We are anonymous, we are legion

CII Conference on "ACT": Achieve Cyber Security Together"

kovey — 2013-07-26T08:17:40Z

The Confederation of Indian Industries (CII) organized a conference on facing cyber threats and challenges at Hotel Hilton in Chennai on July 13, 2013. Kovey Coles attended this conference and shares a summary of the event in this blog post.

This research was undertaken as part of the 'SAFEGUARDS' project that CIS is undertaking with Privacy International and IDRC

The conference hosted by CII in the Hotel Hilton, was well attended, and featured a range of industry experts, researches and developers, and members of the Indian armed forces.

Participants focused on the importance of Indian entities reaching new, adequate levels of cyber security. It was stated early in the event that India is one of the world's most targeted areas for cyber-attacks, and its number of domestic internet users is known to be rapidly increasing in an age which many view as a new era of international information warfare. Despite this, the speakers considered India to be too far behind other countries in its understanding of cyber security. In the opening remarks, CII Chairman Santhanam implored "We need hard core techies in this field… we are not producing them." Another speaker, Savitha Kesav Jagadeesan, a practicing lawyer in Chennai, asked if India would wait until the "9/11 of cyberspace" occurrence before we establish the same level of precautionary measures online as it exists now in transportation security.

With the presence of both the government’s executive forces and the private industries, the aura circulating the conference room was that of a collective Indian defense, a secure nation only achieved through both secure governmental and industrial aspects. Similar to the previous day’s DSCI cyber security conference, many speakers discussed security issues pertinent to the financial and banking industries, and other cyber crimes which had pecuniary goals. For people seeking to avoid the array of scams and frauds online, some talks shared some of the most basic advice, like safe password practices. "Passwords are like toothbrushes," said A.S. Murthy of the CDAC, "use them often, never share them with anyone, change them often." Other talks went into the intricacies of various hacking schemes, including tab-nabbing and Designated Denial of Service (DDoS) attacks, describing their tactics and how to moderate them.

In the end, the conference had certainly informed the attendees of the goals, and the challenges, that India will face in the coming months and years. The speakers (all of them) showed how the world of cyber security was quickly evolving, and demonstrated the imperative in government and industry entities evolving their own practices and defenses in stride. The ambitions of several presentations matched the well-publicized "5 lakh cyber professionals in 5 years" plan, placing a strong emphasis in the current and future training of young students in cyber security. Ultimately, I think, the conference helped convince that cyber security is neither a futile, nor completely infallible concept. As CISCO Vice President Col. K.P.M. Das said towards the end of the evening, the most ideal form of cyber security is truly "all about trust, the ability to recover, and transparency/visibility."

For more details visit https://cis-india.org/internet-governance/blog/cii-conference-on-act

Chinese state media says U.S. should take some blame for cyber attack

praskrishna — 2017-06-07T01:12:27Z

"WannaCry is far and away the most severe malware attack so far in 2017, and the spread of this troubling ransomware is far from over". Since the global attack was launched on Friday, several thousand more computers were discovered to be infected, particularly in Asia as the work day began on Monday. "We've seen that the slowdown of the infection rate over Friday night, after a temporary fix around it, has now been overcome by a second variation the criminals have released".

The article by Ellis Neal was published in the Villages Suntimes on May 21, 2017.

Microsoft called the incident a "wake-up" call for governments and customers to take security seriously, but in a letter to the Times Sir David Omand, GCHQ director from 1996 to 1997, pins the blame squarely on the technology firm for failing to maintain support for its ageing Windows XP platform. If they wanted their files decrypted, the program said all they had to do was pay $300 worth of Bitcoin to the specified address.

However, a cyber security expert working with the Centre for Internet and Society, Udbhav Tiwari working on vulnerabilities such as these, said as most ATMs in the country especially of the public-sector banks run on outdated operating systems, or are not updated regularly, they can be easily compromised.

When Microsoft sells its operating system software it does so through a licence agreement that states the company is not liable for any security breaches, thus shielding it from any legal complaints, points out Michael Scott, a professor at Southwestern Law School.

Microsoft has blamed the U.S. government for creating the software code that was used by hackers to launch the cyber-attacks. USA and European officials did not rule out North Korea as a possible suspect in the cyberattack.

In a blog post, Microsoft admonished governments around the world for keeping software vulnerabilities to themselves, instead of reporting them to the developers. EternalBlue and DoublePulsar, two tools the NSA used to infiltrate computer networks, were stolen from the agency and leaked online in April as part of a massive data dump by the Shadow Brokers hacker group. An investigation is on-going regarding how the codes got out.

The cyber experts have warned of a huge risk in near future as most institutions and individuals in Bangladesh use pirated software. We can not expect criminal hackers to be held accountable for their actions, but we should hold our government agencies accountable.

Since China and Russian Federation are two of the countries where a major share of computers are running pirated Windows, these are also the countries with the biggest rate of WannaCry infections, as stated by F-Secure.

Malware cases have been spreading in recent years as the malicious software trend has been gaining ground, with new forms of ransomware hitting the scene.

For more details visit https://cis-india.org/internet-governance/news/villages-suntimes-may-21-2017-ellis-neal-chinese-state-media-says-us-should-take-some-blame-for-cyber-attack

Chinese hackers baiting Indian govt, corporate employees: report

praskrishna — 2013-09-05T10:31:53Z

Hackers using fake subject headings to get users to open virus-laden email attachments.

This article by Moulishree Srivastava and Anirban Sen was published in Livemint on August 9, 2013. Sunil Abraham is quoted.

Using faked subject headings as diverse as Gujarat chief minister Narendra Modi and the Jallianwala Bagh Massacre, Chinese hackers have been baiting Indian government officials and corporate employees to open virus-laden emailed attachments and expose themselves to the risk of cyber attacks, a new report says.

The report on “advanced persistent cyber attacks” is based on an investigation conducted by security research firm Research Bundle in collaboration with CERT-ISAC. ISAC is a certification body for information technology (IT) security professionals that handles India’s National Security Database (NSD). CERT (Computer Emergency Response Team)-ISAC deals with mobile and electronic security.

“Some time back, there were a couple of high-profile cyber attacks that came to our notice when we were approached by corporates as well as government entities to look into them,” said Rajshekhar Murthy, director at CERT-ISAC, NSD, at the report’s release on Friday.

“First we thought it might be just these few incidents, but as we went deeper into it, it came to light that these threats were far more (widely) spread than we had initially perceived. During the course of our research, we got proof that the threats originated from China,” he said.

NSD, managed by ISAC and the government, is a programme that provides certification to IT professionals who have capability to protect critical infrastructure and the economy.

“Chinese hackers have been persistent in their attacks. According to our analysis, they have also made a separate wing for these operations,” Murthy said.

The report says, “It’s also a known fact the Indian government and other important sectors from India were heavily targeted during this campaign...focused on stealing confidential documents and sensitive information.”

The threat came in the form of emails with attached documents targeting government and corporate entities. “These documents exploited previously known vulnerabilities to drop ‘Travnet’ malware on to the systems,” said the report, prepared by 20 Internet security professionals over a period of six months.

“These emails showed that China has been gathering information about India and keeping up with current issues, and using those to entice people to open the attachments,” Murthy said.

Some of the attachments had names such as Army Cyber Security Policy 2013.doc, Jallianwala bagh massacre - a deeply shameful act.doc, Report - Asia Defense Spending Boom.doc, His Holiness the Dalai Lama’s visit to Switzerland day 3.doc, and BJP won’t dump Modi for Nitish NDA headed for split.doc.

The malware Travnet was specifically designed to search for “doc, docx, xls, xlsx, txt, rtf and pdf” files on the hacked computer.

“This provides enough hints that this malware was designed to steal confidential information, unlike the usual botnet variants that focus primarily on providing remote access to the system,” the report said. “The malware initially collects system information, a list of files on the victim machine among others, then sends this data to the remote Command & Control server...”

According to industry estimates, losses due to cyber theft from reported attacks alone amount to $8-10 billion (Rs.48,800-61,000 crore). But experts say the figure could be much higher as many threats go unreported.

Worryingly, the security infrastructure of Indian government websites has reportedly failed to keep pace with cyber attackers, who are becoming more focused on stealing information.

“Many of the servers that host ‘gov.in’ sites are running outdated software versions, with poorly managed Web servers that do not follow even the most basic Web application security guidelines,” said the report. “Even important government sites, access to which can lead to much deeper intrusion, seem to be managed with little care. While defacements are usually carried out by hackers just for fun or fame, serious hackers can cause much more damage and remain unnoticed for a very long time...”

“Slowly but steadily, serious APT (advanced, persistent attacks) campaigns are on the rise,” the report added. “It’s very important for the nation to start upgrading its IT infrastructure to keep up with the latest security guidelines and practices.”

“Cyber security has become one of the crucial areas for us and we are focusing on putting capacity and capability in place to strengthen the cyber security infrastructure,” said Alok Vijayant, director of the National Technical Research Organisation. “We want to bring IT security professionals under one entity to enhance our existing capability instead of just focusing on putting in additional security infrastructure.”

“India has one of the largest talent pools of IT professionals, but our biggest concern remains the young talent in IT, as most professionals prefer to go abroad to work,” he added.

