We are anonymous, we are legion

Chasing fame and fun 15 seconds at a time: Why TikTok has India hooked

Tora Agarwala, Surbhi Gupta, and Karishma Mehrotra — 2019-07-05T02:13:39Z

How TikTok, an app owned by a Chinese firm, has become a playground for India’s young.

The article by Tora Agarwala, Surbhi Gupta, and Karishma Mehrotra appeared in Indian Express on June 23, 2019. Nishant Shah was quoted.

“Kaam nai niki? Do you have no other work?” At a banner printing shop in Nagaon, a town in Assam, the middle-aged shopkeeper was bemused. It was the strangest order he had received in a while.

For one, the banner was for a “TikTok” meetup. He had not the slightest inkling of what that was. Second, the two boys who had introduced themselves as hailing from Jamuguri and Raha, smaller towns in the state, insisted that the text incorporate a spelling mistake. “Instead of M-E-E-T up, please write M-E-A-T up,” he was told. The shopkeeper grudgingly obliged and the boys rode off on their bikes. It would be ready the next day.

“This is going to go viral,” Dhurbajit Medhi said triumphantly to his friend PK Nath. They had only known each other for a month, having “met” on TikTok. In April, they sat face-to-face for the first time at a small restaurant in Raha, in Nagaon district, where Medhi lived. Nath had travelled 110 km to meet him.

Medhi was 23, a singer who had dropped out of college because of a death in the family. Nath, about 30, was known in his neighbourhood in Jamuguri for two things: his gela maal dukaan (grocery store) and his penchant to make people laugh.

On TikTok, both have followers in thousands. Over a few months, they would chat often, appreciating each other’s videos. “On a sad day, I would scroll through Nath da’s feed and it would make me laugh without fail,” says Medhi, who joined TikTok about a year ago. Many comments on his videos are from girls. “Some say ‘cute’ and some say bhaal laagise (You’re looking good),” says Medhi, who is reasonably tall and sports a goatee on his boyish face.

Over the year, Medhi has learnt the tricks of the TikTok trade. “There are two kinds of videos which get attention here in Assam: either you do sad, romantic songs. Or you do fotuami — slapstick humour,” says Medhi, who has made a niche for himself in the former category. He owns an Mi phone, worth Rs 11,000, which he bought a year ago by saving money through his work at his father’s tea shop. “My mother is okay with me making these videos. But she says, ‘Do all this, but think about your life also.’ I get her point but maybe I can make a career out of this,” he says.

After all, TikTok is not as easy as Facebook. It involves an element of skill. “Do you know how difficult it is to get one TikTok like? On Facebook, you just put a photo and the likes pour in. Here, we have to work hard.” Medhi admits he was naïve initially. “I would make photo-collages from my trips to Kaziranga and add some background music.” But that would not have worked. “The viewer takes into account everything: is our lip-sync matching? Are our clothes suited to the mood of the music? Are our expressions accurate?”

Today, Medhi has over 400 videos, many of which feature him mouthing lyrics to the songs sung by Assamese musician Zubeen Garg. Sometimes, he sings in his own voice too — a secret talent he has nurtured but not had the opportunity to explore. “In Upper Assam, there is an appreciation for the arts and music. But here in middle Assam, it is different. People would mock, ‘Eeeh gayok hobo ahise. Look at him trying to be a singer,’” says Medhi.

It is these aspirations, which often get mowed down by the traditionalism that comes with living in small towns and villages that TikTok is giving oxygen to. The short-form video app has seen a phenomenal growth since its rebranding from Musical.ly in 2018, garnering 200 million users in India alone. Its hallmark is simple: it woos your attention with 15-second videos (they make go up to 60 seconds too) of lip-syncing teenage girls, dancing boys, family pranks and other such stylised moments. The mobile app’s owner, a Chinese internet company called ByteDance, was reportedly awarded a round of major investment from Japanese SoftBank last year, making it the world’s most valuable startup.

TikTok’s rapid capture of India — it skyrocketed past traditional social media mammoths, like Facebook, on global download charts in 2018 — is a testament to how quickly Chinese apps have begun to give American tech companies a run for their money in one of the world’s most important markets. TikTok has given a megaphone to rural Indian life in a way that no other app has been able to; American apps such as Facebook have been restricted to a primarily upper-class user base.

“We believe that TikTok filled the gap by bringing people from across the deepest pockets of India online and giving them a platform to express themselves,” said ByteDance’s global public policy director Helena Lersch. Since the company introduced in-feed advertisements and branded editing tools last year, it’s attracted the likes of Pepsi, Myntra, and Dunzo.

If more proof were needed that TikTok has planted itself into the circuitry of desire and aspiration, it came by way of a news report last fortnight. A young man in Delhi, who worked at a restaurant, was arrested for snatching an iPhone XS Max — he wanted to shoot good-quality TikTok videos. Another 19-year-old from Delhi, Salman Zakir, was shot by his neighbour allegedly in the course of making a TikTok video.

But what is the big deal about TikTok? How have 15-second fragments of people being people colonised the attention of so many? Scrolling through the app for the first time, one is struck by how random it is, and how the attention economy has shrunk your mindspan to a quarter of a minute. You could easily tire of teens dancing, making faces and lip-synching in super-tiny skits and video memes. Or, you could watch an entire generation occupy this playground with their energy and creativity, using 15 seconds to mix, mash and play versions of themselves. Preparing a face to meet other excited, silly faces has never been so addictive.

Social media has put the self at the centre, making opinions out of rants, photographers of anyone with a phone camera, and journalists of citizens. TikTok takes the humdrum, turns it into a form of talent and injects into it the velocity of the fast-travelling video.

But, more importantly perhaps, it taps into a confidence in the young — about their lives, abilities and even their humble backgrounds — that was unthinkable a generation ago.

For sure, TikTok could not have spread this way five years ago either. Eighteen-year-old Devanshu Mahajan, an undergraduate student of commerce at Delhi University’s School of Open Learning, agrees. He found himself exploring the internet only after the entry of Reliance Jio in the telecom market. “Before that we used to have 1 GB data for a month. Suddenly, we had 1 GB to spend in a day,” says the Delhi resident. Last year, he started posting videos on TikTok, most of which seemed to disappear into nowhere. “I got so angry that I uploaded a rant about the lack of response, and suddenly it got viral. Then, I started giving my own twist to trending sounds/beats and songs, and these videos started becoming popular,” says Mahajan, who has over eight lakh followers now.

Most of his popular posts are about Indian families (“Indian parents wish for boys only to send them to the market to buy milk and vegetables endless times”), school life and being single. They are not particularly witty, but belong to the tradition of native humour that once would make judges mysteriously ROFL on shows like The Great Indian Laughter Challenge. “I make my videos at home, I have no tripod or light, there is one window where I put my phone and act,” says Mahajan, who uses an Mi Y3 phone. With a spiky haircut and a lean frame, he is the picture of ordinariness. “People either say I’m too thin, or comment about my nose or looks. But I make a story out of those comments too. If I can make fun of myself, nothing can affect me,” he says.

“It may not be like YouTube where one can earn money, but because of this app, I feel like a star now,” says Musaib Bashir Bhat, 27. He joined TikTok seven months ago and his 300 videos in Kashmiri have earned him 73,000 followers already. He is also recognised on the streets of Srinagar.

Fame is the drug that drives TikTok users, but, for now, at least, this is a following rooted in the local. The app is a Babel of many tongues, and each region has its distinct self-expression — in its aesthetic, looks or music. It hasn’t been monopolised by Hindi film music or Punjabi pop.

Ranjan Barman, an 18-year-old living in a small village in Lakhimpur, Assam, loves acting. “I know I can’t be an actor in real life— but at least on TikTok I can,” says the college-goer who joined the app four months ago. He is now nearing his one millionth heart — a commendable feat for someone who is new to the TikTok universe. His popularity, he suspects, could have something to do with the props he uses in his videos. Barman owns 22 gamusa shirts, or shirts fashioned out of the traditional Assamese cloth, and says that whenever he wears them, his videos get more play. “In Assam, people respect the gamusa. It touches sentiments,” he says.

But how substantial is this fame? What kind of recognition do TikTokers seek? Last month, Mahajan called for a meet-and-greet with his “fans” at a west Delhi mall. Thirty people showed up. “I hadn’t expected anyone to turn up. People clicked photos and videos, but I didn’t feel like a celebrity,” he says.

