We are anonymous, we are legion

The All India Privacy Symposium: Conference Report

natasha — 2012-04-30T05:16:41Z

Privacy India, the Centre for Internet and Society and Society in Action Group, with support from the International Development Research Centre, Privacy International and Commonwealth Human Rights Initiative had organised the All India Privacy Symposium at the India International Centre in New Delhi, on February 4, 2012. Natasha Vaz reports about the event.

The symposium was organized around five thematic panel discussions:
Panel 1: Privacy and Transparency
Panel 2: Privacy and E-Governance Initiatives
Panel 3: Privacy and National Security
Panel 4: Privacy and Banking
Panel 5: Privacy and Health

Introduction

Elonnai Hickok (Policy Advocate, Privacy India) introduced the objectives of Privacy India. The primary objectives were to raise national awareness about privacy, do an in-depth study of privacy in India and provide feedback on the proposed ‘Right to Privacy’ Bill. Privacy India has reviewed case laws, legislations, including the upcoming policy and conducted state-level privacy workshops and consultations across India in Kolkata, Bangalore, Ahmedabad, Guwahati, Chennai, and Mumbai. India like the rest of the world is answering some fundamental questions about the powers of the government and citizen’s rights and complications that arise from emerging technologies. Through our research we have come to understand that privacy varies across cultures and contexts, and there is no one concept of privacy but instead several distinct core notions that serve as complex duties, claims and obligations.

Privacy and Transparency

Panelists: Ponnurangam K, (Assistant Professor, IIIT New Delhi), ), Chitra Ahanthem (Journalist, Imphal), Nikhil Dey (Social & Political Activist), Deepak Maheshwari (Director, Corporate Affairs, Microsoft), Gus Hosein (Executive Director, Privacy International, UK), and Prashant Bhushan, (Senior Advocate, Supreme Court of India).
Moderator: Sunil Abraham (Executive Director, Centre for Internet and Society, Bangalore)
Poster: Srishti Goyal (Law Student, NUJS)

Srishti Goyal provided the general contours, privacy protections, limits to privacy and loopholes of policy relating to transparency and privacy, specifically analyzing the Right to Information Act, Public Interest Disclosures Act, and the Official Secrets Act.

Nikhil Dey commented on the interaction between the right to privacy and the right to information (RTI). He referred to Gopal Gandhi, the former Governor of West Bengal, “we must ensure that tools like the UID must help the citizen watch every move of government; not allow the government watch every move of the citizen.” Currently, the RTI and the UID stand on contrary sides of the information debate. A privacy law could allow for a backdoor to curb RTI. So, utmost care has to be taken while drafting legislation with respect to right to privacy.

Data and information has leaked furiously in India and it has leaked to the powerful. A person who is in a position of power can access private information irrespective of any laws in place to safeguard privacy. It is necessary to look at the power dynamics, which exists in the society before formulating legislation on right to privacy. According to Nikhil Dey, there should be different standards of privacy with respect to public servants. A citizen should be entitled to information related to funds, functions and functionaries. The main problem arises while defining the private space of a public servant or functionaries.

The RTI Act has failed to address the legal protection for the right to privacy. Perhaps, rules regarding privacy can be added to the Act. It can be defined by answering the questions: (i) what is ‘personal information’? (ii) what is it’s relation to public activity or public interest? (iii) what is the unwarranted invasion of the privacy of an individual? and (iv) what is the larger public good? Expanding on these four points can provide greater legal protection for the right to privacy.

Gus Hosein described the intersection and interaction of the right to information and the right to privacy. He referred to a petition filed by Privacy International requesting information on the expenses of members of parliament. Privacy and transparency of the government are compatible in the public interest. Gross abuse of the public funds by MPs was revealed by this particular petition such as pornography or cleaning of moats of MPs homes. Privacy advocates are supporters of RTI, however, it cannot be denied that there is no tension between transparency and privacy. In order chalk out the differences, there is a need of a legal framework. According to Gus Hosein, in many countries the government office that deals with right to information also deals with cases related to right to privacy.

Mumbai and New Delhi police have started using social media very aggressively, encouraging citizens to take photographs of traffic violations and upload them to Facebook or Twitter. In reference to this, Ponnurangam described the perceptions of privacy and if it agreed or conflicted with his research findings. Ponnurangam has empirically explored the awareness and perspective of privacy in India with respect to other countries. He conducted a privacy survey in Hyderabad, Chennai and Mumbai. People are very comfortable in posting pictures of others committing a traffic violation or running a red light. Ironically, many people have posted pictures of police officers committing a traffic violation such as not wearing a helmet or running a red light.

Chitra Ahanthem described the barriers and challenges of using RTI in Manipur. There are more than 40 armed militia groups, which are banned by the central and state government. The central government provides economic packages for the development of the north-east region. However, the state government officials and armed groups pocket the economic packages. These armed groups have imposed a ban on RTI. Furthermore, Manipur is a very small community. If people try and access information through RTI they risk getting threatened by the Panchayat members and being ostracized from the community or their clan.

People are apprehensive about filing RTI because they believe that these procedures are costly and the police and government may also get involved. Officials use the privacy plea to avoid giving out information. Since certain information are private and not in the public domain, government officials, use the defense of privacy to hide information. In addition, the police brutality prevalent in the area deters people to even have interactions with government officials.

According to Deepak Maheshwari, the open data initiative is a subset within the larger context of open information. There is an onus on the government to publish information, which is in the public domain. As a result, one does not necessarily have to go through the entire process of filing an RTI to get information, which is already there in the public domain. Moreover, if it is freely available in public domain, then one can anonymously access such information; this further strengthens the privacy aspects of requesting information and facilitating anonymity with respect to access to such information in the public domain. It has also to be noted that it is not sufficient to put data out in the public domain but it should also disclose the basis of the data for example, if there is representation of a data on a pie chart, the data which was used to arrive at the pie chart should also be available in the public domain. The main intention of releasing data to the public domain or having open data standards should not only be to provide access to such data but also should be in such a fashion so as to enable people to use the data for multiple purposes.

Prashant Bhushan noted that one of the grounds for withholding information in the RTI Act is privacy. An RTI officer can disclose personal information if he feels that larger public interest warrants the disclosure, even if it is personal information, which has no relationship to public activity or interest. This raises the important question, “what constitutes personal information?” He referred to the Radia Tapes controversy. Ratan Tata has filed a petition in the Supreme Court on the grounds that the Nira Radia tapes contained personal information and that the release of these tapes into the public domain violated his privacy. The Centre for Public Interest Litigation has filed a counter petition on the grounds that the nature of the conversations was not personal but in relation to public activity. They were between a lobbyist and bureaucrats, journalists and ministers. Prashant Bhushan stressed the importance of releasing these tapes into the public domain to show glimpses of all kinds of fixing, deal-making and show how the whole ruling establishment functions. It is absurd for Ratan Tata to claim that this is an invasion of privacy. Lastly, he felt when drafting a privacy law, clearly defining and distinguishing personal information and public is extremely important.

One of the interesting comments made during the panel was on the assumption that data is transparent. Transparency can be staged; questions have to be asked around whether the word is itself transparent.

Privacy and E-Governance Initiatives

Panelists: Anant Maringanti, (Independent Social Researcher), Usha Ramanathan, (Advocate & Social Activist), Gus Hosein, (Executive Director, Privacy International, UK), Apar Gupta, (Advocate, Supreme Court of India), and Elida Kristine Undrum Jacobsen (Doctoral Researcher, The Peace Research Institute Oslo).
Moderator: Sudhir Krishnaswamy (Centre for Law and Policy Research)
Poster: Adrija Das (Law Student, NUJS)

Adrija Das discussed the legal provision relating to identity projects and e-governance initiatives in India. The objective of any e-governance project is to increase efficiency and accessibility of public services. However, a major problem that arises is the linkage of the data results in the creation of a central database, accessible by every department of the government. Furthermore, implementing data protection and security standards are very expensive.

Sudhir Krishnaswamy highlighted the default assumptions surrounding e-governance initiatives: e-governance initiatives solve governance problems, increase efficiency, increase transparency and increase accountability. It is important to analyze the problems that arise from e-governance initiatives, such as privacy.

Usha Ramanathan described the increased number and vastness of e-governance initiatives such as UID, NPR, IT Rules and NATGRID. There are also many burdens on privacy that emanate from the introduction and existence of electronic data management systems. Electronic data management systems have allowed state to collect, store and use personal information of individual. Currently, the DNA Profiling Bill is pending before the Parliament. It is important to question the purpose and need for the government to collect such personal information. It is also to be noted that, there are certain laws such as Collection of Statistics Act, 2008 that penalize individuals if they do not comply with the information requests of the government.

Anant Maringanti discussed the limitations of data sharing that once existed. Currently, data can move across space in a very short time. He analyzed the state and market rationalities involved in e-governance initiatives, which raise the question “who can access data and at what price?”. Data may seem to be innocent or neutral, but data in the hands of wrong people becomes very crucial due to abuse and misuse. For example, Andhra Pradesh was praised as the model state for UID implementation. However, during the process of collecting data for UID a company bought personal information and sold the data to third parties.

Apar Gupta discussed the dilemmas of e-governance. Generally information in the form of an electronic record is presumed to be authentic. The data which government collects is most often inaccurate and wrong. So the digital identity of a person can be totally different from the real identity of that particular person. The process for correcting such information is also very inconvenient and sometimes impossible.
Under the evidence law any electronic evidence is presumed to be authentic and admissible as evidence. The Bombay High Court decided a case involving the authenticity of a telephone bill generated by a machine. The judgment said that since it is being generated by a machine, through and automated process, there is no need to challenge the authenticity of the document, it is presumed to true and authentic. The main danger in such case is that one does away with the process of law and attaches certain sanctity to the electronic record and evidence.

It should be also observed that how government maintains secrecy as to the ways in which it collects data. For example, the Election Commission has refused to disclose the functioning and design of electronic voting machines. The reason given for such secrecy is that if such information is put in the public domain then the electronic voting machines will be vulnerable and can be tampered with. But we, who use the voting machines, will never find out its vulnerabilities.

According to Gus Hosein, politicians generally have this wrong notion that technology can solve complex administrative problems. Furthermore, the industry is complicit; they indulge in anti-competitive market practice to sell these technologies as a solution to problems. However, such technology does not solve any problems rather it gives rise to problems.

Huge amount of government funds is associated with collection of personal data but such data is rendered useless or rather misused, because the government does not have clue as to how to use the data for development and security purposes. The UK National Health Records project estimated to cost around twelve to twenty billion pounds. However, a survey carried out by a professor in University College London showed that the hospital and other health institutions do not use the information collected by the National Health Records. Similarly, the UK Identity Card scheme was estimated to cost 1.3 billion pounds and finally it was estimated to cost five billion pounds. The identity cards are rendered obsolete, the sole department interested in the identity card was the Home Office Department, no other department intended on using it.

Technology should be built in such a manner that it empowers the individual. Technology should allow the individual to control his identity and as well as access all kinds of information available to the government and private bodies on that individual.

According to Elida Kristine Undrum Jacobsen, technology is regarded in this linear manner. It is increasingly being naturalized and as an all-encompassing solution. The use of biometric systems in the UID raises three areas of concern: power, value and social relationships.

With regards to power, there is a difference between providing documentation and information for identification. However, problems arise when the mode of identification becomes one’s body. It also leads to absolute reliance on technology, if the machine says that this is an individual’s identity then it is considered to be the absolute truth and it does not matter even if the individual is someone else. It becomes furthermore problematic with biometric system because it is generally used for forensic purposes.

