We are anonymous, we are legion

April 2012 Bulletin

praskrishna — 2012-07-07T06:26:40Z

In this issue of our newsletter, we bring you updates of our latest research, event reports, videos, news and media coverage during the month of April 2012:

Internet Governance

The Internet Governance programme conducts research around the various social, technical, and political underpinnings of global and national Internet governance, and includes online privacy, freedom of speech, and Internet governance mechanisms and processes:

Google Policy Fellowship

Intermediary Liability in India: Chilling Effects on Free Expression on the Internet
Rishabh Dara, Google Policy Fellow
CIS in partnership with Google India conducted the Google Policy Fellowship 2011. This was offered for the first time in Asia Pacific as well as in India. Rishabh Dara was selected as a fellow. He researched upon issues relating to freedom of expression. The results of the paper demonstrate that the ‘Information Technology (Intermediaries Guidelines) Rules 2011’ notified by the Government of India on April 11, 2011 have a chilling effect on free expression.

Announcement

The Centre for Internet & Society Joins the Global Network Initiative
CIS officially joined the Global Network Initiative. CIS would bring to GNI in-depth expertise on global internet governance as well as online freedom of expression and privacy in India. GNI Executive Director Susan Morgan said “We are delighted to add our first member based in India and welcome CIS’s engagement in support of transparency and accountability in technology.”

Op-ed in the Hindu

Chilling Effects and Frozen Words (Lawrence Liang, Hindu, April 30, 2012): “What if the real danger is not that we lose our freedom of speech and expression but our sense of humour as a nation?...One hopes that our lawmakers, even if they are averse to reading the Indian Constitution, will be slightly more open to the poetic licence granted by Kautilya.”

Columns in the Indian Express

The Idea of the Book (Nishant Shah, Indian Express, April 8, 2012): “Its future lies in a trans-media format that is ever evolving... The form of the book is going to change as it has over the last 500 years. However, the idea of the book — a receptacle that contains and records collective wisdom, information, ideas, knowledge, experiences and imagination of humankind – is here to stay.”
India's Broken Internet Laws Need a Shot of Multi-stakeholderism by Pranesh Prakash. (An edited version of this article was published in the Indian Express as "Practise what you preach" on Thursday, April 26, 2012.)

Event Reports

The All India Privacy Symposium (India International Centre, New Delhi, February 4, 2012): The symposium was organised around five thematic panel discussions: privacy and transparency, privacy and e-governance initiatives, privacy and national security, privacy and banking and health privacy. Privacy India in partnership with CIS, International Development Research Centre, Privacy International, Commonwealth Human Rights Initiative and Society in Action Group organised this event.
The High Level Privacy Conclave (Paharpur Business Centre, Nehru Place Greens, New Delhi, February 3, 2012): The conclave was organised around two panels: national Security and privacy and internet and privacy. Malavika Jayaram moderated the first panel discussion on national Security and privacy. Sunil Abraham moderated the second panel discussion on internet and privacy. Privacy India in partnership with CIS, International Development Research Centre, Privacy International, Commonwealth Human Rights Initiative and Society in Action Group organised this event.

Events Organised

Resisting Internet Censorship: Strategies for Furthering Freedom of Expression in India (Bangalore International Centre, TERI Complex, Domlur, April 21, 2012): CIS co-organised this event with the Foundation for Media Professionals. Members of Parliament, P. Rajeeve and Rajeev Chandrashekar and Member of Legislative Council, Karnataka, V.R. Sudarshan participated in the event.
Konkan Corridor Project — A Lecture by Vasant Gangavane (Ashoka Innovators for the Public, Bangalore, April 16, 2012): Well known social worker Vasant Gangavane gave a lecture.
Braitenberg Cybernetic Vehicles: Workshop, Film Screening & Discussion (Metaculture Media Lab, CIS, Bangalore, April 14, 2012): There was a short presentation about Braitenberg vehicles.

Events Participated

GIGA International Conference Series - 1 (NALSAR University of Law, Justice City Campus, Shameerpet, Hyderabad, April 5 and 6, 2012): The Institute of Global Internet Governance and Advocacy and Department of Electronics and Information Technology organised the conference. Sunil Abraham gave a lecture on Digital Natives vs. Digital Naivety in the session on Internet Governance & Society.
Expert-Group on Privacy Issues (New Delhi, April 13 and 14, 2012): The Planning Commission constituted this expert group under the chairmanship of Justice AP Shah. Sunil Abraham participated in the first meeting of the sub-group on privacy issues.

Video

Privacy International's Trip to Asia (by Emma Draper in Privacy International blog): In February 2012, the Privacy International team travelled to India, Bangladesh and Hong Kong to meet with local partners in the region and speak at four conferences they had organized. The team got a chance to interview its partners in India and Bangladesh on the privacy issues facing them at the moment. This is captured in a video about contemporary privacy issues in India and Bangladesh.

Media Coverage

It’s mainstream vs social (Guest column by Mahima Kaul, Sunday Guardian, April 30, 2012): “If the video is judged to be 'obscene', then under s.67 of the Information Technology Act, 'causing [obscenity] to be transmitted', is also a crime,”...Sunil Abraham quoted in the Sunday Guardian.
From Cyber India to Censor India: Groups challenge didactic govt (by Satarupa Paul, Sunday Guardian, April 29, 2012): “Instead of a court deciding what makes content illegal, private intermediaries get to decide. And there is no penalty for anyone abusing the take-down notice system,”...Sunil Abraham quoted in the Sunday Guardian.
Social Media 1, Indian Government 0 (by Heather Timmons, New York Times, April 26, 2012): “Because India does not have a bilateral cyber-crime agreement with the United States (as the European Union does), getting American companies like Facebook and Google to take down or investigate the source of content that offends Indian government officials can be a slow and cumbersome process,”...Sunil Abraham quoted in the New York Times.
Private sector censors (by Salil Tripathi, LiveMint, April 25, 2012): “Companies which have no interest in free speech are now taking these decisions. They have the power to do so and they are using it without any sense of responsibility,”...Sunil Abraham quoted in LiveMint.
Views | Why the Left may for once be right (by Pramit Bhattacharya, LiveMint, April 23, 2012): “It has become much easier in India to ban an e-book than a book,”...Pranesh Prakash quoted in LiveMint.
Campaign against curbs on websites gathers steam (by Arpan Daniel Varghese, IBN Live, April 23, 2012): “If a company wants to target your organization’s social media network, they can keep sending fraudulent emails to you and you will have to keep deleting it unless you are ready to face litigation or government action...Sunil Abraham quoted in IBN Live.
Expect anti-net censorship echo in house (by Arpan Daniel Varghese, IBN Live, April 25, 2012): “why should freedom of speech and expression be any different on the Internet?”...Sunil Abraham quoted in IBN Live.
Mobilising support for freedom on the Web (by Deepa Kurup Hindu, April 22, 2012): Rishabh Dara’s research published as part of the Google Policy Fellowship is quoted.
MPs to be taught ‘draconian’ IT Act Rules as India.net support galvanises for annul motion (by Prachi Shrivastava, Legally India, April 23, 2012): Prachi has blogged about the Resisting Internet Censorship co-organised by CIS and the Foundation for Media Professionals in Bangalore.
India arrests professor over political cartoon (by Rama Lakshmi, Washington Post, April 13, 2012): “The state’s new-found aversion to non-believers has gone a bit too far,”...Pranesh Prakash quoted in Washington Post.
A beauty’s blog creates furore (by Lakshmi Krupa, Deccan Chronicle, April 10, 2012).

Digital Natives

Digital Natives with a Cause? is a research inquiry that looks at the changing landscape of social change and political participation and the role that young people play through digital and Internet technologies, in emerging information societies. Consolidating knowledge from Asia, Africa and Latin America, it builds a global network of knowledge partners who critically engage with discourse on youth, technology and social change, and look at alternative practices and ideas in the Global South:

Public Lecture

5 Challenges for the Future of Learning: Digital Natives and How We Shall Teach Them (Wyndham Parc 55 Hotel, San Francisco, California, March 1, 2012): Nishant Shah gave a ignite talk. The video is now online.

Book Review...a few excerpts

Immigrants not Natives: “‘To Be’, ‘To Think’, ‘To Act’ and ‘To Connect’ provides many fascinating and thought-provoking insights into the possibilities for reflection, action and interaction,”... Sally Wyatt, eHumanities Group, Royal Netherlands Academy of Arts & Sciences/Maastricht University.