While TikTok fame comes from the number of followers one has, an important barometer is also the number of hearts you receive. For example, Medhi has only 4,000 followers, but his videos have received 74,500 hearts. The heart tally is an aggregate of the number of likes the creator has garnered across every video he has uploaded. “It is just one viral video you need — and then you are set,” says Medhi, who hasn’t hit the jackpot yet, but is optimistic. “Like all things in life, this, too, takes time,” he says.

TikTok has given Aizawl’s Adeline Pach much more than the 5,12,000 followers one sees on her profile. A cancer-survivor, Pach started using it in 2015, when it went by the name Musical.ly, while recovering from her illness. “It was silly, goofy stuff — but it helped take my mind off things,” she says. Even today, she suffers from a number of health issues. But TikTok “distracts her”.

Pach’s skilful “transition” videos (where one frame would blend to another seamlessly), started getting featured on the app’s homepage. “People liked the way I edited my videos. For example, if I was saying and wearing something in one frame, the next would be in another location, with me doing something else in another outfit,” says Pach, adding that earlier TikTok was more about skill, and now people “blindly heart goofy content.”

As Pach, now in her late twenties, kept getting featured, her followers shot up — and for first time in her life, the introvert found herself interacting with people — “and enjoying it. It gave me the confidence I never had.”

In 2017, Pach attended her first TikTok meetup in Mumbai. “That had about 70 people but the next one which took place in Bengaluru had 600,” she says. She performed a rap song by Nicki Minaj in front of a packed auditorium. “Suddenly I was fearless.”

For many, TikTok holds out the hope of bigger things to come — a career in music and acting. When he was a teen, Ambish KB’s acting talents — he mimicked his teachers’ mannerisms and got them to laugh — made him almost famous in school. In college, his obsession with films would make him watch first-day, first-show releases of leading Malayalam superstars like Mammootty and Mohanlal. He also held positions in the Ernakulam district unit of the all-Kerala Mammootty fans association. “It’s safe to assume that I spent more time in theatres than in college,” says Ambish, 27, an accountant with a fashion design firm in Kochi.

He still has not given up on his acting dreams. For three years now, he has been scouring for small roles, approaching directors, producers and scriptwriters, even as he maintains a job on the side. Not surprisingly, he has taken to TikTok like a duck to water. His account doesn’t boast an envious number of followers (572 at last count) but his videos, most of which are comedy re-enactments of popular scenes from Malayalam cinema, have collected thousands of views and a flood of reactions. He says his videos are all home-produced and mostly filmed in the dead of night once his parents are fast asleep. Many of them are also collaborations with his wife; she’s not mad about cinema like he is, but she likes the fun interface of TikTok. To the point that, at weddings, their relatives call them, “Oh look, here come the TikTok people!”

But more than anything, Ambish believes TikTok could hold his ticket to the film industry. “It’s a medium for people like us to display our talent. Who knows, if my video goes viral and if a casting director happens to notice, I might click,” says Ambish, who spends at least eight hours a day on TikTok. His inspiration is a fellow TikTok user, Fukru, who supposedly landed a role in a film after his dance videos went viral. “He would post videos every day, just random ones of him dancing. Now he’s got a role in the next film by director Omar Lulu. You never know,” Ambish says.

Ambish is not prepared to leave his job yet, as he understands the film industry is unpredictable. He doesn’t have the means to travel for auditions to faraway towns. But he knows he has a powerful device at his disposal that could get him there: his Huawei P20 Lite smartphone and the TikTok app on it.

While future sociologists might mine TikTok to understand the changing mores of a new generation, fears of data mining and privacy intrusions of the app have often been voiced. This year, the US Federal Trade Commission fined the company $5.7 million for illegally collecting the personal data of children. In 2018, Indonesia’s government temporarily banned the platform for “negative”, mostly pornographic and blasphemous, content. The government lifted the ban after the company complied with local laws and stepped up local content moderation.

In April, the Madras High Court made a similar interim takedown order, asking Google and Apple to remove TikTok from their app stores, citing pornographic and child exploitation content. Three weeks later, the court lifted the ban after the Supreme Court asked it to address the company’s plea against the takedown, and the app fell from most downloaded to fourth most in India. The company has admittedly decided to “show less skin” here than its other markets. “It’s a bit of a case-to-case basis. There is no clear line I can share with you now. If there is a sexually-explicit video, we take it down. And we are doing this a bit quicker in India,” said Lersch.

Writing in these pages, our columnist Nishant Shah warned about TikTok’s “embrace of artificial intelligence and big data analytics.” “From the minute you sign up for it, giving up your personal information and data to extreme mining which bears the same pitfalls of privacy and surveillance that all other big data apps do, TikTok starts presenting content to you. This is not content created by friends, or colleagues… Instead, this is content created by people you don’t know at all, and brought to you by algorithms that know, even without you telling them what you might like.

The more time you spend … going through complex tutorials to make your own 15-second fun video, the more the machine learning algorithms learn you,” wrote the co-founder of the Centre for Internet and Society. While critics point out that the infantilised world that the app peddles is dangerous to the very personal liberty that it seems to showcase, it’s not an argument that is winning.

But wait, what happened to the “meatup” banner? When Medhi and Nath had met, they rued the little regard their family and friends had for their pursuit. “My friends think I am wasting time,” says Medhi, the only TikToker in Raha. Both knew they had to do something.

They went ahead and organised the first state-wide TikTok meetup in Assam, slated for this Sunday. While there have been meetups before, this is the first time TikTokers from every corner of the state will be in attendance. They expect about 500. How did they manage to do it? “Only negative things go viral on the internet,” says Medhi, “That is why we decided to spell ‘meetup’ as ‘meatup’.”

The day the banner was ready and picked up from Nagaon, both Medhi and Nath took a picture of it and put it on the app. As expected, there was an uproar. “Everyone started sharing it. My phone number was on the banner and I would get 10 calls a day. “They would say: Don’t you know how to spell ‘meetup’? Most made fun of me but I didn’t care. Our job was done. The word had spread.”

For more details visit https://cis-india.org/internet-governance/news/indian-express-june-23-2019-chasing-fame-and-fun-15-seconds-at-a-time

Charting the Charter: Internet Rights and Principles Online

praskrishna — 2013-10-21T07:03:53Z

This workshop is being organised by IRP Coalition on October 22 in Bali Nusa Dua Convention Centre. Pranesh Prakash is participating as a panelist.

The Internet Governance Forum 2013 is being held at Bali from October 22 to 25. The overarching theme for the 2013 IGF meeting is: "Building Bridges"- Enhancing Multistakeholder Cooperation for Growth and Sustainable Development".

Read the original published on the IGF website

Theme: Human Rights / Freedom of Expression on the Internet

Since the Charter of Internet Rights and Principles was developed dialogue about diverse internet related human rights issues have emerged in various UN human rights mechanisms e.g. racism/racial discrimination, human rights defenders, women's human rights, freedom of association, business and human rights, protection of cultural heritage. The workshop will map the issues under discussion in the UNHRC against those in the Charter of Human Rights and Principles for the Internet (‘IRP Charter’) and explore multistakeholder perspectives and best practice examples of adherence to the Charter and human rights standards from diverse regions.

The focus is on progress, opportunities and challenges to monitor and advocate for the IRP Charter provisions particularly for marginalised groups e.g. rural and indigenous peoples, disabled people, urban poor as the second part of the two workshops put forward by the IRP Coalition and partners. Wider questions that the workshop looks to cover include: How are understandings about the interrelationship of internet governance and human rights standards developing at the Human Rights Council? Aside from freedom of expression and the right to Privacy, what other human rights are important in relation to the internet? How can the Charter be used to broaden the engagement of the Human Rights Council in internet governance issues? How does the work of the HRC inform the Charter, and other internet policy documents and mechanisms?

Since the 2009 IGF, the Internet Rights and Principles Coalition has organised a range of workshops and Coalition meetings looking at the application of human rights standards (primarily those espoused in the Universal Declaration of Human Rights, the International Covenant on Civil and Political Rights and the International Covenant on Economic, Social and Cultural Rights) to the Internet. In 2010 the previous draft of the IRP Charter (http://internetrightsandprinciples.org/site/charter/) was launched with a rigorous discussion about what correct interpretation of existing standards is and the role of different stakeholders in relation to these.

