communications or spam. But even here, what it merely states is that member-states should endeavour to take necessary measures to prevent the “propagation of unsolicited bulk electronic communications and minimize its impact on international telecommunication services.”

In many ways, what took place during the hectic days before and during the December 3-14 WCIT was in a broad sense a replay of the Cold War scenario of the good (freedom-loving countries) versus evil (authoritarian or autocratic regimes), although alliance may have shifted in the two blocs. What is clear is that a larger geopolitical fight is playing out with the Internet as disputed terrain. American analysts themselves have pointed out that the “US got most of what it wanted. But then it refused to sign the document and left in a huff.”

Even the innocuous Article 5A, which calls on members “to ensure the security and robustness of international telecommunication networks”, was interpreted by US delegation head Terry Kramer as a means that could be used by some governments to curb free speech!

As an outraged Saudi delegate said, “It is unacceptable that one party to the conference gets everything they want and everybody else must make concessions. And after having made many concessions, we are then asked to suppress the language which was agreed to. I think that that is dangerous. We are on a slippery slope.” The final outcome: all the contentious issues were relegated to resolutions, which have no legal basis.

Indeed, the US has managed to get its way on most issues: protecting the mammoth profits of its Internet companies and ensuring that control of the Internet address system, now done by a group based in the US, will not be shared with other ITU members. And, the likes of Google (2011 profit: $37.9 billion) and Facebook will not have to pay telecom companies for use of their networks to deliver content.

Challenges of securing cyberworld

E-commerce in India, where every tenth person is online, is on the rise—and, consequently, crime on the Internet. In 2011, the country’s nodal agency for handling cyber crime, Indian Computer Emergency Response Team, tackled 13,301 incidences of security breach. The incidents ran the gamut from website intrusions, phishing to network probing and virus attacks. Further, in 2009, 2010, 2011 and 2012 (until October), there were 201, 303, 308 and 294 cyber attacks respectively on sites owned by the Indian government. Most notably, hacker group Anonymous defaced the website of Union Minister of Communications and Information Technology, Kapil Sibal.

To beef up cyber security, the Union ministry plans to pump in Rs 45 crore in 2012-13. It also put up a draft cyber security policy for public comments in 2011. Currently, cases involving cyber security and crime are handled under the IT Act of 2000 (Amendment 2008) and the Indian Penal Code.

But will the government go about its business of securing the Net in a responsible manner? There is scepticism. Section 69 of the Act gives any government agency the right to “intercept, monitor or decrypt” information online. Chinmayi Arun, assistant professor of law at National Law University in Delhi, said at the Internet Governance Conference held at FICCI in October that crimes like defamation are not on the same page as cyber terrorism, and “we have to question whether they warranty invasion of privacy”. She added that the workings of the surveillance system has to be made more open to build public trust.

Pranesh Prakash, policy director at Centre for Internet and Society (CIS) in Bengaluru, draws attention to a fundamental flaw in the section. “Government is allowed to wire tap under the Telegraph Act, 1885. But the Act lays out specific guidelines for such an action. For example, you can only tap phones in the case of a ‘public emergency’ or ‘public safety’ situation. The IT Act does not put such limitations on interception of information,” he says.

Cyber security and ITU

A few months prior to the controversial World Conference on International Telecommunications in Dubai, countries, including Russia and Arab states, had proposed measures that would, through International Telecommunication Union (ITU), grant disproportional power to countries to control the Internet in the name of security measures. Several proposals, most notably those of India and Arab States, explicitly stated in the proposed Article 5A that countries should be able to “undertake appropriate measures, individually or in cooperation with other Member States” to tackle issues relating to “confidence and security of telecommunications/ICTs”. It raised alarm among civil society. US-based think tank Center for Democracy and Technology (CDT) said in its report dated September, 2012, that cyber security does not fall under the ambit of International Telecom Regulations, and some countries would misuse such privileges for “intrusive or repressive measures”.

The proposal by African member states recommended that nations should “harmonise their laws” on data retention. In other words, intermediaries would have to retain public data for a long period so that governments can access it whenever they please. With regard to this, CDT noted, “Not only do national laws on data retention vary greatly, but there is ongoing controversy about whether governments should impose data retention mandates at all.”

A clause in the Arab proposal on routing said, “A Member State has the right to know how its traffic is routed.” Currently, the way Internet works, senders and recipients do not know how data between their computers travels or is routed. However, enabling countries to have control over routing has its dangers. CDT notes, “(This) would simply not work and could fundamentally disrupt the operation of the Internet.” Internet traffic travels over an IP network. While travelling, it is fragmented into small packets. Packets generally take a different path across interconnected networks in many different countries before reaching the recipient’s computer. CDT notes providing routing information to countries would require “extensive network engineering changes, not only creating huge new costs, but also threatening the performance benefits and network efficiency of the current system”. Although routing was not part of India’s proposal, Ram Narain, deputy director general at the department of telecommunications, told Down To Earth it was one of the country’s concerns.

However, to civil society’s partial relief, such draconian cyber security clauses were not adopted in the new itr treaty. Two clauses added to the treaty, Article 5A and 5B, address some cyber security concerns. Titled “Security and robustness of networks”, Article 5A urges countries to “individually and collectively endeavour to ensure the security and robustness of international telecommunication networks”. Article 5B talks about keeping tabs on spam.

Prasanth Sugathan, senior advocate with Software Freedom Law Centre, an international network of lawyers, says while he would have preferred that the two clauses were kept out of the new treaty, they do not seem harmful. “They are a much toned down version of what Arab states and Russia had suggested,” he says.

This is one reason India, Brazil and other democracies from the developing world also want a change in ITRs. They want the Internet behemoths to pay for access to their markets so that such revenues can be used to build their own Internet infrastructure.

In the furious debate on keeping the Net free of international control even hawk-eyed civil society organisations prefer to ignore the monetary aspects of Net control. Some analysts believe that maintaining the status quo is not so much about protecting the values of the Internet as about safeguarding interests, both monetary and hegemonistic. Such an assessment may not be wide of the mark if one joins the dots. Google, says a Bloomberg report of December 10, “avoided about $2 billion in worldwide income taxes in 2011 by shifting $9.8 billion in revenues into a Bermuda shell company, almost double the total from three years before”. It also said that the French, Italian, British and Australian governments are probing Google’s tax avoidance in its borderless operations.