Additionally, the use of proprietary rather than open-source software increases the vulnerability of Indian entities, according to Sunil Abraham, executive director of Bangalore-based research organization Centre for Internet and Society. “There’s a lack of use of Linux and other kinds of free software at both the desktop level and also the front end... They’re using Microsoft both at the server end and on the client end. Most of these attacks take advantage of that operating system dependency. If one were to look at it at a macro level, we’re vulnerable across the board—vulnerable to the US, we’re vulnerable to attackers from Europe, Pakistan, etc.,” Abraham said.

For more details visit https://cis-india.org/news/livemint-august-9-2013-moulishree-srivastava-anirban-sen-chinese-hackers-baiting-indian-govt-corporate-employees

China outranks India in world’s first ever web index

praskrishna — 2012-09-07T09:08:37Z

India has been ranked 33rd on a list of 61 countries in a brand new web index that seeks to measure how effectively countries are using the Internet to improve people’s lives. And Indian Internet activists say that given the increasing level of control the government seeks to exercise over the net, that is no great surprise.

The article was published in FirstPost on September 6, 2012. Nishant Shah is quoted.

The index, which has been compiled by Tim Berners-Lee, the inventor of the World wide web, measures the economic, social and political impact of the internet, on criteria ranging from the proportion of people online to the amount of useful content available.

Sweden has topped the list ahead of the US and UK, while amongst Asian countries, the Republic of Korea came in at 13th. Interestingly, China ranked 20, 13 places ahead of India.

Speaking to Firstpost about the index and India’s ranking, Nishant Shah of the Centre for Internet and Society said that given the increasingly disturbing nature of the government’s response to the Internet in India, it was no surprise that the country had not fared well on the index.

“The Internet today doesn’t work according to the idealistic principles of openness, and democracy of information that Berners-Lee envisioned for it, and in India in particular, although the Internet has helped us rethink what the government can do, the attitude is that that Internet can only be used in ways that the government sees fit”, said Shah

The methodology of the ranking has rated countries on the basis of three parameters:

Web Readiness: The quality and extent of Communications Infrastructure (facilitating connectivity to the Web) and Institutional Infrastructure (policies regulating Web access and skill and educational levels enabling the full benefit of the Web).

Web Use: The Index looks both at Web usage within countries (such as the percentage of individuals who use the Internet) and the content available to these Web users.

The Impact of the Web: The Index uses social, economic and political indicators to evaluate the impact of the Web on these dimensions. This includes measures of social networks, business internet use and e-participation.

For more details visit https://cis-india.org/news/www-firstpost-com-sep-6-2012-china-outranks-india-in-worlds-first-ever-web-index

Chilling Effects and Frozen Words

Lawrence Liang — 2012-04-30T07:32:17Z

What if the real danger is not that we lose our freedom of speech and expression but our sense of humour as a nation? Lawrence Liang's op-ed was published in the Hindu on April 30, 2012.

While freedom of speech and expression is an individual right, its actualisation often relies on a vast infrastructure of intermediaries.

In the offline world, this includes newspapers, television channels, public auditoriums, etc. It is often assumed that the internet has created a more robust public sphere of speech by doing away with many structural barriers to free speech. But the fact of the matter is that even if the internet enables a shift from a ‘few to many' to a ‘many to many' model of communication, intermediaries continue to remain important players in facilitating free speech. Can one imagine free speech on the internet being the same without Twitter, social networks or Youtube?

One way of thinking of the infrastructure of communication is in terms of ecology, and in the ecology of speech — as in the environment — an adverse impact on any component threatens the well-being of all. The idea of cyberspace as a commons is a much cherished myth and in the early days of the internet we were perhaps given a glimpse into its utopian possibility. But we would be deluding ourselves if we believed that the problems that plague free speech in the offline world (including ownership of the avenues of speech) are absent in cyberspace. Recall in recent times that one of the most effective ways in which various governments retaliated to the leaking of official secrets on WikiLeaks was by freezing Julian Assange's PayPal account.

Direct & Indirect Controls

It may be useful to distinguish between direct controls on free speech and indirect or structural controls on free speech. India has had a long history of battling direct and indirect controls on free speech and with a few exceptions the interests of the press have often coincided with the interests of a robust public sphere of debate and criticism.

In the late 1950s and early 1960s, a number of large media houses battled restrictions imposed on the press by way of control of the number of pages of a newspaper, regulation of the size of advertisements and the price of imported newsprint. On the face of it, some of these restrictions may have seemed like commercial disputes but the Supreme Court rightly recognised that indirect controls could adversely impact the individual's right to express himself or herself as well as to receive information freely.

In the online context, there has also been a similar recognition of the role of intermediaries in providing platforms of speech and it is with this view in mind that a number of countries have incorporated safe harbour provisions in their information technology laws.

Section 79 of the Information Technology Act is one such safe harbour provision in India which provides that intermediaries shall not be liable for any third party action if they are able to prove that the offence or contravention was committed without their knowledge or that they had exercised due diligence to prevent the commission of such offence or contravention. But this safe harbour has effectively been undone with the passing of the Information Technology (Intermediaries guidelines) Rules, 2011.

The rules clarify what standard of due diligence has to be met by intermediaries and Sec. 3(2) of the rules obliges intermediaries to have rules and conditions of usage which ensure that users do not host, display, upload, modify, publish, transmit, update or share any information that is in contravention of the Section. This includes the all too familiar ones (defamatory, obscene, pornographic content) but also a whole host of new categories which could be invoked to restrict speech (“grossly harmful,” “blasphemous,” “harassing,” “hateful”).

As is well known, any restriction on speech in India has to comply with both the test of reasonableness under Article 19(2) of the Constitution, as well as ensuring that the grounds of censorship are located within 19(2). Even though there are laws regulating hate speech in India, blasphemy is not a category under Art. 19(2) and has hitherto not been a part of Indian law. Some of the other categories such as “grossly harmful” suggest the people who drafted the rules seem to have taken a constitutional nap at the drafting board.

Sec. 3(4) of the rules provides that any intermediary who receives a notice by an aggrieved person about any violation of sub rule (2) will have to act within 36 hours and where applicable will ensure that the information is disabled. In the event that it fails to act or to respond, the intermediary cannot claim exemption for liability under Sec. 70 of the IT Act. It is worth noting that most intermediaries receive from hundreds to thousands of requests from individuals on a daily basis asking for the removal of objectionable material. The Centre for Internet and Society conducted a “sting operation” to determine whether the criteria, procedure and safeguards for administration of the takedowns as prescribed by the Rules lead to a chilling effect on free expression.

In the course of the study, frivolous takedown notices were sent to seven intermediaries and their response to the notices was documented. Different policy factors were permuted in the takedown notices in order to understand at what points in the process of takedown, free expression is being chilled. The takedown notices which were sent by the researcher were intentionally defective as they did not establish how they were interested parties, did not specifically identify and discuss any individual URL on the websites, or present any cause of action, or suggest any legal injury. Of the seven intermediaries to which takedown notices were sent, six over-complied with the notices, despite the apparent flaws in them.

Caution

Even in cases where the intermediaries challenged the validity of the takedowns, they erred on the side of caution and took down the material. While a number of intermediaries would see themselves as allies in the fight against censorship, more often than not intermediaries are also large commercial organisations whose primary concern is the protection of their business interests. In the face of any potential legal threat, especially from the government, they prefer to err on the side of caution. The people whose content was removed were not told, nor was the general public informed that the content was removed.

The procedural flaws (subjective determination, absence of the right to be heard, the short response time) coupled with the vague grounds on which such takedowns can be claimed, clearly point to a highly flawed situation in which we will see many more trigger happy demands for offending materials to be taken down.

We have already slipped into a state of being a republic of over sensitivity where any politician, religious group or individual can claim their sentiments have been hurt or they have been portrayed disparagingly, as evidenced by the recent attack and subsequent arrest of Professor Ambikesh Mahapatra of Jadavpur University for posting cartoons lampooning Mamata Banerjee.

Nervous State

In the era of global outsourcing it was inevitable that the state censorship machinery would also learn a lesson or two from the global trends and what better way of ensuring censorship than outsourcing it to individuals and to corporations. The renowned anthropologist, Michael Taussig, once compared the state to a nervous system and it seems that the Intermediary rules live up to the expectations of a nervous state ever ready to respond to criticism and disparaging cartoons.

What if the real danger is not even that we lose our freedom of speech and expression but we lose our sense of humour as a nation?

The evident flaws of the rules have been acknowledged even by lawmakers, with P. Rajeeve, the CPI(M) M.P., introducing a motion for the annulment of the rules. The annulment motion is going to be debated in the coming weeks and one hopes that the parliamentarians will seriously reconsider the rules in their current form.

When faced with conundrums of the present it is always useful to turn to history and there is reason to believe that while censorship has a very respectable genealogy in Indian thought, it has also been accompanied in equal measure by a tradition of the right to offend.

In his delightful reading of the Arthashastra, Sibaji Bandyopadhay alerts us to the myriad restrictions that existed to control Kusilavas (the term for entertainers which included actors, dancers, singers, storytellers, minstrels and clowns). These regulations ranged from the regulation of their movement during monsoon to prohibitions placed on them, ensuring that they shall not “praise anyone excessively nor receive excessive presents”. While some of the regulations appear harsh and unwarranted, Bandyopadhay says that in contrast to Plato's Republic, which banished poets altogether from the ideal republic, the Arthashastra goes so far as to grant to Kusilavas what we could now call the right to offend. Verse 4.1.61 of the Arthashastra says, “In their performances, [the entertainers] may, if they so wish, make fun of the customs of regions, castes or families and the practices or love affairs (of individuals)”. One hopes that our lawmakers, even if they are averse to reading the Indian Constitution, will be slightly more open to the poetic licence granted by Kautilya.