The other component of UID or any national identification scheme is the question of consent and its relationship to privacy. In the case of UID project, people are totally unaware about how their information will be used and what purposes can it be used or misused for. Therefore, there is no informed consent when it comes to collection of biometric data under the UID project.

On the issue of social value it is to be noted that the value of efficiency becomes the most important value, which is valued. Many of the UIDAI documents state that the UID will provide a transactional identity. However, at the same time it takes away societal layers, which is inherently part of one’s identity. In addition, it makes it possible for the identity of a person to become a commodity to be sold. This also means that the personal information has economic value and players in the market such as insurance companies, banks can buy and sell the information.

When there is identification projects using biometrics it gives the State a lot of power; the power to determine and dictate one’s identity irrespective of the difference in real identity. Moreover, when such identifications projects are carried out at a national level it also gives rise to problem related to exclusion and inclusion of people or various purposes. The classification of the society based on various factors becomes easy and there is a huge risk involved with such classification.

The issues, which came out from the Q&A session, were:

The interplay between fairness and lawfulness in the context of privacy and data collection. There has to be a question asked as to why certain information is required by the State and how is it lawful.
In the neo-liberal era corporations are generally considered to be private. This has to be questioned and furthermore the difference between what is private and what is public. There are also concerns about corporations increasingly collaborating with the State. Can it be still considered as private?

Privacy and National Security

Panelists: PK Hormis Tharakan (Former Chief of Research and Analysis Wing, Government of India), Saikat Datta (Journalist), Menaka Guruswamy, (Advocate, Supreme Court, New Delhi), Prasanth Sugathan, (Legal Counsel, Software Freedom Law Center), and Oxblood Ruffin, (Cult of the Dead Cow Security and Publishing Collective).
Moderator: Danish Sheikh (Alternative Law Forum)
Poster: Suchitra Menon (Law Student, NUJS)

Suchitra Menon discussed the legal provisions for national security in relation to privacy. Specifically, she described the guidelines and procedural safeguards with respect to phone tapping and interception of communication decisional jurisprudence.

In the year 2000, the Information Technology Act (IT Act), 2000 was enacted, this Act had under section 69 allowed the State to monitor and intercept information through intermediaries. Prasanth Sugathan described how the government has been trying to bypass the procedural safeguard laid down by the Supreme Court in the PUCL case by using Section 28 of the IT Act, 2000. The provision deals with certifying authority for digital signatures. The certifying authority under the Act also has the authority to investigate offences under the Act. The provision mainly deals with digital signature but it is used by the government to intercept communication without implementing the procedural safeguards laid down for such interception. Furthermore, the IT Rules which was notified by the government in April, 2007 allows the government to intercept any communication with the help of the intermediaries. The 2008 amendment to the IT Act was an after effect of the 26/11 attacks in Mumbai. The legislation has become draconian since then and privacy has been sacrificed to meet the ends of national security.

Oxblood Ruffin read out his speech and the same is reproduced below.

“The online citizenry of any country is part of its national security infrastructure. And the extent to which individual privacy rights are protected will determine whether democracy continues to succeed, or inches towards tyranny. The challenge then is to balance the legitimate needs of the state to secure its sovereignty with protecting its most valuable asset: The citizen.

It has become trite to say that 9/11 changed everything. Yet it is as true for the West as it is for the global South. 9/11 kick started the downward spiral of individual privacy rights across the entire internet. It also ushered in a false dichotomy of choice, that in choosing between security and privacy, it was privacy that had adapted to the new realities, or so we’ve been told.

Let’s examine some of the fallacies of this argument.

The false equation which many argue is that we must give up privacy to ensure security. But no one argues the opposite. We needn’t balance the costs of surveillance over privacy, because rarely banning a security measure protects privacy. Rather, protecting privacy typically means that government surveillance must be subjected to judicial oversight and justification of the need to surveillance. In most cases privacy protection will not diminish the state’s effectiveness to secure itself.

The deference argument is that security advocates insist that the courts should defer to elected officials when evaluating security measures. But when the judiciary weighs privacy against surveillance, privacy almost always loses. Unless the security measures are explored for efficacy they will win every time, especially when the word terrorism is invoked. The courts must take on a more active role to balance the interests of the state and its citizens.

For the war time argument security proponents argue that the war on terror requires greater security and less privacy. But this argument is backwards. During times of crisis the temptation is to make unnecessary sacrifices in the name of security. In the United States, for example, we saw that Japanese-American internment and the McCarthy-era witch-hunt for communists was in vain. The greatest challenge for safeguarding privacy comes during times when we are least inclined to protect it. We must be willing to be coldly rational and not emotional during such times.

We are often told that if you have nothing to hide, you have nothing to fear. This is the most pervasive argument the average person hears. But isn’t privacy a little like being naked? We might not be ashamed of our bodies but we don’t walk around naked. Being online isn’t so different. Our virtual selves should be as covered as our real selves. It’s a form of personal sovereignty. Being seen should require our consent, just as in the real world. The state has no business taking up the role of Peeping Tom.

I firmly believe that the state has a right and a duty to secure itself. And I equally believe that its citizens are entitled to those same rights. Citizens are part of the national security infrastructure. They conduct business; they share information; they are the benefactors of democratic values. Privacy rights are what, amongst others, separate us from the rule of tyrants. To protect them is to protect and preserve democracy. It is a fight worth dying for, as so many have done before us.

PK Hormis Tharakan discussed the importance of interception communication in intelligence gathering. In the western liberal democracies, restrictions of privacy were introduced for the anti-terrorism campaigns and these measures are far restrictive than what the Indian legislations contemplate. Preventive intelligence is a major component in maintenance of national security and this intelligence is generated and can be procured through interception.

We do need laws to make sure that the power of interception is not excessive or out of proportion. But the graver issue is that the equipment used for interception of communication is freely available in the market at a cheap price. This allows private citizens also to snoop into others conversation. So, interception by civilians should be the main concern.

Menaka Guruswamy discussed the lack of regulation of Indian intelligence agencies that creates burdens on privacy. When there is a conflict between individual privacy and national security, the court will always rule in favour of the national security. Public interest always takes precedence over individual interest.

When there is a claim right to privacy vis-à-vis national security, generally these claims are characterized by dissent, chilling effects on freedom of expression and government accountability. In India, privacy is fragile and relatively a less justifiable right. Another challenge to privacy is that, when communication is intercepted, which part of the conversation can be considered to be private and which part cannot be considered so.

Saikat Datta described his experience of being under illegal surveillance by an unauthorized intelligence agency. When a person is under surveillance, he or she is already considered to be suspect. If the State commits any mistake as to surveillance, carrying surveillance, who is not at all a person of interest in such case upon discovery, there is no penalty for such discrepancy.
He warned of the dangers of excessive wiretapping, a practice that currently generates such a “mountain” of information that anything with real intelligence value tends to be ignored until it is too late, as happened with the Mumbai bombings in 2008. It is clear that the Indian government’s surveillance and interception programmes far exceed what is necessary for legitimate law enforcement.

The issues, which came during the Q&A session was:

In case of national security vis-à-vis privacy in heavily militarized zone, legislations such as Armed Forces Special Powers Act actually give authority to the army to search and seizure on mere suspicion? This amounts gross violation of privacy.

Privacy and Banking

Panelists: M R Umarji, (Chief Legal Advisor, Indian Banks Associations), N A Vijayashankar, (Cyber Law Expert), Malavika Jayaram, (Advocate, Bangalore)
Moderator: Prashant Iyengar (Associate Professor, Jindal Law University)
Poster: Malavika Chandu (Law Student, NUJS)

Prashant Iyengar highlighted how privacy has been a central feature in banking and finance. Even before the notion of privacy came into existence, banks had developed an evolved notion of secrecy and confidentiality, which was fairly robust. Every legislation dealing with banking and finance generally have a clause related to privacy and confidentiality. It might seem that it would be easy to implement privacy in banking and finance given the long relationship between banking and secrecy and confidentiality. However, this is not the case in the contemporary times. Specifically, with the growth in issues related to national security, transparency and technology, the highly regarded notion of privacy seems to be slowly depleting.

Malavika Chandu described the data protection standards that govern the banking industry. As part of the know-you-customer guidelines, banks are required to provide the Reserve Bank with customer profiles and other identification information. Lastly, she described case laws in relation to privacy with respect to financial records.

N A Vijayashankar noted that the confidentiality and secrecy practices in the banking sector emanate from the banker-customer relationship. In the present context, secrecy and privacy maintained by the banks should be analyzed from the perspective of the right of the customer to safeguard his or her information from any third party. Generally, banks and other financial institutions protect personal information as a fraud control measure and not as duty to protect the privacy of a customer.

There has been a paradigm shift in banking practices from traditional banking practices to more efficient but less secure banking practice. Some of the terms and conditions of internet banking are illegal and do not stand the test of law. In contemporary times, banking institutions use confidentiality to cover up problems and data breach rather than protecting the customer. But the banks are not ready to disclose data breach as it apprehends that it will result in public losing faith in the system. The Reserve Bank of India, has recently notified that protection which is provided to the customers in banking services should also be extended to e-banking services. However, the banks have not properly implemented this.

M R Umarji highlighted fourteen laws related to banking which carries confidentiality clauses. In India, public sector banks dominate the market. These banks are created under a statute and such statute governs them. Therefore, they are duty bound to maintain secrecy and confidentiality. Private banks and cooperative banks are not bound by any statute. They do not have any obligations to maintain secrecy, but they do strictly observe confidentiality as a form of banking practice.

Banks are not allowed to reveal any personal information of an individual unless it is sought by some authority that has a legitimate right to claim such information. There has been a constant erosion of confidentiality due to various laws which empowers authorities to seek confidential information from the banks. Recently, in the light of the growing national security concerns, banks also have an obligation to report suspicious transactions. These have caused heavy burdens on right to privacy of an individual.

Under the Right to Information Act, 2005 public sector banks are considered to be public authorities. By the virtue of the Statute, any person can access information from banks. For example, in a recent case an information officer directed Reserve Bank of India, to disclose Inspection Reports. These reports generally contain information regarding doubtful accounts, non-performing account, etc. There is a need that banks should be exempted from the Right to Information Act, 2005. Since they are not dealing with public funds there is no need to apply transparency law to the banks.

Malavika Jayaram described the major conflicts and tensions with respect to privacy vis-à-vis banking and financial systems and financial data. Other privacy and transparency issues include: the publication of online tax information and income data.

Surveillance is built in the design of banking system, so it is capable of tracking personal information and activity. There is a need to implement more privacy friendly and privacy by design systems in the banking sector. Customers are generally ignorant about privacy policies and this influences informed consent and furthermore marketing institution may influence customers to behave in a particular manner. In this context privacy by design becomes very important.

Data minimization principles should be applied; since the more data collected the more there is a risk of data breach and misuse. In case of data retention it is necessary that person giving such data should know how much proportion of the data is being retained and for how long it is stored and also what is the scope of the data and for what purpose will it be used.

Personal information and data, which was previously collected by the government, are gradually being outsourced to private bodies. On one hand it is a good thing that private sector get their technology and security measures right as compared to the government agencies but it comes with the risk that it can be sold out by private bodies as commodities in the market. Private bodies that are harvesting the data can also be forced by the government to disclose it under a particular law or statute without taking into consideration the consent of the individual whose personal information is sought for.

There is multiplicity of documentation for identification, which makes transactions less efficient. This has attracted customers to more convenient systems such as one-access point systems, but people tend to forget the issues related to privacy, in using such a system. What is portrayed as efficient for the consumer is a tool for social control and who has access and authority to use such information.