	What is clear, however, is that a number of countries for reasons springing from different motivations, appear determined to undermine America’s control of the outfits that now define how the Internet works. Although the US maintains that ICANN (Internet Corporation for Assigned Names and Numbers) is a private, non-profit corporation, it is overseen by the US Commerce Department. According to People’s Daily, what the US spouts about Net freedom is so much humbug. In an August 2012 report, the leading Chinese daily claimed the US “controls and owns all cyberspaces in the world, and other countries can only lease Internet addresses and domain names from the US, leading to American hegemonic monopoly over the world’s Internet”. It also highlighted a fact that has slipped below the radar. During the Iraq invasion, the US government asked ICANN to terminate services to Iraq’s top-level domain name “.iq” and thereafter all websites with the domain name “.iq” disappeared overnight. It charges the US with having “taken advantage of its control over the Internet to launch an invisible war against disobedient countries and to intimidate and threaten other countries”. While this may be true, the irony is that China, with its great firewall of censorship, is in no shape to position itself as a champion of freedom. Like other authoritarian countries, it will do everything to police the Net and control it.

The right of countries and peoples to access the Net was highlighted in Dubai when some African countries raised the issue of US control of the global Internet. Some of these, such as Sudan, have long been complaining about Washington’s sanctions that entail denial of Internet services. ITU officials point out that Resolution 69, first passed in the 2008 meeting, invoked again in 2010 and dusted off once again for the WCIT negotiations, invoked “human rights” to argue for “non-discriminatory access to modern telecom/ ICT facilities, services and applications”. Says Paul Conneally, head of Communications & Partnership Promotion at ITU, “The real target of these resolutions are US sanctions imposed on nations that are deemed bad actors. These sanctions mean that people in those countries—not just the government, mind you, but everyone, innocent and guilty alike—are denied access to Internet services such as Google, Sourceforge, domain name registrars such as GoDaddy, software and services from Oracle, Windows Live Messenger, etc.”

The catalogue of Sudan’s complaints shows at least 27 instances in 2012 when companies from Google to Microsoft and Paypal to Oracle cut off their services to the African country. This might explain why major companies would be opposed to the resolution on a right to access Internet services. Such a right would allow countries to use ITRs to compel them to provide services they might otherwise have preferred not to. But so far all such sanctions appear to have been a decision of the US Administration.

The problem of the digital divide, in fact, did not get the headlines it should have. Africa accounts for just 7 per cent of the 2.4 billion people who use the Net worldwide and penetration in the region is just 15.6 per cent of the population. Compare this with North America where over 78 per cent are linked to the digital world and Touré’s logic about the ITU’s mandate appears reasonable.

When Apple censors the drone war NETIZENS know that the Internet suffers from the depredations of government, hackers and viruses. But not many are aware that companies are as prone to taking legitimate stuff off the Net on the flimsiest grounds. In the case of Apple it could have been misplaced patriotism or plain business sense that prompted it to block an app which monitors drone strike locations in November last year. The App Store rejected the product, calling it “objectionable and crude”. Drones+ (see photo) is an application that simply adds a location to a map every time a drone strike is reported in the media and added to a database maintained by the UK’s Bureau of Investigative Journalism. Josh Begley, a graduate student at New York University, who developed the app, says it shows no visuals of war or classified information. All it does is to keep its users informed about when and where drone attacks are taking place in Pakistan and Afghanistan. “This is behavior I would expect of a company in a repressive country like China, not an iconic American company in the heart of Silicon Valley,” says a petition to the company CEO. Did Apple’s censorship have anything to do with the fact that it received huge contracts from the Pentagon? US legislators have joined the protests against Apple. The most brazen act of corporate censorship occurred in August 2012 with NASA’s livestream coverage of the Curiosity rover’s landing on Mars in the space agency’s $2.5 billion mission. A news agency, Scripps, coolly claimed as its own the public domain video posted on NASA’s official YouTube channel that documented the epic landing (see our opening visuals). “This video contains content from Scripps Local News, who has blocked it on copyright grounds. Sorry about that,” said a message on NASA’s blackened screen. So much for the strict US laws aimed at curbing online piracy!

Touré noted that the revised ITRs would see greater transparency in global roaming charges, lead to “more investment in broadband infrastructure” and help those with disabilities. But he was hopeful that the new treaty signed in Dubai would make it possible for the 4.5 billion people still offline to be connected. “When all these people come online, we hope they will have enough infrastructure and connectivity so that traffic will continue to flow freely,” Touré said.

But should ITU govern the Net? Not in its entirety, according to experts. For one, ITU until the Dubai meeting was far from being transparent and does not allow participation of civil society or other stakeholders in its negotiations unless they are part of the official delegation of the member-states. In fact, even critics of the current system, who think the system is lopsided and hypocritical, believe ITU needs to reform itself and confine to the carrier/infrastructure layer of the Internet. Nor should it get into laying down standards which is done by Internet Engineering Task Force (IETF) and the naming and numbering that is managed by ICANN.

But Conneally counters this by asking what would happen if the US decided to deny domain name root zone to Iran because of its bad human rights record. “Suppose it ordered Verisign to remove .IR from the DNS root and make it non-functional. Would we want ICANN/the Internet governance regime to be used as a political/strategic tool to reform Iran? What happens to global interoperability when the core infrastructure gets used in that way?”

Who then should ensure that the Internet is run in a free and open manner? Should it be the Internet Governance Forum (IGF)? But IGF is to be an open consultative forum that cannot by itself govern. It brings in participation for any or all Internet-related policy processes but it by itself was never supposed to do policy or governance.

Parminder Jeet Singh, executive director of ItforChange, says whoever governs is the government for that purpose. “This truism is significant in the present context, because there is an attempt by those who really control/ govern the Internet at present, largely through illegitimate and often surreptitious ways, to confuse issues around Internet governance in all ways possible, including through abuse of established language and political principles and concepts.”

ITforChange is a Bengaluru institution working on information society theory and practice, especially from the standpoint of equity, social justice and gender equality, and it is that perspective which informs Singh’s suggestions. “What we need are safeguards as, for instance, with media regulation. The Internet, of course, is much more than media. It is today one of the most important factors that can and will influence distribution of economic, social and political power. Without regulation it will always be that those who currently dominate it will take away the biggest pie.

Surveillance club

Eight Indian companies are among the 700 members of European Telecommunications Standards Institute. The group works with government and law enforcement agencies to integrate surveillance capabilities into communications infrastructure. It also hosts regular meetings on lawful interception

Wipro Technologies	Associate Service Providers
• HCL Technologies Limited	• Associate Consultancy for Co./Partnership
• Accenture Services Pvt Ltd	• Observers
• CEWiT	• Associate Research Body
• Saankhya Labs Pvt Ltd	• Associate Manufacturers
• Sasken Communication	• Associate Manufacturers
• Technologies
• SmartPlay Technologies	Associate Consultancy for Co./Partnership
• TEJAS NETWORKS LTD	• Associate Manufacturers

Other critics of the current system concede that bringing governments on board, especially authoritarian and statist powers which the digital world threatens, would give them perverse incentives to control it. But this threat should be met not by insisting that the Internet needs no governance or regulation, but by safeguards that ensure equitable access and benefits, Singh stresses.