Click for the original published in the Hindu on April 30, 2012. Lawrence Liang is a lawyer and researcher based at Alternative Law Forum, Bangalore. He can be contacted at lawrence@altlawforum.org

For more details visit https://cis-india.org/internet-governance/chilling-effects-frozen-words

Child-lifting rumours caused 69 mob attacks, 33 deaths in last 18 months

Admin — 2018-07-13T14:53:57Z

45 persons were killed in 40 cases of mob lynching across nine states between 2014 and 3 March 2018 according to data.

The article was published in the Business Standard on July 9, 2018. Swaraj Paul Barooah was quoted.

Two incidents of mob violence reported from Dima Hasao in Assam and Mangaluru in Karnataka on July 6, 2018, take to 61 the number of mob attacks sparked by rumours of child-lifting circulated on social media since beginning of the year.

So far this year, 24 persons have been killed in such mob attacks, an IndiaSpend analysis of news reports from across India shows. This is more than 4.5 times rise in attacks and two-fold rise in deaths of this kind over 2017, when 11 persons were killed in eight separate attacks.

Between January 1, 2017, and July 5, 2018, 33 persons have been killed and at least 99 injured in 69 reported cases. In the first six days of July alone, there have been nine cases of mob violence over child lifting rumours and five deaths, which amounts to more than one attack recorded every day.

In all cases, the victims were assaulted on mere suspicion and no evidence of child lifting was found later. So far, police across states have arrested at least 181 persons in connection with 21 cases, according to information from the news reports.

On July 5, 2018, the central home ministry had directed all states and union territories to contain mob-lynchings fuelled by rumours of child-lifting on social media. Nevertheless, two attacks were reported on July 6, 2018–a father travelling with his own son in Karnataka, and three sadhus or ‘holy men’ travelling in Assam.

Prior to 2017, one mob lynching was recorded in August 2012, in which a driver was killed in Patna, Bihar, on suspicion of kidnapping a minor, according to our database.

The spike in these lynchings over the past year follows a rise in bovine-related hate violence, as recorded in IndiaSpend’s database on cow-related hate crime. Incidents of mob attacks on persons suspected of killing cows have become deadlier during this period, with more deaths reported in attacks.

Social and political commentators have blamed this violence on a rise in socio-political and religious cleavages, a rise of vigilantism and an apparent atmosphere of impunity for attackers.

“The violence started with cow-related vigilantism but it is now building up more violent behaviour–from small to big reasons anything could be the trigger,” psychologist Upneet Lalli, deputy director of the Institute of Correctional Administration in Chandigarh, told IndiaSpend.

Videos of people tied and beaten, begging mobs to spare their lives, have been circulating on WhatsApp groups and other social media, affecting people everywhere, she said, adding, “Once set off for any reason, mob hysteria is extremely difficult to control.”

Social media is aiding and abetting the process, criminologist Vijay Raghavan, dean of the social protection office at the Tata Institute of Social Sciences, told IndiaSpend, adding that the growing violence is “clearly being orchestrated by vested interests”.

“A rumour starts in one part of the country and travels to other parts like wildfire–first it was beef, now it is child lifting,” he said. In most cases, the victims and the attackers belong to communities historically pitted against each other, he said, “This changing narrative has a clear pattern of violence that is basically preying on traditional insider-outsider perceptions.”

Our analysis

To analyse instances of mob violence related to child-lifting rumours, our team collected, studied and cross-verified print and online news reports in the English media, which tend to have the widest nationwide coverage, since 2010. All reported incidents were cross-referenced to eliminate discrepancies.

The dataset thus created includes the number of mob attacks, the severity of each attack and details of the victims. Most entries include the names of districts, towns and villages.

Since each observation is based on a newspaper report of the crime, availability of details such as the severity of crime, the number of victims and their identities and ethnicities varies.

Before 2017, only one incident was reported in 2012.

Jharkhand, Maharashtra deadliest

Among all states and union territories, Jharkhand and Maharashtra, with seven and five deaths, respectively, reported the highest death toll. The chances of death in such attacks in these states stood at 350% and 167%, respectively, meaning every reported incident led to more than one death.

Odisha, under the Biju Janata Dal government, reported the most number of attacks, 15, which resulted in one death. Tamil Nadu, run by the All India Anna Dravida Munnetra Kazhagam (AIADMK), followed with nine cases and four deaths.

One-third or 30% of attacks were reported from states ruled by the Bharatiya Janata Party, which also runs the central government.

In the 19 months since January 2017, 10 districts across 16 states have reported more than one case of mob violence. Jeypore, Mayurbhanjh and Rayagada in Odisha and Visakhapatnam in Andhra Pradesh have reported three separate incidents each.

More than half or 56% of the attacked victims were men, 22% women, 3% transgender, and for the remaining 18%, the gender was not mentioned in the news reports.

Among those killed, 14 were Hindus, 3 Muslims, and in 16 cases the religious/ethnic identity was not reported.

No correlation between rise in reported child kidnappings and spread of mob violence

Except in Maharashtra, these incidents of violence do not reflect an increase in child kidnapping cases recorded in National Crime Records Bureau (NCRB) data from 2014 to 2016.

In the two years from 2014, India recorded a 41% rise in kidnapping and abduction of children–from 38,555 in 2014 to 54,328 in 2016–primarily in Uttar Pradesh (9,678), Maharashtra (8,260) and Delhi (6,254), NCRB data show.

As of 2016, Maharashtra, the second-most populous state in India, reported the second-highest number of child abductions. It has also reported the second-highest toll from mob lynchings over child-lifting rumours.

However, there was no such correlation in Uttar Pradesh and Delhi, which the NCRB ranked first and third for the number of reported child abductions and kidnappings (which are defined differently in law but basically involve seizing by force and against the victim’s will).

Jharkhand, which reported the highest death toll from mob lynchings, ranked 19 across India for reported child abductions in 2016, as per NCRB data. Tripura, where five people were killed, ranked 24.

This may suggest that fears of child lifting are unfounded and exaggerated. “There is no correlation because the instigators of this violence are not prompted by a genuine fear of kidnapping,” Raghavan said.

However, the data do not account for cases that go unreported–families are hesitant to approach the police, who are seen to be unsympathetic and intimidating–or cases lost in communication between states and NCRB.

The violence is also indicative of how people have lost faith in law enforcement and criminal justice systems to act decisively against child lifting, Lalli said, adding, “Losing faith in the law of the land is a serious threat to society.”

Mob psyche is different from individual psyche, she said, “When an individual acts, there is a sense of responsibility, but in a mob, there is a dispersion of responsibility and guilt.” The mob justifies its act as heroism to save the community, their identity, their children, themselves.

Of the children kidnapped or abducted in 2016, 73% were female and 27% male, NCRB data show. Of the total child victims, 31% (16,938) were kidnapped or abducted for the purpose of marriage, of which only one victim was male; 3% (1,562 female and 26 male) for illicit intercourse; and 1% each for other unlawful activity and adoption. No purpose was mentioned in fully 62% of cases.

77% attacks attributed to fake news

Of the 69 mob violence cases related to rumours of child lifting that have been reported, 77% were eventually attributed to fake news spread through social media. Mobile messenger application Whatsapp, in particular, featured as the rumour source in 28% or 19 of the cases.

The ministry of electronics and information technology on July 2, 2018, issued a warning to Whatsapp, observing that “instances of lynching of innocent people because of large number of irresponsible and explosive messages filled with rumours and provocation are being circulated on WhatsApp”.

“Such a platform cannot evade accountability and responsibility especially when good technological inventions are abused by some miscreants who resort to provocative messages which lead to spread of violence,” the ministry said subsequently in a press release on July 3, 2018, stating clearly that “WhatsApp must take immediate action to end this menace and ensure that their platform is not used for such malafide activities”.

About 13% or 200 million of WhatsApp’s 1.5 billion users are Indian, The Financial Express reported on February 1, 2018. This is 42% of India’s 481 million internet users recorded as of December 2017.

In a letter to the ministry shared with IndiaSpend, the WhatsApp management said it was “horrified by these terrible acts of violence” and listed out the steps it has taken to curb the spread of fake news but emphasised that the challenge “requires government, civil society and technology companies to work together”.

It maintained, however, that messages would continue to have end-to-end encryption to protect users’ privacy and security, encryption being key to WhatsApp’s messaging service. It added that no more than a quarter of WhatsApp users are part of groups; that the majority of groups are small (with fewer than 10 members); and nine in 10 messages are sent from just one person to another.

Cyber privacy experts caution against overreacting against WhatsApp and other social media platforms, arguing in favour of free speech and privacy.

In June, after two cases of mob lynching in Tripura, the government tried to control the situation by shutting down the internet in the area, reports included in our database said.

This is “a slippery slope to quell dissent”, Swaraj Barooah, director at the Centre for Internet and Society, a Bengaluru-based not-for-profit, said, adding, “There are indications that marginalised groups tend to be affected more strongly than others when there are internet shutdowns.”