Often the reason given for collecting information is that it will help the service provider to combat fraud. However, studies have shown people more often fake situation rather than identity. The other concerns are that of sharing of information and lack of choice with respect to such sharing. There should be check as to sharing of personal information as the data belongs to the individual and not the bank or any other institution which requires furnishing personal information in lieu of services. This gives rise to a binary choice to the user; either the individual has to provide information to avail the service or else one cannot avail the services.

There is supposed to be market for privacy. The notion of personal information is subjective and varies from person to person. For example, one might be comfortable to share certain information. However, others might not be.

The issues that came out of the Q&A sessions are:

The default settings are generally put at the low protection settings. Unless the user is aware of the privacy protection setting, he or she is prone to breach of privacy. Should the default privacy setting be set to maximum security and option can be given to the user to change it according to his or her preference?
Is there any system in the banks, which allows the customers of bank to know about which all third parties the bank has shared his or her personal information with?

Health Privacy

Panelists: K. K. Abraham, (President, Indian Network for People with HIV), Dr. B. S. Bedi, (Advisor, CDAC & Media Lab Asia), and Raman Chawla, (Senior Advocacy Officer, Lawyers Collective).
Moderator: Ashok Row Kavi (Journalist and LGBT Activist)
Poster: Danish Sheikh (Researcher, Alternative Law Forum)

Danish Sheikh outlined the possible health privacy violations. These included the disclosure of personal health information to third parties without consent, inadequate notification to a patient of a data breach, the purpose of collecting data is not specified and improper security standards, storage and disposal. The disclosure of personal health information has the potential to be embarrassing, stigmatizing or discriminatory.

Subsequently, Danish Sheikh examined the status of sexual minorities’ vis-à-vis the privacy framework. Culling out some real life examples based on various studies, media reports and judgments from the Supreme Court and the High Courts of Delhi and Allahabad, he also described privacy violations committed by both individuals as well as state authorities.

Ashok Row Kavi recounted how privacy was very contextual when debating section 377 in the LGBT community. The paradigm upon which they were going to fight the anti-sodomy law was that it was consenting sex between two adults in private space. However, this paradigm was not well received by women, as women did not see private space as safe space, due to domestic violence. Perceptions of privacy are very subjective and it differs from person to person.

Raman Chawla recounted the history of the Draft HIV/AIDS Bill. In 2002, the need for law related to HIV/AIDS was realized in order to protect right to consent, right against discrimination and right to confidentiality of HIV patients. The bill was finalized in the year 2006. Alarmingly, it is yet to be tabled before the Parliament.

The privacy provisions in the HIV bill clearly state that no person can be tested, treated or researched for HIV without the consent of the patient. It also casts that in a fiduciary relationship the health care provider must maintain confidentiality, however if the patient provides written consent then their status may be disclosed. The HIV condition of the patient can also revealed by the doctor if there is a court order demanding such disclosure. The doctor may disclose the status of the patient to his or her partner but he has to follow a particular protocol. The doctor should have sufficient belief that his or her partner is at risk of contracting HIV. The person who is infected will be asked for his/her views and counseled before his/her partner is informed. However, there are doubts as to the implementation and enforcement of this protocol.

Conclusion

Natasha Vaz (Policy Advocate, Privacy India) brought the symposium to a close by thanking the partners, the panelists, the moderators and the participants for their sincere efforts in making the All India Privacy Symposium a grand success. In India, a public discussion regarding privacy has been long over due. The symposium provided a platform for dialogue and building greater awareness around privacy issues in health, banking, national security, transparency and e-governance. Using our research, expert opinions, personal experiences, questions and comments various facets of privacy were explored.

Press Coverage

The event was featured in the media as well:

India needs an independent privacy law, says NGO Privacy India, Economic Times, February 2, 2012
New Bill to decide on individual’s right to privacy, Tehelka, February 6, 2012
Lack of strong privacy law in healthcare a big worry, Daily News & Analysis, February 13, 2012
Privacy concerns grow in India, Washington Post, February 3, 2012

Click to download the Agenda and Profile of Speakers (PDF, 1642 Kb)

Download the PDF (555 Kb)
Follow the webcast of the event

For more details visit https://cis-india.org/internet-governance/all-india-privacy-delhi-report

The High Level Privacy Conclave — Conference Report

natasha — 2012-04-30T09:46:12Z

Privacy India, the Centre for Internet and Society and the Society in Action Group, with support from IDRC and Privacy International, have spent 18 months studying the state of privacy in India, and conducting consultations across India in Kolkata, Bangalore, Ahmedabad, Guwahati, Chennai, and Mumbai. On February 3, 2012, a high-level conclave was held in New Delhi with representatives from government, industry, media, and civil society participating in the event. At the conclave the discussions were focused on Internet Privacy, National Security & Privacy, and the future of Privacy in India.

Rajan Gandhi, CEO, Society in Action Group, opened the conference with an explanation of the mandate of Privacy India, which is to raise awareness, spark civil action, and promote democratic dialogue around privacy challenges and violations in India. He raised the question of whether Indians are concerned about privacy, while citing examples of banking institutions and telecom service providers, who ask for information more than required, such as marital status, financial status, etc. Lastly, he stressed the need for legislation and awareness about right to privacy.

Panel 1: National Security and Privacy

Malavika Jayaram (Advocate, Bangalore) moderated the first panel discussion on “National Security and Privacy”. The panel comprised of Manish Tewari (Member of Parliament, Ludhiana), PK Hormis Tharakan (Former Chief of Research and Analysis Wing, Government of India), Gus Hosein (Executive Director, Privacy International, UK), Vakul Sharma (Advocate, Supreme Court), Eric King (Human Rights and Technology Advisor, Privacy International, UK), Amol Sharma (Journalist, Wall Street Journal).

Malavika Jayaram started the discussion by posing the question as to what in their view is ‘national security’ and when can it be cited by the government to intrude upon our privacy? In response, the panel gave multiple views while agreeing that it is an abstract term. Gus Hosein, in response said that national security does not only mean protecting the national border of a nation, but also protecting the rights of the citizen. He also noted that national security is always implemented in a top-down manner. Thus, unfortunately national security has become the stick, which is used to beat down on people’s right.
PK Hormis Tharakan defined national security as the security of people and property. National security includes all the efforts of the government to raise poor above the poverty line. He also stated that anything that hinders the process of alleviating poverty is a matter of ‘national security’.

Manish Tewari stated that there is a need for legislation to address the various issues of violation of privacy. Specifically, he addressed the need of an independent oversight committee to put a check on the unrestricted powers of the law enforcement and intelligence agencies and the practice of intercepting communications on the grounds of national security. He pointed out that the rules, formulated by the Supreme Court in PUCL v. Union of India on interception of communication, are rarely implemented, and the guidelines are implemented more as an exception rather than a rule. The interception of communication by intelligence agencies should be regulated for a larger national interest.

Manish Tewari also observed that there is a nationwide lack of understanding about new technologies and judges are very rarely technologically literate. This has created a situation in which the government's efforts to fight crime and terrorism by intercepting communications has horribly backfired. By building backdoors into communications systems to allow lawful access, and by restricting cryptography to a 40-bit limit, the authorities have created serious vulnerabilities in India's communications system that can be easily exploited by any malicious third party or foreign government.

Privacy Protection

The panel discussion then moved on to the various tools for protecting privacy such data encryption. Amol Sharma referred to the process followed in the USA for interception of communication. Surveillance in the United States can be carried out by government agencies only on the basis of a court order or a warrant. He noted that in the US regime there is at least an independent body that gives orders of interception of communication. In comparison, in India, the power to authorize wiretaps lies with the government.

Amol Sharma also pointed out that, there are at least 5000-7000 interception requests from the government, out of which only three to five per cent requests for interception of communication are for white-collar crime. He cited the example of the government asking Research in Motion to provide their encryption keys and also provide a room in their offices for the purpose of interception of communication. He stated that he was very skeptic that terrorists will be using Blackberry services for communication, considering that there are many more convenient and untraceable means available to them such as Skype. He asserted that there is need of legislation for regulation and restricting invasion of privacy. He said, “National security is not a free ticket for any kind of wiretap”.

Concerns about Third Party Intrusion

Eric King noted that national security exists so that individuals can protect themselves from any kind of intrusion. Interception of communication is not only limited to government, equipment for interception of mobile phone calls are easily available and also affordable. So any individual can intercept calls. The notion that interception is only limited to the state is not true, it can be carried out by individuals as well. Heavily criticizing the restriction on encryption in India, he said that the people should be given the power to protect their own privacy. He also harped on the possibility that not only citizens are at risk also government high officials and military personnel can be targeted due to the low level of encryption.

Contributing to the conversation, Manish Tewari pointed out that while trying to intercept the mobile phone calls of an individual, the State could listen in to anyone’s conversation within the vicinity; hence there are gross privacy violations.

Gus Hosein added that the problem lies at a more basic level. Governments generally order telecom companies to build back door for the purposes of interception. These vulnerabilities in the system are not only used by the government, but also may be misused by third parties. He cited an incident in Greece, where the government asked a telecom service provider to build backdoors into the system. A third party was able to access the back door, during the Athens Olympics, when security was of utmost importance. He also said, “If you build a system that allows the state to listen in to communications, you build national security vulnerability”. This was followed by a Question & Answer session. The issues raised during the Q&A session were:

Nature of consent given by the user to the telecom service provider. Taking into consideration that service providers have a duty to disclose the user data to the government on request. A situation which gives rise to a binary choice, either use the services or do not use it at all.
At the wake of breaches in cyber-security, the use of general consumer e-mails by high government officials causes serious threat to nation’s security.
Lack of technical know-how among the government officials.
If government is inept in handling technology, then are there any concerns about public private partnership and outsourcing of governmental duties. (For example, UID).
Collection and collation of information by organizations such as NATGRID. Are they vulnerable to misuse?

In the concluding statement of the first panel discussion, Gus Hosein, made the argument that there cannot be a balance between right to privacy and national security, as the former is an individual right and the latter a community right. Community interest will always take precedence over individual right. National security is always the excuse given by government for invading individual privacy.

Panel 2: Internet and Privacy

Sunil Abraham (Executive Director, The Centre for Internet and Society, Bangalore) moderated the second panel discussion on “Internet and Privacy”. The panel comprised of Deepak Maheshwari (Director, Corporate Affairs, Microsoft), Amitabh Das (General Counsel, Yahoo! India), Ramanjit Singh Chima (Sr. Policy Analyst, Google), Talish Ray (Board Member, Software Freedom Law Center), and Vinayak Godse (Director- Data Protection, DSCI).

Defining Privacy

Sunil Abraham asked the panel questions with respect to defining privacy in the context of physical privacy and spatial privacy. In response, Amitabh Das said that the right to privacy of individuals should be protected in a similar fashion online, as it is protected offline. Referring to safeguards under PUCL v. Union of India (SC, 1996), he observed that communication and behavior on the Internet should be free from monitoring and interception. The procedural safeguards offline should be also present online.

Key Escrow Regime

Deepak Maheshwari talked about the inconsistencies in the encryption standards in India. For example, in case of ISP licensees, there is a 40-bit restriction (symmetric key). In case of adopting higher-level encryption, the ISP has to take permission from the government and deposit both the keys to the government.

He also pointed that online railway ticket booking services use 128-bit encryption. RBI mandates 128-bit encryption for online banking transaction. SBI recommends 64-128 bit encryption. The multiple regulations make it impossible to abide by the rules.