While the jury is out on the question whether the new ITRs will make any material difference to the way, and if at all, the Net will come under added government oversight and intervention, developments elsewhere show that ITU is not the main threat to digital freedom.

The irony is that while cyber security is contentious in ITU, other international organisations, such as the UN Office on Drugs and Crime (UNODC) and a clutch of influential telecom industry associations, are pushing for surveillance programmes that ensure policing of a high order with sophisticated infrastructure to monitor online communications. A host of countries already have such systems in place and are pressuring countries like India to fall in line.

A UNODC report, titled ‘The use of the Internet for terrorist purposes’, has detailed how countries can and should use new technology for online surveillance—all in the name of anti-terrorism. The report discusses sensitive issues such as blocking websites and using spyware to bypass encryption and also urges countries to cooperate on an agreed framework for data retention.

At the same time, powerful industry bodies, such as ATIS (Alliance for Telecommunications Industry Solutions) and the European Telecommunications Standards Institute (ETSI), are reported to be working with government and law enforcement agencies to integrate surveillance capabilities into communications infrastructure, according to Future Tense, a project which looks at emerging technologies and how these affect society, policy and culture. It says India is under pressure from another industry organisation, the Telecommunications Industry Association (TIA), “to adopt global standards for surveillance”, calling on the country’s government to create a “centralized monitoring system” and “install state-of-the-art legal intercept equipment”.

TIA is a Washington-based trade group which brings together companies such as Nokia, Siemens Networks and Verizon Wireless, and is focused on issues related to electronic surveillance and is developing standards for intercepting VOIP and data retention alongside with ETSI and ATIS. At least seven Indian companies are members of ETSI, which is said to hold international meetings on data interception thrice a year.

Add to this chilling list the International Chamber of Commerce. It is reported to be seeking the establishment of surveillance centre hubs of several countries to help governments intercept communications and obtain data that is stored in cloud servers in foreign jurisdictions. Given this backdrop why are the US and its cohorts creating a ruckus on ITRs?

It would also mean that by focusing on ITRs and ITU as a major threat to Internet freedom civil society may be jousting at windmills.

Malice and freedom of speech

Two suits highlight the challenge of treading between the two

Among the many legal cases in India related to the use and misuse of the world wide web, two stand out for involving web giants and provoking sharp reaction. These are the cases registered in Delhi district courts in December 2011, objecting to chunks of content—portraying prominent political figures and religious places among others in a certain light—hosted on websites. One was filed by a Delhi journalist, Vinai Rai, requesting the court to press criminal charges against 21 web agencies, including Google, Facebook and Yahoo! India. The other, filed by a social activist, M A A Qasmi, was a civil suit requesting action against 22 web agencies. Both mentioned that the content on the websites was inflammatory, threat to national integrity, unacceptable, and created enmity, hatred and communal discord.

A year on, tangible impact has not been much. The number of accused in the civil case has come down to seven web agencies and in the criminal case the government is yet to issue summons to the companies concerned (see ‘The case so far’). However, these litigations are seen as landmarks in the recent history of the Internet and its interaction with societies and governments. The cases—especially off-the-record comments by the judiciary suggesting blanket ban and pre-screening of all content—provoked a debate on the freedom of expression and Indian cyber laws.

The case so far

JANUARY 13, 2012: Delhi High Court dismisses petition by Google and Facebook asking to be absolved of criminal charges filed in district court

JANUARY 20: High Court asks for reply from Delhi Police in response to plea by Yahoo! India challenging district court summons

FEBRUARY 16: Court refuses to stay proceedings against Facebook and Google but allows them to be represented by counsel

MARCH: Court dismisses criminal charges against Yahoo! India and Microsoft but says the charges can be revived if new evidence comes to light. Sets aside summons

Malicious content exists on the web and may even need to be taken down, but the laws used to remove malicious content can also be used to curb political speech, thus, infringing on the right to freedom of expression, says Prasanth Sugathan, senior advocate with Software Freedom Law Centre, an international network of lawyers.

Some like Pranesh Prakash of non-profit Centre for Internet and Society believe the IT Rules are at odds with the IT Act and give powers for censorship. He explains that the IT Act, 2000, provides for protection of intermediaries; web browsers, social networking sites and websites cannot be held responsible for what a third party publishes on their forums—“similar to the way in which we cannot sue a telephone agency or a post office for someone else making use of these platforms to harass or defame another person”. But the IT rules of 2011 watered down this protection.

Supreme Court advocate and cyber law expert Pavan Duggal explains how. The Act states once a complaint is made against certain content, the web agency hosting it must notify the person who put up the content, verify the content and judge whether it needs to be removed. But the rules state that once the web agency is notified it must remove the content within 36 hours or it could be prosecuted for not acting on the complaint. The rules have gone beyond the Act’s scope, especially vis-a-vis privacy and data protection, leaving no scope for hearing out the accused, he says.

The disjunct between the Act and the rules is being contested in various spheres, including Parliament. But there is a bright side too. Duggal believes the cases have brought pertinent issues, like free speech and privacy concerns, into the public domain. Ramanjeet Chima, policy adviser for Google, says freedom of expression is paramount for Google but the recognition of local sentiments is also being given equal weightage.

Senior advocate Sidharth Luthra, who was representing Facebook in the Delhi High Court, wonders whether the existing Indian laws are in tune with the ever-changing online world. Unwilling to comment on the case, he says the law is limited in its scope, while technology is not. Refusing to comment on the cases, the Google adviser emphasised the need to use the existing provisions of big web agencies to address grievances regarding content.

The Internet “is not the wild wild west”; all content, users and viewers can be traced, Duggal cautions. Since the Internet can impact political issues government is increasingly looking for ways to control it. “There is no ideal solution but it is evident that some monitoring and regulation are required, and in all parts of the world all regimes are in the process of addressing this,” he says.

For more details visit https://cis-india.org/news/down-to-earth-latha-jishnu-dinsa-sachan-moyna-january-15-2013-clash-of-the-cyber-worlds

Clarify and define terms in IT rules, panel tells govt.

praskrishna — 2013-04-03T10:02:33Z

In the wake of concerns that the government is increasingly using ambiguously-phrased terms in legal codes to crack down on online speech, the Parliament’s Committee on Subordinate Legislation has asked for greater clarity and definition on terms which can serve as grounds for restrictions.

The article by Prashant Jha was published in the Hindu on April 1, 2013. Pranesh Prakash is quoted.