In 2011 the IRP Charter was distilled down to 10 key advocacy points, the Ten Internet Rights and Principles (http://internetrightsandprinciples.org/site/campaign/). These were debated as the Coalition undertook a closer analysis of the issue of copyright protection and how it interrelated with human rights on the internet. In 2012 the Coalition looked at how the Charter was feeding in to a derivative initiative at the Council of Europe to create a user-friendly Compendium of rights of internet users. The Coalition made a close analysis of the issue of anonymity online. This year we want to focus on human rights which, while contained in the Charter, have not received high levels of attention. We also want to loop in the work of Coalition members working on human rights, women’s rights, social, cultural and economic rights as well as the recent work of the Human Rights Council (which is the most authoritative global body applying human rights to the Internet) to incorporating human rights as an integral part of the internet governance field.

Has the proponent organised a workshop with a similar subject during past IGF meetings?
Yes

Indication of how the workshop will build on but go beyond the outcomes previously reached
The IRP Coalition launched the IRP Charter and Ten Principles in 2010/2011 (www.internetrightsandprinciples.org). These launches started a vigorous and productive chain of discussions and outreach initiatives in and around IGF Meetings. These were followed up in 2011 and 2012 with IGF workshops that focused in specific issues such as copyright, access as a right, and existing rights of internet users. This year we focus on human rights which, while contained in the Charter, have not received high levels of attention. We also want to loop in the work of Coalition members working on human rights, women’s rights, social, cultural and economic rights as well as the recent work of the Human Rights Council (which is the most authoritative global body applying human rights to the Internet) to incorporating human rights as an integral part of the internet governance field. Recent events underscore that the moment has come to ground human rights principles in internet governance practice as this affects everyday life, work, and government.

Background Paper

Download Background Paper

Session Type: Roundtable

Co-organisers

Ms. Dixie Hawtin, Global Partners and Associates, Private Sector, Western Europe and Others Group - WEOG
Ms. Joy Liddicoat, Association for Progressive Communications, Civil Society, New Zealand, Asia-Pacific Group
Ms. Marianne Franklin, Goldsmiths (University of London, UK)/ IRP Coalition), Civil Society, United Kingdom, Western Europe and Others Group - WEOG

Have the Proponent or any of the co-organisers organised an IGF workshop before?
Yes

The link(s) to the workshop report(s)

Panelists

Please click on the biography to view the profile of the panelists:

Joy Liddicoat, Association for Progressive Communications, Female, Civil Society, New Zealand, Western Europe and Others Group – WEOG
Biography
Frank La Rue, United Nations, Male, Civil Society, Guatemala, Latin American and Caribbean Group - Grulac
Asif Kabani, Ministry of Finance, Male, Government, Pakistan, Asia-Pacific Group
Biography
Carl Fredrik Wettermark, Ministry of Foreign Affairs, Male, Government, Sweden, Western Europe and Others Group – WEOG
Biography
Marianne Franklin, (IRP Coalition/Goldsmiths (University of London, UK), Female, Civil Society, New Zealand, Asia-Pacific Group
Biography
Pranesh Prakash, Centre for Internet and Society, Male, Civil Society, India, Asia-Pacific Group
Biography
Cornelia Kutterer, Microsoft, Female, Private Sector, BELGIUM, Western Europe and Others Group – WEOG
Biography
Michael Rotert, eco-German Internet Industry, Male, Technical Community, Germany, Western Europe and Others Group – WEOG
Biography

Moderator

Dixie Hawtin, Global Partners and Associates

Remote Moderator

Rebecca Zausmer, Global Partners and Associates

Agenda

This round table session explores the opportunities and challenges for upholding human rights standards on the internet using the IRP Charter of Human Rights and Principles for the Internet (http://internetrightsandprinciples.org/site/charter/). In tandem with the session on Disabilities and Indigenous rights this session aims to:

Address a number of human rights – moving beyond freedom of expression and privacy - to consider the IRP Charter provisions for socio-economic rights, education, women’s rights and rights of the visually impaired in the online environment.
Provide an assessment of the implementation of human rights standards on the internet o date.
Feed recommendations in to the IRP Coalition initiative to create a final version of the IRP Charter (in terms of substance, process, and uses of the document in practice)

The session will start by focusing on a selection of concrete examples (such as, the PRISM revelations, the Marrakesh Treaty on exceptions and limitations to copyright for the blind, racial discrimination, education rights online) before opening to a wider discussion. It brings together diverse perspectives on the relationship between human rights and internet policy, where the human rights movement needs to engage more or more effectively, and how the IRP Charter should be developed to assist this process. The outcomes of the workshop will feed into the IRP Coalition Meeting, ‘Towards the IRP Charter 2.0’.

Inclusiveness of the Session

Panellists will make short initial statements of up to 3 minutes, each will be tasked with a particular perspective to bring and enable several rounds of the table. It will also allow ample time for audience questions and comments. The audience will be invited to ask questions, and to answer questions which the moderators will pose to the floor.

Suitability for Remote Participation

Both the IRP and the APC have a good track record of marketing their workshops across a range of email lists, websites and social media to ensure that potential remote participants know about the workshop and can participate. Remote participants will be engaged by the remote moderator who will pose questions to them and facilitate an active remote conversation alongside the conversation in situ– making links between the two wherever possible.

Questions or Comments

Please note that Mr Frank La Rue has been invited. As his office needs some time to respond we have included his name as an unconfirmed participant for the time being.

Also a note on the number of participants:
As this is a roundtable, open discussion format there are more than five speakers in order to generate the range and depth needed for this sort of interactive and dynamic discussion. The IRP Coalition has taken the lead in instigating these sorts of discussion formats in multistakeholder meetings such as the UNESCO WSIS+10 event and the Lisbon EuroDIG. The session moderator is experienced for this format and the participants aware that long speeches are not required.

For more details visit https://cis-india.org/news/igf-2013-workshop-99-charting-the-charter-internet-rights-and-principles-online

Chances and Risks of Social Participation

praskrishna — 2013-11-30T09:19:34Z

Participation is a key issue within Internet research and hence also for the Alexander von Humboldt Institute for Internet and Society. For this reason the institute is going to host a thematically focused meeting on Chances and Risks of Social Participation in Berlin on 22 November 2013 in co-operation with the Friedrich Ebert Foundation.

Nishant Shah gave the keynote for this event.

Morning Session
by invitation only
International senior researchers from a broad field of disciplines are invited to join the discussion and contribute with their expertise to various sessions as well as a public panel discussion. Thereby, the institute aims to push ahead research and exchange of ideas around the field of participation ranging from encouragement in context of democracy to the impact on innovation management.

Public Afternoon: Online into Politics?
open to the public, registration required
In the afternoon, the meeting will be opened to the public. We are pleased to announce that Helen Margetts, director of the Oxford Internet Institute (OII) has agreed to hold a keynote. We are also excited to be able to share first findings from a study on the e-petition platform of the German parliament, the Bundestag, with the attendants. Representatives of politics and society will reveal national perspectives on political participation within the concluding panel discussion.

Side Events

This meeting adds to the activities of the newly founded Network of Internet & Society Research Centers (NoC). Alongside the meeting on participation the annual Early Stage Researchers Colloquium and a meeting of participants of the Network of Centers will take place – guaranteeing fruitful and inspiring discourses across disciplines and research institutions.

Hosts and Co-Hosts

The event is hosted in co-operation with the Friedrich Ebert Foundation and serves as a Network of Centers (NoC) regional event. The event is furthermore supported by the British Embassy Berlin.

Click to download the brochure of the event.

For more details visit https://cis-india.org/news/alexander-von-humbodt-institute-for-internet-november-22-chances-and-risks-of-social-participation

CERT-In's Proactive Mandate - A Report on the Indian Computer Emergency Response Team’s Proactive Mandate in the Indian Cyber Security Ecosystem

tiwari — 2016-11-19T04:14:51Z

CERT-IN’s proactive mandate is defined in the IT Act, 2000 as well as in the Information Technology (The Indian Computer Emergency Response Team and Manner of Performing Function and Duties ) Rules, 2013 (CERT-In Rules, 2013) both of which postdate the existence of the organisation itself, which has been operational since 2004.