Anonymity and Pseudonymity

Sunil Abraham, while setting the context to India, where the government has taken stringent measures to cut down on anonymity and pseudonymity, asked the question whether such a step is welcomed by the internet users as well as intermediaries. Ramanjit Singh Chima, in reply said that for any business, it is necessary to give what the user wants. Real identity provides a better platform for discussion. He also discussed the choices provided by Google, mainly search without login, encrypted searches so it gives the user to be anonymous. He also noted that there are legal as well as technical restraints as to anonymity on the Internet. He also cited the example of Korea, where the government mandated real name verification process for posting comments on the Internet. Google was not able to comply with this request and had to disable comment section in Korea.

Data Privacy

Vinayak Godse analyzed the issue of data privacy in detail. He stressed upon the need of data privacy law in the country for the outsourcing industries. The European Union (EU) data protection laws govern most of the clients of firms that outsource. EU considers India is not a data safe country due to lack of data privacy legislation. He suggested that the data privacy law should be pragmatic, light touch and should allow industry self-regulation.

Conclusion

The High Level Privacy Conclave discussed various issues related to Internet and privacy and national security and privacy. The various concerns raised by the stakeholders were helpful in understanding the problems related to privacy. The main concerns raised by the first panel were about the interaction and relation of national security to privacy. The major concerns around national security and privacy were of data encryption vis-à-vis surveillance by the State and third party intrusion. There was also an attempt made to understand and define national security in the context of its ambit and when can it be used by the State to access private information. The second panel discussed various aspects of privacy on the Internet. The panel included discussions on anonymity and data privacy on the Internet.

We thank the moderators, panelists and participants for making High Level Privacy a constructive and a fruitful session on privacy and it also gave us insight to understand the problems related privacy and a way forward for possible solutions.

Download the PDF (195 Kb)

Click for the agenda and speakers profile.

For more details visit https://cis-india.org/internet-governance/high-level-privacy-report

Braitenberg Cybernetic Vehicles: Workshop, Film Screening & Discussion

praskrishna — 2012-07-30T13:13:31Z

The Metaculture Media Lab at the Centre for Internet & Society, Bangalore is organizing a fun event, next Saturday, April 14, 2012. The event will begin at 2.30 p.m. and will end at 6.00 p.m.

A tentative schedule of the event in three parts:

A short presentation about Braitenberg Vehicles :
It is based on a thought experiment by Italian cyberneticist, in his book : ''Vehicles: Experiments in Synthetic Psychology'' where 'vehicles' with simple sensorimotor capabilites display interesting life-like behaviour WITHOUT the need for internal memory, representation of the environment, or inference. (Basically none of the task based hyper robotic coding/processing) Read more about it here on the wiki page : http://en.wikipedia.org/wiki/Braitenberg_vehicle
This will be followed by a quick Hands-on-proactive-workshop, where we will build some simple Braitenberg Vehicles, using common motors, wheels, and light sensors, and watch them interact and play with each other.
- The Technically inclined might ( Well If you don't know electronics, the block digram will be self explanatory anyway) have fun teaching eachother how to couple motors with light sensors. Designers can also contribute to the interaction paradigm/visuals. While others may chill in the shady part of the lawn with juice, until the vehicle action starts)
Finally, a film screening followed by a short discussion about it , revisiting our ideas about robots, autonomous vehicles, transport, society and policy, possibly moderated by volunteers/students/citizen researchers in this field, in a dialogue with the rest of the audience.

Additionally , if anyone want to build their own vehicles to take home, please email yelena@cis-india.org (by April 10) for instructions on what to pick up from SP Road.

For more details visit https://cis-india.org/internet-governance/cybernetic-vehicles

A beauty’s blog creates furore

praskrishna — 2012-04-11T03:50:47Z

Her first Tamil poetry anthology Otraiyilaiyena (As a single leaf) saw three editions and the second one Ulagin Azhagiya Muthal Penn (The first beautiful woman in the world) invited mixed reactions like Iyal Poetry Award and a call for a ban by Hindu Makkal Katchi. Parathaiyarul Raani (Queen of sluts) her third collection was a reaction to all the moral policing.

Lakshmi Krupa's article was published in Deccan Chronicle on April 10, 2012

While her film Sengadal The Dead Sea was stopped from being screened to the public, until the Supreme Court’s Appellate tribunal intervened with regional censor board for the film clearance, groups like the Makkal Kalai Ilakiya Kazhagam attacked her beliefs. Adding to this list is the latest revelation that the Principal Secretary of IT Department of the Tamil Nadu government requested that her blog be blocked along with a host of others.

In a text sent from A.K. Kaushik, Additional Director & CPIO Cyber Laws & E-Security in response to an RTI petition on Website Blocking, it was reported that Leena’s blog http://ulaginazhagiyamuthalpenn.blogspot.com was requested to be blocked on 21.07.2010 by the Principal Secretary, IT Department.

This recent revelation has led to an outrage over the fact that artists and activists like Leena have had to constantly knock on the doors of the legal system to exercise the most basic of their rights. In an interview from London where she is currently the Charles Wallace Visiting Scholar at the University of London, Leena says, “Center for Internet and Society in Bengaluru that works towards upholding Civil Liberties Online, had obtained a list of all websites that were sought to be blocked by Governmental authorities with the use of Right to Information Act.

They sent me all the details on how my blog was one amongst them as the Principal Secretary, IT Department, Govt of TN had asked for it to be blocked. As the Internet’s role in free speech becomes increasingly prevalent, tactics to control the Internet are growing more refined each year. Methods of accessing private data and censoring content vary between countries, but all maintain an element of oppression. We, who are concerned about civil liberties should wake up to the secret missions of our government on Internet Censorship and protect freedom of speech online.”

Leena’s blog has been in the center of controversies before too. “Hindu Makkal Katchi, the right wing moral police lodged a police complaint to ban my poetry collections and ban my blog ulaginazhagiyamuthalpenn. blogspot.com. They went to every possible media house and were making threat calls and there were discussions on the alleged obscenity in my poems. They even wanted the Iyal International Poetry Prize and Sirpi Literary Awards to be revoked.”

Leena’s poetry challenges fanatic minds. “My poetry has a feminist agenda and it is just not about equal rights for women. It is a socialist, anti-institutional political movement which calls for women to break the code, destroy capitalism, live their sexuality and witch hunt every possible patriarchal design. I am not amused about the fact that my poetry gave jitters to ultra blasphemous right and left wingers,” she concludes.

For more details visit https://cis-india.org/news/beauty-blog-creates-furore

Konkan Corridor Project — A Lecture by Vasant Gangavane

praskrishna — 2012-04-13T13:49:32Z

Well known social worker Vasant Gangavane will be giving a public lecture on the Konkan Corridor Project at Ashoka Innovators for the Public in Bangalore on April 16, 2012. The lecture will focus on the role of Information & Communication Technology for total rural transformation by inclusive integrated development with no change of land ownerships. The event is co-organized by Ashoka Innovators for the Public and the Centre for Internet and Society.

Citing examples from the 117 village clusters in the regions of Ratnagiri and Sindhudurga districts of Maharashtra the lecture hopes to throw light on questions like what is a village cluster, what does it mean to urbanize one village cluster and what do we need to do to urbanize one village cluster, how will we organize and coordinate the project. This apart the vision, status and action plans of the Konkan Corridor Project, the skills development in each cluster, intensive agriculture in each cluster, farm produce processing, water conservation in the project area, rivers in the project area, energy, transportation, industry, science communication, and self administration in each clusters will also be discussed.

Vasant Gangavane

In the 1970s Vasant Gangavane, a management graduate from Indian Institute of Management and Wharton, returned to his village in Konkan, Maharashtra, to give his people what he felt they needed most — the knowledge to manage their natural resources. In the process, he set up several models of rural development. Gangavane found that the rate at which people migrated out of the Konkan was very high, despite the fact that the area was rich in natural resources. He studied the area and realised that land improvement and watershed development were key issues. He conducted a series of experiments in agriculture, dairy and poultry farming before setting up the Gokul Prakalp Pratishthan (GPP) in 1978. With the Maharashtra government's comprehensive watershed management programme (COWDEP), Gangavane's Pratishthan afforested 400 hectares of land in Vilye village with mango and cashew trees. Gangavane then acquired 40 acres of wasteland in the village and built water conservation structures called Gokul bandharas. This resulted in the wells in the area being recharged and ensured enough drinking water for 25 families.This model was later adopted by the Indo-German Watershed Programme.

When Gangavane's project began, the village of Vilye was bereft of young people. Its young had migrated. Now there is reverse migration and 3,000 people have benefited from the programme. The village has been transformed — water runoff has been arrested and afforestation has changed the look of the village.

After the watershed programme, Gangavane formulated a theoretical plan for model villages called the Gokul project. The aim was communication and knowledgesharing. A participatory rural appraisal is also done to explore natural resource availability, potential and use. The awareness is meant to empower people and convince them that watershed programmes can address problems of poverty and inequity. Gangavane believes that with this knowledge, and with the resources available, a small family in the area can live sustainably.

Gangavane's Pratishthan has set up an Ashramshaala at Laanja, Ratnagiri district, which is a tribal residential school, where 300 children are provided free boarding and lodging up to the secondary level. GPP has also introduced computer education in schools. For his work Gangavane was awarded the Vanashree award, Vasantrao Naik Pratisthan award and the Indira Priyadarshini Vrikshamitra award.

Download the presentation here [PDF, 228 KB]

For more details visit https://cis-india.org/internet-governance/talk-by-vasant-gangavane

The Idea of the Book

nishant — 2012-04-10T09:53:27Z

Its future lies in a trans-media format that is ever evolving, writes Nishant Shah in an article which was published in the Indian Express on April 8, 2012.

If you are a true bibliophile, you have long transcended making mortal judgements about books, based on insignificant factors such as plot, narrative, or writing style. A true bibliophile is in love with the form of the book — the joy that comes from the rustle of a turned page, the euphoria of holding a book in your arms, the satisfaction that rises from watching a tottering stack of books. For hardcore bibliomaniacs, the love is at a sub-molecular level, so to speak, finding their happiness and content in shapes of fonts, thickness of paper, methods of binding, imprints and meta-data that tells its own story. For all these true lovers of books, their affection goes beyond the content of the book. They love the book as an artefact, as an object of desire. It is as if there was a “bookness” to the book that they deeply appreciate.

It is these people, along with many others, who mourn the death of the book in the age of digital mass production. With the advent of the e-book and the ubiquitous presence of reading devices, many have announced the death of the book. The ‘dead-tree book’, as it is often derisively described in many circles, is a thing of the past. As we live in worlds of increasing interface, the surfaces we read on, the way we read, and the forms that we read have undergone a dramatic reconfiguration. Swype-and-touch has replaced turn-and-fold and the book as we know it, is growing extinct.

Professor Bruno Latour — one of the first theorists and critics of digital technologies, large-scale networks, and new methods of knowledge production — from Sciences Po in Paris, during his recent visit to Bangalore, suggested that instead of accepting the imminent death of the book and mourning its demise, it might be more fruitful to look at its future. The digital, he says, does not question the idea of the book, but merely the form. This, for me, is a fascinating idea. We often recognise the book as a form — something that is written, something that is bound, or something that is found in libraries. If you were to define a book, you would talk about the different kinds, shapes, colours and sizes of books but you won’t necessarily be able to explain it. This is because a book is only a material manifestation of a much larger idea and this is what we need to focus on.