In 2011, the government issued Intermediary Guidelines under Section 79 of the Information Technology (IT) Act. Rule 3 requires intermediaries – including Internet Service Providers (ISPs), web hosts, cyber cafes, blogging platforms, search engines and others – to inform users not to ‘host, display, upload, modify, publish, transmit or share information’ that is ‘grossly harmful, harassing, blasphemous, defamatory, obscene, pornographic, paedophilic, libellous, invasive of another’s privacy, hateful, or racially, ethnically objectionable, disparaging, or otherwise unlawful in any manner whatsoever.’ Any person aggrieved by the content can ask intermediaries to take it down, and if they do not do so within 36 hours, they can be legally liable.

‘Remove ambiguities’

The committee has heeded the views of NGOs that these terms have not been defined either in the IT Act or the rules. In a report submitted on March 21, it has drawn the attention of the Ministry of Communication and IT to the ‘reported misuse’ of Section 66A of the IT Act in the absence of precise definitions, and said it was important to remove ‘ambiguities/misgivings in the minds of people.’

In its report, the committee, chaired by MP P. Karunakaran, suggested that the definition of those terms in other laws be incorporated in one place for the ‘convenience of reference’ of intermediaries and general public. It has added that those terms not mentioned in other laws be defined in a way that ‘no new category of crimes or offences is created in the process of delegated legislation.’ The committee said it expected the Ministry to have a fresh look at the guidelines and ‘make amendments to ensure there is no ambiguity.’

Highlighting the significance of the committee’s directive not to create new offences, Pranesh Prakash of the Centre for Internet and Society said that this was recognition that ‘many categories of speech prohibited by the Intermediary Guidelines Rules are not prohibited by the statute, and hence cannot be prohibited by the government through these rules.’

‘Conflicting picture’

The committee has also pointed out that there was a ‘conflicting picture’ regarding the ‘legal enforceability’ of these guidelines. In its response, the Ministry told the committee that these are of ‘advisory’ nature; it is not ‘mandatory’ for the intermediary to disable information and this does not amount to ‘censorship.’ But the rules state the intermediary ‘shall act’ within 36 hours of complaint.

The committee said there was a need for ‘clarity on the aforesaid contradictions,’ particularly on the process of ‘take down of content,’ and install ‘safeguards to protect against any abuse during such process.’

Mr. Prakash of CIS said that this had exposed the ‘government’s Janus-faced stance on the issue of mandatory nature of these rules.’

For more details visit https://cis-india.org/news/the-hindu-april-1-2013-prashant-jha-clarify-and-define-terms-in-it-rules-panel-tells-govt

Civil Society’s second opinion on a UHI prescription

Pallavi Bedi and Shweta Mohandas — 2023-02-15T08:20:15Z

On January 13, Pallavi Bedi and Shweta Mohandas from CIS participated in an online collaboration organised by Internet Freedom Foundation for a joint submission to the Consultation Paper on Operationalising Unified Health Interface (UHI) in India released by the National Health Authority.

The article originally published by Internet Freedom Foundation can be accessed here.

The National Health Authority (NHA) released the Consultation Paper on Operationalising Unified Health Interface (UHI) in India on December 14, 2022. The deadline for submission of comments was January 13, 2023. We collaborated with the Centre for Health Equity, Law & Policy, the Centre for Internet & Society, & the Forum for Medical Ethics Society to submit comments on the paper.

Background

The UHI is proposed to be a “foundational layer of the Ayushman Bharat Digital Health Mission (ABDM)” and is “envisioned to enable interoperability of health services in India through open protocols”. The ABDM, previously known as the National Digital Health Mission, was announced by the Prime Minister on the 74th Independence Day, and it envisages the creation of a National Digital Health Ecosystem with six key features: Health ID, Digi Doctor, Health Facility Registry, Personal Health Records, Telemedicine, and e-Pharmacy. After launching the programme in six Union Territories, the National Health Authority issued a press release on August 26, 2020 announcing the public consultation for the Draft Health Data Management Policy for NDHM. While the government has repeatedly claimed that creation of a health ID is purely voluntary, contrary reports have emerged. In our comments as part of the public consultation, our primary recommendation was that deployment of any digital health ID programme must be preceded by the enactment of general and sectoral data protection laws by the Parliament of India; and meaningful public consultation which reaches out to vulnerable groups which face the greatest privacy risks.

As per the synopsis document which accompanies the consultation paper, it aims to “seek feedback on how different elements of UHI should function. Inviting public feedback will allow for early course correction, which will in-turn engender trust in the network and enhance market adoption. The feedback received through this consultation will be used to refine the functionalities of UHI so as to limit any operational issues going forward.” The consultation paper contains a set of close-ended questions at the end of each section through which specific feedback has been invited from interested stakeholders. We have collaborated with the Centre for Health Equity, Law & Policy, the Centre for Internet & Society, & the Forum for Medical Ethics Society to draft the comments on this consultation paper.

Our main concern relates to the approach the Government of India and concerned Ministries adopt to draft a consultation paper without explicitly outlining how the proposed UHI fits into the broader healthcare ecosystem and quantifying how it improves it rendering the consultation paper and public engagement efforts inadequate. Additionally, it doesn’t allow the public at large, and other stakeholders to understand how it may contribute to people’s access to quality care towards ensuring realisation of their constitutional right to health and health care. The close-ended nature of the consultation process, wherein specific questions have been posed, restricts stakeholders from questioning the structure of the ABDM itself and forces us to engage with its parts, thereby incorrectly assuming that there is support for the direction in which the ABDM is being developed.

Our submissions

A. General comments

a. Absence of underlying legal framework

Ensuring health data privacy requires legislation at three levels- comprehensive laws, sectoral laws and informal rules. Here, the existing proposal for the data protection legislation, i.e., the draft Digital Personal Data Protection Bill, 2022 (DPDPB, 2022) which could act as the comprehensive legal framework, is inadequate to sufficiently protect health data. This inadequacy arises from the failure of the DPDPB, 2022 to give higher degree of protection to sensitive personal data and allowing for non-consensual processing of health data in certain situations under Clause 8 which relates to “deemed consent”. Here, it may also be noted that the DPDPB, 2022 fails to specifically define either health or health data. Further, the proposed Digital Information Security in Healthcare Act, 2017, which may have acted as a sectoral law, is presently before the Parliament and has not been enacted. Here, the absence of safeguards allows for data capture by health insurance firms and subsequent exclusion/higher costs for vulnerable groups of people. Similarly, such data capture by other third parties potentially leads to commercial interests creeping in at the cost of users of health care services and breach of their privacy and dignity.

b. Issues pertaining to scope

Clarity is needed on whether UHI will be only providing healthcare services through private entities, or will also include the public health care system and various health care schemes and programs of the government, such as eSanjeevani.