Lynchings point to a much larger issue than the ubiquitous presence of social media, experts said. “Everyone is focusing on these being rumours–and of course the platform’s ability to exponentially magnify the speed and reach of a message being sent is very relevant–but when and why did we normalise vigilante justice in the first place?” said Barooah. “For instance, would this type of action be okay if these were not rumours, but had actually been true?”

“The root problem is those exploiting historical animosities between communities. We need to properly investigate on a national-level who are the instigators and what are they after–merely arresting people after an incident is not enough,” professor Raghavan said.

Barooah also warned against attempts to force WhatsApp to provide security agencies with decrypted data, as the government had forced the Canadian smartphone maker Blackberry to do in 2013.

“Given that it is already unsure of the extent to which WhatsApp shares metadata with governments, it is important to ensure that its end-to-end encryption facility is not weakened,” Barooah said. “There are certain delicate trade-offs that can be made, but if they are, they should not be made as a knee-jerk reaction to ongoing events but after careful consideration of all the pitfalls. This is especially important in India, given the lack of a privacy law as well as concerns of chilling effects on free speech that are present.”

Some solutions he suggested include making it mandatory that WhatsApp forwards and memes contain originator details, and that a “fact check this” option be inserted at the user end to allow a message to be decrypted. He also suggested that a database of ‘reported hashes’ be created, which all users could download, and which would automatically rate messages on ‘trust’.

It is also important to help people identify fake news and question the information they receive, experts say, pointing out that while India has low literacy and education levels, even highly literate people are not free from confirmation bias.

“We really need to educate people–people naively believe everything they read as true. We’re not doing anything about critical thinking and critical inquiry–we’ve stopped being questioning and that’s a very important part of countering fake news,” Lalli said, adding, “We don’t even respond to information, we’re only reacting.”

How recent attacks tie in with bovine-related vigilantism and violence

IndiaSpend has been maintaining a database of bovine-related violence since 2010, which shows a spurt in violence since the BJP and Prime Minister Narendra Modi assumed power in May 2014.

A preponderant majority of bovine-related hate crimes–98% of the 85 incidents–have occurred since May 2014, our database shows. Only one incident each was reported in 2012 and 2013.

Around 56% of the persons attacked by these groups were Muslim, who accounted for 88% of those killed in this violence. In 2018, 100% of victims attacked in these hate crimes were Muslim.

“There is a clear increase in aggression by one group against the other and a growing inability to empathise and understand those different from ourselves,” Lalli said, “This has essentially made us revert to behaving like tribalistic societies with animalistic instincts–where, when for survival, when you perceive an animal to be a threat, you attack it to kill it.”

In more than a third–28 of 85 incidents–mobs or groups of people were spurred into violence on the mere suspicion of cow slaughter.

Our database also shows that the attacks have become deadlier–the percentage chance of such mob-violence resulting in death has more than doubled from 30% in 2017–regarded as the deadliest year since 2010 (11 deaths in 37 cases)–to 66% in 2018 (four deaths in six cases).

“Society has an innate capacity for violence and it’s very easy to encourage this. Right from Twitter trolling–which is basically extreme verbal aggression–we are unleashing and encouraging violence in different ways and contexts,” Lalli said.

What the government says

Many commentators have remarked that the absence of a strict and prompt response from the government has encouraged such violence. “What action is taken when such cases occur has an important bearing on the continuation of such violence,” Raghavan said, “By not taking strong action, the state is complicit in its orchestration.”

“While we hear about more incidents of violence, we are yet to hear full recognition or condemnation of these acts from the important leaders–in a way it sends out a message that does not discourage the mob,” Lalli agreed, “When you don’t speak out about it and come down on it strongly, it sends out a signal to society that it’s alright to resort to violence for these reasons since nobody gets punished.”

The NCRB “does not maintain specific data with respect to mob lynching incidents (involving minorities) in the country”, the home ministry told Parliament on March 13, 2018.

The ministry did furnish some data on mob lynchings recorded by states from 2014 to 2017, but did not provide information on the motive–whether cow vigilantism, communal or caste hatred, or rumours of child-lifting, etc. The data also did not disclose the identity of the victims.

These data said 45 persons were killed in 40 cases of mob lynching across nine states between 2014 and March 3, 2018. At least 217 persons have been arrested.

In contrast, IndiaSpend’s two databases on mob violence–due to child-lifting rumours and bovine-related hate violence–record 80 cases and 41 deaths during the same period. This is without counting other instances of mob violence related to caste, moral policing and so on.

For more details visit https://cis-india.org/internet-governance/news/business-standard-july-9-2018-69-mob-attacks-on-child-lifting-rumours-since-jan-17-only-one-before-that

Chidambaram to Talk Budget on Google+ Hangout

praskrishna — 2013-03-11T04:14:29Z

Indian politicians are slowly warming up to social media.

This article by Dhanya Ann Thoppil was published in the Wall Street Journal on March 4, 2013. Sunil Abraham is quoted.

In a first for a cabinet minister, Indian Finance Minister P. Chidambaram tonight is hosting a Google+ Hangout, a Web video chat, to answer citizens’ questions on the budget he presented last week.

At 8 p.m. on Monday India time, Mr. Chidambaram will be joined by a group of experts to discuss the state of India’s economy, which looks set to grow at its weakest pace in a decade this financial year.

On the panel are also Amit Singhal, senior vice president at Google Inc., Anand Mahindra, chairman and managing director of Mahindra & Mahindra Ltd., Jahangir Aziz, chief economist for India at J.P. Morgan and Manish Chokhani, chief executive officer at Axis capital.

The online chat, which the Ministry of Finance in a statement described as “a powerful communication platform,” is an attempt to engage India’s tech-savvy, middle-class youth in the political process.

“It is an attempt by the government to reach out to gen-next,” ahead of the general elections scheduled in 2014, said S. Chandrasekharan, the director of South Asia Analysis Group, a Delhi-based think tank.

Improving opportunities for the country’s younger generations was a major focus of Mr. Chidambaram’s budget speech to lawmakers Thursday. “My budget has before it one overarching goal: to create opportunities for our youth to acquire education and skills that will get them decent jobs or self-employment,” he said, adding, “Their concern are my concerns, too.”

But Mr. Chidambaram won’t be interacting with citizens directly. He will answer questions submitted by citizens in advance through video uploads on this YouTube channel or on this Google + page. The session will be streamed live on both websites.

Social media is only beginning to emerge as a tool Indian politicians use to reach out to the country’s citizens.

Prime Minister Manmohan Singh, often criticized for not being accessible to the media, set up a Twitter profile about a year ago. But the account is managed by his office staff, not by Mr. Singh himself, and it’s mostly used to share links to pictures or speeches of the Prime Minister.

Narendra Modi, chief minister of the state of Gujarat and possible prime ministerial candidate for the opposition Bhartiya Janata Party, has embraced digital media more than other politicians. In August he hosted a Google + Hangout session to answer questions from citizens and in December had a holographic image of himself projected live at rallies in four different locations to communicate with his supporters during his election campaign.

The government last year also came up with a series of guidelines for its various arms on the effective use of social media to reach out to people and to ensure public participation in policy framing.

Still, the government often views social media with suspicion, and has taken steps to regulate user-generated content on websites more tightly.

There are 14 million broadband connections in India, meaning that only a small portion of the country’s 1.2 billion population has reliable Internet access, says Sunil Abraham, executive director at the Bangalore-based Centre for Internet and Society.

“So, unlike in the U.S., where you can fault the government for not being online, in India you can’t really fault the government,” says Mr. Abraham.

For more details visit https://cis-india.org/news/wsj-march-4-2013-dhanya-ann-thoppil-chidambaram-to-talk-budget-on-google-hangout

Chennai: Learn to Protect your Online Activities!

bernadette — 2013-08-01T12:16:52Z

The Centre for Internet and Society cordially invites you to a Crypto Party at Asian College of Journalism Second main Road (Behind M.S. Swaminathan Research Foundation) Taramani in Chennai on August 7, 2013, 4.30 p.m. to 6.30 p.m.

"Governments around the world, are greatly increasing their surveillance of the Internet. Alongside a loss of the private sphere, this also represents a clear danger to basic civil liberties. The good news is that we already have the solution: encrypting communications makes it very hard, if not entirely impossible, for others to eavesdrop on our conversations. The bad news is that crypto is largely ignored by the general public, partly because they don't know about it, and partly because even if they do, it seems too much trouble to implement." (Source)

So lets go and have a party, and teach each other how to crypto!

Everyone is invited! Especially do not hesitate to join if you are not using any crypto at all (yet!)

Here is a Flyer / Printout for you to spread the message!

For more details visit https://cis-india.org/internet-governance/cryptoparty-chennai

Chennai residents rue fuzzy CCTV surveillance

Vivek Narayanan and R. Srinivasan — 2019-09-19T14:35:51Z

Poor quality of footage, lack of maintenance and inadequate back-up reduce the gadgets’ deterrent value.

The article by Vivek Narayanan and R. Srinivasan was published in the Hindu on September 18, 2019. Pranav M.B. was quoted.

Last month, Sandeep (name changed), a cyclist, was hit by an ambulance on GST Road near the Madras Export Processing Zone (MEPZ) signal. He was rushed to hospital in the same ambulance. His hopes of finding out who hit him, via CCTV cameras, came crashing after he saw the poor quality of footage that was obtained to identify the vehicle.

“The police officers in Tambaram themselves told me that the quality of the CCTV cameras was poor and they were unable to trace the number,” said Mr. Sandeep.