Accessibility

India has an estimated 70 million disabled persons who are unable to read printed materials due to some form of physical, sensory, cognitive or other disability. The disabled need accessible content, devices and interfaces facilitated via copyright law and electronic accessibility policies:

Event Report

ITU Tutorial on Audiovisual Media Accessibility (India International Centre, New Delhi, March 14 – 15, 2012): CIS in cooperation with the ITU-APT Foundation of India organised a two-day tutorial on Audio-Visual Media Accessibility. Sunil Abraham was the Master of Ceremony on Day 1. Ravi Shanker, Administrator, Universal Service Obligation Fund, Dr. Govind, CEO, National Internet Exchange of India, Swaran Lata, Director and Head of Department, TDIL Programme, DIT, R.N. Jha, Deputy Director General (International Relations), Department of Telecommunications and Archana Gulati, Financial Advisor, National Disaster Management Authority participated in this event.

New Fellow at CIS

Rahul Cherian joins CIS: Disability policy activist, lawyer and co-founder of Inclusive Planet, Rahul Cherian has joined CIS as a Fellow. Rahul will be working on disability policy reform and advocacy.

Access to Knowledge

The Access to Knowledge programme addresses the harms caused to consumers, developing countries, human rights, and creativity/innovation from excessive regimes of copyright, patents, and other such monopolistic rights over knowledge:

New Event

2012 Global Congress on Intellectual Property and the Public Interest (FGV Law School, Rio De Janeiro, Brazil, December 15 – 17, 2012): We are pleased to announce the Second Global Congress on Intellectual Property and the Public Interest. The theme for this year’s Congress will be “Setting the positive agenda in motion,” and will have a special focus on developments and opportunities in the so-called “BRICS” group of emerging economies. CIS is one of the six members of the Global Congress Planning Committee..

News & Media Coverage

Hacking, Modding & Making (by Brendan Shanahan): “If something has been made technologically possible, we cannot make it illegal and hope that everyone will now pretend that this is no longer technologically possible...We can't have the government checking everyone's iPod and laptop. The better move is to change the model,”...Sunil Abraham quoted in GQ.

Openness

The 'Openness' programme critically examines alternatives to existing regimes of intellectual property rights, and transparency and accountability. Under this programme, we study Open Government Data, Open Access to Scholarly Literature, Open Access to Law, Open Content, Open Standards, and Free/Libre/Open Source Software:

Event Reports and Video

Arduino Workshop at CIS (CIS, Bangalore, March 3, 2012). Video is now online.
Hejje — Together with Kannada & Technology (Bangalore, January 22, 2012): The event marked the first step to bring everyone working in Kannada in the IT field to brainstorm the ideas for future steps, and create a space for technological collaboration in Kannada. CIS co-organised the event with Sanchaya.net, Vishwakannada.com and Chanda Pustaka.

Events Organised

Bangalore Meet-up for the Open Government Partnership Brasilia (CIS, Bangalore, April 17, 2012): Ananya Panda and Pranesh Prakash participated in the first annual meeting of Open Government Partnership remotely.
Design!PubliC – Event in Delhi (New Delhi, April 19 and 20, 2012): The event was co-organised by Centre for Knowledge Societies in partnership with IBM, Bill & Melinda Gates Foundation, Google, HeadStart, India@75, LiveMint and CIS.
International Space Apps Challenge (CIS, Bangalore, April 21 and 22, 2012): An international codeathon-style event took place in seven continents, CIS organised the event in Bangalore.

Telecom

While the potential for growth and returns exist for telecommunications in India, a range of issues need to be addressed. One aspect is more extensive rural coverage and the other is a countrywide access to broadband which is low. Both require effective and efficient use of networks and resources, including spectrum:

Column in Business Standard

China 3: Build Comprehensive Ecosystems (Shyam Ponappa, Business Standard, April 5, 2012): “Failures in electricity, transport and broadband have common strands. China's approach offers a possible alternative.”

About CIS

CIS was registered as a society in Bangalore in 2008. As an independent, non-profit research organisation, it runs different policy research programmes such as Accessibility, Access to Knowledge, Openness, Internet Governance, and Telecom. Over the last four years our policy research programmes have resulted in outputs such as the e-Accessibility Policy Handbook for Persons with Disabilities with International Telecommunications Union, and Digital Alternatives with a Cause?, Thinkathon Position Papers and the Digital Natives with a Cause? Report with Hivos. With foreign governments we worked on National Enterprise Architecture and Government Interoperability Framework for Govt. of Iraq; Open Standards Policy for Govt. of Moldova; Free and Open Software Centre of Excellence project plan for Saudi Arabia; eGovernance Strategy Document for Govt. of Tajikistan. With the Government of India we have done policy research for Ministry of Communications & Information Technology, Ministry of Human Resource Development, Ministry of Personnel, Public Grievances and Pensions, Ministry of Social Justice and Empowerment, etc., on WIPO Treaties, Copyright Bill, Interoperability Framework in eGovernance, Privacy Bill, NIA Bill, National Policy on Electronics and IT Act.

CIS is an accredited NGO at WIPO and has given policy briefs to delegations from various countries, our Programme Manager, Nirmita Narasimhan won the National Award for Empowerment of Persons with Disabilities from the Government of India and also received the NIVH Excellence Award.

Follow us elsewhere

Get short, timely messages from us on Twitter
Join the CIS group on Facebook
Visit us at www.cis-india.org

CIS is grateful to Kusuma Trust which was founded by Anurag Dikshit and Soma Pujari, philanthropists of Indian origin, for its core funding and support for most of its projects.

For more details visit https://cis-india.org/about/newsletters/april-2012-bulletin

April 2011 Bulletin

praskrishna — 2012-07-30T10:45:01Z

Greetings from the Centre for Internet and Society! In this issue we are pleased to present you the latest updates about our research, upcoming events, and news and media coverage:

Researchers@Work

RAW is a multidisciplinary research initiative. CIS believes that in order to understand the contemporary concerns in the field of Internet and society, it is necessary to produce local and contextual accounts of the interaction between the Internet and socio-cultural and geo-political structures. To build original research knowledge base, the RAW programme has been collaborating with different organisations and individuals to focus on its three year thematic of Histories of the Internets in India.

Workshops organised in Bangalore

Shadow Search Project (SSP) [CIS, April 18, 2011]
Facebook Resistance [CIS, April 2, 2011]

Digital Natives with a Cause?

Digital Natives with a Cause? is a knowledge programme initiated by CIS and Hivos, Netherlands. It is a research inquiry that seeks to look at the changing landscape of social change and political participation and the role that young people play through digital and Internet technologies, in emerging information societies. Consolidating knowledge from Asia, Africa and Latin America, it builds a global network of knowledge partners who want to critically engage with the dominant discourse on youth, technology and social change, in order to look at the alternative practices and ideas in the Global South. It also aims at building new ecologies that amplify and augment the interventions and actions of the digitally young as they shape our futures.

Columns on Digital Natives

A fortnightly column on ‘Digital Natives’ authored by Nishant Shah is featured in the Sunday Eye, the national edition of Indian Express, Delhi, from 19 September 2010 onwards. The following were published in the month of April:

Who the Hack? [Indian Express, April 24, 2011]
One for the avatar [Indian Express, April 3, 2011]

Digital Natives Newsletter

Links in the Chain is a bi-monthly publication which highlights the projects, ideas and news of the Digital Natives with a Cause? The first issue of volume IV is here:

links in the chain volume 4 Best Practices

New Blog Entry by Samuel Tettner

Samuel Tettner is a Digital Natives Coordinator in CIS. He has written the following blog entry:

Cyber Fears: What scares Digital Natives and those around them

Accessibility

Estimates of the percentage of the world's population that is disabled vary considerably. But what is certain is that if we count functional disability, then a large proportion of the world's population is disabled in one way or another. At CIS we work to ensure that the digital technologies, which empower disabled people and provide them with independence, are allowed to do so in practice and by the law. To this end, we support web accessibility guidelines, and change in copyright laws that currently disempower the persons with disabilities.

Workshop organised in Hyderabad

Web Sites Accessibility Evaluation Methodologies: Conference Report

Openness

CIS believes that innovation and creativity should be fostered through openness and collaboration and is committed towards promotion of open standards, open access, and free/libre/open source software. Its latest endeavour has resulted into these:

Submission

Comments on Draft National Policy on ICT in School Education

New Blog Entry

Towards Open and Equitable Access to Research and Knowledge for Development [PLoS, March 29, 2011]

Internet Governance

Although there may not be one centralized authority that rules the Internet, the Internet does not just run by its own volition: for it to operate in a stable and reliable manner, there needs to be in place infrastructure, a functional domain name system, ways to curtail cyber crime across borders, etc. The Tunis Agenda of the second World Summit on the Information Society (WSIS), paragraph 34 defined Internet governance as “the development and application by governments, the private sector and civil society, in their respective roles, of shared principles, norms, rules, decision-making procedures, and programmes that shape the evolution and use of the Internet.” Its latest endeavour has resulted into these:

CIS is doing a project, ‘Privacy in Asia’. It is funded by Privacy International (PI), UK and the International Development Research Centre, Canada and is being administered in collaboration with the Society and Action Group, Gurgaon. The two-year project commenced on 24 March 2010 and will be completed as agreed to by the stakeholders. It was set up with the objective of raising awareness, sparking civil action and promoting democratic dialogue around challenges and violations of privacy in India. In furtherance of these goals it aims to draft and promote over-arching privacy legislation in India by drawing upon legal and academic resources and consultations with the public.