c. Pre-existing concerns

Exclusion: Access to health services through the Unified Health Interface should not be made contingent upon possessing an ABHA ID, as alluded to in the section on ‘UHI protocols in action: An example’ under Chapter 2(b). Such an approach is contrary to the Health Data Management Policy that is based on individual autonomy and voluntary participation. Clause 16.4 of the Policy clearly states that nobody will “be denied access to any health facility or service or any other right in any manner by any government or private entity, merely by reason of not creating a Health ID or disclosing their Health ID…or for not being in possession of a Health ID.” Moreover, the National Medical Commission Guidelines for Telemedicine in India also does not create any obligation for the patient to possess an ABHA ID in order to access any telehealth service. The UHI should explicitly state that a patient can log in on the network using any identification and not just ABHA.
Consent: As per media reports, registration for a UHID under the NDHM, which is an earlier version of the ABHA number under the ABDM, may have been voluntary on paper but it was being made mandatory in practice by hospital administrators and heads of departments. Similarly, reports suggest that people who received vaccination against COVID-19 were assigned a UHID number without their consent or knowledge.
Function creep: In the absence of an underlying legal framework, concerns also arise that the health data under the NDHM scheme may suffer from function creep, i.e., the collected data being used for purposes other than for which consent has been obtained. These concerns arise due to similar function creep taking place in the context of data collected by the Aarogya Setu application, which has now pivoted from being a contact-tracing application to “health app of the nation”. Here, it must be noted that as per a RTI response dated June 8, 2022 from NIC, the Aarogya Setu Data Access And Knowledge Sharing Protocol “has been discontinued".
Issues with the United Payments Interface may be replicated by the UHI: The consultation paper cites the United Payments Interface (UPI) as “strong public digital infrastructure” which the UHI aims to leverage. However, a trend towards market concentration can be witnessed in UPI: the two largest entities, GooglePay and PhonePe, have seen their market share hover around 35% and 47% (by volume) for some time now (their share by value transacted is even higher). Meanwhile, the share of the NPCI’s own app (BHIM) has fallen from 40% in August 2017 to 0.74% in September 2021. Thus, if such a model is to be adopted, it is important to study the UPI model to understand such threats and ensure that a similar trend towards oligopoly or monopoly formation in UHI is addressed. This is all the more important in a country in which the decreasing share of the public health sector has led to skyrocketing healthcare costs for citizens.

B. Our response also addressed specific questions about search and discovery, service booking, grievance redressal, and fake reviews and scores. Our responses on these questions can be found in our comments here.

Our previous submissions on health data

We have consistently engaged with the government since the announcement of the NDHM in 2020. Some of our submissions and other outputs are linked below:

IFF’s comment on the Draft Health Data Management Policy dated May 21, 2022 (link)
IFF’s comments on the consultation Paper on Healthcare Professionals Registry dated July 20, 2021 (link)
IFF and C-HELP Working Paper: ‘Analysing the NDHM Health Data Management Policy’ dated June 11, 2021 (link)
IFF’s Consultation Response to Draft Health Data Retention Policy dated January 6, 2021 (link)
IFF’s comments on the National Digital Health Mission’s Health Data Management Policy dated September 21, 2020 (link)

Important documents

Response on the Consultation Paper on Operationalising Unified Health Interface (UHI) in India by Centre for Health Equity, Law & Policy, the Centre for Internet & Society, the Forum for Medical Ethics Society, & IFF dated January 13, 2023 (link)
NHA’s Consultation Paper on Operationalising Unified Health Interface (UHI) in India dated December 14, 2022 (link)
Synopsis of NHA’s Consultation Paper on Operationalising Unified Health Interface (UHI) in India dated December 14, 2022 (link)

For more details visit https://cis-india.org/internet-governance/blog/civil-society-second-opinion-on-uhi-prescription

Civil Society Pushes for Privacy Panel

praskrishna — 2014-05-27T11:39:20Z

The article was published in the Times of India on May 6, 2014. Sunil Abraham is quoted.

Civil society organizations are pushing for a 'privacy commission' to provide protection to individuals from illegal breach of their privacy, with guidelines imposing penal sanction against the violators. This assumes significance

This assumes significance at a time when the Centre has decided to set up a judicial panel to probe the snoopgate scandal wherein the BJP government in Gujarat was allegedly involved in illegal surveillance of a woman architect and especially when the Right to Privacy Bill is pending in Parliament.

However, industry consortia, including CII and FICCI, prefer lesser regulation, though calling for a cautious approach.

Among civil society organizations pressing for a stringent privacy bill is the International Centre for Free and Open Source Software (ICFOSS), the only representative from Kerala to attend the NETmundial conference held recently in Brazil. The meet focused on privacy issues to ensure basic human rights, including freedom of expression.

NETmundial is the first step towards pushing for a privacy law against the snooping and spying on individuals by those in power, including agencies within and outside the country Privacy guidelines should be clear as to what data can be collected without infringing on the dignity of an individual as 'data' represents the duration of a call, while 'metadata' reveals the content of the caH," said ICFOSS director SatishBabu.

Bangalore-based Centre for Internet and Society (CIS), another NETmundial participant, also stands for a strong privacy law. "The two-day conference that concluded on April 24 was a baby step towards a privacy law with a road map for global internet governance. It is the first step towards a multi-stakeholder model offering an equal footing for all civil society organizations, academia, government, private sector and the UN fora," said CIS executive director Sunil Abraham

“We are pushing for a privacy law in the country aimed at national privacy regulation and constituting a privacy commission on the lines of the information commission," he added.

Click to read the full story

For more details visit https://cis-india.org/news/the-times-of-india-may-6-2014-laxmi-ajai-prasanna-civil-society-pushes-for-privacy-panel

Civil society and Internet Governance: practices from Southeast Asia and beyond

praskrishna — 2013-11-19T09:29:44Z

On 21 October, the day before the opening of the 2013 Internet Governance Forum in Indonesia, Hivos’ Southeast Asia Regional Office co-organised a pre-event workshop with ID-CONFIG, “Civil Society and Internet Governance: Multi-Stakeholder Engagement Practices from Southeast Asia and Beyond,” at the Bali Nusa Dua Convention Centre.

Click to read the original published by Hivos on October 31.

Recognising that the IGF has been a global project for the past eight years, the workshop provided a critical perspective to the forum’s impact on local civil society organisations. In the past, the IGF has been criticised for focusing on policy-level IG debates that lack grassroots, on-the-ground applications. Additionally, it is has been challenged to demonstrate the relevance of IG policies for civil society organisations, which frequently have limited understanding of and involvement in the issue.

By drawing empirical case studies from different regions of Asia, the aim of the workshop was to help civil society organisations find a relevant role in IG and explore how IG frameworks with a focus on the role of civil society can be applied in developing regions to uphold the right of citizens to express themselves through the Internet.