The book has seen many transitions in its form from the pre-print, hand-written manuscripts by trained scribes to the print-on-demand paperbacks which can be assembled easily. Technologies have not threatened but actually helped it change, evolve and keep up with the times. When we think of the digital book and the possibilities it offers, these are much more exciting than the rather Luddite lament about how the book is dead.

In the digital medium, the future of multimedia narratives is convergence. An ability to tell stories, record knowledge, share information and make connections through a variety of media forms and styles changes the future of the book. Imagine a book that begins with a text, continues through music, blends into user-generated pictures and ends with a video. Imagine this book being written, not only in different media but also by different people, simultaneously, resulting in a layered palimpsest rather than a static page. Imagine each page and every word on the page not as a fixed thing but one of a series of alternatives. Imagine a book that is written as it is read, and no longer excludes print-challenged or differently-abled people from contributing to the writing, reading and sharing process.

A trans-media format would stay true to the democratic and inclusive vision of a book and correct the limitations of print. Such a book would also free knowledge and information from businesses — let’s not forget that the publishing and education system is a business — and allow a new audience to participate in knowledge production. This is not a mere fantasy. We already have new models such as mash-ups which give us a new logic to sort and store information. Imagine Facebook as a collaborative platform where different information can come together to supplement the traditional book. Wikipedia is a space of knowledge production, which might simulate the older encyclopaedia form, but it is written by unpaid contributors, collaboratively, even as the Encyclopaedia Britannica announces its last ever print publication.

The form of the book is going to change as it has over the last 500 years. However, the idea of the book — a receptacle that contains and records collective wisdom, information, ideas, knowledge, experiences and imagination of humankind – is here to stay. The digital book has to be understood not merely as a digitisation of an older book, but has to be imagined as a smorgasbord of possibilities which will revolutionise the form of the book and bring it closer to its intended vision. It is time indeed to announce, ‘The Book is Dead! Long Live the Book!’

Read the original from the Indian Express

For more details visit https://cis-india.org/internet-governance/idea-of-the-book

Government washes hands of Google's new privacy policy

praskrishna — 2012-04-10T09:40:55Z

The government has more or less washed its hands of internet giant Google's new privacy policy that is being criticised in Europe and elsewhere, but wants Indian residents to watch out for themselves, writes Jayadevan in this article published in the Economic Times on April 10, 2012.

Google's new privacy policy provides information on how personal information is collected, processed and secured, as required by relevant Indian laws. "The end users, however, need to fully understand the privacy policy of Google, the consequences of sharing their personal information and their privacy rights before they start using online services," Sachin Pilot, India's minister for information technology, stated in Rajya Sabha on March 30.

Ever since Google came out with a unified privacy policy in January, it has been facing criticism from many users and privacy advocates, especially in Europe where privacy is a fundamental right. The new policy unified separate privacy polices relating to nearly 60 of Google's services.

The new policy also lets the separate Google services, such as Gmail, Google Search or Youtube, share data among each other. In Europe, Google is facing potential sanctions or even fine over its new privacy policy.

Section 43A of the India's amended Information Technology Act (2000) has established a legal framework for data privacy protection in the country. The rules notified last year explain security practices to be followed and the need for guarding sensitive personal information. The Act also requires Indian corporations to publish a privacy policy.

"Google has published a Privacy Policy on their website," said the minister. "Any change in the privacy policy is not within the purview of amended Information Technology Act 2000," Pilot added. Venkatesh Hariharan (Venky), head of public policy and government affairs at Google India, has left the company last month and did not want to comment.

According to the Pilot, while France's independent privacy watchdog, the CNIL (nationale de I'informatique et des libertes) has said that the changes to Google's privacy policy do not comply with the European law, rectification of conflict between Google, an American company and European directive on data protection is not within the purview of the Indian government.

CNIL, the data protection watchdog in France had asked Google to answer 69 questions including what it does with the data collected from users and how long it is retained to better understand the consequences of the new policy for Google users.

Experts agree Google privacy policy is in compliance with Sec 43A of IT Act but cautioned that it may not be enough. "Section 43A does not have all the privacy safeguards that exist for citizen in developed countries," said Sunil Abraham, executive director at the Centre for Internet and Society.

Abraham advocates the creation of a privacy commissioner. "It is important to have a independent and autonomous regulator who can respond on a proactive basis when confronted with evidence of abusive practices," he said.

Legal provisions will have to enable the creation of such a regulator, says cyber law expert Vakul Sharma. "You can not create a regulator out of thin air. You should have legislation for privacy. In India we do not have any such legislation," said Sharma.

The IT act classifies information into two - personal information and sensitive personal information. Safeguards under the section 43A and rules apply to sensitive personal information which includes biometric information, information related to health, passwords, sexual orientation and financial information among others.

"Users must be aware that Google's new policy does not have room for categorization according to Indian laws," says Sharma. "It is a plain vanilla document. The users need more," he added.

Read the original published in the Economic Times on April 10, 2012. Sunil Abraham is quoted in it.

For more details visit https://cis-india.org/news/govt-washes-hands-of-google-privacy-policy

Look Who’s Chasing... The Twitter God

praskrishna — 2012-04-10T09:24:52Z

The celebrity isn’t the known face, it’s the Twitter handle that gets the following, writes Arpita Basu in this article published in Outlook's April 2012 issue. Sunil Abraham is quoted in this article.

If Abhishek Asthana felt the jitters as he prepared to face an internship interview on his B-school campus, this 35-character nugget of information would have lifted his spirits: He had a fan on the interview panel. “One of the panelists asked me, ‘Are you the same @GabbbarSingh from Twitter? I’ve been following you for a long time’!” recalls Abhishek, still chuffed. At 25, and in just over two years on Twitter, this Gabbbar Singh’s answer to ‘Kitne aadmi the?’ would be a formidable 19,540. That’s his follower count: people who hang on to his every word, retweeting, replying and generally relishing the irreverence that has made stars out of tweeters like Abhishek.

Twitter, the microblogging site that turned six last month, has raised a smart brood of commentators who go from politics to policies to pop culture and back, riding on 140 characters, trailed by a few thousand followers. Neither netas nor abhinetas, they are rabble-rousers and opinion-makers in their own right. Executives, entrepreneurs, tech geeks, students and creative types, these are ordinary people who have found anything but ordinary fame on the strength of their one-liners alone.

Take @BollywoodGandu, a blockbuster of a Twitter handle with a 57,000-strong audience, including, till recently, big-ticket followers like Karan Johar and Abhishek Bachchan. “They unfollowed me for reasons only they know,” shrugs the man behind the tweets, who’s used to having celebs follow him and then dropping him when they “don’t like” what he writes (Here’s a teaser: “Aishwarya looks like a mannequin in #Robot posters. Oh wait, on second thought, that kinda makes sense”.) The 30-year-old tweet icon, an industry insider who swears by Amol Palekar comedies, relishes the effect he has on filmwallahs; film crews have been known to scroll through his timeline during shooting breaks. “It makes me want to storm in like Russell Crowe in Gladiator and yell ‘Are you not entertained?’!” he adds dramatically.

Entertained, yes. Enlightened? You bet. These new stars on the media horizon, explains Sunil Abraham, executive director, Centre for Internet and Society, “provide information, comments, and a sense of humour and cynicism that is missing from mainstream media”. With Twitter launching its Hindi version in September last year, language too is no longer a barrier. Again, on this turf, the threshold for entry is much lower. “Unlike TV,” Abraham elaborates, “where you have to look and dress a certain way and then say something interesting, these tweeters hold people’s attention sitting in their homes. We don’t even know what they look like.”

Which only makes them more relatable. After all, they are swimming in the same fish bowl as everyone else, right? And feeling the same fears when the water rises too high above the head. Only, they express it way better. Snappy, sharp and always questioning, their unforgiving, emperor-has-no-clothes approach scores with people fed up with what Twitter veteran Ramesh Srivats calls “curated mainstream media”.

Photograph by Amit Haralkar

Varun Grover @JayHind 11724 followers
Famous tweet Keep army busy. Give them an IPL team of their own.

It’s no wonder that popular media wants a piece of them too. Varun Grover, a 32-year-old engineer-turned-satirist whose witty observations made the Twitter handle @JayHind a hit, landed a TV deal: to script, along with his team, the spoofy The Late Night Show on Colors. “Tweets are my research; a scratchboard for the gags,” Varun reveals. The show, which carries forward JayHind TV’s online sketches, looks at current goings-on with a shovelful of salt. “Having grown up in Lucknow, analysing politics came naturally to me,” says Varun.

There’s more that comes naturally to the Tweet brigade—the art of getting Twitterverse’s 12 million inhabitants (that’s just counting India) to listen, for one. Writer and IT professional Arnab Ray @greatbong (see accompanying column) recalls how his legion of followers grew over three years, drawn in by his “funny, spontaneous, politically incorrect tweets that honour no holy cows”. “I am not a celebrity, so there was no opening day surge for me,” Arnab quips, conceding that his reputation as Greatbong the blogger preceded him on Twitter. For Rake$£ Jhunjhunwala ['Fake Jhunjhunwala'] @jhunjhunwala too, tweeting about blog posts got his foot in the door back in 2009, when very few had warmed to Twitter in India. Today, some 43,000-odd Tweeple prick up their ears to catch what this trader-investor, video-gamer and combat sports freak has to say during his “recreation hours”. Blogging also helped Priyanka Sachar @twilightfairy increase her tweet-worth. Priyanka passed up eleven-and-a-half years as a computer engineer to become a fine art wedding photographer, and regularly tweets links to her work. She hardly blogs now, having “lost patience with lengthy posts”, and can’t say enough about the mercurial nature of Twitter, though her strike rate of 70-plus tweets on a good day says enough.

Photograph by Narendra Bisht

Priyanka Sachar @twilightfairy 14913 followers
Famous tweet ...markets are full of Easter eggs already. On Navratre. That’s the way the Indian cookie crumbles.

“We have to stay in the moment. Or if possible, before the moment,” offers Utsav Chakraborty @SatanBhagat, who counts power-lister Anand Mahindra amongst his fans. The 21-year-old media grad, “bottom-tier stand-up comic” and er... not the biggest fan of Chetan Bhagat, distills the essence of a quality tweet: “A view is just a view without analogies and wordplay. No one likes raw chicken. You have to marinate, cook, season, garnish and serve it on a warm plate. We’re all assembly line gourmet chefs.”

Each, though, has perfected his or her own specialty dish, be it satire, humour, current affairs, business dos, boudoir don’ts.... Then there is Twitter’s tryst with literature—Twisters. Twitter stories penned, like their nomenclature, by Arjun Basu, a Montreal-based writer and publishing veteran in his 40s, whose Twitter readership stands at 1,46,895 and counting. “After my first tweet wishing I had ordered another vodka on a flight, I wrote a story, which came in at 140 characters with some editing. Within a day, I had written a few and then I became a bit obsessed.” That’s understating it: Arjun has written 5,000 Twisters since. One of them—“They tolerated the ennui of their jobs, bought off by promises of spectacular riches sometime in the future. At retirement, they bought guns”—has been made into an award-winning short film, Life. He hopes to compile his Twisters into a book—or at least put them on posters or coffee mugs.

Another compilation of tweets worth a shot—@Kweezzz trivia. Conscientiously hosting tweet-sized quizzes on everything from Guatemalan currency to the inventor of earmuffs to the actress whose “toothbrush fell in the toilet”, Kweezzz is instant food for the brain.