Featured Research

Interview

An Interview with Activist Shubha Chacko: Privacy and Sex workers

Workshops organized in Ahmedabad and Bangalore

'Privacy Matters', Ahmedabad: Conference Report [Ahmedabad Management Association, Ahmedabad, March 26, 2011]
Privacy, By Design [CIS, April 16, 2011]

New Blog Entries

Telecom

The growth in telecommunications in India has been impressive. While the potential for growth and returns exist, a range of issues need to be addressed for this potential to be realized. One aspect is more extensive rural coverage and the second aspect is a countrywide access to broadband which is low at about eight million subscriptions. Both require effective and efficient use of networks and resources, including spectrum. It is imperative to resolve these issues in the common interest of users and service providers. CIS campaigns to facilitate this:

Column

Shyam Ponappa is a Distinguished Fellow at CIS. He writes regularly on Telecom issues in the Business Standard and these articles are mirrored on the CIS website as well.

Learning from Fukushima [published in the Business Standard on April 7, 2011]

News & Media Coverage

The Gary Chapman International School on Digital Transformation[International School on Digital Transformation, July 17-22, 2011]
Iraqi delegation in Bangalore to study e-governance projects [Economic Times, April 20, 2011]
Dark waders [Time Out Bengaluru, Vol. 3, Issue 20, April 15 - 28, 2011]
Beyond Clicktivism [Outlook, April 18, 2011]
Gone in a flash [Times of India, April 16, 2011]
How Web 2.0 responded to Hazare [Hindu, April 11, 2011]
EU Commissioner Hedegaard to deliver keynote address at consumer world congress
Net cracker [Time Out Bengaluru Vol. 3 Issue 19, April 1 - 14, 2011]
On the Path to Global Open Access: A Few More Miles to Go [PLoS, March 2011, Volume 8, Issue 3]

Follow us elsewhere

Get short, timely messages from us on Twitter
Follow CIS on identi.ca
Join the CIS group on Facebook
Visit us at www.cis-india.org

CIS is grateful to Kusuma Trust which was founded by Anurag Dikshit and Soma Pujari, philanthropists of Indian origin, for its core funding and support for most of its projects.

For more details visit https://cis-india.org/about/newsletters/april-2011-bulletin

April 2010 Bulletin

praskrishna — 2012-08-13T04:51:19Z

Greetings from the Centre for Internet and Society! We bring you updates of our research, events and news for the month of April 2010.

News Updates

Worries voiced over ID Project
The Government of India's Unique Identification (UID) Project came under flak at a workshop organised jointly by the Citizen Action Forum (CAF), the People's Union of Civil Liberties - Karnataka, the Alternative Law Forum and the Centre for Internet and Society - An article in The Hindu - 17th April.
http://cis-india.org/news/worries-voiced-over-id-project

UID: A debate on the Fundamental Rights
UID: A debate on the Fundamental Rights - was jointly organized by the Citizen Action Forum, People's Union for Civil Liberties - Karnataka, Alternative Law Forum and the Centre for Internet and Society on April 16th at IAT, Queens Road, Bangalore - An article in the Prajavani news paper - April 17th.
http://cis-india.org/news/uid-a-debate-on-fundamental-rights

UID is an invasion of Privacy: Experts
The Nandan Nilekani headed Unique Identification Authority of India (UIDAI) came in for much criricism at the first of a series of debates on the issue organised in the city on Friday - Deccan Chronicle, April 17th.
http://cis-india.org/news/uid-is-an-invasion-of-privacy-experts

Experts debate on UID and rights
Bangalore, Apr 16, DHNS: A debate on ‘UID and Fundamental Rights’ organised by several city-based organisations, discussed the social, ethical issues, economic and legal issues that accompanies the UID.
http://cis-india.org/news/experts-debate-on-uid-and-rights

Amendment to Copyright Act opposed
A report on the press conference held on 15th April, at the Press Club, Bangalore: The Hindu
http://cis-india.org/news/amendment-to-copyright-act-opposed

They fight for the visually challenged
Times News Network - A report on the press conference held at the Press Club, Bangalore on 15th April, 2010.
http://cis-india.org/news/they-fight-for-the-visually-challenged

Digital Natives Research Project Coordinator
The Centre for Internet and Society, Bangalore, in collaboration with Hivos Netherlands, is looking for a Research Project Coordinator to help develop a knowledge network and coordinate international workshops for the project "Digital Natives with a Cause?"
http://cis-india.org/news/research-coordinator

Expel or not? That is the question
The decision of an international school to expel 14 students for their alleged ‘promiscuous’ behaviour has led to much debate and discussion.
http://cis-india.org/news/expel-or-not

Nokia eyes GeNext to tap mobile email mkt
Finnish handset giant banks on youth to be in the technology race
http://cis-india.org/news/nokia-eyes-genNext

Research

Critical Point of View: Videos
The Second event for the Critical Point of View reader on Wikipedia was held in Amsterdam, by the Institute of Network Cultures and the Centre for Internet and Society. A wide range of scholars, academics, researchers, practitioners, artists and users came together to discuss questions on design, analytics, access, education, theory, art, history and processes of knowledge production. The videos for the full event are now available for free viewing and dissemination.

Colour Me Political
What are the tools that Digital Natives use to mobilise groups towards a particular cause? How do they engage with crises in their immediate environments? Are they using their popular social networking sites and web 2.0 applications for merely entertainment? Or are these tools actually helping them to re-articulate the realm of the political? Nishant Shah looks at the recent Facebook Colour Meme to see how new forms of political participation and engagement are being initiated by young people across the world.
http://cis-india.org/research/dn/dn2

Meet the Web 2.0 Suicide Machine
Digital Natives live their lives differently. But sometimes, they also die their lives differently! What happens when we die online? Can the digital avatar die? What is digital life? The Web 2.0 Suicide machine that has now popularly been called the 'anti-social-networking' application brings some of these questions to the fore. As a part of the Hivos-CIS "Digital Natives with a Cause?" research programme, Nishant Shah writes about how Life on the Screen is much more than just a series of games.
http://cis-india.org/research/dn/dn1

Digital Natives with a Cause?
Digital Natives With A Cause? - a product of the Hivos-CIS collaboration charts the scholarship and practice of youth and technology with a specific attention for developing countries to create a framework that consolidates existing paradigms and informs further research and intervention within diverse contexts and cultures.
http://cis-india.org/research/dn/dnrep

Advocacy

Accessibility

e-Accessibility: A Wiki Project
Envisaged and funded by the National Internet Exchange of India, and executed by the Centre for Internet and Society, a Wiki site pertaining to issues of disability and e-accessibility has recently been launched.
http://cis-india.org/advocacy/accessibility/blog/e-accessibility-a-wiki-project

Copyright Law as a tool for Inclusion
Can Copyright Law be used as a tool for Inclusion? Rahul Cherian examines this in his blog on copyright.
http://cis-india.org/advocacy/accessibility/blog/copyright-law-as-tool-for-inclusion

Web Accessibility as a Government Mandate?
Is Web accessibility just a Government Mandate? Should private sites be ignored? Wesolowski examines this in light of the steps taken by ictQATAR to make its website accessible to W3C standards, and hopes that Qatar and eventually all other Arab nations will follow suit and make Web accessibility much more of a mandate.
http://cis-india.org/advocacy/accessibility/blog/web-accessibility-government-mandate

Intellectual Property

When Copyright Goes Bad
A part of the Access to Knowledge Project, this short film by Consumers International is available on DVD and online at A2Knetwork.org/film.
http://cis-india.org/advocacy/ipr/blog/when-copyright-goes-bad

Openness

Research Project on Open Video in India
Open Video Alliance and the Centre for Internet and Society are calling for researchers for a project on open video in India, its potentials, limitations, and recommendations on policy interventions.
http://cis-india.org/advocacy/openness/blog/open-video-research

Does the Social Web need a Googopoly?
While the utility of the new social tool Buzz is still under question, the bold move into social space taken last week by the Google Buzz team has Gmail users questioning privacy implications of the new feature. In this post, I posit that Buzz highlights two privacy challenges of the social web. First, the application has sidestepped the consensual and contextual qualities desirable of social spaces. Secondly, Google’s move highlights the increasingly competitive and convergent nature of the social media landscape.
http://cis-india.org/advocacy/openness/blog/does-the-social-web-need-a-googopoly