Five speakers discussed the intersections between Internet Freedom and Internet Governance: Arthit Suriyawongkul (Thai Netizen Network, Thailand), Shahzad Ahmad (Bytes 4 All, Pakistan), Donny Budhi Utoyo (ICTWatch, Indonesia), Lobsang Gyatso Sither (Tibet Action Institute), and Pranesh Prakash (Center for Internet and Society, India). Attended by approximately 70 participants, the discussions revolved around the varying feasibility of a multi-stakeholder platform in different political contexts.

The speakers represent civil society organisations in vastly different political environments in South Asia, Southeast Asia and East Asia. They all continuously pointed out how emerging democratic movements are often counterbalanced by political power concentrated in existing state institutions. In such state-centric Internet Governance contexts, civil society organisations are often pitted against official censorship and filtering attempts. While speakers from relatively more democratic countries, namely India and Indonesia, showcased examples of how civil society organisations have engaged the government in Internet policy-making, those from Thailand and Pakistan illustrated the need for a strong litigation capacity for public interests in order to defend citizens from state infringement of their rights. At the other end of the spectrum, Gyatso Sither emphasised the importance of safeguarding Tibetan activists in the homeland and in the diaspora from surveillance by the Chinese state, whose latest strategies have included interceptions, targeted malware, and cyber attacks.

Nonetheless, civil society organisations are uniquely placed to engage both government agencies, as providers of regulatory frameworks, and the private sector, as the primary provider of ICT infrastructure, to demand equitable access to the Internet and maintain the freedom to expression online. Through an ideal multi-stakeholder framework, civil society organisations can empower communities by strategically using ICT to uphold transparency and accountability.

For more details visit https://cis-india.org/news/hivos-october-31-2013-civil-society-and-internet-governance-practices-southeast-asia-and-beyond

Civil society & industry oppose India’s plans to modify ITRs

praskrishna — 2012-11-30T09:42:17Z

Industry fears ITU control over Internet; excessive content control and surveillance an issue for civil society.

Shalini Singh's article was published in the Hindu on November 23, 2012.

India’s proposal on International Telecommunications Regulations (ITRs), submitted last month to the International Telecommunications Union (ITU), the U.N. agency responsible for information and communication technologies, has drawn opposition from, and fears of content control among, civil society and the industry alike.

Sunil Abraham, Executive Director, Centre for Internet Society, told The Hindu: “The Indian government’s position on the ITRs can be improved, particularly with regard to the proposed definitions, approach to cyber security, scope of regulation.” However, he said, “we are confident that the Indian position will protect consumer and citizen interest once the government implements changes based on inputs from all… stakeholders.”

The National Association of Software and Services Companies (NASSCOM), which represents the $100-billion IT and BPO industry, has strong views against the Internet governance model of the Internet Corporation for Assigned Numbers and Names (ICANN), but favours self-regulation. Its president Som Mittal says: “NASSCOM does not favour oversight by an existing U.N. organisation like ITU. Internet and infrastructure have to be in the hands of expert organisations with proven experience.” NASSCOM has also expressed discomfort with the inclusion of “ICTs along with processing” in Section 21E of India’s proposal, since this would subject IT and BPO industries to inter-governmental regulation through the ITRs.

The Cellular Operators Association of India (COAI), which represents India’s largest mobile operators with nearly 700 million subscribers, has also opposed any role for ITU in the areas of international roaming and Internet governance, fearing a direct impact on domestic network architecture, costs and technology choices. COAI director-general Rajan Mathews said: “We are already regulated by the Department of Telecom (DoT) and the Telecom Regulatory Authority of India (TRAI). Placing the ITU’s jurisdiction over us — where we neither have voice nor recourse — is unacceptable.” The COAI’s position is consistent with the GSM Association (GSMA), the world’s largest association of mobile companies representing 800 operators spanning 220 countries. The COAI further alleges that most of its inputs “have been rejected without reasons assigned or even a meeting.” It has lodged a protest with the DoT.

The Internet Service Providers Association of India (ISPAI) has similarly protested against ITU’s jurisdiction over issues of Internet governance, architecture and cost.

Subho Ray, president, Internet & Mobile Association of India (IAMAI), said: “We represent a vast majority of Internet companies but have not been consulted by the DoT. We are completely opposed to ITU’s jurisdiction in any area related to Internet policy.”

The FICCI has also given detailed inputs on the dangers of allowing ITU’s jurisdiction, especially in areas of Internet policy and governance. It supports a bottom-up consultative and consensus-led multi-stakeholder approach, similar to the one propounded by Telecom Minister Kapil Sibal at the Internet Governance Forum, the world’s largest multi-stakeholder conference, held in Baku.

Several prominent civil society groups and members of academia involved in Internet governance also have apprehensions about expanding the ITU’s reach to Internet regulation through the ITRs. In a November 15, 2012 letter to Telecom Secretary R. Chandrashekhar, Society for Knowledge Commons, Internet Democracy Project, Free Software Movement of India, Delhi Science Forum, Media for Change and Software Freedom Law Center have complained about not having been consulted, while warning that India’s proposal “could have far reaching implications for the Internet.”

On the issue of cyber security, industry associations and several civil society groups are unanimously against any role for ITU, pointing out that including ill-defined terms such as ‘spam’ and ‘network fraud’ in a binding treaty is a terrible idea. Further, cyber security commitments can force India to cooperate with countries whose military and strategic interests are against it.

Kamlesh Bajaj, CEO, Data Security Council of India, and head of NASSCOM’s security initiatives, said: “Cyber security is sought to be taken over by ITU — an area in which it has little experience. Cyber security includes areas of application security, identity and access management, web security, content filtering, cyber forensics, data security, including issues such as cyber espionage and cyber warfare. The ITU has had no involvement in these matters over the last two decades, and should therefore stay out of them.”

Similar views have been expressed in varying degrees by the COAI, the IAMAI, the ISPAI and the FICCI. Dr. Ray of the IAMAI says: “cyber security is essentially a state prerogative and should not be part of an external treaty obligation. Any attempt to channel it through the ITU may be counter productive.”

Mr. Sibal, who has already been challenged by opposition to the domestic IT rules, is aware that if left unaddressed, opposition to India’s stance on ITRs will only escalate at a national and global level, and that if corrections have to be made in India’s position, those will have to be done consensually within the governance structure. Mr. Sibal confirmed that while cyber security was an area of discussion with the ITU, “the ITU does not have any role in Internet governance.”

According to him, either he or the Department will hold meetings on these issues with the industry to further evolve India’s position.

Mr. Chandrashekhar further confirmed that similar to several global national delegations, the government would include media and industry experts as part of its delegation to Dubai, the World Conference on International Telecommunications (WCIT-12) will be held from December 3 to 14. The final decisions on the ITRs and the composition of the delegation would be announced the coming week.

A deeply divided house in Dubai is a strong possibility, with countries which favour democracy and free speech taking a stance against those who, due to political compulsions, have proposed inter-governmental control through the ITRs by the ITU, not just on Internet policy, but also its traffic and content, most of which automatically fall under the definitions of the ICTs.