While the police have been claiming a reduction in crime rates due to CCTV cameras in the city, residents and experts doubt if the equipment is indeed a deterrent, and want the police to install better quality cameras with the capacity to retain footage for a longer period, and to maintain the devices, too.

Extensive Coverage

Several high profile cases such as the 2016 Swathi murder case drove law enforcers to increase CCTV coverage of the city. Now, there are over 2 lakh cameras covering all of Chennai, its alleys and its fringes.

Cameras have also been installed at every major junction and at street corners. In many cases, they are linked to the control room of the nearest police station.

According to the police, there is one CCTV camera for every 50 m. They are meant to help the police crack cases and nab the accused. “Some DVRs (digital video recorders) are also in the house or premises of the sponsors. This is for safety purposes,” said a police officer.

The unique nature of the Traffic Police’s ‘third eye campaign’ is the involvement of the public, too. Apart from the police, MPs and MLAs, many resident welfare associations have also donated resources for the installation of CCTV cameras.

Residents, however, expressed concern. S. Kumara Raja, vice president, Annai Indira Nagar Residents Welfare Association said: “Though many CCTVs cameras are found on the street, it isn’t clear if they are working or not. We also don’t know if anyone is maintaining the cameras.”

P. Saravanakumar, founder of the South Madipakkam Residents’ Welfare Association, said that the equipment is not connected with the police control room and the data remains with those who have installed the CCTV system.

V. N. Subramaniyan, president, Mylapore Residents Welfare Association, felt that cameras installed on private properties were working properly.

“Cameras are obtained from private persons as a charitable activity, so the quality can be challenged. The police should give the maintenance of CCTV cameras to private companies. There should be proper back-up and monitoring,” he pointed out.

While the equipment is considered important for gathering evidence, policemen themselves complain that the quality of the footage from many cameras is poor.

“We cannot zoom into the footage obtained from every camera involved. Most of them are 1 or 2 megapixel cameras and the image is often blurred. Only in a few places do we find powerful cameras,” said a policeman.

'Not a deterrent'

Pranav M. B., researcher, Centre for Internet and Society, said that as according to global studies, CCTV cameras are not useful as deterrents. “But they come in handy for providing evidence after a crime,” said Mr. Pranav.

Though advanced cameras can provide footage with more clarity, it’s cost intensive to maintain them. “For deterrence, one need not invest in high-end cameras — quality street lights are sufficient. We cannot expect the perpetrator of a crime to make a decision over whether to commit a crime or not after looking at the camera,” he added.

However, there is a 30% higher chance of identifying an accused when a camera is deployed, than without. “Nevertheless, like any other technology or method, it is not entirely foolproof,” Mr. Pranav said.

Police officers disagree on the subject of CCTV systems not serving as deterrents. “From January to June 2018, a total of 258 chain snatching incidents were reported, but during the same period this year, the number plummeted to 137 — a fall of nearly 50%,” said a senior police officer.

'Needs improvement'

Similarly, the police claim that, this year, public nuisance cases have gone down by 41%, and burglary cases by 17%, compared with last year. Police officers agreed that the quality of some cameras needs to be improved.

“Initially, we did not know the type of quality [of cameras] needed. So, we fixed 1 and 2 megapixel cameras. Now, we are installing 4 megapixel cameras and have better clarity. Besides, we are now categorising the number and type of cameras available in different parts of the city, and will change the older ones,” said a senior police officer.

For more details visit https://cis-india.org/internet-governance/news/vivek-narayanan-and-r-sivaraman-the-hindu-september-18-2019-chennai-residents-rue-fuzzy-cctv-surveillance

Checks and balances needed for mass surveillance of citizens, say experts

Admin — 2017-12-16T14:32:23Z

A number of measures are required to protect law-abiding citizens from mass surveillance and misuse of their personal data, according to top technology and legal experts.

The article by Peerzada Abrar was published in the Hindu on December 9, 2017

The measures include issuing of tokens by the Unique Identification Authority of India (UIDAI) instead of Aadhaar numbers and having an official in the judiciary give permission to vigilance.

The experts were participating in a panel discussion on ‘Navigating Big Data Challenges’ at Carnegie India’s Global Technology Summit here. They also said there was a need to implement ‘de-identification of data’ or preventing a person’s identity from being connected with information.

The moderator of the discussion was Justice B.N. Srikrishna, a former Supreme Court judge, who was also heading a government-appointed committee of experts to identify “key data protection issues” and recommend methods to address them. Justice Srikrishna told the panellists that Aadhaar or the unique identification number had empowered the people. But in situations where the State wants all the information about citizens from different service providers because of its suspicions related to terrorism or criminal activity, he asked, what is the method to create a balance?

“Surveillance is like salt in cooking which is essential in tiny quantities, but counterproductive even if slightly in excess,” responded Sunil Abraham, executive director of Bengaluru-based think tank, Centre for Internet and Society. He said there was a need to make a surveillance system which had privacy by design built into it.

Mr. Abraham said that his organisation had proposed to the UIDAI that it used ‘tokenisation,’ which meant that whenever there was a ‘know your customer’ requirement, the Aadhaar number was not accessed by organisations like telecom firms or the banks. Instead, when the citizens used various services via smart cards or pins, a token got generated, which was controlled by the UIDAI. Organisations like banks and telecom firms can store those token numbers in their database. He said this would make it harder for unauthorised parties to combine databases. But at the same time would enable law enforcement agencies to combine database using the appropriate authorizations and infrastructure.

“UIDAI is considering this, they call it the dummy Aadhaar numbers. We need technical as well as institutional checks and balances,” said Mr. Abraham.

Countries like the U.S also have processes like Foreign Intelligence Surveillance Court (FISA court) which entertains applications made by the U.S Government for approval of electronic surveillance, physical search, and certain other forms of investigative actions for foreign intelligence purposes.

“My concern is that in the current system, surveillance can be done by the State machinery. I don’t necessarily suggest FISA court.... but some kind of mechanism where (one can’t) be held at the mercy of incestuous State machinery,” said Rahul Matthan, a partner at law firm Trilegal. “But have some second person who is outside the influence of this system (and) who actually says ‘yes this is a terrorist which requires us to do mass surveillance,” he said.

Artificial Intelligence

A large amount of information or Big data ranging from financial, health to political insights of people is being collected by different organisations and service providers which is sitting in different silos. All of this is likely going to be linked through Aadhaar. Mr. Srikrishna asked what if a situation arises where all of this data is aggregated and using artificial intelligence and machine learning, one is able to analyse it and profile individuals. He said “would that be not a terrifying scenario” where the State can act super-monitor for citizens. He asked how can citizens be guarded against it?

Mr.Srikrishna was referring to the ‘Social Credit System’ proposed by the Chinese government for creating a national reputation system to rate the trustworthiness of its citizens including their economic and social status. It works as a mass surveillance tool and uses big data analysis technology.

“It is a possibility. What stands in the way of it becoming a reality (in India) is a robust law,” said Mr.Matthan. “Technology is so powerful that it could equally be used for good as well as bad.”

For more details visit https://cis-india.org/internet-governance/news/the-hindu-peerzada-abrar-december-9-2017-checks-and-balances-needed-to-mass-surveillance-of-citizens-say-experts

Chasing fame and fun 15 seconds at a time: Why TikTok has India hooked

Tora Agarwala, Surbhi Gupta, and Karishma Mehrotra — 2019-07-05T02:13:39Z

How TikTok, an app owned by a Chinese firm, has become a playground for India’s young.

The article by Tora Agarwala, Surbhi Gupta, and Karishma Mehrotra appeared in Indian Express on June 23, 2019. Nishant Shah was quoted.

“Kaam nai niki? Do you have no other work?” At a banner printing shop in Nagaon, a town in Assam, the middle-aged shopkeeper was bemused. It was the strangest order he had received in a while.

For one, the banner was for a “TikTok” meetup. He had not the slightest inkling of what that was. Second, the two boys who had introduced themselves as hailing from Jamuguri and Raha, smaller towns in the state, insisted that the text incorporate a spelling mistake. “Instead of M-E-E-T up, please write M-E-A-T up,” he was told. The shopkeeper grudgingly obliged and the boys rode off on their bikes. It would be ready the next day.

“This is going to go viral,” Dhurbajit Medhi said triumphantly to his friend PK Nath. They had only known each other for a month, having “met” on TikTok. In April, they sat face-to-face for the first time at a small restaurant in Raha, in Nagaon district, where Medhi lived. Nath had travelled 110 km to meet him.

Medhi was 23, a singer who had dropped out of college because of a death in the family. Nath, about 30, was known in his neighbourhood in Jamuguri for two things: his gela maal dukaan (grocery store) and his penchant to make people laugh.

On TikTok, both have followers in thousands. Over a few months, they would chat often, appreciating each other’s videos. “On a sad day, I would scroll through Nath da’s feed and it would make me laugh without fail,” says Medhi, who joined TikTok about a year ago. Many comments on his videos are from girls. “Some say ‘cute’ and some say bhaal laagise (You’re looking good),” says Medhi, who is reasonably tall and sports a goatee on his boyish face.

Over the year, Medhi has learnt the tricks of the TikTok trade. “There are two kinds of videos which get attention here in Assam: either you do sad, romantic songs. Or you do fotuami — slapstick humour,” says Medhi, who has made a niche for himself in the former category. He owns an Mi phone, worth Rs 11,000, which he bought a year ago by saving money through his work at his father’s tea shop. “My mother is okay with me making these videos. But she says, ‘Do all this, but think about your life also.’ I get her point but maybe I can make a career out of this,” he says.