Regarding the proactive mandate, the IT Act and CERT-In Rules include the following areas where CERT-In is required to carry out proactive measures in the interests of cyber security:

Forecast and alert cyber security incidents (IT Act, 2000) & Predict and prevent cyber security incidents (CERT-In Rules, 2013)
Issue guidelines, advisories and vulnerability notes etc. relating to information security practices, procedures, prevention, response and reporting (IT Act, 2000)
Information Security Assurance (CERT-In Rules, 2013)

This article will track and analyse the CERT-In’s operations in each of these areas over the past twelve years, by analysing the information available on CERT-In’s website as well as other media in the public domain.

The analysis will be carried out using a mixed methodology. The basic quantitative analysis of the information available on the CERT-In’ website will be carried out in the form of simple comparatives of updates, bulletins and other forms of publicly available interaction and critical information dispersal on CERT-In’s website. The qualitative sections, on the other hand, will contain a comparative analysis of the content present in the technical documents of the CERT-In with the equivalent documentation (where present) of similar bodies in the USA and EU. Each section will then illustrate normative suggestions as to how CERT-In’s performance of that respective obligation can be improved to better serve its cyber security mandate.

Read the full article

The image is published under Creative Commons License CC BY-SA. Anyone can distribute, remix, tweak, and build upon this document, even for commercial purposes, as long as they credit the creator of this document and license their new creations under the terms identical to the license governing this document.

For more details visit https://cis-india.org/internet-governance/blog/cert-ins-proactive-mandate-a-report-on-indian-computer-emergency-response-teams-proactive-mandate-in-indian-cyber-security-ecosystem

Centre’s order on computer surveillance threatens right to privacy, experts say

Admin — 2018-12-25T00:50:48Z

The Constitutional validity of the notification allowing ten agencies to intercept information is uncertain.

The blog post by Abhishek Dey was published in Scroll.in on December 22, 2018.

A notification issued by the Union Ministry of Home Affairs on Thursday allowing ten agencies to intercept, monitor and decrypt any information generated from any computer poses a grave threat to the fundamental right to privacy, said lawyers and cyber security experts.

The notification led to a political storm on Friday and criticism from the Opposition forced Parliament to be adjourned. However, Union Finance Minister Arun Jaitley accused the Opposition of “making a mountain where a molehill does not exist”. The government on Friday issued a clarification stating that the directive does not confer any new powers on it and has the legal backing of the Information Technology Act.

Experts agreed that Thursday’s notification lists powers already available to the authorities in the Information Technology Act 2000. The legal provisions to allow interception were introduced in 2008 by the Congress-led United Progressive Alliance government. However, with the fresh directive, experts said that the Bharatiya Janata Party-led government seems to be trying to formalise surveillance through the interception of computer information, they said.

“It is true that such [interception] powers already existed,” said Pavan Duggal, a lawyer with expertise in cyber security. “But neither any such formal directives were issued which I know of, nor any agency were specifically notified to have those powers.”

Privacy test

The Information Technology Act 2000 was amended in 2008 to allow to the monitoring and interception of computer information, while the rules under which this would operate were promulgated in 2009. In 2017, the Supreme Court delivered a judgment establishing privacy as a fundamental right. The legal foundation of the computer interception directive could be still be challenged in court because it has not yet been considered in light of the privacy judgment, said Duggal. “It is now a matter of Constitutional validity,” he said

Thursday’s notification lists the agencies authorised to intercept, monitor and decrypt computer data: the Intelligence Bureau, Narcotics Control Bureau, Enforcement Directorate, Central Board of Direct Taxes, Directorate of Revenue Intelligence, Central Bureau of Investigation, National Investigation Agency, Cabinet Secretariat (RAW), Directorate of Signal Intelligence (for service areas of Jammu and Kashmir, North East and Assam) and the Commissioner of Police, Delhi. The Act provides a jail term of seven years for anyone who refuses to cooperate with these agencies.

On Friday, experts questioned whether a notification listing the 10 agencies had actually been issued earlier, as the Centre claimed.

“It is a fresh notification,” said Apar Gupta, a lawyer who specialises in technology and media issues. “With this, interception of computers has received formal acceptance in the public domain and it can have serious implications on privacy.”

Senior officials of the Delhi Police also said this appeared to be a fresh order. Asked if this meant that the agencies would not need to ask for authorisation in every case since a blanket order has been issued, the officials said that this still needs to be clarified.

Lacking proportionality

The order has raised questions about the validity of the cases of interception of computer information conducted by the state police and other security agencies between 2009 (the year the interception rules were promulgated) and 2018 (the year the notification has been issued), Pranesh Prakash, co-founder of the Centre for Internet and Society.

One possibility, he said, may be that they were all unlawful.

But if they were indeed conducted with legal backing, Prakash said, then permission for this would been sanctioned in the form of an order by a competent authority. This is what Rule 3 of the interception rules mandate. But if so, Rule 4, which deals with the government authorising agencies to conduct such interceptions, is redundant. “How can it not be when any state police or other agency is capable of acquiring an order for interception under Rule 3?” he said

Besides, Prakash said, the new directive does not pass the test of proportionality.

In 2007, the Central government introduced rules to amend the Indian Telegraph Act 1951 to allow for information to be intercepted, Prakash said. However, the rules say that the competent authority should resort to interception only after considering all alternative means to acquire information. Thursday’s directive, though, is silent about the circumstances in which interception will be permitted, he said.

For more details visit https://cis-india.org/internet-governance/news/scroll-abhishek-dey-december-22-2018-centres-order-on-computer-surveillance-threatens-right-to-privacy

Centre’s order on computer surveillance is backed by law – but the law lacks adequate safeguards

Admin — 2018-12-24T17:04:22Z

The Information Technology Act’s surveillance scheme furthers a colonial hangover.

The blog post by Nehaa Chaudhari and Tuhina Joshi was published by Scroll.in on December 23, 2018.

On Thursday, the Ministry of Home Affairs issued a statutory order authorising 10 “security and intelligence agencies” to intercept, monitor and decrypt electronic information and communication. A media frenzy soon ensued, with Opposition political parties seizing the notification as evidence that the government was running a surveillance state. The ministry responded with a press release, clarifying that the order was in keeping with Section 69(1) of the Information Technology Act, 2000, and the Information Technology (Procedure and Safeguards for Interception, Monitoring and Decryption of Information) Rules, 2009, proving that the order was sound in law.

Several government officials and Bharatiya Janata Party representatives have since defended this order as being in India’s sovereign and national security interest. They say it will bring transparency and accountability into surveillance, and that is is only an extension of the previous Congress-led government’s policy from 2009.

No doubt, Central and state governments have had the power to intercept, monitor and decrypt any information in any computer resource since 2008, when Section 69 of the Information Technology Act was amended to expand the government’s powers of interception. This amendment was one of many changes introduced to India’s surveillance framework to tackle crime and terrorism in the wake of the 2008 terrorist attacks in Mumbai.

However, the ministry’s December 20 directive is the first time such an order has been introduced under this section; and in this difference between a legislation being on the statute books versus it being implemented lies the reason for collective public outrage. That said, research by the Centre for Internet and Society and SFLC.in shows that the Indian state has long engaged in surveilling electronic communications, and other kinds of interception and monitoring.

While railing against the ministry’s order is very welcome, it is futile if it does not lead to a conversation around the root of the problem – Section 69(1) of the Information Technology Act and the accompanying Information Technology Rules. This section empowers the Central and state governments to authorise government agencies to intercept, monitor or decrypt “any information generated, transmitted, received or stored in any computer resource”. It lays down six grounds on the basis of which such authorisation may be granted. These are:

The preservation of India’s sovereignty or integrity.
The security of the state.
Public order.
Maintaining friendly relations with other countries.
Preventing offences relating to 1. to 4. from being incited or committed.
Criminal investigations.

All authorisation orders issued by the government under Section 69(1) must be reasoned and written, and must be subject to the procedure laid down in the Information Technology Rules. As per these rules, all such orders must be scrutinised by a review committee of the Centre, or the state in question, set up under Rule 419A of the Indian Telegraph Rules, 1951. All review committees set up under Rule 419A comprise only of government secretaries. This means that the executive sits in judgment over its own decisions. This goes against one of the most basic principles of justice and fairness – that no person shall be a judge in their own case.