The 193-countries at THE WCIT may well spend 11 days discussing national proposals to separate issues that can be addressed nationally from those which require inter-governmental cooperation, while further debating which platforms may be best to address global cooperation.

It is equally clear that the existing Internet governance system is unacceptable to most countries, and therefore a more evolved democratic and internationally equitable system, which is managed through a multi-stakeholder process and yet with a definite role for countries like India, appears the only way forward.

Mr. Sibal, at meetings with global Internet governance bodies in Baku, is learnt to have bargained hard for India’s explicit role in the existing Internet governance processes.

For more details visit https://cis-india.org/news/the-hindu-nov-23-2012-shalini-singh-civil-society-and-industry-oppose-indias-plans-to-modify-itrs

Civil rights in the digital age, about the impact the Internet has on civil rights

praskrishna — 2012-10-04T08:50:16Z

Malavika Jayaram, fellow of CIS is a panelist at this workshop to be held at the IGF 2012 in Azerbaijan.

The freedom of internet is increasingly causing heated debate . On the one hand the internet is the embodiment of freedom literally crossing all borders, on the other hand governments more and more think of curtailing e.g. social media when these are used to organize criminal activities. Governments in some countries restrict access to the internet or censor information even before their citizens go online. As a matter of fact the internet in Iran and China has already become an ‘intranet’. But also in the UK there is a growing body of public opinion that is in favor of more supervision of social media. When will the influence of this medium have become so strong that it, in certain situations, could be considered a danger to society? Will supervision then be a solution? Unique is the research carried out by D66-member of the European Parliament Marietje Schaake into internet freedom all over the world. The research should lead to a resolution on civil rights in our digital era. The report is expected to be finished sometime around the IGF in November. Subjects treated are trade, human rights, development, safety and the like. The report will contain a number of concrete suggestions both for businesses and for governments, so as on the one hand to expand opportunities with the help of technology, but also to limit possible risks.

Short program:

Introduction:

Each panelist has 2 minutes to introduce him/herself and make one statement on the topic.

Open discussion:

This is followed by an open discussion between panelist and the audience, fed and led by moderator Robert Guerra.

Recommendations:

15 minutes before the end of the workshop, recommendations, emerged from the open discussion, will be put to word.

Organiser(s) Name:

ECP on behalf of the IGF-NL (ECP | Platform for the Information Society wants to take barriers for the implementation and acceptance of ICT away to the benefit of our economy and society, and in order to strengthen our international competitive position. In addition, ECP (also at a political-governmental level) draws attention to a number of specific themes such as growth of productivity, strengthening of competitiveness and the European Digital Agenda. One of it programs is the public-private partnership NL IGF. NL IGF prepairs for the IGF and provides good embedding of the results of the IGF in national policy) Dutch Ministry of Economic Affairs, Agriculture & innovation Dutch Ministry of Foreign Affairs Hivos, the Humanist Institute for Development Cooperation

Previous Workshop(s):

NL IGF organized : 2010: Public-private cooperation on Internet safety/cybercrime http://www.intgovforum.org/cms/component/chronocontact/?chronoformname=W... 2011: Parliamentarian Challenge: a Round Table between Parliamentarians and other Stakeholders http://www.intgovforum.org/cms/component/chronocontact/?chronoformname=W...

Submitted Workshop Panelists:

Marietje Schaake (Euro parliamentarian D66)
Lionel Veer (Dutch Human Rights Ambassador)
Hanane Boujemi (Diplo Foundation and upward of this autumn she will work for Hivos on it’s program 'Internet Govenance for the Mena region'.)
Malavika Jayaram (Fellow of the Centre for Internet and Society, Bangalore (India), assisting on projects and matters relating to IT law, data protection and privacy. She is also working on a Ph.D. on data protection and privacy laws, with a special focus on the new identity project launched in India. Malavika has over 15 years experience as a lawyer with a focus on technology and intellectual property.)
Emin Milli (an Azerbaijani writer)
Moderator: Robert Guerra (a Canadian independent consultant specializing in issues of Internet Freedom, Internet Governance and Human Rights)
Front row: two Dutch students (both male and female)

All speakers mentioned above have confirmed their participation.

Name of Remote Moderator(s):

Sophie Veraart, NL IGF – ECP

Assigned Panellists:

Schaake - Marietje
Veer - Lionel
Boujemi - Hanane
Jayaram - Malavika
Milli - Emin
Guerra - Robert

Read the original published on the IGF website

For more details visit https://cis-india.org/news/intgovforum-cms-w2012-proposals

Civil Liberties Groups Warn Proposed EU 'Terrorist Content' Rule a Threat to Democratic Values

Admin — 2019-02-19T00:49:00Z

Requiring filtering tools would be "a gamble with European Internet users' rights to privacy and data protection, freedom of expression and information, and non-discrimination and equality before the law."

The blog post by Jessica Corbett was published by Common Dreams on February 5, 2019. Centre for Internet & Society was a signatory.

Dozens of human rights groups and academics have signed on to an open letter (pdf) raising alarm about the European Union's proposed Regulation on Preventing the Dissemination of Terrorist Content Online, warning that its call for Internet hosts to employ "proactive measures" to censor such content "will almost certainly lead platforms to adopt poorly understood tools" at the expense of democratic values across the globe.

One of those tools is the Hash Database developed by Facebook, YouTube, Microsoft, and Twitter. The 13 companies that use the database—which supposedly contains 80,000 images and videos—can automatically filter out material deemed "extreme" terrorist content. However, as the letter explains, "almost nothing is publicly known about the specific content that platforms block using the database, or about companies' internal processes or error rates, and there is insufficient clarity around the participating companies' definitions of 'terrorist content.'"

"Countering terrorist violence is a shared priority, and our point is not to question the good intentions of the database operators. But lawmakers and the public have no meaningful information about how well the database or any other existing filtering tool serves this goal, and at what cost to democratic values and individual human rights," notes the letter, whose signatories include the American Civil Liberties Union (ACLU), the Brennan Center for Justice, the Electronic Frontier Foundation (EFF), and the European Digital Rights (EDRi).

As an EDRi statement outlines, among the groups' main concerns are the following:

Lack of transparency of how the database works, and its effectiveness, proportionality, and appropriateness to achieve the goals the Terrorist Content Regulation aims to achieve;
How filters are unable to understand the context and therefore they are error-prone; and
Regardless of the possibility of filters to be accurate in the future, the pervasive online monitoring on disadvantaged and marginalized individuals.

Given the uncertainties over the effectiveness and societal costs of such tools, the letter charges that "requiring all platforms to use black-box tools like the database would be a gamble with European Internet users' rights to privacy and data protection, freedom of expression and information, and non-discrimination and equality before the law."