The (in)Visible Subject: Power, Privacy and Social Networking
In this entry, I will argue that the interplay between privacy and power on social network sites works ultimately to subject individuals to the gaze of others, or to alternatively render them invisible. Individual choices concerning privacy preferences must, therefore, be informed by the intrinsic relationship which exists between publicness/privateness and subjectivity/obscurity.
http://cis-india.org/advocacy/openness/blog/the-in-visible-subject-power-privacy-and-social-networking

Internet Governance

Does the Safe-Harbor Program Adequately Address Third Parties Online?
While many citizens outside of the US and EU benefit from the data privacy provisions the Safe Harbor Program, it remains unclear how successfully the program can govern privacy practices when third-parties continue to gain more rights over personal data. Using Facebook as a site of analysis, I will attempt to shed light on the deficiencies of the framework for addressing the complexity of data flows in the online ecosystem.
http://cis-india.org/advocacy/igov/blog/does-the-safe-harbor-program-adequately-address-third-parties-online

Sense and censorship
Sunil Abraham examines Google's crusade against censorship in China in wake of the attacks on its servers in this article published in the Indian Express.
http://cis-india.org/advocacy/igov/blog/sense-and-censorship

Report on the Fourth Internet Governance Forum for Commonwealth IGF
This report by Pranesh Prakash reflects on the question of how useful is the IGF in the light of meetings on the themes of intellectual property, freedom of speech and privacy.
http://cis-india.org/advocacy/igov/blog/report-on-fourth-IGF

Telecom

The Right Ring Tone
Focus on improving service quality with a strong partner, and not on one-shot stake sales, says Shyam Ponappa in his article published in the Business Standard on April 1, 2010.
http://cis-india.org/advocacy/telecom/blog/ring-tone

Other Advocacy

Maps for Making Change Wiki Now Open to the Public
Since December 2009, CIS has been coordinating and nurturing the Maps for Making Change project, organised in collaboration with Tactical Tech. During the past four months, participants have been on a challenging yet fertile and inspiring journey that is now slowly coming to an end. Would you like to know more about what has happened in the time that has passed? The Maps for Making Change wiki is a good place to start.
http://cis-india.org/advocacy/others/maps-for-making-change-wiki-now-open-to-the-public

For more details visit https://cis-india.org/about/newsletters/april-2010-bulletin

Apps can give personal information to strangers

praskrishna — 2016-08-08T01:22:20Z

We love our apps. A study done last year, found that app usage in India has grown 131 per cent. But apps are notorious for accessing personal data and we’re obligingly careless with our privacy. Inadvertently, users give away third-parties access to their phone calls and right to operate cameras on their mobiles.

The article by Mebin John was published in the New Indian Express on August 8, 2016. Sunil Abraham was quoted.

Therefore, they can listen in to conversations and click photos as and when it pleases them.

“The detailed privacy policy of most of these apps run into pages and people rarely read through them,” says Sunil Abraham, Executive Director of The Centre for Internet and Society. “The policy is also loaded with tech jargon, which is lost on the general public.”

A study, done in June this year by Norton, reveals that one in two Indians have permitted access to their contacts and mobile data in exchange for free applications. Forty per cent have allowed access to their camera and browsing history, and 50 per cent given permission to send promotional text/emails.

A mobile application developer in Bengaluru, who wishes to remain anonymous, says, “App developers collect personal information of individuals and make a massive database. They then sell this data base to marketing agencies.” A database of 5 crore people pays `5,000 and this is sold over and over again.

Many application developers claim that they make large databases with the help of applications. “I have a database with email IDs of 2.5 lakh people,” says another app developer of the data he mined from one app.

Chief Technology Officer at T.I.G.E.R Innovations and Publicize Bengaluru, Geo Joy, says: “It is true that we can track an individual’s personal conversations and activities using mobile applications. I’ve heard that many applications scoop details from phone conversations for marketing purposes.”

“If you are not paying for anything, then you are the product,” Abraham puts it succinctly.

According to him, with access to your conversations or GPS, a third party could monitor your activities. It can get more specifid: with data from GPS, accelerometer and gyroscope, a developer can read your driving pattern.

Laws here are easy on developers too. Elonnai Hickok, a researcher from CIS, says, “Apart from Section 43A of the Information Technology Act, we don't have any strict laws or enforcement agencies to monitor these applications that breach the privacy of an individual.”

In India, since we don’t have a statutory body to monitor applications and their privacy violations, experts suggest individuals exercise caution.

CTO Joy suggests upgrading your operating systems. “Latest versions of all operating systems will warn you when an external medium tries to track your information,” he says. “So people who use the older versions should switch to the latest one or upgrade the software.

CE picks five permissions and how they could be misused.

For more details visit https://cis-india.org/internet-governance/news/apps-can-give-personal-information-to-strangers

Any failure to resolve the Kashmir problem could lead the South Asia to a nuclear disaster

Admin — 2019-03-03T06:17:23Z

World Kashmir Awareness (WKA) Board in its meeting on February 23, 2019 regrets the death of 45 Indian soldiers recently killed at Pulwama, Kashmir.

The blog post was published in Kashmir Watch on February 25, 2019. Pranesh Prakash was quoted.

Further, WKA is saddened by the fast deteriorating human rights situation, particularly in the valley and Jammu. It calls up on Mr. Narendra Modi, the prime minister of India to address the human rights situation earnestly. We cannot escape the brazen disregard for the fundamental rights of Kashmiris shown by Prime Minister Modi and his most inhumane draconian apparatus in Kashmir. It is time that India joins the community of civilized nations and allows the people of Jammu and Kashmir to exercise the right of self –determination as agreed upon by both India and Pakistan, endorsed and accepted by the United Nations Security Council.

The gross human rights violations are documented by various international and impartial human rights agencies. A brief illustration of those violations are given below.

The crisis is so severe that the United Nations High Commissioner on Human Rights, for the first time in June 2018, released a report detailing atrocities committed [by the Indian occupation (uniformed) forces] in Kashmir. The report alludes to the special powers granted to the Indian occupation (security) forces allowing them total impunity. “No armed forces personnel have faced prosecution since the powers went into effect 28 years ago, and the authorities have made little effort to investigate various allegations, including reports of mass graves”, the report said. It criticized the Indian occupation forces, in particular, “for inflicting mass civilian casualties in response to escalating protests” and called for an “international investigation into these gross abuses”. The conflict “has robbed millions of their basic human rights and continues to this day to inflict untold suffering,” said the United Nations Human Rights Commissioner, while presenting the report.

Prior to this report, an Indian author Gautam Navlakha in his report “Internal War and Civil Rights: Disappearances in Jammu and Kashmir” in the Economic and Political Weekly, says that “The recent Amnesty International report examines the phenomenon of disappearances in Jammu and Kashmir. While some of the ‘missing’ may have crossed the border, by far the larger number have fallen victim to state terrorism – arrest, detention, torture and death at the hands of the security forces. Courts cannot provide much relief as court orders are ignored by bureaucrats and armed forces”.

In an interview published on August 28 2016, the South Asia Director of Human Rights Watch, Meenakshi Ganguly, while calling for the repeal of the Armed Forces Special Powers Act (AFSPA) and other draconian laws that provide Indian military and para-military immunity from prosecution, said the way “to persuade people to believe in rule of law is for the state to set an example by first and foremost, holding itself accountable.”

The interview was conducted at a time when 70 civilians had been killed, over 500 youth blinded by pellets in one or both eyes and over 5000 civilians injured by Indian rogue army in just 50 days immediately prior to the interview.

In a most despicable act, the rogue Indian Army does not even hesitate to use civilians in Kashmir as human shield. In its editorial entitled “Cruelty and Cowardice in Kashmir”, New York Times in April, 2017 wrote “Members of India’s armed forces reached a new low in the long history of alleged human rights abuses in the Indian state of Jammu and Kashmir when they beat and then tied a 24-year-old shawl weaver named Farooq Ahmad Dar to the front of a jeep on April 9, using him as a human shield against stone-throwing crowds”.

The New York Times reported that many in India expressed shock and revulsion on this report. Yet “large sections of India’s booming news media — some editors, some columnists — openly celebrated what could well be a violation of the Geneva Conventions”. India’s attorney general defended the use of human shields, praising the officer who made the decision. The army should be applauded, he said. The report went on to say that “A judge on India’s Armed Forces Tribunal, which hears court-martial appeals, tweeted that it was “an innovative idea.” Mr. Ahmad was turned into a war cry on prime-time television and on social media. Such is the status of Indian Democracy!?

During the same period, as Mr. Modi was going around the world projecting the “Greatness of India”, The Washington Post reported banning of 22 social media sites in Indian controlled Kashmir. Pranesh Prakash, policy director for the Indian advocacy group the Center for Internet and Society, called the ban a “blow to freedom of speech” and “legally unprecedented in India.”