After all, TikTok is not as easy as Facebook. It involves an element of skill. “Do you know how difficult it is to get one TikTok like? On Facebook, you just put a photo and the likes pour in. Here, we have to work hard.” Medhi admits he was naïve initially. “I would make photo-collages from my trips to Kaziranga and add some background music.” But that would not have worked. “The viewer takes into account everything: is our lip-sync matching? Are our clothes suited to the mood of the music? Are our expressions accurate?”

Today, Medhi has over 400 videos, many of which feature him mouthing lyrics to the songs sung by Assamese musician Zubeen Garg. Sometimes, he sings in his own voice too — a secret talent he has nurtured but not had the opportunity to explore. “In Upper Assam, there is an appreciation for the arts and music. But here in middle Assam, it is different. People would mock, ‘Eeeh gayok hobo ahise. Look at him trying to be a singer,’” says Medhi.

It is these aspirations, which often get mowed down by the traditionalism that comes with living in small towns and villages that TikTok is giving oxygen to. The short-form video app has seen a phenomenal growth since its rebranding from Musical.ly in 2018, garnering 200 million users in India alone. Its hallmark is simple: it woos your attention with 15-second videos (they make go up to 60 seconds too) of lip-syncing teenage girls, dancing boys, family pranks and other such stylised moments. The mobile app’s owner, a Chinese internet company called ByteDance, was reportedly awarded a round of major investment from Japanese SoftBank last year, making it the world’s most valuable startup.

TikTok’s rapid capture of India — it skyrocketed past traditional social media mammoths, like Facebook, on global download charts in 2018 — is a testament to how quickly Chinese apps have begun to give American tech companies a run for their money in one of the world’s most important markets. TikTok has given a megaphone to rural Indian life in a way that no other app has been able to; American apps such as Facebook have been restricted to a primarily upper-class user base.

“We believe that TikTok filled the gap by bringing people from across the deepest pockets of India online and giving them a platform to express themselves,” said ByteDance’s global public policy director Helena Lersch. Since the company introduced in-feed advertisements and branded editing tools last year, it’s attracted the likes of Pepsi, Myntra, and Dunzo.

If more proof were needed that TikTok has planted itself into the circuitry of desire and aspiration, it came by way of a news report last fortnight. A young man in Delhi, who worked at a restaurant, was arrested for snatching an iPhone XS Max — he wanted to shoot good-quality TikTok videos. Another 19-year-old from Delhi, Salman Zakir, was shot by his neighbour allegedly in the course of making a TikTok video.

But what is the big deal about TikTok? How have 15-second fragments of people being people colonised the attention of so many? Scrolling through the app for the first time, one is struck by how random it is, and how the attention economy has shrunk your mindspan to a quarter of a minute. You could easily tire of teens dancing, making faces and lip-synching in super-tiny skits and video memes. Or, you could watch an entire generation occupy this playground with their energy and creativity, using 15 seconds to mix, mash and play versions of themselves. Preparing a face to meet other excited, silly faces has never been so addictive.

Social media has put the self at the centre, making opinions out of rants, photographers of anyone with a phone camera, and journalists of citizens. TikTok takes the humdrum, turns it into a form of talent and injects into it the velocity of the fast-travelling video.

But, more importantly perhaps, it taps into a confidence in the young — about their lives, abilities and even their humble backgrounds — that was unthinkable a generation ago.

For sure, TikTok could not have spread this way five years ago either. Eighteen-year-old Devanshu Mahajan, an undergraduate student of commerce at Delhi University’s School of Open Learning, agrees. He found himself exploring the internet only after the entry of Reliance Jio in the telecom market. “Before that we used to have 1 GB data for a month. Suddenly, we had 1 GB to spend in a day,” says the Delhi resident. Last year, he started posting videos on TikTok, most of which seemed to disappear into nowhere. “I got so angry that I uploaded a rant about the lack of response, and suddenly it got viral. Then, I started giving my own twist to trending sounds/beats and songs, and these videos started becoming popular,” says Mahajan, who has over eight lakh followers now.

Most of his popular posts are about Indian families (“Indian parents wish for boys only to send them to the market to buy milk and vegetables endless times”), school life and being single. They are not particularly witty, but belong to the tradition of native humour that once would make judges mysteriously ROFL on shows like The Great Indian Laughter Challenge. “I make my videos at home, I have no tripod or light, there is one window where I put my phone and act,” says Mahajan, who uses an Mi Y3 phone. With a spiky haircut and a lean frame, he is the picture of ordinariness. “People either say I’m too thin, or comment about my nose or looks. But I make a story out of those comments too. If I can make fun of myself, nothing can affect me,” he says.

“It may not be like YouTube where one can earn money, but because of this app, I feel like a star now,” says Musaib Bashir Bhat, 27. He joined TikTok seven months ago and his 300 videos in Kashmiri have earned him 73,000 followers already. He is also recognised on the streets of Srinagar.

Fame is the drug that drives TikTok users, but, for now, at least, this is a following rooted in the local. The app is a Babel of many tongues, and each region has its distinct self-expression — in its aesthetic, looks or music. It hasn’t been monopolised by Hindi film music or Punjabi pop.

Ranjan Barman, an 18-year-old living in a small village in Lakhimpur, Assam, loves acting. “I know I can’t be an actor in real life— but at least on TikTok I can,” says the college-goer who joined the app four months ago. He is now nearing his one millionth heart — a commendable feat for someone who is new to the TikTok universe. His popularity, he suspects, could have something to do with the props he uses in his videos. Barman owns 22 gamusa shirts, or shirts fashioned out of the traditional Assamese cloth, and says that whenever he wears them, his videos get more play. “In Assam, people respect the gamusa. It touches sentiments,” he says.

But how substantial is this fame? What kind of recognition do TikTokers seek? Last month, Mahajan called for a meet-and-greet with his “fans” at a west Delhi mall. Thirty people showed up. “I hadn’t expected anyone to turn up. People clicked photos and videos, but I didn’t feel like a celebrity,” he says.

While TikTok fame comes from the number of followers one has, an important barometer is also the number of hearts you receive. For example, Medhi has only 4,000 followers, but his videos have received 74,500 hearts. The heart tally is an aggregate of the number of likes the creator has garnered across every video he has uploaded. “It is just one viral video you need — and then you are set,” says Medhi, who hasn’t hit the jackpot yet, but is optimistic. “Like all things in life, this, too, takes time,” he says.

TikTok has given Aizawl’s Adeline Pach much more than the 5,12,000 followers one sees on her profile. A cancer-survivor, Pach started using it in 2015, when it went by the name Musical.ly, while recovering from her illness. “It was silly, goofy stuff — but it helped take my mind off things,” she says. Even today, she suffers from a number of health issues. But TikTok “distracts her”.

Pach’s skilful “transition” videos (where one frame would blend to another seamlessly), started getting featured on the app’s homepage. “People liked the way I edited my videos. For example, if I was saying and wearing something in one frame, the next would be in another location, with me doing something else in another outfit,” says Pach, adding that earlier TikTok was more about skill, and now people “blindly heart goofy content.”

As Pach, now in her late twenties, kept getting featured, her followers shot up — and for first time in her life, the introvert found herself interacting with people — “and enjoying it. It gave me the confidence I never had.”

In 2017, Pach attended her first TikTok meetup in Mumbai. “That had about 70 people but the next one which took place in Bengaluru had 600,” she says. She performed a rap song by Nicki Minaj in front of a packed auditorium. “Suddenly I was fearless.”

For many, TikTok holds out the hope of bigger things to come — a career in music and acting. When he was a teen, Ambish KB’s acting talents — he mimicked his teachers’ mannerisms and got them to laugh — made him almost famous in school. In college, his obsession with films would make him watch first-day, first-show releases of leading Malayalam superstars like Mammootty and Mohanlal. He also held positions in the Ernakulam district unit of the all-Kerala Mammootty fans association. “It’s safe to assume that I spent more time in theatres than in college,” says Ambish, 27, an accountant with a fashion design firm in Kochi.

He still has not given up on his acting dreams. For three years now, he has been scouring for small roles, approaching directors, producers and scriptwriters, even as he maintains a job on the side. Not surprisingly, he has taken to TikTok like a duck to water. His account doesn’t boast an envious number of followers (572 at last count) but his videos, most of which are comedy re-enactments of popular scenes from Malayalam cinema, have collected thousands of views and a flood of reactions. He says his videos are all home-produced and mostly filmed in the dead of night once his parents are fast asleep. Many of them are also collaborations with his wife; she’s not mad about cinema like he is, but she likes the fun interface of TikTok. To the point that, at weddings, their relatives call them, “Oh look, here come the TikTok people!”

But more than anything, Ambish believes TikTok could hold his ticket to the film industry. “It’s a medium for people like us to display our talent. Who knows, if my video goes viral and if a casting director happens to notice, I might click,” says Ambish, who spends at least eight hours a day on TikTok. His inspiration is a fellow TikTok user, Fukru, who supposedly landed a role in a film after his dance videos went viral. “He would post videos every day, just random ones of him dancing. Now he’s got a role in the next film by director Omar Lulu. You never know,” Ambish says.