With those fundamental rights under threat, the groups are calling on members of the European Parliament "to reject proactive filtering obligations; provide sound, peer-reviewed research data supporting policy recommendations and legal mandates around counter-terrorism; and refrain from enacting laws that will drive Internet platforms to adopt untested and poorly understood technologies to restrict online expression."

Read the full letter:

Dear Members of the European Parliament,

The undersigned organizations write to share our concerns about the EU’s proposed Regulation on Preventing the Dissemination of Terrorist Content Online, and in particular the Regulation’s call for Internet hosts to use “proactive measures” to detect terrorist content. We are concerned that if this Regulation is adopted, it will almost certainly lead platforms to adopt poorly understood tools, such as the Hash Database referenced in the Explanatory Memorandum to the Regulation and currently overseen by the Global Internet Forum to Counter Terrorism. Countering terrorist violence is a shared priority, and our point is not to question the good intentions of the Database operators. But lawmakers and the public have no meaningful information about how well the Database or any other existing filtering tool serves this goal, and at what cost to democratic values and individual human rights. We urge you to reject proactive filtering obligations; provide sound, peer-reviewed research data supporting policy recommendations and legal mandates around counter-terrorism; and refrain from enacting laws that will drive Internet platforms to adopt untested and poorly understood technologies to restrict online expression.

The Database was initially developed by Facebook, YouTube, Microsoft, and Twitter as a voluntary measure, and announced to the public in 2016. It contains digital hash “fingerprints” of images and4videos that platforms have identified as “extreme” terrorist material, based not on the law but on their own Community Guidelines or Terms of Service. The platforms can use automated filtering tools to identify and remove duplicates of the hashed images or videos. As of 2018, the Database was said to contain hashes representing over 80,000 images or videos. At least thirteen companies now use the Database, and some seventy companies have reportedly discussed adopting it.

Almost nothing is publicly known about the specific content that platforms block using the Database, or about companies’ internal processes or error rates, and there is insufficient clarity around the participating companies’ definitions of “terrorist content.” Furthermore, there are no reports about how many legal processes or investigations were opened after the content was blocked. This data would be crucial to understand to what extent the measures are effective and necessary in a democratic society, which are some of the sine qua non requisites for restrictions of fundamental rights. We do know, however, of conspicuous problems that seemingly result from content filtering gone awry. The Syrian Archive, a civil society organization preserving evidence of human rights abuses in Syria, for example, reports that YouTube deleted over 100,000 of its videos. Videos and other content which may be used in one context to advocate terrorist violence may be essential elsewhere for news reporting, combating terrorist recruitment online, or scholarship. Technical filters are blind to these contextual differences. As three United Nations special rapporteurs noted in a December 2018 letter, this problem raises serious concerns about free expression rights under the proposed Regulation. It is far from clear whether major platforms like YouTube or Facebook adequately correct for this through employees’ review of filtering decisions—and it seems highly unlikely that smaller platforms could even attempt to do so, if required to use the Database or other filtering tools.

Failures of this sort seriously threaten Internet users’ rights to seek and impart information. The pervasive monitoring that platforms carry out in order to filter users’ communications also threatens privacy and data protection rights. Moreover, these harms do not appear to be equally distributed, but instead disproportionately disadvantage individual Internet users based on their ethnic background, religion, language, or location—in other words, harms fall on users who might already be marginalized. More extensive use of the Database and other automated filtering tools will amplify the risk of harms to users whose messages and communications about matters of urgent public concern may be wrongly removed by platforms. The United Nations Special Rapporteur on the promotion and protection of human rights and fundamental freedoms while countering terrorism has expressed concern about this lack of clarity, and said that Facebook’s rules for classifying organizations as terrorist are “at odds with international humanitarian law”.

Due to the opacity of the Database’s operations, it is impossible to assess the consequences of its nearly two years of operation. The European public is being asked to rely on claims by platforms or vendors about the efficacy of the Database and similar tools—or else to assume that any current problems will be solved by hypothetical future technologies or untested, post-removal appeal mechanisms. Such optimistic assumptions cannot be justified given the serious problems researchers have found with the few filtering tools available for independent review. Requiring all platforms to use black-box tools like the Database would be a gamble with European Internet users’ rights to privacy and data protection, freedom of expression and information, and non-discrimination and equality before the law. That gamble is neither necessary nor proportionate as an exercise of state power.

EU institutions’ embrace of the database and other filtering tools will also have serious consequences for Internet users all over the world, including in countries where various of the undersigned organizations work to protect human rights. For one thing, when platforms filter a video or image in response to a European authority’s request, it will likely disappear for users everywhere—even if it is part of critical news reporting or political discourse in other parts of the world. For another, encoding proactive measures to filter and remove content in an EU regulation gives authoritarian and authoritarian-leaning regimes the cover they need to justify their own vaguely worded and arbitrarily applied anti-terrorism legislation. Platforms that have already developed content filtering capabilities in order to comply with EU laws will find it difficult to resist demands to use them in other regions and under other laws, to the detriment of vulnerable Internet users around the globe. Your decisions in this area will have global consequences.

Signatories:
Access Now; Africa Freedom of Information Centre; Agustina Del Campo, in an individual capacity (Center for Studies on Freedom of Expression CELE); American Civil Liberties Union (ACLU); ApTI Romania; Article 19; Bits of Freedom; Brennan Center for Justice; Catalina Botero Marino, in an individual capacity (Former Special Rapporteur of Freedom of Expression of the Organization of American States; Center for Democracy & Technology (CDT); Centre for Internet and Society; Chinmayi Arun, in an individual capacity; Damian Loreti, in an individual capacity; Daphne Keller, in an individual capacity (Stanford CIS); Derechos Digitales · América Latina; Digital Rights Watch; Electronic Frontier Finland; Electronic Frontier Foundation (EFF); Electronic Frontier Norway; Elena Sherstoboeva, in an individual capacity (Higher School of Economics); European Digital Rights (EDRi); Hermes Center; Hiperderecho; Homo Digitalis; IT-Pol; Joan Barata, in an individual capacity (Stanford CIS); Krisztina Rozgonyi, in an individual capacity (University of Vienna); Open Rights Group; Open Technology Institute at New America; Ossigeno; Pacific Islands News Association (PINA); People Over Politics; Prostasia Foundation; R3D: Red en Defensa de los Derechos Digitales; Sarah T. Roberts, Ph.D., in an individual capacity; Southeast Asian Press Alliance; Social Media Exchange (SMEX), Lebanon; WITNESS; and Xnet.

For more details visit https://cis-india.org/internet-governance/news/jessica-corbett-common-dreams-february-5-2019-civil-liberties-groups-warn-proposed-eu-terrorist-content-rule-threat-democratic