And, where is Mr. Modi’s outrage regarding the ‘Dead Eyes’ Epidemic in Kashmir brought on by the use of lead pellets by his “courageous soldiers”, as reported by international press. In less than two months (July-August 2016), New York Times reported that “more than 570 patients have reported to Srinagar’s main government hospital with eyes ruptured by lead pellets, sometimes known as birdshot, fired by [Indian] occupation (security) forces armed with pump-action shotguns…..The patients have mutilated retinas, severed optic nerves, irises seeping out like puddles of ink”. The victim even includes recent victim an 18-month old toddler. “2016 will almost certainly be remembered as the year of dead eyes.”

Commenting on “Kashmir in Crisis”, The Editorial Board of New Times, yet again wrote that a “major cause of the uprising is the resentment among Kashmiri youths who have come of age under an Indian security apparatus that acts against civilians with impunity. Kashmir is subject to India’s Armed Forces Special Powers Act, or AFSPA, which grants the military wide powers to arrest, shoot to kill, occupy or destroy property. The result is a culture of brutal disdain for the local population.”

The Board trusts that the involvement of the international community, particularly the world powers in this matter will bring its influence to bear on both India and Pakistan to initiate a peace process with which the United Nations as well as the accredited leadership of the people of Jammu & Kashmir will be associated so as to ensure that settlement arrived at will be based on the principles of justice.

Lastly, the Board urges the Secretary General of the United Nations to bring this matter to the attention of the Security Council. Whether this could be done successfully depends on the attitudes and policies of the permanent members, but they should be left in no doubt that any failure to resolve the problem could lead the South Asian Subcontinent to a nuclear disaster, with incalculable consequences for the whole world.

For more details visit https://cis-india.org/internet-governance/news/kashmir-watch-february-25-2019-any-failure-to-resolve-the-kashmir-problem-could-lead-the-south-asia-to-a-nuclear-disaster

Anvar v. Basheer and the New (Old) Law of Electronic Evidence

bhairav — 2014-12-04T15:53:01Z

The Supreme Court of India revised the law on electronic evidence. The judgment will have an impact on the manner in which wiretap tapes are brought before a court.

Read the original published by Law and Policy in India on September 25, 2014.

The case

On 18 September 2014, the Supreme Court of India delivered its judgment in the case of Anvar v. P. K. Basheer (Civil Appeal 4226 of 2012) to declare new law in respect of the evidentiary admissibility of the contents of electronic records. In doing so, Justice Kurian Joseph, speaking for a bench that included Chief Justice Rajendra M. Lodha and Justice Rohinton F. Nariman, overruled an earlier Supreme Court judgment in the 1995 case of State (NCT of Delhi) v. Navjot Sandhu alias Afsan Guru(2005) 11 SCC 600, popularly known as the Parliament Attacks case, and re-interpreted the application of sections 63, 65, and 65B of the Indian Evidence Act, 1872 (“Evidence Act”). To appreciate the implications of this judgment, a little background may be required.

The hearsay rule

The Evidence Act was drafted to codify principles of evidence in the common law. Traditionally, a fundamental rule of evidence is that oral evidence may be adduced to prove all facts, except documents, provided always that the oral evidence is direct. Oral evidence that is not direct is challenged by the hearsay rule and, unless it is saved by one of the exceptions to the hearsay rule, is inadmissible. In India, this principle is stated in sections 59 and 60 of the Evidence Act.

The hearsay rule is both fundamental and complex; a proper examination would require a lengthy excursus, but a simple explanation should suffice. In the landmark House of Lords decision in R v. Sharp [1988] 1 All ER 65, Lord Havers – the controversial prosecutor who went on to become the Lord Chancellor – described hearsay as “Any assertion other than one made by a person while giving oral evidence in the proceedings is inadmissible as evidence of any fact or opinion asserted.” This definition was applied by courts across the common law world. Section 114 of the United Kingdom’s (UK) Criminal Justice Act, 2003, which modernised British criminal procedure, uses simpler language: “a statement not made in oral evidence in the proceedings.”

Hearsay evidence is anything said outside a court by a person absent from a trial, but which is offered by a third person during the trial as evidence. The law excludes hearsay evidence because it is difficult or impossible to determine its truth and accuracy, which is usually achieved through cross examination. Since the person who made the statement and the person to whom it was said cannot be cross examined, a third person’s account of it is excluded. There are a few exceptions to this rule which need no explanation here; they may be left to another post.

Hearsay in documents

The hearsay rule is straightforward in relation to oral evidence but a little less so in relation to documents. As mentioned earlier, oral evidence cannot prove the contents of documents. This is because it would disturb the hearsay rule (since the document is absent, the truth or accuracy of the oral evidence cannot be compared to the document). In order to prove the contents of a document, either primary or secondary evidence must be offered.

Primary evidence of the contents of a document is the document itself [section 62 of the Evidence Act]. The process of compelling the production of a document in court is called ‘discovery’. Upon discovery, a document speaks for itself. Secondary evidence of the contents of a document is, amongst other things, certified copies of that document, copies made by mechanical processes that insure accuracy, and oral accounts of the contents by someone who has seen that document. Section 63 of the Evidence Act lists the secondary evidence that may prove the contents of a document.

Secondary evidence of documentary content is an attempt at reconciling the hearsay rule with the difficulties of securing the discovery of documents. There are many situations where the original document simply cannot be produced for a variety of reasons. Section 65 of the Evidence Act lists the situations in which the original document need not be produced; instead, the secondary evidence listed in section 63 can be used to prove its content. These situations arise when the original document (i) is in hostile possession; (ii) has been stipulated to by the prejudiced party; (iii) is lost or destroyed; (iv) cannot be easily moved, i.e. physically brought to the court; (v) is a public document of the state; (vi) can be proved by certified copies when the law narrowly permits; and (vii) is a collection of several documents.

Electronic documents

As documents came to be digitised, the hearsay rule faced several new challenges. While the law had mostly anticipated primary evidence (i.e. the original document itself) and had created special conditions for secondary evidence, increasing digitisation meant that more and more documents were electronically stored. As a result, the adduction of secondary evidence of documents increased. In the Anvar case, the Supreme Court noted that “there is a revolution in the way that evidence is produced before the court”.

In India before 2000, electronically stored information was treated as a document and secondary evidence of these electronic ‘documents’ was adduced through printed reproductions or transcripts, the authenticity of which was certified by a competent signatory. The signatory would identify her signature in court and be open to cross examination. This simple procedure met the conditions of both sections 63 and 65 of the Evidence Act. In this manner, Indian courts simply adapted a law drafted over one century earlier in Victorian England. However, as the pace and proliferation of technology expanded, and as the creation and storage of electronic information grew more complex, the law had to change more substantially.

New provisions for electronic records

To bridge the widening gap between law and technology, Parliament enacted the Information Technology Act, 2000 (“IT Act”) [official pdf here] that, amongst other things, created new definitions of “data”, “electronic record”, and “computer”. According to section 2(1)(t) of the IT Act, an electronic record is “data, record or data generated, image or sound stored, received or sent in an electronic form or micro film or computer generated micro fiche” (sic).

The IT Act amended section 59 of the Evidence Act to exclude electronic records from the probative force of oral evidence in the same manner as it excluded documents. This is the re-application of the documentary hearsay rule to electronic records. But, instead of submitting electronic records to the test of secondary evidence – which, for documents, is contained in sections 63 and 65, it inserted two new evidentiary rules for electronic records in the Evidence Act: section 65A and section 65B.

Section 65A of the Evidence Act creates special law for electronic evidence:

65A. Special provisions as to evidence relating to electronic record. – The contents of electronic records may be proved in accordance with the provisions of section 65B.

Section 65A of the Evidence Act performs the same function for electronic records that section 61 does for documentary evidence: it creates a separate procedure, distinct from the simple procedure for oral evidence, to ensure that the adduction of electronic records obeys the hearsay rule. It also secures other interests, such as the authenticity of the technology and the sanctity of the information retrieval procedure. But section 65A is further distinguished because it is a special law that stands apart from the documentary evidence procedure in sections 63 and 65.

Section 65B of the Evidence Act details this special procedure for adducing electronic records in evidence. Sub-section (2) lists the technological conditions upon which a duplicate copy (including a print-out) of an original electronic record may be used: (i) at the time of the creation of the electronic record, the computer that produced it must have been in regular use; (ii) the kind of information contained in the electronic record must have been regularly and ordinarily fed in to the computer; (iii) the computer was operating properly; and, (iv) the duplicate copy must be a reproduction of the original electronic record.