Ambish is not prepared to leave his job yet, as he understands the film industry is unpredictable. He doesn’t have the means to travel for auditions to faraway towns. But he knows he has a powerful device at his disposal that could get him there: his Huawei P20 Lite smartphone and the TikTok app on it.

While future sociologists might mine TikTok to understand the changing mores of a new generation, fears of data mining and privacy intrusions of the app have often been voiced. This year, the US Federal Trade Commission fined the company $5.7 million for illegally collecting the personal data of children. In 2018, Indonesia’s government temporarily banned the platform for “negative”, mostly pornographic and blasphemous, content. The government lifted the ban after the company complied with local laws and stepped up local content moderation.

In April, the Madras High Court made a similar interim takedown order, asking Google and Apple to remove TikTok from their app stores, citing pornographic and child exploitation content. Three weeks later, the court lifted the ban after the Supreme Court asked it to address the company’s plea against the takedown, and the app fell from most downloaded to fourth most in India. The company has admittedly decided to “show less skin” here than its other markets. “It’s a bit of a case-to-case basis. There is no clear line I can share with you now. If there is a sexually-explicit video, we take it down. And we are doing this a bit quicker in India,” said Lersch.

Writing in these pages, our columnist Nishant Shah warned about TikTok’s “embrace of artificial intelligence and big data analytics.” “From the minute you sign up for it, giving up your personal information and data to extreme mining which bears the same pitfalls of privacy and surveillance that all other big data apps do, TikTok starts presenting content to you. This is not content created by friends, or colleagues… Instead, this is content created by people you don’t know at all, and brought to you by algorithms that know, even without you telling them what you might like.

The more time you spend … going through complex tutorials to make your own 15-second fun video, the more the machine learning algorithms learn you,” wrote the co-founder of the Centre for Internet and Society. While critics point out that the infantilised world that the app peddles is dangerous to the very personal liberty that it seems to showcase, it’s not an argument that is winning.

But wait, what happened to the “meatup” banner? When Medhi and Nath had met, they rued the little regard their family and friends had for their pursuit. “My friends think I am wasting time,” says Medhi, the only TikToker in Raha. Both knew they had to do something.

They went ahead and organised the first state-wide TikTok meetup in Assam, slated for this Sunday. While there have been meetups before, this is the first time TikTokers from every corner of the state will be in attendance. They expect about 500. How did they manage to do it? “Only negative things go viral on the internet,” says Medhi, “That is why we decided to spell ‘meetup’ as ‘meatup’.”

The day the banner was ready and picked up from Nagaon, both Medhi and Nath took a picture of it and put it on the app. As expected, there was an uproar. “Everyone started sharing it. My phone number was on the banner and I would get 10 calls a day. “They would say: Don’t you know how to spell ‘meetup’? Most made fun of me but I didn’t care. Our job was done. The word had spread.”

For more details visit https://cis-india.org/internet-governance/news/indian-express-june-23-2019-chasing-fame-and-fun-15-seconds-at-a-time

Charting the Charter: Internet Rights and Principles Online

praskrishna — 2013-10-21T07:03:53Z

This workshop is being organised by IRP Coalition on October 22 in Bali Nusa Dua Convention Centre. Pranesh Prakash is participating as a panelist.

The Internet Governance Forum 2013 is being held at Bali from October 22 to 25. The overarching theme for the 2013 IGF meeting is: "Building Bridges"- Enhancing Multistakeholder Cooperation for Growth and Sustainable Development".

Read the original published on the IGF website

Theme: Human Rights / Freedom of Expression on the Internet

Since the Charter of Internet Rights and Principles was developed dialogue about diverse internet related human rights issues have emerged in various UN human rights mechanisms e.g. racism/racial discrimination, human rights defenders, women's human rights, freedom of association, business and human rights, protection of cultural heritage. The workshop will map the issues under discussion in the UNHRC against those in the Charter of Human Rights and Principles for the Internet (‘IRP Charter’) and explore multistakeholder perspectives and best practice examples of adherence to the Charter and human rights standards from diverse regions.

The focus is on progress, opportunities and challenges to monitor and advocate for the IRP Charter provisions particularly for marginalised groups e.g. rural and indigenous peoples, disabled people, urban poor as the second part of the two workshops put forward by the IRP Coalition and partners. Wider questions that the workshop looks to cover include: How are understandings about the interrelationship of internet governance and human rights standards developing at the Human Rights Council? Aside from freedom of expression and the right to Privacy, what other human rights are important in relation to the internet? How can the Charter be used to broaden the engagement of the Human Rights Council in internet governance issues? How does the work of the HRC inform the Charter, and other internet policy documents and mechanisms?

Since the 2009 IGF, the Internet Rights and Principles Coalition has organised a range of workshops and Coalition meetings looking at the application of human rights standards (primarily those espoused in the Universal Declaration of Human Rights, the International Covenant on Civil and Political Rights and the International Covenant on Economic, Social and Cultural Rights) to the Internet. In 2010 the previous draft of the IRP Charter (http://internetrightsandprinciples.org/site/charter/) was launched with a rigorous discussion about what correct interpretation of existing standards is and the role of different stakeholders in relation to these.

In 2011 the IRP Charter was distilled down to 10 key advocacy points, the Ten Internet Rights and Principles (http://internetrightsandprinciples.org/site/campaign/). These were debated as the Coalition undertook a closer analysis of the issue of copyright protection and how it interrelated with human rights on the internet. In 2012 the Coalition looked at how the Charter was feeding in to a derivative initiative at the Council of Europe to create a user-friendly Compendium of rights of internet users. The Coalition made a close analysis of the issue of anonymity online. This year we want to focus on human rights which, while contained in the Charter, have not received high levels of attention. We also want to loop in the work of Coalition members working on human rights, women’s rights, social, cultural and economic rights as well as the recent work of the Human Rights Council (which is the most authoritative global body applying human rights to the Internet) to incorporating human rights as an integral part of the internet governance field.

Has the proponent organised a workshop with a similar subject during past IGF meetings?
Yes

Indication of how the workshop will build on but go beyond the outcomes previously reached
The IRP Coalition launched the IRP Charter and Ten Principles in 2010/2011 (www.internetrightsandprinciples.org). These launches started a vigorous and productive chain of discussions and outreach initiatives in and around IGF Meetings. These were followed up in 2011 and 2012 with IGF workshops that focused in specific issues such as copyright, access as a right, and existing rights of internet users. This year we focus on human rights which, while contained in the Charter, have not received high levels of attention. We also want to loop in the work of Coalition members working on human rights, women’s rights, social, cultural and economic rights as well as the recent work of the Human Rights Council (which is the most authoritative global body applying human rights to the Internet) to incorporating human rights as an integral part of the internet governance field. Recent events underscore that the moment has come to ground human rights principles in internet governance practice as this affects everyday life, work, and government.

Background Paper

Download Background Paper

Session Type: Roundtable

Co-organisers

Ms. Dixie Hawtin, Global Partners and Associates, Private Sector, Western Europe and Others Group - WEOG
Ms. Joy Liddicoat, Association for Progressive Communications, Civil Society, New Zealand, Asia-Pacific Group
Ms. Marianne Franklin, Goldsmiths (University of London, UK)/ IRP Coalition), Civil Society, United Kingdom, Western Europe and Others Group - WEOG

Have the Proponent or any of the co-organisers organised an IGF workshop before?
Yes

The link(s) to the workshop report(s)

Panelists

Please click on the biography to view the profile of the panelists:

Joy Liddicoat, Association for Progressive Communications, Female, Civil Society, New Zealand, Western Europe and Others Group – WEOG
Biography
Frank La Rue, United Nations, Male, Civil Society, Guatemala, Latin American and Caribbean Group - Grulac
Asif Kabani, Ministry of Finance, Male, Government, Pakistan, Asia-Pacific Group
Biography
Carl Fredrik Wettermark, Ministry of Foreign Affairs, Male, Government, Sweden, Western Europe and Others Group – WEOG
Biography
Marianne Franklin, (IRP Coalition/Goldsmiths (University of London, UK), Female, Civil Society, New Zealand, Asia-Pacific Group
Biography
Pranesh Prakash, Centre for Internet and Society, Male, Civil Society, India, Asia-Pacific Group
Biography
Cornelia Kutterer, Microsoft, Female, Private Sector, BELGIUM, Western Europe and Others Group – WEOG
Biography
Michael Rotert, eco-German Internet Industry, Male, Technical Community, Germany, Western Europe and Others Group – WEOG
Biography

Moderator

Dixie Hawtin, Global Partners and Associates

Remote Moderator

Rebecca Zausmer, Global Partners and Associates

Agenda

This round table session explores the opportunities and challenges for upholding human rights standards on the internet using the IRP Charter of Human Rights and Principles for the Internet (http://internetrightsandprinciples.org/site/charter/). In tandem with the session on Disabilities and Indigenous rights this session aims to:

Address a number of human rights – moving beyond freedom of expression and privacy - to consider the IRP Charter provisions for socio-economic rights, education, women’s rights and rights of the visually impaired in the online environment.
Provide an assessment of the implementation of human rights standards on the internet o date.
Feed recommendations in to the IRP Coalition initiative to create a final version of the IRP Charter (in terms of substance, process, and uses of the document in practice)

The session will start by focusing on a selection of concrete examples (such as, the PRISM revelations, the Marrakesh Treaty on exceptions and limitations to copyright for the blind, racial discrimination, education rights online) before opening to a wider discussion. It brings together diverse perspectives on the relationship between human rights and internet policy, where the human rights movement needs to engage more or more effectively, and how the IRP Charter should be developed to assist this process. The outcomes of the workshop will feed into the IRP Coalition Meeting, ‘Towards the IRP Charter 2.0’.