Threat to privacy

State surveillance threatens individual privacy and must be subject to adequate safeguards. Privacy is a fundamental right guaranteed by the Constitution of India, as recognised by nine judges of the Supreme Court in August 2017. Like all other fundamental rights, the right to privacy is not absolute, and can be restricted. According to the Supreme Court, these restrictions must be: (1) backed by law, (2) for a legitimate state aim, and (3) proportionate.

Consequently, any government order under Section 69(1) of the Information Technology Act must fulfil this three-part test to be constitutional. The absence of judicial or legislative oversight over the executive’s decision-making under Section 69(1) is likely to make it a disproportionate restriction on an individual’s fundamental right to privacy and, therefore, unconstitutional.

Even the government-appointed Justice Srikrishna Committee of Experts, which has been given the task of framing India’s data protection law, was concerned about this lack of legislative or judicial review. This committee has cited Germany, the United Kingdom, South Africa and the United States as countries with adequate procedural safeguards over government surveillance actions. On page 125 of its final report, it has noted, “Executive review alone is not in tandem with comparative models in democratic nations which either provide for legislative oversight, judicial approval or both.”

The Information Technology Act and the Information Technology Rules are but one of many means of government surveillance in India. Similar provisions exist in the Indian Telegraph Act, 1885, the Telegraph Rules, 1951, and the Indian Post Office Act, 1898. These laws are the extension of a colonial legacy, used by a foreign power to keep tabs on an alien population. Disappointingly, the Information Technology Act’s surveillance scheme only furthers this colonial hangover. Indian privacy thought, especially in the past few years, has reflected the idea that we must evolve an Indian privacy framework, grounded in our constitutional values, and tailored to the Indian context. It is about time that our surveillance laws begin to reflect our constitutional values as well.

For more details visit https://cis-india.org/internet-governance/news/scroll-nehaa-chaudhari-and-tuhina-joshi-december-23-2018-centres-order-on-computer-surveillance-is-backed-by-law-but-the-law-lacks-adequate-safeguards

Centre to form panel to 'encrypt' MGNREGA-DBT database and prevent leaks

praskrishna — 2017-07-14T10:46:45Z

Around 5 crore bank accounts of active MGNREGA workers yet to be seeded with Aadhaar.

The article by Sanjeeb Mukherjee was published in the Business Standard on July 14, 2017.

Alarmed over reports of ‘public disclosure’ of sensitive Aadhaar data through various portals and payment gateways, the Centre is in the process of appointing a high-powered panel of almost 20 experts to suggest ways and means through which data, particularly one which can be accessed through the MGNREGA-DBT platform can be encrypted.

Encryption, officials believe, would prevent the Aadhaar data and other related information from falling into wrong hands.

The need for proper encryption of Aadhaar data rose after the government made it mandatory for availing almost all benefits - be it school scholarships, payments of MGNREGA wages, identification of beneficiaries under mid-day meal scheme and even public distribution system along with others.

Ensuring cyber security has become all the more necessary as the Central government, in a notification issued last month, has made it mandatory for all bank accounts to be seeded with Aadhaar numbers by December 31, 2017, or else they would cease to be operational until the time the account holder furnishes his Aadhaar number.

This could seriously hamper payment of wages to MGNREGA workers because as per available information almost 5 crore active workers don’t have their bank accounts seeded with Aadhaar.

To complete the process before December 2017, the ministry of rural development has planned special Aadhaar camps to be held in villages from July 20 to September 2017.

Recently, a website published all confidential details of customers of a private telecom company including Aadhaar numbers and other information.

The breach was another instance of secure confidential information falling into public domain.

Officials of the panel, which would be headed by former NASSCOM head Kiran Karnik are expected to submit their report on the same within the next few months.

Other members of the panel include Director General of National Institute of Smart Governance (NISG), officials from Indian Computer Emergency Response Team (ICERT) and others.

However, cyber security experts believe that encrypting Aadhaar-DBT details mainly for those schemes and programmes which have a direct linkage with the public at this later stage has its own challenges as the entire ecosystem around Aadhaar has grown manifold ever since it was made mandatory for a variety of programmes.

Also, in the absence of a national encryption policy, such a move will have its own legal and regulatory challenges.

“Ever since the government made Aadhaar mandatory for many things, the entire ecosystem around it including the Central Identities Data Repository (the agency which stores Aadhaar data is exposed to leaks,” noted cyber law expert Pawan Duggal told Business Standard.

He said that without a proper national encryption law, it would be extremely challenging to provide legal and regulatory backing to encrypt all Aadhaar- DBT data details for MGNREGA. “Also now that the ‘cat is out of the bag,’ encryption of Aadhaar details will be hugely challenging,” Duggal said.

Already, civil society activists said that after some concern, the central government has removed all Aadhaar numbers and bank details from MGNREGA website, which has made tracking payments difficult.

A recent study by Amber Sinha and Srinivas Kodali from the Centre for Internet and Society (CIS) found that granular details about individuals including sensitive personally identifiable information such as Aadhaar number, caste, religion, address, photographs and financial information are only a few clicks away through government schemes dashboard and portals.

“While initiatives such as the government open data portals may be laudable for providing easy access to government data condensed for easy digestion, however in the absence of proper controls exercised by the government departments the results can be disastrous by divulging sensitive and adversely actionable information about the individuals who are responding units of such databases,” the report said.

It specifically studied two major schemes of the ministry of rural development; the National National Social Assistance Programme and MGNREGA along with some state schemes.

Pointers

a) Centre to form a panel to encrypt all MGNREGA-DBT database to prevent leaks.

b) The panel might also suggest ways and means in which such ‘encryption’ could be applied in other platforms.

c) The panel is expected to be headed by former NASSCOM head Kiran Karnik.

d) The encryption is essential as from January 2018 all non-Aadhaar seeded bank accounts will cease to be operational unless the holders seed them.

e) A recent study found that vivid details about individuals can be easily accessed from government platforms and databases.

f) The MGNREGA database was one such publicly available platform which formed part of the study.

For more details visit https://cis-india.org/internet-governance/news/business-standard-sanjeeb-mukherjee-july-14-2017-centre-to-form-panel-to-encrypt-mgnrega-dbt-database-and-prevent-leaks

Centre for Internet and Society joins the Dynamic Coalition for Platform Responsibility

jyoti — 2014-10-07T10:54:03Z

The Centre for Internet and Society (CIS) has joined the multistakeholder cooperative engagement amidst stakeholders towards creating Due Diligence Recommendations for online platforms and Model Contractual Provisions to be enshrined in ToS. This blog provides a brief background of the role of dynamic coalitions within the IGF structure, establishes the need for the coalition and provides an update on the action plan and next steps for interested stakeholders.

"Identify emerging issues, bring them to the attention of the relevant bodies and the general public, and, where appropriate, make recommendations."
Tunis Agenda (Para 72.g)

The first United Nations Internet Governance Forum (IGF), in 2006 saw the emergence of the concept of Dynamic Coalition and a number of coalitions have been established over the years. The IGF is structured to bring together multistakeholder groups to,

"Discuss public policy issues related to key elements of Internet governance in order to foster the sustainability, robustness, security, stability and development of the Internet."
Tunis Agenda (Para 72.a)

While IGF workshops allow various stakeholders to jointly analyse "hot topics" or to examine progress that such issues have undertaken since the previous IGF, dynamic coalitions are informal, issue-specific groups comprising members of various stakeholder groups. With no strictures upon the objects, structure or processes of dynamic coalitions claiming association with the IGF, and no formal institutional affiliation, nor any access to the resources of the IGF Secretariat, IGF Dynamic Coalitions allow collaboration of anyone interested in contributing to their discussions. Currently, there are eleven active dynamic coalitions at the IGF and can be divided into three distinct types—networks, working groups and Birds of Feather (BOFs).

Workshops at the IGF are content specific events that, though valuable in informing participants, are limited in their impact by being confined to the launch of a report or by the issues raised within the conference room. The coalitions on the other hand are expected to have a broader function, acting as a coalescing point for interested stakeholders to gather and analyse progress around identified issues and plan next steps. The coalitions can also make recommendations around issues, however, no mechanism has been developed so far, by which the recommendations can be considered by the plenary body. The long-term nature of coalition is perhaps, most suited to engage stakeholders in heterogeneous groups, towards understanding and cooperating around emerging issues and to make recommendations to inform policy making.