There’s grist for gossip mills too. Malini Agarwal @MissMalini has much to reveal about “Bollywood and the Bombay party circuit unplugged”. With tidbits from fashion shows, who-wore-it-best couture contests, and shirtless celeb twitpics (sample this: “Lean, mean and undressed Rana Daggubati”) she keeps her tweet wattage high. Devotees leave posts at her shrine on the hour.

Photograph by Nilotpal Baruah

Ramesh Srivats @rameshsrivats 35798 followers
Famous tweet Two weapons against corruption: Lokpal and Chappal

For Ramesh Srivats, it’s all in a day’s work to have fans come up to him to say hello. Characteristically, he makes light of it: “My bald head makes me easy to recognise!” Utsav’s celeb moment translates into “an occasional free meal or a job offer”. “Other than that, my ‘celebrity’ mostly extends to Linkedin and Google+ invites,” he says modestly.

For some Twitterati, think Pragmatic Desi, The Comic Project, Bombay Addict and C_gawker, it’s enough for just the pseudonyms to be recognised. They refuse to step out from behind their famous handles. Hear it from BollywoodGandu: “I never thought anonymity would be a criterion for popularity, but I was wrong. As Indians, our first response to anyone usually is ‘Tu kaun hai?’. And when you don’t know the answer, it adds to the mystery,” he says. It adds on immunity too, as you throw that virtual chappal. Anonymity and accountability are, after all, inversely linked. Social scientist Shiv Visvanathan insists that the freedom of expression which Twitter affords exists only up to a point: “If you keep making outrageous comments, there will come a quiet point when people will say ‘See you later’. The loudmouths disappear over time. What works best is self-policing.”

Photograph by Jignesh Mistry

Abhishek Asthana @GabbbarSingh 19540 followers
Famous tweet No. of hours you spend wearing shorts in a day/no. of hours wearing trousers = work/life balance index

Besides its obvious merit, the anonymous Twitter handle is also a great creative opportunity. No wonder the handles, alter-egos for their owners, are attention magnets themselves. Abhishek recalls how starting the Gabbbar Singh account to write a blogpost about a Twitter-savvy cast of Sholay, got him 50 followers in five minutes flat, and a thousand in 20 days.

Bollywood Gandu’s irresistible handle, he says, was inspired by a meeting with “a certain Bollywood star and his/her friends (read chamchas)”. He adds, “The irony is that the real ‘gaali’ in my handle is ‘Bollywood’.” Many in his Twitter circle would have noted that already. Twitter’s wit wagon, after all, is teeming with like-minded tweeple, befriending each other, following each other. Ashish Shakya, for instance, follows Gursimran Khamba and Overrated Outcast, who, in turn follow him; Ramesh Srivats and Lakshmipathy Bhat @bhatnaturally follow each other. Yes, it is a small world. But by no means a closed one. Most of them also follow those who could become potential ‘material’ for tweets. JayHind follows news sites to keep himself updated, just as diligently as he keeps up with “unintentionally funny people who falter almost daily” (read celebs).

With the variety and versatility on offer, it’s a goldmine out there for anyone who can keep pace with a tweet a minute. The format helps, of course, as Abraham points out: “It forces people to be brief. You don’t have to wade through too much information to find the next big thing.” Or star. After all, in the democratic republic of Twitter, all it takes to go from voice in the wilderness to vox popular is to say something worthwhile. And find people who’ll gladly repeat it after you.

Read the original in Outlook

For more details visit https://cis-india.org/news/look-who-s-chasing-twitter-god

Intermediary Liability in India: Chilling Effects on Free Expression on the Internet 2011

Rishabh Dara — 2012-04-21T18:05:58Z

Intermediaries are widely recognised as essential cogs in the wheel of exercising the right to freedom of expression on the Internet. Most major jurisdictions around the world have introduced legislations for limiting intermediary liability in order to ensure that this wheel does not stop spinning. With the 2008 amendment of the Information Technology Act 2000, India joined the bandwagon and established a ‘notice and takedown’ regime for limiting intermediary liability.

On the 11th of April 2011, the Government of India notified the Information Technology (Intermediaries Guidelines) Rules 2011 that prescribe, amongst other things, guidelines for administration of takedowns by intermediaries. The Rules have been criticised extensively by both national and international media. The media has projected that the Rules, contrary to the objective of promoting free expression, seem to encourage privately administered injunctions to censor and chill free expression. On the other hand, the Government has responded through press releases and assured that the Rules in their current form do not violate the principle of freedom of expression or allow the government to regulate content.

This study has been conducted with the objective of determining whether the criteria, procedure and safeguards for administration of the takedowns as prescribed by the Rules lead to a chilling effect on online free expression. In the course of the study, takedown notices were sent to a sample comprising of 7 prominent intermediaries and their response to the notices was documented. Different policy factors were permuted in the takedown notices in order to understand at what points in the process of takedown, free expression is being chilled.

The results of the paper clearly demonstrate that the Rules indeed have a chilling effect on free expression. Specifically, the Rules create uncertainty in the criteria and procedure for administering the takedown thereby inducing the intermediaries to err on the side of caution and over-comply with takedown notices in order to limit their liability and as a result suppress legitimate expressions. Additionally, the Rules do not establish sufficient safeguards to prevent misuse and abuse of the takedown process to suppress legitimate expressions.

Of the 7 intermediaries to which takedown notices were sent, 6 intermediaries over-complied with the notices, despite the apparent flaws in them. From the responses to the takedown notices, it can be reasonably presumed that not all intermediaries have sufficient legal competence or resources to deliberate on the legality of an expression. Even if such intermediary has sufficient legal competence, it has a tendency to prioritise the allocation of its legal resources according to the commercial importance of impugned expressions. Further, if such subjective determination is required to be done in a limited timeframe and in the absence of adequate facts and circumstances, the intermediary mechanically (without application of mind or proper judgement) complies with the takedown notice.

The results also demonstrate that the Rules are procedurally flawed as they ignore all elements of natural justice. The third party provider of information whose expression is censored is not informed about the takedown, let alone given an opportunity to be heard before or after the takedown. There is also no recourse to have the removed information put-back or restored. The intermediary is under no obligation to provide a reasoned decision for rejecting or accepting a takedown notice. The Rules in their current form clearly tilt the takedown mechanism in favour of the complainant and adversely against the creator of expression.

The research highlights the need to:

increase the safeguards against misuse of the privately administered takedown regime;

reduce the uncertainty in the criteria for administering the takedown;

reduce the uncertainty in the procedure for administering the takedown;

include various elements of natural justice in the procedure for administering the takedown; and

replace the requirement for subjective legal determination by intermediaries with an objective test.

This executive summary is a research output of the Google Policy Fellowship 2011. The Centre for Internet & Society was the host organization. For the entire paper along with references, please write to rishabhdara@gmail.com or sunil@cis-india.org

For more details visit https://cis-india.org/internet-governance/intermediary-liability-in-india

GIGA International Conference Series - 1

praskrishna — 2012-04-03T06:18:28Z

The Institute of Global Internet Governance and Advocacy (GIGA) at NALSAR University will hold the first International Conference in association with Department of Electronics and Information Technology (DEIT) of Government of India on the theme "Revisiting Internet Governance - Lessons Learnt and Road Ahead" at NALSAR University of Law, Justice City Campus, Shameerpet on April 5 & 6 of 2012.

Lex Witness, India's first magazine on legal and corporate affairs is the media partner for the conference, Sunil Abraham will be speaking in this conference,

The first International Conference on Internet Governance of GIGA aims to:

To map the emergence of Internet Governance globally in the last two decades and to analyse its high points and low points in terms of its development, dynamism, diversity, divide and deficit.
To map the multiple definitions of Internet Governance and its rapid evolutionary trajectory of consolidating convergence and confronting challenges of divergence.
To critically evaluate the creative disruption of processes of accountability, empowerment and governance processes.
To levitate the legislative landscape for connecting the real life citizens and virtual life netizens.
To reshape the emergent issues of privacy vs. social responsibility, freedom of expression vs.social & cultural harmony, self conduct vs. legislative intervention, adolescence vs. adult behavior.
To reconcile the sovereign principles with Universal principles.

Conference Schedule

Day 1, April 5, 2012

S.No.	Time	Inaugural
	9.00-10.15	Welcome Address by	Prof. V. C. Vivekanandan Director, GIGA
		Address by	Prof. Faizan Mustafa Vice Chancellor, NALSAR
		Address by	Mr. N. Ravi Shanker Additional Secretary, DOT, Govt. of India
		Address by	Dr. Ajay Kumar Jt. Secretary DEIT, Govt. of India
		Key Note Address by	Mr. J. Satyanarayana Secretary, DEIT Govt. of India (to be confirmed)
		Vote of Thanks by	Prof. M. Sridhar Faculty, GIGA

	10.15-10.45	Coffee Confluence
		Theme	Chair / Speaker
1.		Internet-Comparative Perspective Opening Remarks from the Chair	Mr. Ajit Balakrishnan Chairman-Board of Governors, IIM Calcutta & CEO-Rediff.com
		A. Internet as key to development-an African perspective	Mr. Jean Jacques SUBRENAT ALAC Member, ICANN
		B. Adding a Billion-Challenges in Asia Pacific world	Dr. Katim Seringe Touray Former Board Member, ICANN
		C. Indian policy response to Internet Governance	Prof. Hong Xue Director- IIPL- Beijing
		Netizen speak	Dr. Govind Sr.Director, DEIT, CEO-NIXI
		Closing remarks of the Chair
		Theme	Chair / Speaker
2.		Internet Governance & Technology Opening Remarks from the Chair	Mr. Sanjay Jaju Secretary (IT) AP Govt. (to be confirmed)
		Key Note Address gTLDs- Managing the genie out of the bottle-Techno-Legal issues	Mr. N. Ravi Shanker Additional Secretary, DOT
		A. The business of gTLDS-Roses & Thorns	Prof.V.C.Vivekanandan Director, GIGA
		B. IDN Challenges – Unity in Diversity- Indian Response	Mr. Akshat Joshi GIST, CDAC-Pune
		Closing remarks of the Chair

		Lunch
		Theme	Chair / Speaker
3.		Internet Governance & Society Opening Remarks from the Chair	Prof. Ranbir Singh Vice Chancellor, NLU, Delhi
		Key Note Address Balancing the Privacy-Transparency Conundrum in Internet Governance	Mr. Carlton A. Samuels ALAC Member, ICANN
		A. Brahma-Vishnu-Shiva- Trinity as the State	Mr.U.Ramamohan SP, Cyber Crimes, A.P.
		B. Digital Natives Vs. Digital Naivety	Mr. Sunil Abraham Executive Director, CIS
		C. A development agenda for global Internet governance	Mr. Parminder Jeet Singh Executive Director, IT for Change
		Netizen Speak
		Closing remarks of the Chair

		Coffee Confluence
		Theme	Chair / Panelist
4.		Panel Panorama - Internet Governance - Crossroads or crossing the Road Opening Remarks from the Chair
		Panelists - 15 minutes each	Prof. Amita Dhanda Professor of Law, NALSAR Dr. Anindya Sircar AVP & Head IP , Infosys Prof. Srividhya Ragavan Professor of Law, University of Oklahoma College of Law Prof. S. Matilal RGSOIPL-IIT, Kharagpur
		Netizen Speak
		Closing Remarks of the Chair