Inclusiveness of the Session

Panellists will make short initial statements of up to 3 minutes, each will be tasked with a particular perspective to bring and enable several rounds of the table. It will also allow ample time for audience questions and comments. The audience will be invited to ask questions, and to answer questions which the moderators will pose to the floor.

Suitability for Remote Participation

Both the IRP and the APC have a good track record of marketing their workshops across a range of email lists, websites and social media to ensure that potential remote participants know about the workshop and can participate. Remote participants will be engaged by the remote moderator who will pose questions to them and facilitate an active remote conversation alongside the conversation in situ– making links between the two wherever possible.

Questions or Comments

Please note that Mr Frank La Rue has been invited. As his office needs some time to respond we have included his name as an unconfirmed participant for the time being.

Also a note on the number of participants:
As this is a roundtable, open discussion format there are more than five speakers in order to generate the range and depth needed for this sort of interactive and dynamic discussion. The IRP Coalition has taken the lead in instigating these sorts of discussion formats in multistakeholder meetings such as the UNESCO WSIS+10 event and the Lisbon EuroDIG. The session moderator is experienced for this format and the participants aware that long speeches are not required.

For more details visit https://cis-india.org/news/igf-2013-workshop-99-charting-the-charter-internet-rights-and-principles-online

Chances and Risks of Social Participation

praskrishna — 2013-11-30T09:19:34Z

Participation is a key issue within Internet research and hence also for the Alexander von Humboldt Institute for Internet and Society. For this reason the institute is going to host a thematically focused meeting on Chances and Risks of Social Participation in Berlin on 22 November 2013 in co-operation with the Friedrich Ebert Foundation.

Nishant Shah gave the keynote for this event.

Morning Session
by invitation only
International senior researchers from a broad field of disciplines are invited to join the discussion and contribute with their expertise to various sessions as well as a public panel discussion. Thereby, the institute aims to push ahead research and exchange of ideas around the field of participation ranging from encouragement in context of democracy to the impact on innovation management.

Public Afternoon: Online into Politics?
open to the public, registration required
In the afternoon, the meeting will be opened to the public. We are pleased to announce that Helen Margetts, director of the Oxford Internet Institute (OII) has agreed to hold a keynote. We are also excited to be able to share first findings from a study on the e-petition platform of the German parliament, the Bundestag, with the attendants. Representatives of politics and society will reveal national perspectives on political participation within the concluding panel discussion.

Side Events

This meeting adds to the activities of the newly founded Network of Internet & Society Research Centers (NoC). Alongside the meeting on participation the annual Early Stage Researchers Colloquium and a meeting of participants of the Network of Centers will take place – guaranteeing fruitful and inspiring discourses across disciplines and research institutions.

Hosts and Co-Hosts

The event is hosted in co-operation with the Friedrich Ebert Foundation and serves as a Network of Centers (NoC) regional event. The event is furthermore supported by the British Embassy Berlin.

Click to download the brochure of the event.

For more details visit https://cis-india.org/news/alexander-von-humbodt-institute-for-internet-november-22-chances-and-risks-of-social-participation

CERT-In's Proactive Mandate - A Report on the Indian Computer Emergency Response Team’s Proactive Mandate in the Indian Cyber Security Ecosystem

tiwari — 2016-11-19T04:14:51Z

CERT-IN’s proactive mandate is defined in the IT Act, 2000 as well as in the Information Technology (The Indian Computer Emergency Response Team and Manner of Performing Function and Duties ) Rules, 2013 (CERT-In Rules, 2013) both of which postdate the existence of the organisation itself, which has been operational since 2004.

Regarding the proactive mandate, the IT Act and CERT-In Rules include the following areas where CERT-In is required to carry out proactive measures in the interests of cyber security:

Forecast and alert cyber security incidents (IT Act, 2000) & Predict and prevent cyber security incidents (CERT-In Rules, 2013)
Issue guidelines, advisories and vulnerability notes etc. relating to information security practices, procedures, prevention, response and reporting (IT Act, 2000)
Information Security Assurance (CERT-In Rules, 2013)

This article will track and analyse the CERT-In’s operations in each of these areas over the past twelve years, by analysing the information available on CERT-In’s website as well as other media in the public domain.

The analysis will be carried out using a mixed methodology. The basic quantitative analysis of the information available on the CERT-In’ website will be carried out in the form of simple comparatives of updates, bulletins and other forms of publicly available interaction and critical information dispersal on CERT-In’s website. The qualitative sections, on the other hand, will contain a comparative analysis of the content present in the technical documents of the CERT-In with the equivalent documentation (where present) of similar bodies in the USA and EU. Each section will then illustrate normative suggestions as to how CERT-In’s performance of that respective obligation can be improved to better serve its cyber security mandate.

Read the full article

The image is published under Creative Commons License CC BY-SA. Anyone can distribute, remix, tweak, and build upon this document, even for commercial purposes, as long as they credit the creator of this document and license their new creations under the terms identical to the license governing this document.

For more details visit https://cis-india.org/internet-governance/blog/cert-ins-proactive-mandate-a-report-on-indian-computer-emergency-response-teams-proactive-mandate-in-indian-cyber-security-ecosystem

Centre’s order on computer surveillance threatens right to privacy, experts say

Admin — 2018-12-25T00:50:48Z

The Constitutional validity of the notification allowing ten agencies to intercept information is uncertain.

The blog post by Abhishek Dey was published in Scroll.in on December 22, 2018.

A notification issued by the Union Ministry of Home Affairs on Thursday allowing ten agencies to intercept, monitor and decrypt any information generated from any computer poses a grave threat to the fundamental right to privacy, said lawyers and cyber security experts.

The notification led to a political storm on Friday and criticism from the Opposition forced Parliament to be adjourned. However, Union Finance Minister Arun Jaitley accused the Opposition of “making a mountain where a molehill does not exist”. The government on Friday issued a clarification stating that the directive does not confer any new powers on it and has the legal backing of the Information Technology Act.

Experts agreed that Thursday’s notification lists powers already available to the authorities in the Information Technology Act 2000. The legal provisions to allow interception were introduced in 2008 by the Congress-led United Progressive Alliance government. However, with the fresh directive, experts said that the Bharatiya Janata Party-led government seems to be trying to formalise surveillance through the interception of computer information, they said.

“It is true that such [interception] powers already existed,” said Pavan Duggal, a lawyer with expertise in cyber security. “But neither any such formal directives were issued which I know of, nor any agency were specifically notified to have those powers.”

Privacy test

The Information Technology Act 2000 was amended in 2008 to allow to the monitoring and interception of computer information, while the rules under which this would operate were promulgated in 2009. In 2017, the Supreme Court delivered a judgment establishing privacy as a fundamental right. The legal foundation of the computer interception directive could be still be challenged in court because it has not yet been considered in light of the privacy judgment, said Duggal. “It is now a matter of Constitutional validity,” he said

Thursday’s notification lists the agencies authorised to intercept, monitor and decrypt computer data: the Intelligence Bureau, Narcotics Control Bureau, Enforcement Directorate, Central Board of Direct Taxes, Directorate of Revenue Intelligence, Central Bureau of Investigation, National Investigation Agency, Cabinet Secretariat (RAW), Directorate of Signal Intelligence (for service areas of Jammu and Kashmir, North East and Assam) and the Commissioner of Police, Delhi. The Act provides a jail term of seven years for anyone who refuses to cooperate with these agencies.

On Friday, experts questioned whether a notification listing the 10 agencies had actually been issued earlier, as the Centre claimed.

“It is a fresh notification,” said Apar Gupta, a lawyer who specialises in technology and media issues. “With this, interception of computers has received formal acceptance in the public domain and it can have serious implications on privacy.”

Senior officials of the Delhi Police also said this appeared to be a fresh order. Asked if this meant that the agencies would not need to ask for authorisation in every case since a blanket order has been issued, the officials said that this still needs to be clarified.

Lacking proportionality

The order has raised questions about the validity of the cases of interception of computer information conducted by the state police and other security agencies between 2009 (the year the interception rules were promulgated) and 2018 (the year the notification has been issued), Pranesh Prakash, co-founder of the Centre for Internet and Society.

One possibility, he said, may be that they were all unlawful.

But if they were indeed conducted with legal backing, Prakash said, then permission for this would been sanctioned in the form of an order by a competent authority. This is what Rule 3 of the interception rules mandate. But if so, Rule 4, which deals with the government authorising agencies to conduct such interceptions, is redundant. “How can it not be when any state police or other agency is capable of acquiring an order for interception under Rule 3?” he said

Besides, Prakash said, the new directive does not pass the test of proportionality.

In 2007, the Central government introduced rules to amend the Indian Telegraph Act 1951 to allow for information to be intercepted, Prakash said. However, the rules say that the competent authority should resort to interception only after considering all alternative means to acquire information. Thursday’s directive, though, is silent about the circumstances in which interception will be permitted, he said.

For more details visit https://cis-india.org/internet-governance/news/scroll-abhishek-dey-december-22-2018-centres-order-on-computer-surveillance-threatens-right-to-privacy