Platform Responsibility

Social networks and other interactive online services, give rise to 'cyber-spaces' where individuals gather, express their personalities and exchange information and ideas. The transnational and private nature of such platforms means that they are regulated through contractual provisions enshrined in the platforms' Terms of Service (ToS). The provisions delineated in the ToS not only extend to users in spite of their geographical location, the private decisions undertaken by platform providers in implementing the ToS are not subject to constitutional guarantees framed under national jurisdictions.

While ToS serve as binding agreement online, an absence of binding international rules in this area despite the universal nature of human rights represented is a real challenge, and makes it necessary to engage in a multistakeholder effort to produce model contractual provisions that can be incorporated in ToS. The concept of 'platform responsibility' aims to stimulate behaviour in platform providers to provide intelligible and solid mechanisms, in line with the principles laid out by the UN Guiding Principles on Business and Human Rights and equip platform users with common and easy-to-grasp tools to guarantee the full enjoyment of their human rights online. The utilisation of model contractual provisions in ToS may prove instrumental in fostering trust in online services for content production, use and dissemination, increasing demand of services and ultimately consumer demand may drive the market towards human rights compliant solutions.

The Dynamic Coalition on Platform Responsibility

To nurture a multi-stakeholder endeavour aimed at the elaboration of model contractual-provisions, Mr. Luca Belli, Council of Europe / Université Paris II, Ms Primavera De Filippi, CNRS / Berkman Center for Internet and Society and Mr Nicolo Zingales, Tilburg University / Center for Technology and Society Rio, initiated and facilitated the creation of the Dynamic Coalition on Platform Responsibility (DCPR). DCPR has over fifty individual and organisational members from civil society organisations, academia, private sector organisations and intergovernmental organisations and held its first meeting at the IGF in Istanbul. The meeting began with an overview of the concept of platform responsibility, highlighting relevant initiatives from Council of Europe, Global Network Initiative, Ranking Digital Rights and the Center for Democracy and Technology have undertaken in this regard. Existing issues such as difficulty in comprehension and lack of standardization of redress across rights were raised along with the fundamental lack of due process in terms of transparency across existing mechanisms.

Online platforms compliance to human rights is often framed around the duty of States to protect human rights and often, Internet companies do not sufficient consideration of the effects of their business practices on users fundamental rights undermining trust.

The meeting focused it efforts with a call to identify issues of process and substance and specific rights and challenges to be addressed by the DCPR. The procedural issues raised concerned 'responsibility' in decision-making e.g., giving users the right to be heard and an effective remedy before an impartial decision-making body, and obtaining their consent for changes in the contractual terms. The concerns raised around substantive rights such as privacy and freedom of expression eg., disclosure of personal information and content removal and need to promote 'responsibility' through establishing concrete mechanisms to deal with such issues.

It was suggested that concept of responsibility including in case of conflict between different rights could be grounded in Human Rights case law eg., from European Court of Human Rights jurisprudence. It was also established that any framework that would evolve from this coalition would consider the distinction between users (eg., adults, children, and people with or without continuous access to the Internet) and platforms (eg., in terms of size and functionality).

Action Plan

The participants at the DCPR meeting agreed to establish a multistakeholder cooperative engagement amidst stakeholders that will go beyond dialogue and produce concrete proposals. Particularly, participants suggested developing:

Due Diligence Recommendations: Recommendations to online platforms with regard to processes of compliance with internationally agreed human rights standards.
Model Contractual Provisions: Elaboration of a set of principles and provisions protecting platform users’ rights and guaranteeing transparent mechanisms to seek redress in case of violations.

DCPR will ground the development of these frameworks in the preliminary step of compilation of existing projects and initiatives dealing with the analysis of ToS compatibility with human rights standards. Members, participants and interested stakeholders are invited to highlight and share relevant initiatives by 10th October regarding:

Processes of due diligence for human rights compliance;
The evaluation of ToS cocompliance with human rights standards;

Further to this compilation, a first recommendation draft regarding online platforms' due diligence will be circulated on the mailing list by 30th October 2014. CIS will be contributing to the drafting which will be led and elaborated by the DCPR coordinators. This draft will be open for comments via the DCPR mailing list until 30th November 2014 and we encourage you to sign up to the mailing list (http://lists.platformresponsibility.info/listinfo/dcpr).

A second draft will be developed compiling the comments expressed via the mailing-list and shared for comments by 10 December 2014. The final version of the recommendation will be drafted by 30 December. Subsequently, the first set of model contractual provisions will be elaborated building upon such recommendation. A call for inputs will be issued in order to gather suggestions on the content of these provisions.

For more details visit https://cis-india.org/internet-governance/blog/cis-joins-dynamic-coalition-for-platform-responsibility

Centre draws red lines for Whatsapp over fake news, says must comply with Indian laws

Admin — 2018-08-27T14:24:51Z

In a meeting with WhatsApp’s CEO Chris Daniels, Union minister Ravi Shankar Prasad said India put forward several demands, including that the company must have a grievance officer in India and have proper compliance of Indian laws.

The article by Nakul Sridhar was published in the Hindustan Times on August 21, 2018.

The Union government on Tuesday told the Facebook-owned WhatsApp to comply with Indian law, set up an Indian entity, and appoint a grievance officer in India to who people can reach immediately.

The directive comes at a when the government has pulled up the company for fake news spread on the social media platform serving as a contributory factor in several incidents of mob lynching across the country.

Ravi Shankar Prasad, Minister for Electronics and Information Technology, conveyed this to the global head of WhatsApp, Chris Daniels, who is in India this week. This is the first time that the government has spelt out its key expectations from the platform.

“I told him there have been sinister developments like fake news and revenge porn, which are criminal and against Indian laws. I suggested three points: they must have a grievance officer in India; they must comply with Indian laws; and they must have a local, corporate entity in India,” Prasad said.

Daniels, he added, had agreed to the three conditions. WhatsApp did not offer an independent confirmation or respond to questions.

Prasad said he also told Daniels that WhatsApp would have to comply with Reserve Bank of India (RBI) guidelines to start its payments services in India, saying that the firm would have to store the financial data it collects from India within the country.

After at least 30 lynchings in the past one year were linked to rumours and fake news spread through the WhatsApp platform, the IT ministry sent two notices to the company last month, asking it to curb the spread of such messages. WhatsApp’s chief operating officer, Matthew Idema, had met the IT ministry secretary Ajay Sawhneytowards the end of July to discuss the issue of fake news with the ministry and explain the steps it was taking in curbing its spread.

The application made it more difficult to forward media by removing shortcuts, limited the number of people a forwarded message can be sent to at a time to five, and introduced a ‘forwarded’ label for such messages after the push from the government.

Explaining its broad approach, a top government functionary, who asked not to be named, said, “We cannot accept digital imperialism. India is an open society. We have embraced technology and innovation. But no one should think they can come and do as they like. Firms like WhatsApp must conform to our rules, laws, and address problems.”

Reiterating his demand that WhatApp must find “a technological solution” to trace the origin of rumour-mongering messages, Prasad said, “It does not need rocket science to locate a message being circulated thousands and lakhs of times on the same day, on the same issue, in the same district and same state.” He said Daniels agreed to comply.

But experts believe that delivering on these demands will be challenging. “WhatsApp, according to my understanding, does not store metadata (such as phone number sent from) for text messages that are transmitted using their application or via the web client. Unfortunately, WhatsApp does not make this explicit in their public documentation,” said Sunil Abraham, founder of the think tank, Centre for Internet and Society.

“Therefore, many governments erroneously believe that sources of specific messages can be determined by big data analysis similar to the analysis of SMS metadata from telecom operators,” he said.

Metadata includes information such as the sender and recipient, date and time. “Now it would also include whether the message is forwarded,” said Abraham.

For more details visit https://cis-india.org/internet-governance/news/hindustan-times-august-21-2018-centre-draws-red-lines-for-whatsapp-over-fake-news-says-must-comply-with-indian-laws

Centre brings in new safeguards following cases of Aadhaar data leaks on government websites

praskrishna — 2017-06-06T15:41:16Z

The Centre has put in new safeguards following a number of cases of Aadhaar data leaks on government websites. All ministries are being asked to encrypt all Aadhaar data and personal financial details. Also, officials are being "sensitised" about legal consequences of data breach. And every government department is to now have one official responsible for Aadhaar data protection.