Day 2, April 6, 2012

1.	9.00-9.05	Internet Governance & Law Opening Remarks from the Chair	Prof. R. Venkata Rao Vice Chancellor NLSIU, Bangalore
	9.05-9.25	Key Note Address Whose Privacy is it Anyway?	Prof. Graham Greenleaf Co-Director, Aust LII
	9.25-9.40	A. Netizen vs. Citizen-the Sumo Game	Prof.Izumi AIZU TAMA University,Japan
	9.40-9.55	B. Number or Name- Shift in Domain Names	Dr. V. K. Unni Associate Prof., IIM,Calcutta
	9.55-10.10	C. Dial M for Internet Governance	Mr. Pavan Duggal Advocate, Supreme Court of India
	10.10-10.25	D. Chartering rights in Unchartered waters	Mr.Na.Vijaya Shankar Cyber Law Consultant
	10.25-10.35	Netizen Speak
	10.35-10.45	Closing Remarks of the Chair

	10.45-11.15	Coffee Confluence
		Theme	Chair / Speaker
2.	11.15-11.20	Internet Governance & Media Opening Remarks from the Chair	Prof.V.Vijaya Kumar Vice Chancellor, TNDALU-Chennai
	11.20-11.40	Keynote Address Social Media- a New Wine in a New Bottle	Prof. Ang Peng Hwa NTU, Singapore
	11.40-11.55	A. The Republic of Facebook –The Bill of Frights	Prof.V.C.Vivekanandan Director, GIGA
	11.55-12.10	B. Objecting the Objectionable-the chronicles of criminology	Dr.K.V.K.Santhy Co-investigator, GIGA
	12.10-12.25	C. Street Talk vs. Social Talk-Loud Decibels	Prof. M. Sridhar Co-investigator, GIGA
	12.25-12.35	Netizen Speak
	12.35-12.45	Closing remarks from the Chair

	12.45 -2.00	Lunch
		Theme
3.	2.00-2.05	Wrap Up – Internet dreams & delusions – Setting the agenda for the new decade Opening remarks from the Chair	Prof. S. Sivakumar Director In-charge, Indian Law Institute
	2.05 – 3.20	Panelists -15 minutes each	Mr.G.R.Raghavender Registrar of Copyrights Copyright office Ms. Ankhi Das Head of Public Policy, Facebook India Ms. Tulika Pandey Addl.Director- DEIT Mr.R.Muralidharan Advocate- Bangalore Mr. Raman Jit Singh Chima Policy Analyst , Google India Pvt Ltd
	3.20 –3.30	Netizen Speak
	3.30 – 3.40	Closing remarks of the Chair
	3.40 – 4.00	Summing Up - The Hyderabad Declaration	Prof.V.C.Vivekanandan Director, GIGA

	4.00	Coffee Musings & Farewell

For more details visit https://cis-india.org/news/giga-conference

Global Censorship Conference

praskrishna — 2012-03-30T11:34:07Z

The Abrams Institute for Freedom of Expression at Yale Law School is holding a conference on global censorship from March 30 to April 1, 2012, at Yale Law School. The programme is sponsored by the Information Society Project at Yale Law School and Thomson Reuters.

"This conference is the first major event for the Abrams Institute for Freedom of Expression, and it brings together an exciting group of thinkers from law, political science, computer science, business and the non-profit sector to discuss the lessons of the past few years,” explained Yale Law Professor Jack Balkin, director of the Abrams Institute and the Information Society Project. “We think the study of free expression in the digital age should be international and interdisciplinary."[1]

Rishabh Dara, Google Policy Fellow who worked at CIS office in Bangalore on freedom of expression and internet-related policy issues is participating in the event as a speaker in the panel on Case Studies of Censorship. The panel will explore recent instances of censorship in the United States, Egypt, Syria, Brazil, and India and the common themes and important differences that emerged.

This conference will consider how censorship has changed in a networked world, exploring how networks have altered the practices of both governments and their citizens. Panels will include discussions of how governments can and do censor and how speakers can command technical and legal tools to preserve their ability to speak. The conference will conclude with a discussion of new controversies in censorship, including laws designed to prevent online bullying and intellectual property infringement.

Agenda

Friday March 30, 2012

2:00	Begin Registration
3:15 – 4:45	The Means of Change, Familiar and New (co-sponsored by Sponsored by the Orville H. Schell, Jr. Center for International Human Rights) In the popular story of the political upheavals in the Middle East and North Africa, information technology stands out as the new factor that was critical to rapid mass mobilization for demanding change. The media have been credited with making popular demands for change contagious. Enthusiasts for the potential of technology to foster progressive change have labeled these apparently sudden developments a Facebook revolution. Governments responded by seeking to curtail the use of mobile phones and the Internet. What role has technology played in igniting, sustaining and shaping recent political changes in the Arab world? Anupam Chander, Professor of Law, University of California, Davis and Director, California International Law Center Rebecca MacKinnon, Bernard L. Schwartz Senior Fellow, New America Foundation John Pollock, journalist
5:00– 6:30	Keynote Lecture (co-sponsored by Sponsored by the Orville H. Schell, Jr. Center for International Human Rights) Irwin Cotler, Canadian Parliament, former Attorney General of Canada
6:30– 9:00	Reception for Panelists of the Global Censorship Conference

Saturday March 31, 2012

9:00 – 10:00	Registration and Breakfast
10:00– 11:30	Panel One: Old and New Forms of Censorship Years ago, activists met in person to plan protests and quietly shared subversive texts. Now, events can be planned over social networking sites, and arguments for change are posted online. How have governments responded to these changes? How have activist practices and governments’ reactions changed the way we conceptualize censorship? Jack Balkin, Yale Law School Yochai Benkler, Harvard Law School Navid Hassanpour, Yale Political Science Deptartment Rebecca MacKinnon, Bernard L. Schwartz Senior Fellow, New America Foundation
11:45 – 1:15	Panel Two: Technical Architectures of Censorship There are a number of choke points across the Internet and a number of different censorship mechanisms that can be deployed at various points across the network. Censorship can be executed at the router level, the Internet Service Provider (ISP) level, the Internet Content Provider (ICP) level, or the device level. Additionally, countries can employ a number of different technologies at each level. This panel will explore the many technical options for censorship and the strategic value of different choices. Laura DeNardis, Associate Professor of Communication at American University, and Affiliated Fellow, Information Society Project at Yale Law School Nagla Rizk, American University in Cairo Hal Roberts, Fellow at Berkman Center for Internet & Technology Ashkan Soltani, Independent Researcher and Consultant on Privacy and Security
1:15 – 2:15	Lunch
2:15 – 3:45	Panel Three: Case Studies of Censorship In the wake of censorship both domestically and abroad, many questions emerged about how the censorship was executed, what effects it had, if and how activists were able to route around the it, and how, if it all, it was eventually stopped. This panel will explore recent instances of censorship in the United States, Egypt, Syria, Brazil, and India and the common themes and important differences that emerged. Sherwin Siy, Deputy Legal Director and the Kahle/Austin Promise Fellow at Public Knowledge Lina Attalah, Journalist, Managing Editor of Al-Masry Al-Youm Anas Qtiesh, Blogger, Editor of Global Voices Carlos Affonso Pereira de Souza, Vice-Coordinator of the Center for Technology & Society (CTS) at the Fundação Getulio Vargas (FGV) Law School Rishabh Dara, Researcher at Indian Institute of Management, Ahmedabad
4:00 – 5:30	Panel Four: Technical Methods of Circumventing Censorship New technology may provide governments with new tools to censor, but it also creates opportunities for speakers and “hactivists” everywhere. How can individuals evade identification online and access blocked content? Can activists circumvent attempts to shut down the internet during periods of political unrest? What new methods are being developed to preserve free speech online? Roger Dingledine, The Tor Project Peter Fein, Telecomix Alex Halderman, University of Michigan, Dept. of Computer Science Sascha Meinrath, Open Technology Initiative Director, New America Foundation Wendy Seltzer, Senior Fellow, Information Society Project at Yale Law School
6:00 – 9:00	Dinner for Speakers

Sunday, April 1, 2012

9:00 – 9:30	Breakfast
9:30 – 11:00	Panel Five: Legal Solutions to Censorship Given the way censorship technologies have slowly crept into acceptable use because of concerns like piracy, child pornography, or national security, there is much debate about the role and capacity of law in combatting these new, digital forms of government censorship, domestically and internationally. This panel will discuss if and how legal solutions to censorship can be deployed most effectively. Derek Bambauer, Brooklyn Law School Jim Dempsey, Vice President of Public Policy at the Center for Democracy and Technology Molly Land, New York Law School Linda Lye, ACLU Northern California Jillian York, Director for International Freedom of Expression at the Electronic Frontier Foundation
11:15 – 12:45	Panel Six: New Controversies in Censorship Does new technology change the appropriate scope of free expression rights? Can policing intellectual property infringement burden free speech interests? Does surveillance ever have a censoring effect? This panel will wrestle with whether a variety of government activities constitutes inappropriate censorship or necessary actions to protect the public interest. Rebecca Bolin, Fellow at Information Society Project, Yale Law School Mark MacCarthy, Vice President for Public Policy, Software and Information Industry Association; Adjunct Professor, Communication, Culture and Technology Program, Georgetown University Preston Padden, Senior Fellow at the Silicon Flatirons Center and an Adjunct Professor at the University Of Colorado's Law School and Interdisciplinary Telecommunications Program David Post, Temple University, Beasley School of Law Christopher Soghoian, Graduate Fellow, Center for Applied Cybersecurity Research, Indiana University
12:45	Bagged Lunch Available

[1].Global Censorship Conference to be Held March 30-April 1 at Yale Law School | Yale Law School, last accessed on March 30, 2012, http://www.law.yale.edu/news/15140.htm

Read the original posted in Yale Law School website

For more details visit https://cis-india.org/internet-governance/global-censorship-conference

Data protection experts slam state for sending mass SMSes

praskrishna — 2012-03-27T03:46:00Z

Experts in the field of data protection, privacy law and media have criticised the West Bengal government's mass SMS sent to individuals, companies and media houses through private mobile networks last Friday. Lara Choksey reports this in an article published in the Statesman on March 25, 2012.

The government's use of private data in order to spread political messages is ethically dubious and dangerous, say some. The SMS indirectly refers to The Telegraph's publication of the Poonam Pandey tweet, warning against the transmission of “provocative and indecent photographs for hurting the religious sentiments of people and disrupting communal harmony.” It urges recipients to “frustrate the designs of … unscrupulous people and maintain peace and communal harmony,” and is signed by “Mamata Banerjee, Chief Minister”.

Speaking to The Statesman on Saturday, Mumbai-based media lecturer Ms Geeta Seshu identified two issues with the government sending out political messages through mobile phone networks.

Firstly, from an ethical standpoint, the unchecked freedom of mobile phone companies to hand out private data is “completely wrong”, she said.

Secondly, the use of government funds for such dissemination needs to be transparent. If the state government has used public funds to distribute its message through a mobile phone network, then this information should be readily available, said Ms Seshu.

The Telecom Regulation Authority of India's (Trai) unsolicited commercial communications regulations allow unsolicited advertising through mobile phone networks.

Mr Apar Gupta, partner of Delhi-based law firm Advani and Co., explained, “The regulations are not wide enough to prohibit communications from a political party.” He observed, “Using SMS messages is a very efficient propaganda tool because so many people have access to mobile phones.”

Mobile phone networks such as Vodafone make it clear in their privacy policies that the personal data of its customers “may be used for inclusion in any telephone or similar directory or directory enquiry service provided or operated by us or by a third party” (source Vodafone website).

Any third party ~ governmental or corporate ~ can therefore access the company's directory of private mobile numbers at the discretion of the network in question.