Sub-section (4) of section 65B of the Evidence Act lists additional non-technical qualifying conditions to establish the authenticity of electronic evidence. This provision requires the production of a certificate by a senior person who was responsible for the computer on which the electronic record was created, or is stored. The certificate must uniquely identify the original electronic record, describe the manner of its creation, describe the device that created it, and certify compliance with the technological conditions of sub-section (2) of section 65B.

Non-use of the special provisions

However, the special law and procedure created by sections 65A and 65B of the Evidence Act for electronic evidence were not used. Disappointingly, the cause of this non-use does not involve the law at all. India’s lower judiciary – the third tier of courts, where trials are undertaken – is vastly inept and technologically unsound. With exceptions, trial judges simply do not know the technology the IT Act comprehends. It is easier to carry on treating electronically stored information as documentary evidence. The reasons for this are systemic in India and, I suspect, endemic to poor developing countries. India’s justice system is decrepit and poorly funded. As long as the judicial system is not modernised, India’s trial judges will remain clueless about electronic evidence and the means of ensuring its authenticity.

By bypassing the special law on electronic records, Indian courts have continued to apply the provisions of sections 63 and 65 of the Evidence Act, which pertain to documents, to electronically stored information. Simply put, the courts have basically ignored sections 65A and 65B of the Evidence Act. Curiously, this state of affairs was blessed by the Supreme Court in Navjot Sandhu (the Parliament Attacks case), which was a particularly high-profile appeal from an emotive terrorism trial. On the question of the defence’s challenge to the authenticity and accuracy of certain call data records (CDRs) that the prosecution relied on, which were purported to be reproductions of the original electronically stored records, a Division Bench of Justice P. Venkatarama Reddi and Justice P. P. Naolekar held:

According to Section 63, secondary evidence means and includes, among other things, “copies made from the original by mechanical processes which in themselves ensure the accuracy of the copy, and copies compared with such copies”. Section 65 enables secondary evidence of the contents of a document to be adduced if the original is of such a nature as not to be easily movable. It is not in dispute that the information contained in the call records is stored in huge servers which cannot be easily moved and produced in the court. That is what the High Court has also observed at para 276. Hence, printouts taken from the computers/servers by mechanical process and certified by a responsible official of the service-providing company can be led into evidence through a witness who can identify the signatures of the certifying officer or otherwise speak to the facts based on his personal knowledge.

Flawed justice and political expediency in wiretap cases

The Supreme Court’s finding in Navjot Sandhu (quoted above) raised uncomfortable questions about the integrity of prosecution evidence, especially in trials related to national security or in high-profile cases of political importance. The state’s investigation of the Parliament Attacks was shoddy with respect to the interception of telephone calls. The Supreme Court’s judgment notes in prs. 148, 153, and 154 that the law and procedure of wiretaps was violated in several ways.

The Evidence Act mandates a special procedure for electronic records precisely because printed copies of such information are vulnerable to manipulation and abuse. This is what the veteran defence counsel, Mr. Shanti Bhushan, pointed out in Navjot Sandhu [see pr. 148] where there were discrepancies in the CDRs led in evidence by the prosecution. Despite these infirmities, which should have disqualified the evidence until the state demonstrated the absence of mala fide conduct, the Supreme Court stepped in to certify the secondary evidence itself, even though it is not competent to do so. The court did not compare the printed CDRs to the original electronic record. Essentially, the court allowed hearsay evidence. This is exactly the sort of situation that section 65B of the Evidence Act intended to avoid by requiring an impartial certificate under sub-section (4) that also speaks to compliance with the technical requirements of sub-section (2).

When the lack of a proper certificate regarding the authenticity and integrity of the evidence was pointed out, this is what the Supreme Court said in pr. 150:

Irrespective of the compliance of the requirements of Section 65B, which is a provision dealing with admissibility of electronic records, there is no bar to adducing secondary evidence under the other provisions of the Evidence Act, namely, Sections 63 and 65. It may be that the certificate containing the details in sub-section (4) of Section 65B is not filed in the instant case, but that does not mean that secondary evidence cannot be given even if the law permits such evidence to be given in the circumstances mentioned in the relevant provisions, namely, Sections 63 and 65.

In the years that followed, printed versions of CDRs were admitted in evidence if they were certified by an officer of the telephone company under sections 63 and 65 of the Evidence Act. The special procedure of section 65B was ignored. This has led to confusion and counter-claims. For instance, the 2011 case of Amar Singh v. Union of India (2011) 7 SCC 69 saw all the parties, including the state and the telephone company, dispute the authenticity of the printed transcripts of the CDRs, as well as the authorisation itself. Currently, in the case of Ratan Tata v. Union of India Writ Petition (Civil) 398 of 2010, a compact disc (CD) containing intercepted telephone calls was introduced in the Supreme Court without following any of the procedure contained in the Evidence Act.

Returning sanity to electronic record evidence, but at a price

In 2007, the United States District Court for Maryland handed down a landmark decision in Lorraine v. Markel American Insurance Company241 FRD 534 (D. Md. 2007) that clarified the rules regarding the discovery of electronically stored information. In American federal courts, the law of evidence is set out in the Federal Rules of Evidence. Lorraine held when electronically stored information is offered as evidence, the following tests need to be affirmed for it to be admissible: (i) is the information relevant; (ii) is it authentic; (iii) is it hearsay; (iv) is it original or, if it is a duplicate, is there admissible secondary evidence to support it; and (v) does its probative value survive the test of unfair prejudice?

In a small way, Anvar does for India what Lorraine did for US federal courts. In Anvar, the Supreme Court unequivocally returned Indian electronic evidence law to the special procedure created under section 65B of the Evidence Act. It did this by applying the maxim generalia specialibus non derogant (“the general does not detract from the specific”), which is a restatement of the principle lex specialis derogat legi generali (“special law repeals general law”). The Supreme Court held that the provisions of sections 65A and 65B of the Evidence Act created special law that overrides the general law of documentary evidence [see pr. 19]:

Proof of electronic record is a special provision introduced by the IT Act amending various provisions under the Evidence Act. The very caption of Section 65Aof the Evidence Act, read with Sections 59 and 65B is sufficient to hold that the special provisions on evidence relating to electronic record shall be governed by the procedure prescribed under Section 65B ofthe Evidence Act. That is a complete code in itself. Being a special law, the general law under Sections 63 and 65 has to yield.

By doing so, it disqualified oral evidence offered to attest secondary documentary evidence [see pr. 17]:

The Evidence Act does not contemplate or permit the proof of an electronic record by oral evidence if requirements under Section 65B of the Evidence Act are not complied with, as the law now stands in India.

The scope for oral evidence is offered later. Once electronic evidence is properly adduced according to section 65B of the Evidence Act, along with the certificate of sub-section (4), the other party may challenge the genuineness of the original electronic record. If the original electronic record is challenged, section 22A of the Evidence Act permits oral evidence as to its genuineness only. Note that section 22A disqualifies oral evidence as to the contents of the electronic record, only the genuineness of the record may be discussed. In this regard, relevant oral evidence as to the genuineness of the record can be offered by the Examiner of Electronic Evidence, an expert witness under section 45A of the Evidence Act who is appointed under section 79A of the IT Act.

While Anvar is welcome for straightening out the messy evidentiary practice regarding electronically stored information that Navjot Sandhuhad endorsed, it will extract a price from transparency and open government. The portion of Navjot Sandhu that was overruled dealt with wiretaps. In India, the wiretap empowerment is contained in section 5(2)of the Indian Telegraph Act, 1885 (“Telegraph Act”). The Telegraph Act is an inherited colonial law. Section 5(2) of the Telegraph Act was almost exactly duplicated thirteen years later by section 26 of the Indian Post Office Act, 1898. When the latter was referred to a Select Committee, P. Ananda Charlu – a prominent lawyer, Indian nationalist leader, and one of the original founders of the Indian National Congress in 1885 – criticised its lack of transparency, saying: “a strong and just government must not shrink from daylight”.

Wiretap leaks have become an important means of discovering governmental abuse of power, corruption, and illegality. For instance, the massive fraud enacted by under-selling 2G spectrum by A. Raja, the former telecom minister, supposedly India’s most expensive corruption scandal, caught the public’s imagination only after taped wiretapped conversations were leaked. Some of these conversations were recorded on to a CD and brought to the Supreme Court’s attention. There is no way that a whistle blower, or a person in possession of electronic evidence, can obtain the certification required by section 65B(4) of the Evidence Act without the state coming to know about it and, presumably, attempting to stop its publication.

Anvar neatly ties up electronic evidence, but it will probably discourage public interest disclosure of inquity.

Video

For more details visit https://cis-india.org/internet-governance/blog/anvar-v-basheer-new-old-law-of-electronic-evidence

Anushka finds support for her anti-litter tirade

Admin — 2018-06-23T01:11:25Z

She is well within her rights to shame the affluent man who threw plastic waste out of his swanky car, many say.