The article by Nidhi Sharma was published in the Economic Times on June 2, 2017.

The ministry of electronics and information technology has written to all departments on better data security. ET has reviewed the new guidelines. Aadhaar, a 12-digit unique identity number issued on the basis of biometric data, is linked to a person's bank account and used by government agencies to directly transfer benefits of several social welfare schemes.

Senior officials, who spoke off record, told ET all departments have been asked to immediately review their website content to check if personal data is on display.

A set of 27 dos and 9 don'ts has been circulated on data handling. This includes instructions on masking Aadhaar data and bank details as well as encrypting data. The government has mandated regular audits to check safety of personal data.

The ministry letter says, "It has come to notice there have been instances wherein personal identity or information of residents, along with Aadhaar numbers and demographic information, and other sensitive personal data ... have been published online."

The letter also spells out legal consequences of such data breach and warns the government departments to check future leaks. "Publishing identity information, i.e. Aadhaar number along with demographic information is in clear contravention of the provisions of the Aadhaar Act 2016 and constitutes an offence punishable with imprisonment up to 3 years. Further, publishing of financial information including bank details, being sensitive personal data, is also in contravention of provision under IT Act 2000 with violations liable to pay damages by way of compensation to persons affected."

The move to protect personal data comes after reports that data of 130 million Aadhaar cardholders has been leaked from four government websites. Reports, based on a study conducted by the Centre for Internet and Society (CIS) said Aadhaar numbers and details have been leaked.

For more details visit https://cis-india.org/internet-governance/news/economic-times-june-2-2017-nidhi-sharma-centre-brings-in-new-safeguards-following-cases-of-aadhaar-data-leaks-on-government-websites

Centre blocks 32 websites for security reasons, restores some later

praskrishna — 2015-01-02T14:13:03Z

The Centre on Wednesday asked Internet Service Providers (ISP) to block 32 websites citing national security concerns, especially from terror group ISIS.

The article by S. Ronendra Singh was published in the Hindu Businessline on December 31, 2014. Pranesh Prakash gave his inputs.

The move created a flutter on social networking sites, as most of the Web sites, such as archive.org, vimeo.com, github.com, pastebin.com, codepad.org and paste2.org, were being used by global communities like application developers for free movies and books, coders and text sharing.

By late evening, some sites were restored.

Sources in the Ministry of Telecommunications and Information Technology confirmed the development and told BusinessLine: “It was based on some national security issues, and we cannot compromise with our nation’s security….”

A senior official from the Department of Telecommunications (DoT) said the directive had come from a Mumbai court after the Maharashtra Anti-Terrorism Squad (ATS) had approached it to block some Web sites carrying anti-India content.

The matter came to light after a circular, purportedly sent by DoT to ISPs, showed up on social networking sites, listing the sites, along with some screen shots. Incidentally, the said circular had edited out the letter head, date and the signature below. The ruling Bharatiya Janata Party’s IT cell head, Arvind Gupta, tweeted saying ‘the Web sites that have been blocked were based on an advisory by the Anti-Terrorism Squad, and were carrying anti-India content from ISIS’.

However, later in the evening, Gupta, in his tweet said, some of the Web sites such as vimeo.com have been restored because they have removed ‘objectionable content and/or cooperated with the on going investigations’.

However, the blocked Web sites raised a furore in the social media wherein people said the Government should amend the laws than do such things.

“The problem isn’t just about the specific sites that are blocked; the problem is always about the bad law + process relating to #GoIBlocks,” Pranesh Prakash, Policy Director at Centre for Internet and Society tweeted. He said the 69A Rules (of the IT Act 2000) does not allow for transparency, accountability and time-limits on blocks, so it is easily misused by the Government, the courts and individuals.

For more details visit https://cis-india.org/internet-governance/news/the-hindu-businessline-december-31-2015-s-ronendra-singh-

Central Monitoring System to make government privy to phone calls, text messages and social media conversations

praskrishna — 2013-06-05T09:17:42Z

The government last month quietly began rolling out a project that gives it access to everything that happens over India's telecommunications network—online activities, phone calls, text messages and even social media conversations. Called the Central Monitoring System, it will be the single window from where government arms such as the National Investigation Agency or the tax authorities will be able to monitor every byte of communication.

This article by Indu Nandakumar was published in the Times of India on May 7, 2013. Pranesh Prakash is quoted.

But privacy and Internet freedom advocates are worried that in the name of security, the government could end up snooping on people, possibly abusing a system that does not have enough safeguards to protect ordinary citizens.

"In the absence of a strong privacy law that promotes transparency about surveillance and thus allows us to judge the utility of the surveillance, this kind of development is very worrisome," warned Pranesh Prakash, director of policy at the Centre for Internet and Society. "Further, this has been done with neither public nor parliamentary dialogue, making the government unaccountable to its citizens."

After the Mumbai blasts in November 2008, the government has been arming itself with powers and technology to help it eavesdrop on digital communications. The information technology law, enacted in 2000 and amended twice in 2008 and 2011, gives designated government officials the authority to listen in on phone calls, read SMSes, emails, and monitor websites.

Such access is allowed for purposes of "reasonable security practices and procedures".

However, Pavan Duggal, a Supreme Court advocate specialising in cyber law, said the government has given itself unprecedented powers to monitor private Internet records of citizens. "This system is capable of tremendous abuse," he said. The Central Monitoring System, being set up by the Centre for Development of Telematics, plugs into telecom gear and gives central and state investigative agencies a single point of access to call records, text messages and emails as well as the geographical location of individuals.

Duggal, who closely follows New Delhi's battle with Internet firms, said there hasn't been much details from the government on what exactly the system intends to monitor and under what conditions.

In December 2012, the then information technology minister Milind Deora told Parliament that the monitoring system, on which the government is spending Rs 400 crore, will "lawfully intercept Internet and telephone services".

Work on the system has been kept under wraps for nearly two years. Several government agencies have issued tenders seeking specialised equipment and systems for such monitoring.

As part of modernisation, the home ministry is updating all its offices in state capitals with such gear. C-DOT group head Shikha Srivastava declined comment. Information technology ministry spokeswoman Mamta Verma redirected the queries to Gulshan Rai, director of India's Cyber Emergency Response Team, but Rai declined comment.

With over 100 million users, India is one of the fastest-growing Internet markets in the world. The government has come under criticism from activists for increased censorship and tracking of user records. Internet activist group Anonymous has started raising the pitch against the monitoring system, claiming that security is just a pretext for spying on citizens.

Disclosures by Google show that the number of requests from the government seeking personal information has been on the rise. In the second half of 2012, the government made nearly 2,500 requests, Google said.

"Even legitimate conversations could end up being tracked," cautioned Duggal, the Supreme Court lawyer.

For more details visit https://cis-india.org/news/times-of-india-indu-nandakumar-may-7-2013-cms-to-make-govt-privy-to-phone-calls-text-messages-and-social-media-conversations

Censorship makes India fall two places on global internet freedom chart

praskrishna — 2012-09-27T10:37:47Z

A recently released global report on the internet freedom rated India 39th in 2012, a slip from two places last year.

The article by Dilnaz Boga was published in DNA on September 27, 2012.

The report titled, Freedom on the net 2012 (FOTN): A global assessment of internet and digital media by Freedom House, a Washington-based monitoring group conducted a comprehensive study of internet freedom in 47 countries.

Quoting Bangalore-based Centre for Internet and Society, the report said 309 specific items (URLs, Twitter accounts, img tags, blog posts, blogs, and a handful of websites) have been blocked by the government. But officially, the government has admitted to blocking 245 web pages for inflammatory content hosting of provocative content.

Ketan Tanna, India analyst for Freedom House told DNA, “A reflection of the downward spiral in the freedom on the net that Indians enjoy is evident in the upward revision of scores for India in the FOTN 2012 report. India was one of the only 4 of the 20 countries that “recently experienced declines” and are democracies. The other three are Mexico, Turkey and South Korea.”