It is not yet clear which government department coordinated the SMS, or what funds were used to cover the costs. Representatives from the ministry of information and cultural affairs were not able to shed a light on the matter. “I know that a message was sent out,” said the I & CA director Umapada Chatterjee, "But it was not sent from this department. I do not know that information.”

Some commentators did not condemn the government's SMS. Delhi High Court lawyer and cyber law expert, Mr Praveen Dalal, criticised the publication of the Poonam Pandey tweet on the grounds of it violating the due diligence guidelines of the Cyber Law of India. He commented, “If casual and careless publications … continue, there would be no other option left for the government but to regulate their affairs in a more intrusive manner.”

However, executive director of the Centre for Internet and Society, Mr Sunil Abraham, called the state government's use of unsolicited SMS a “clear abuse of the powers afforded by elected office.” Mr Abraham explained that elected representatives would be justified in such measures, and in utilising public funds, in the event of a disaster, or when public order, public health or national security are compromised.

“However in this case, the government is abusing the provisions of the law and using this incident as a pretext to threaten media professionals with surveillance and to intimidate for the purposes of reigning in free speech,” he told The Statesman. The chief minister was unavailable to make a comment on the matter.

Read the original published in the Statesman

For more details visit https://cis-india.org/news/data-protection-experts-slam-state-for-sending-mass-smses

Statutory Motion Against Intermediary Guidelines Rules

pranesh — 2012-04-03T09:35:41Z

Rajya Sabha MP, Shri P. Rajeev has moved a motion that the much-criticised Intermediary Guidelines Rules be annulled.

Motion to Annul Intermediary Guidelines Rules

A motion to annul the Intermediary Guidelines Rules was moved on March 23, 2012, by Shri P. Rajeeve, CPI(M) MP in the Rajya Sabha from Thrissur, Kerala.

The motion reads:

"That this House resolves that the Information Technology (Intermediaries Guidelines) Rules, 2011 issued under clause (zg) of sub-section (2) of Section 87 read with sub-section (2) of Section 79 of the Information Technology Act, 2000 published in the Gazette of India dated the 13th April, 2011 vide Notification No. G.S.R 314(E) and laid on the Table of the House on the 12th August, 2011, be annuled; and

That this House recommends to Lok Sabha that Lok Sabha do concur on this Motion."

This isn't the first time that Mr. Rajeeve is raising his voice against the Intermediary Guidelines Rules. Indeed, even when the Rules were just in draft stage, he along with the MPs Kumar Deepak Das, Rajeev Chandrashekar, and Mahendra Mohan drew Parliamentarians' attention to the rules. Yet, the government did not heed the MPs' concern, nor the concern of all the civil society organizations that wrote in to them concerned about human rights implications of the new laws. On September 6, 2011, Lok Sabha MP Jayant Choudhary gave notice (under Rule 377 of the Lok Sabha Rules) that the Intermediary Guidelines Rules as well as the Reasonable Security Practices Rules need to be reviewed. Yet, the government has not even addressed those concerns, and indeed has cracked down even harder on online freedom of speech since then.

Fundamental Problems with Intermediary Guidelines Rules

The fundamental problems with the Rules, which deal with objectionable material online:

Shifting blame.

It makes the 'intermediary', including ISPs like BSNL and Airtel responsible for objectionable content that their users have put up.

No chance to defend.

There is no need to inform users before this content is removed. So, even material put up by a political party can be removed based on anyone's complaint, without telling that party. This was done against a site called *CartoonsAgainstCorruption.com". This goes against Article 19(1)(a).

Lack of transparency

No information is required to be provided that content has been removed. It's a black-box system, with no one, not even the government, knowing that content has been removed following a request. So even the government does not know how many sites have been removed after these Rules have come into effect.

No differentiation between intermediaries.

A one-size-fits-all system is followed where an e-mail provider is equated with an online newspaper, which is equated with a video upload site, which is equated with a search engine. This is like equating the post-office and a book publisher as being equivalent for, say, defamatory speech. This is violative of Article 14 of the Constitution, which requires that unequals be treated unequally by the law.

No proportionality.

A DNS provider (i.e., the person who gives you your web address) is an intermediary who can be asked to 'disable access' to a website on the basis of a single page, even though the rest of the site has nothing objectionable.

Vague and unconstitutional requirements.

Disparaging speech, as long as it isn't defamatory, is not criminalised in India, and can't be because the Constitution does not allow for it. Content about gambling in print is not unlawful, but now all Internet intermediaries are required to remove any content that promotes gambling.

Allows private censorship.

The Rules do not draw a distinction between arbitrary actions of an intermediary and take-downs subsequent to a request.

Presumption of illegality.

The Rules are based on the presumption that all complaints (and resultant mandatory taking down of the content) are correct, and that the incorrectness of the take-downs can be disputed in court (if they ever discover that it has been removed). This is contrary to the presumption of validity of speech used by Indian courts, and is akin to prior restraint on speech. Courts have held that for content such as defamation, prior restraints cannot be put on speech, and that civil and criminal action can only be taken post-speech.

Government censorship, not 'self-regulation'.

The government says these are industry best-practices in existing terms of service agreements. But the Rules require all intermediaries to include the government-prescribed terms in an agreement, no matter what services they provide. It is one thing for a company to choose the terms of its terms of service agreement, and completely another for the government to dictate those terms of service.

Problems Noted Early

We have noted in the past the problems with the Rules, including when the Rules were still in draft form:

Other organizations like the Software Freedom Law Centre also sent in scathing comments on the law, noting that they are unconstitutional.

We are very glad that Shri Rajeeve has moved this motion, and we hope that it gets adopted in the Lok Sabha as well, and that the Rules get defeated.

For more details visit https://cis-india.org/internet-governance/blog/statutory-motion-against-intermediary-guidelines-rules

Is your facebook page your mini resume?

praskrishna — 2012-03-26T07:27:43Z

As privacy debates heat up across the world, Bangaloreans reveal the trend of employers asking job aspirants for their Facebook IDs and passwords has caught on here too. When Adil Pasha, 24, revealed at an advertising job interview that his main strength was creativity, his interviewers asked for his FB password to check his latest updates.

This was published in IBNLive on March 26, 2012 . Sunil Abraham is quoted in this.

They rejected him, as he was going through a break-up and had put up song lyrics as his status message. On the other hand, Sukanya Srinivasan, 19, got an internship chance at a leading IT firm solely based on her FB photo albums.

“A company recently rejected my application after looking at the number of people I’d blocked on my chat list. They thought I didn’t have good interpersonal skills. I might be a friendly, harmless flirt, but the company might think I could sexually harass women employees. If they see my photos at a party, they might think I’m an alcoholic,” said Kiran Giridhar (name changed), who has attended over 12 interviews in the last two months, where his social life mattered more.

Recently, Facebook chief privacy officer Erin Egan said they had seen a distressing increase in reports of employers seeking to gain access to people’s Facebook profiles or private information.

“The most alarming of these practices is the reported incidents of employers asking prospective or actual employees to reveal their passwords,” she wrote on the website’s privacy page. The controversy is now being fought on moral and ethical grounds.

"This is a privacy infringement but there is no provision in the law (IT Act-2008) that prohibits employers from asking for personal information. This is happening with the willingness of potential candidates. If a person finds it unacceptable, he/she shouldn’t share the password. Background checks are common as some companies deal with sensitive information. So it’s not illegal, but intrusive. I think some power relationships can be abused if they cross the social networking barrier — like a boss-employee and teacher-student relationship. Corporate policy should prevent such things," explained Sunil Abraham, executive director, Centre for Internet and Society.

For more details visit https://cis-india.org/news/facebook-page-mini-resume

Why your Facebook Stalker is Not the Real Problem

nishant — 2012-03-21T05:02:16Z

We live in networked conditions. This is a statement that can now be taken at face-value, and immediately explains our highly connected, inter-meshed environments finds Nishant Shah in this article published in FirstPost on March 20, 2012.

Especially within the digital world, the World Wide Web has become synonymous with social networking systems, where increasingly all our access, communication and interaction is located within a series of interconnected networks.

From the imagination of the web as a complex network, we have evolved to looking at the web as facilitating networks where different relationships, transactions and connections can be mapped and managed. This is why we often have romantic imaginations of networks as free, open, collaborative, shared spaces of interaction and expression.

However, we have reached a stage where this idea of a network as a liberatory space is under threat. Even as I write this, Internet Service Providers are now planning to set up sophisticated, automated systems that will do a deep-spy on your data transfer to see if you are sharing files (sometimes also called piracy) using the Internet.

These systems will now keep track of all your digital transactions and will monitor what you consume, who you talk to and determine whether you are a good ethical subject who is only using the Internet in ways that the powers to be want you to.

For me, this particular networked condition of being constantly monitored and watched is scary. And it surprises me that this invasive process is less in public attention than Google’s recently changed privacy policies or the TOS-in-progress nature of privacy on Facebook.

This is because the ubiquitous presences of networks in our lives have made them transparent to us – we do not think of the networks themselves as entities but as spaces where interactions with other objects is possible. Hence, if I ask you, right now, to name the top 5 entities that you interact with the most on Facebook, I am sure you will be able to name them. More probably than not, these top 5 entities with people that you have formed strong Facebook Friendships with.

In fact there are platforms designed to let you know who you are talking with most on your networks. Network influence measurement indices by services like Klout are able to tell you not only who you talk to but also what are your key areas of influence. This is a way by which the network becomes invisible to us. It hides the fact that the thing that talks to you the most on Facebook is Facebook itself.

The marketing of Facebook might tell you that you are talking to other human beings, but reality is that the network is more than the sum total of all human beings on the system. Just look at the amount of information Facebook produces on your behalf and to you. Notifications for adding friends, for liking people, for people writing to you, for people commenting on your walls and posts, form more than 50% of the information traffic on Facebook or social networking systems.

This information is produces and shared by scripts, coded bots, algorithmic applications, and non-human entities that not only support and sustain the network but are also significant members of the networks.

This is the actual networked condition – where the processes and entities that make the networks possible, produce an illusion of seamless communication and interaction, while performing and extraordinary amount of information and for you.

This blindness to our own ‘networkedness’ has crucial ramifications for our online activities because it makes us oblivious to questions of privacy, control, safety and trust. We have privacy settings to protect us from human entities on Facebook. There is very little concern about the non-human entities who store, distribute and use the data that we produce. If we don’t even know what these watchers are, how do we protect ourselves from being watched? What happens when between you and your ‘friend’, is a series of silent interceptors who are recording and using your data without your knowledge?

Being in a network is like being in a glass-house. We cannot see the walls and hence, we presume that we need our privacy from the other inhabitants of the same house. However, in that, we forget that the walls are watching, and that there are invisible watchers beyond the walls, who are in control.

It is time to make our networks visible again. It is time to realise that what we really need to be afraid of, on social networking systems, is the social network itself, and not the mythical stranger who wants to stalk us or that unwanted friend you want to exclude from your information sharing.

Privacy and safety are not merely compromised at the interface, where information might leak and travel into zones outside of your knowledge and control. The real questions of being safe are actually in the protocols and designs of the network itself.

We need to start looking at larger invasive policies exercises by the different invisible actors like the ISP, ICT ministries, corporate policies, design choices and architecture of interception that sustain the networks we so gladly embrace.

Nishant Shah is Director-Research at the Bangalore based Centre for Internet and Society and recently edited a 4 volume book on youth, technology and change, titled ‘Digital AlterNatives with a Cause?’

Read this in FirstPost

For more details visit https://cis-india.org/internet-governance/facebook-stalker-is-not-real-problem