The article by Nina C. George was published in Deccan Herald on June 19, 2018. Swaraj Barooah was quoted.

On Tuesday, movie star Anushka Sharma caught a man throwing out litter from the window his luxury car, and took him to task. In a 17-second-long clip that went viral, she gave a furious dressing down to the man, identified as Arhhan Singh, sitting in a chaffeur-driven sedan.

Arhhan Singh later described her as a “crazy roadside person”. Many started trolling Anushka. Her cricketer-husband Virat Kohli soon jumped in to back her and her cause.

Elli AvrRam

The actor says Anushka was right in shaming Arhhan Singh. “It is everybody’s duty to stop littering,” she says.

Pooja Chopra

The actor says the video is a message loud and clear to all those in chauffeur-driven cars who don’t think twice before littering. “The man who threw out plastic should have apologised. It’s not about Anushka flaunting her celebrity status. I would have also done it had I been in her place," she says.

MK Raghavendra

The well-known film critic feels celebrities have, for once, proved useful. “Anybody who sees people throwing garbage on the street must take exception to it. Throwing garbage is a social nuisance and I think it should be ideally treated as a minor criminal offence."

Rahul Rajashekharan

Actor and Mr. India runner-up says, “She wasn’t rude and was only telling the man not to throw garbage. Educated people throwing garbage on the street is unacceptable.” People in Mumbai have been working towards cleaning their beaches, and movements across the world are campaigning against the use of plastic. She did the right thing by posting the video on social media, he says.

Raghu Dixit

The singer and composer says he has protested against anything that “goes against basic civic sense.” The people he confronts, he says, sometimes apologise, and at other times get defensive. “It’s not about being a celebrity. We should decisively act towards making our country litter-free," he says.

Guru Prasanna, Advocate, HC, Karnataka

It was natural for Anushka to question somebody throwing garbage on the street. The damaging part was perhaps Virat Kohli’s tweet calling Arhhan Singh, the man in the car, “brainless.” Arhhan Singh and his family have taken offence to the public shaming but they don’t really have a legal case against Anushka and Virat. “There is no action here against which a person can claim any sort of injury. If there is a conscious campaign to bring down somebody’s reputation then it could have legal implications."

Swaraj Barooah, senior programme manager, Centre for Internet and Society, Bengaluru

“It may be poor form to shame a private person, as the point about littering could be made as easily without revealing the identity of the person. But it would be incorrect to claim a legitimate expectation of privacy while committing a public act, which is littering, in this case. On the question of whether this is harassment: This is unlikely to be seen as a legal case of harassment, as it is just one act, and not one of many acts. Nor do Virat and Anushka have a history of going about and ‘shaming’ people online.”

For more details visit https://cis-india.org/internet-governance/news/deccan-herald-june-19-2018-anushka-finds-support-her-anti-litter-tirade

Anti-trafficking Bill may lead to censorship

Swaraj Barooah and Gurshabad Grover — 2018-08-02T13:59:16Z

There are a few problematic provisions in the proposed legislation—it may severely impact freedom of expression.

The article was published in Livemint on July 24, 2018.

The legislative business of the monsoon session of Parliament kicked off on 18 July with the introduction of the Trafficking of Persons (Prevention, Protection and Rehabilitation) Bill, 2018, in the Lok Sabha. The intention of the Union government is to “make India a leader among South Asian countries to combat trafficking” through the passage of this Bill. Good intentions aside, there are a few problematic provisions in the proposed legislation, which may severely impact freedom of expression.

For instance, Section 36 of the Bill, which aims to prescribe punishment for the promotion or facilitation of trafficking, proposes a minimum three-year sentence for producing, publishing, broadcasting or distributing any type of material that promotes trafficking or exploitation. An attentive reading of the provision, however, reveals that it has been worded loosely enough to risk criminalizing many unrelated activities as well.

The phrase “any propaganda material that promotes trafficking of person or exploitation of a trafficked person in any manner” has wide amplitude, and many unconnected or even well-intentioned actions can be construed to come within its ambit as the Bill does not define what constitutes “promotion”. For example, in moralistic eyes, any sexual content online could be seen as promoting prurient interests, and thus also promoting trafficking.

Rather than imposing a rigorous standard of actual and direct nexus with the act of trafficking or exploitation, a vaguer standard which includes potentially unprovable causality, including by actors who may be completely unaware of such activity, is imposed. This opens the doors to using this provision for censorship and imposes a chilling effect on any literary or artistic work which may engage with sensitive topics, such as trafficking of women.

In the past, governments have been keen to restrict access to online escort services and pornography. In June 2016, the Union government banned 240 escort sites for obscenity even though it cannot do that under Section 69A or Section 79 of the Information Technology Act, or Section 8 of the Immoral Traffic (Prevention) Act. In July 2015, the government asked internet service providers (ISPs) to block 857 pornography websites sites on grounds of outraging “morality” and “decency”, but later rescinded the order after widespread criticism. If historical record is any indication, Section 36 in this present Bill will legitimize such acts of censorship.

Section 39 proposes an even weaker standard for criminal acts by proposing that any act of publishing or advertising “which may lead to the trafficking of a person shall be punished” (emphasis added) with imprisonment for 5-10 years. In effect, the provision mandates punishment for vaguely defined actions that may not actually be connected to the trafficking of a person at all. This is in stark contrast to most provisions in criminal law, which require mens rea (intention) along with actus reus (guilty act). The excessive scope of this provision is prone to severe abuse, since without any burden of showing a causal connect, it could be argued that anything “may lead” to the trafficking of a person.

Another by-product of passing the proposed legislation would be a dramatic shift in India’s landscape of intermediary liability laws, i.e., rules which determine the liability of platforms such as Facebook and Twitter, and messaging services like Whatsapp and Signal for hosting or distributing unlawful content.

Provisions in the Bill that criminalize the “publication” and “distribution” of content, ignore that unlike the physical world, modern electronic communication requires third-party intermediaries to store and distribute content. This wording can implicate neutral communication pipeways, such as ISPs, online platforms, mobile messengers, which currently cannot even know of the presence of such material unless they surveil all their users. Under the proposed legislation, the fact that human traffickers used Whatsapp to communicate about their activities could be used to hold the messaging service criminally liable.

By proposing such, the Bill is in direct conflict with the internationally recognized Manila Principles on Intermediary Liability, and in dissonance with existing principles of Indian law, flowing from the Information Technology Act, 2000, that identify online platforms as “safe harbours” as long as they act as mere conduits. From the perspective of intermediaries, monitoring content is unfeasible, and sometimes technologically impossible as in the case of Whatsapp, which facilitates end-to-end encrypted messaging. And as a 2011 study by the Centre for Internet & Society showed, platforms are happy to over-comply in favour of censorship to escape liability rather than verify actual violations. The proposed changes will invariably lead to a chilling effect on speech on online platforms.

Considering these problematic provisions, it will be a wise move to send the Bill to a select committee in Parliament wherein the relevant stakeholders can engage with the lawmakers to arrive at a revised Bill, hopefully one which prevents human trafficking without threatening the Constitutional right of free speech.

For more details visit https://cis-india.org/internet-governance/blog/livemint-july-24-2018-swaraj-barooah-and-gurshabad-grover-anti-trafficking-bill-may-lead-to-censorship

Anti-Spam Laws in Different Jurisdictions: A Comparative Analysis

Rakshanda Deka — 2015-07-02T16:21:01Z

This paper is divided into three sections. The first section puts forth a comparative table of the spam laws of five different countries - the United States of America, Australia, Canada, Singapore and the United Kingdom - based on eight distinct parameters- jurisdiction of the legislation, definition of ‘spam’, understanding of consent, labelling requirements, types of senders covered, entities empowered to sue, exceptions made and penalties prescribed. The second section is a brief background of the problem of spam and it attempts to establish the context in which the paper is written. The third section is a critical analysis of the laws covered in the first section. In an effort to spot the various loopholes in these laws and suggest effective alternatives, this section points out the distinctions between the various legislations and discusses briefly their respective advantages and disadvantages.

Note:- This analysis is a part of a larger attempt at formulating a model anti-spam law for India by analyzing the existing spam laws across the world.