Internet usage in India continues to increase, with tens of millions of new users getting online each year. According to the International Telecommunications Union, internet penetration was 10% — or about 120 million people at the end of 2011. Among internet users, 90 million were ‘active,’ accessing it at least once a month (70 million urban and 20 million rural).

The report has mentioned that in India, “amid several court cases regarding intermediaries’ responsibility for hosting illegal content, much evidence has surfaced that intermediaries are taking down content without fully evaluating or challenging the legality of the request”.

Citing an example, Tanna said in December 2011, the website Cartoons against Corruption was suspended by its hosting company after a complaint filed with the Mumbai police alleged that the site’s cartoons ridiculed parliament and national emblems. “As a result of such dynamics, large swaths of online content are disappearing, and the losses are far more difficult to reverse than the mere blocking of a website,” he added.

More common than website blocking is the removal of content based on judicial orders, government directives, and citizen complaints. This phenomenon that has increased in recent years and in some cases, targeted content on political, social, and religious topics, the report said.

The Indian authorities had submitted 68 removal requests covering 358 items between January and June 2011. According to Google, 255 items related to what it categorised as “government criticism,” while 39 involved defamation and 8 pertained to hate speech.

In January, responding to a freedom of information request, the home ministry reported that the government orders 7,500 to 9,000 phone interceptions per month, the report disclosed. Criticising this practice and the government’s disregard for the Constitution, the data revealed, “Established guidelines regulate the ability of state officials to intercept communications, but India lacks an appropriate legal framework and procedures to ensure proper oversight of Intelligence agencies’ growing surveillance and interception capabilities, opening the possibility of misuse and unconstitutional invasion of citizens’ privacy.”

As another method of controlling speech and activism online, governments have imposed temporary shutdowns of the internet or mobile phone networks during protests or other sensitive times. Localised internet shutdowns and mobile phone shutdowns occurred in India due to security concerns, the report said.

For more details visit https://cis-india.org/news/dna-india-sep-27-2012-dilnaz-boga-censorship-makes-india-fall-two-places-on-global-internet-freedom-chart

Censorship and sensibility in India

praskrishna — 2013-03-06T04:09:02Z

The past few weeks in India have seen films, an all-girl rock band, a fashion show, a Booker prize-winning novelist and a reputed academic become targets of harassment, legal action or threats of violence.

This article by Samanth Subramanian was published in the National on February 6, 2013. Pranesh Prakash is quoted.

The most prominent case involved Vishwaroopam, a Tamil film that will be released in Tamil Nadu on Friday after a two-week delay. The film was blocked by the state government after some Muslim groups protested that it depicted Muslims in poor light. The director, Kamal Haasan, had to agree to cut seven scenes.

"The culture of taking offence has acquired an epidemic proportion, and we are moving in a direction where nothing, it seems, is a safe topic," said Salil Tripathi, who wrote the 2009 book Offence: The Hindu Case, on how Hindu fundamentalists have succeeded in censoring and banning many cultural works and teachings.

"If India doesn't step back from this abyss, it will begin to resemble the dictatorships where people speak in coded language, where real thoughts go underground," Mr Tripathi added.

On Sunday, a fashion show in the southern city of Visakhapatnam was cancelled after the Vishwa Hindu Parishad (VHP), a right-wing Hindu group, protested against women modelling dresses bearing images of Hindu deities.

In Delhi, an art gallery had to temporarily shut down on Monday after the VHP called for a ban on a retrospective of the modern nude because the exhibit included "indecent pictures". The VHP's women's wing, the Durga Vahini, harrassed women who were smoking and drinking in a restaurant in Mangalore last week.

Meanwhile, on Sunday, a Muslim cleric in Kashmir a fatwa against Pragaash, an all-girl high school rock band that was deemed "un-Islamic". The band has dissolved, although Omar Abdullah, the chief minister of Jammu and Kashmir, defended them last weekend on Twitter, saying: "I hope these talented young girls will not let a handful of morons silence them."

Last week, the author Salman Rushdie cancelled a visit to a literary festival in Kolkata, citing security concerns after protests by Muslim groups. The fair's organisers subsequently denied having invited him. Yesterday, the Indian Christian Republican Party complained to the police that Kadal, a new movie set in a Tamil Catholic fishing community, shows a framed picture of Jesus Christ being thrown to the floor.

These instances have sparked widespread criticism of what an editorial last week in The Hindu newspaper called India's "flourishing outrage industry". In the International Herald Tribune, the columnist Manu Joseph called modern India "a paradise for those who take offence".

The Indian constitution guarantees freedom of speech and expression, but it is not without caveat. The constitution allows for "reasonable restrictions" on this right, in the interests of "public order, decency or morality".

Further, the Indian Penal Code contains two laws that have been invoked repeatedly to cramp free speech.

Section 295A punishes those who "outrage [the] religious feelings of any class" by spoken, written or visual means, with a fine or a prison term of up to three years.

Section 505(2) promises a similar punishment to those who make "statements creating or promoting enmity, hatred or ill-will between classes" on grounds of religion, caste, language or race.

Nikhil Mehra, a lawyer who practises in the Supreme Court, said both laws are antiquated holdovers from colonial India.

"The problem is that these laws are so broadly worded that cases can be impossible to quash, because it is difficult for a judge to take the view that some piece of speech does not promote enmity between groups," Mr Mehra said.

"I'd say there's no chance that these laws will be struck off the books," he said. "Politically, nobody will do it, because we have such a huge vacuum of leadership that nobody has the guts to step up and suggest such changes."

Pranesh Prakash, policy director at the Bangalore-based Centre for Internet and Society, has extensively analysed cases where these laws are applied in conjunction with India's information technology act, which governs online speech.

"Given India's history of communal violence, it would be extraordinary for courts to directly criticise such laws," Mr Prakash said. But these laws are two among many "patently unconstitutional laws" in India's statute books, he pointed out.

"How could it be constitutional to prevent the free broadcast of news over radio, for instance, or to prohibit speech online that causes 'annoyance'?" Mr Prakash said. "Not only are antiquated and speech-restricting laws not being struck off, more such laws are being added to the statute books all the time."

An example, he said, was section 66a of the information technology act, which aims to curtail "offensive messages" online but is often used to target dissidents and even posts on social media.

For more details visit https://cis-india.org/news/the-national-feb-6-2013-samanth-subramanian-censorship-and-sensibility-in-india

CENSORSHIP 2020: The Future of Free Speech Online

praskrishna — 2012-06-28T10:01:00Z

The DC Chapter of the Internet Society, in conjunction with the U.S. Department of State, invite you to an informal discussion on CENSORSHIP 2020: The Future of Free Speech Online on Monday, June 25, 2012.

Published in Communication, Culture & Technology. For more info, visit here.

The Arab Spring demonstrated how Internet technologies such as Twitter, blogs, and Facebook could be used to mobilize protesters, publicize corruption and human rights violations, and connect activists and emigres. But in Iran , Syria , and elsewhere, we have seen repressive governments use the Internet to identify and track dissidents, to spread disinformation, and defame political opponents. Will the technologies of anonymization win out over new digital monitoring tools? Will new wireless data technologies foster democracy--or lead to more effective tracking and surveillance? Join us for an informal discussion with six people fighting for free speech on the Internet in their country--and around the world:

Dlshad Othman (Syria), an activist and IT engineer providing Syrians with digital security tools
Pranesh Prakash (India), a blogger and cyberlaw expert who is promoting a free Internet and online freedom of speech.
Koundjoro Gabriel Kambou (Burkina Faso), a journalist at Lefaso.net, is promoting human rights, democracy particularly among young people.
Sopheap Chak (Cambodia), the Deputy Director of the Cambodian Center for Human Rights (CCHR) and one of Cambodia ’s leading bloggers.
Andres Azpurua (Venezuela) has trained 300 youth on using Web 2.0 tools to publicize human rights violations.
Emin Milli (Azerbaijan), a writer who is using YouTube, Facebook and Twitter to spread information about human rights violations.

Moderator: Ambassador (ret.) Richard Kauzarlich, Deputy Director, Terrorism, Transnational Crime and Corruption Center (TraCCC), George Mason University, http://traccc.gmu.edu/

Hosted by the Communication, Culture and Technology Program of Georgetown University 2nd Floor, Car Barn, 3520 Prospect St., N.W. , Washington , DC (enter from Prospect St.)

For more details visit https://cis-india.org/news/censorship-2020