	CAN-SPAM Act, 2003	Spam Act, 2003 (Australia)	Spam Control Act, 2007 (Singapore)	Canada's Anti-Spam Legislation, 2014	The Privacy and Electronic Communications (EC Directive) Regulations, 2003 (United Kingdom)
Jurisdiction	National Jurisdiction. The defendant must be either an inhabitant of the United States or have a physical place of business in the US.[1]	National Jurisdiction. Must have an "Australian link" i.e. (a) the message originates in Australia; or (b) the individual or organisation who sent the message, or authorised the sending of the message, is: (i) an individual who is physically present in Australia when the message is sent; or (ii) an organisation whose central management and control is in Australia when the message is sent; or (c) the computer, server or device that is used to access the message is located in Australia; or (d) the relevant electronic account-holder is: (i) an individual who is physically present in Australia when the message is Spam Act, 2003, § 7 Spam Control Act, 2007, § 7(2) Canada's Anti-Spam Legislation, 2014, §accessed; or (ii) an organisation that carries on business or activities in Australia when the message is accessed; or (e) if the message cannot be delivered because the relevant electronic address does not exist-assuming that the electronic address existed, it is reasonably likely that the message would have been accessed using a computer, server or device located in Australia.[2]	National Jurisdiction. Must have a "Singapore link" An electronic message has a Singapore link in the following circumstances: (a) the message originates in Singapore; (b) the sender of the message is - (i) an individual who is physically present in Singapore when the message is sent; or (ii) an entity whose central management and control is in Singapore when the message is sent; © the computer, mobile telephone, server or device that is used to access the message is located in Singapore; the recipient of the message is- (i) an individual who is physically present in Singapore when the message is accessed; or (ii)an entity that carries on business or activities in Singapore when the message is accessed; or (e) if the message cannot be delivered because the relevant electronic address has ceased to exist (assuming that the electronic address existed), it is reasonably likely that the message would have been accessed using a computer, mobile telephone, server or device located in Singapore.[3]	Extends to cases where the mail originates in a foreign state but is accessed in Canada Section 6 of the CASL prohibits the sending of unsolicited CEMs.[4] As per Section 12 of the CASL, A person contravenes section 6 only if a computer system located in Canada is used to send or access the electronic message. CASL applies to CEMs sent from, or accessed in, Canada.[5] So, if a CEM is sent to Canadians from another jurisdiction, CASL will apply. Notably, there is an exception where the person sending the message "reasonably believes" that the message will be accessed in one of a list of prescribed jurisdictions with anti-spam laws thought to be 'substantially similar' to CASL and the message complies with the laws of that jurisdiction.	European Union These regulations can be enforced against a person or a company anywhere in the European Union who violates the regulations.
Definition Of Spam	"unsolicited, commercial, electronic mail"[6], where a commercial electronic mail is "any electronic mail message the primary purpose of which is the commercial advertisement or promotion of a commercial product or service"[7]	"unsolicited commercial electronic messages" where electronic message means a message sent "using an internet carriage service or any other listed carriage service; and to an electronic address in connection with: an e-mail account; or an instant messaging account; or a telephone account; or a similar accounts."[8]	"unsolicited commercial electronic message sent in bulk", where a CEM is unsolicited if the recipient did not- i) request to receive the message; or ii)consent to the receipt of the message;[9] and CEMs shall be deemed to be sent in bulk if a person sends, causes to be sent or authorizes the sending of- a) more than 100 messages containing the same subject matter during a 24-hour period; b) more than 1,000 messages containing the same subject matter during a 30-day period; c) more than 10,000 messages containing the same subject matter during a one-year period.	"unsolicited, commercial, electronic message"[10] where, an "electronic message" means a message sent by any means of telecommunication, including a text, sound, voice or image message.[11]	These rules apply to all unsolicited direct marketing communications by automatic call machines[12], fax[13], calls[14] or e-mail[15]. Where, "direct marketing" is defined as "the communication (by whatever means) of any advertising or marketing material which is directed to particular individuals"[16] The UK used its discretion to include voice-to-voice telephone calls as well.
Consent Requirement	Opt-out	Opt-in	Opt-out	Opt-in	Opt-in
Consent Requirement	CEMs are unlawful unless the message provides- (i)clear and conspicuous identification that the message is an advertisement or solicitation; (ii)clear and conspicuous notice of the opportunity under paragraph (3) to decline to receive further commercial electronic mail messages from the sender; and (iii) a valid physical postal address of the sender.[17]	Section 16 prohibits the sending of unsolicited commercial electronic messages. However, where a recipient has consented to the sending of the message, the said prohibition does not apply.[18] Consent means: (a) express consent; or (b) consent that can reasonably be inferred from: (i) the conduct; and (ii) the business and other relationships; of the individual or organisation concerned.[19]	CEMs are unlawful unless the message contains- 1 a) an electronic mail address, an Internet location address, a telephone number, a facsimile number or a postal address that the recipient may use to submit an unsubscribe request; and b) a statement the above information may be utilized to send an unsubscribe request. 2. Where the unsolicited CEM is received by text or multimedia message sent to a mobile telephone number, the CEM must include a mobile telephone number to which the recipient may send an unsubscribe request. [20]	Under the CASL, it is prohibited to send or cause or permit to be sent to an electronic address a commercial electronic message unless, (a) the person to whom the message is sent has consented to receiving it, whether the consent is express or implied; and (b) The message must- (i) set out prescribed information that identifies the person who sent the message and the person - if different - on whose behalf it is sent; (ii) set out information enabling the person to whom the message is sent to readily contact one of the persons referred to in paragraph (i); and (iii) set out an unsubscribe mechanism in accordance with subsection 11(1) of CASL.[21]	Under Section 19 , A person shall neither transmit, nor instigate the transmission of, communications comprising recorded matter for direct marketing purposes by means of an automated calling system except in the circumstances where the called line is that of a subscriber who has previously notified the caller that for the time being he consents to such communications being sent by, or at the instigation of, the caller on that line. Under Section 20 , A person shall neither transmit, nor instigate the transmission of, unsolicited communications for direct marketing purposes by means of a facsimile machine where the called line is that of an individual or a company except in the circumstances where the individual subscriber has previously notified the caller that he consents for the time being to such communications being sent by, or at the instigation of, the caller. Under Section 21, A person shall neither use, nor instigate the use of, a public electronic communications service for the purposes of making unsolicited calls for direct marketing purposes where the called line is that of a subscriber who has previously notified the caller that such calls should not for the time being be made on that line. Under Section 22 , a person shall neither transmit, nor instigate the transmission of, unsolicited communications for the purposes of direct marketing by means of electronic mail unless the recipient of the electronic mail has previously notified the sender that he consents for the time being to such communications being sent by, or at the instigation of, the sender.
Labelling Requirements	Warning Labels mandatory on e-mails containing pornographic content No person may send to a protected computer, any commercial electronic mail message that includes sexually oriented material and- (a) fail to include in subject heading for the electronic mail message the marks or notices prescribed by the law; or (B) fail to provide that the matter in the message that is initially viewable to the recipient, when the message is opened by any recipient and absent any further actions by the recipient, includes only- (i) material which the recipient has consented to; (ii) the identifier information required to be included in pursuance Section 5(5); and (iii) Instructions on how to access, or a mechanism to access, the sexually oriented material.[22]	Not Applicable.	True e-mail title and clear identification of advertisements with "ADV" label Every unsolicited CEM must contain- a) where there is a subject field, a title which is not false or misleading as to the content of the message; b) the letters "<ADV>" with a space before the title in the subject field or if there is no subject field, in the words first appearing in the message to clearly identify that the message is an advertisement; c) header information that is not false or misleading; and d) an accurate and functional e-mail address or telephone number by which the sender can be readily contacted.[23]	Not Applicable.	Not Applicable.
Other Banned/Restricted Activities	Illegal Access- Prohibition Against Predatory and Abusive Commercial E-Mail- "Whoever, in or affecting interstate or foreign commerce, knowingly- (1) accesses a protected computer without authorization, and intentionally initiates the transmission of multiple CEMs from or through such computer, (2) uses a protected computer to relay or retransmit multiple CEMs, with the intent to deceive or mislead recipients, or any Internet access service, as to the origin of such messages, (3) materially falsifies header information in multiple commercial electronic mail messages and intentionally initiates the transmission of such messages, (4) registers, using information that materially falsifies the identity of the actual registrant, for five or more electronic mail accounts or online user accounts or two or more domain names, and intentionally initiates the transmission of multiple commercial electronic mail messages from any combination of such accounts or domain names, or (5) falsely represents oneself to be the registrant or the legitimate successor in interest to the registrant of 5 or more Internet Protocol addresses, and intentionally initiates the transmission of multiple commercial electronic mail messages from such addresses, or conspires to do so, shall be punished as provided for in the Act.[24]	Supply of address harvesting software and harvested‑address lists "A person must not supply or offer to supply: (a) address‑harvesting software; or (b) a right to use address‑harvesting software; or (c) a harvested address list; or (d) a right to use a harvested‑address list; to another person if: (e) the supplier is: (i) an individual who is physically present in Australia at the time of the supply or offer; or (ii) a body corporate or partnership that carries on business or activities in Australia at the time of the supply or offer; or (f) the customer is: (i) an individual who is physically present in Australia at the time of the supply or offer; or (ii) a body corporate or partnership that carries on business or activities in Australia at the time of the supply or offer."	Dictionary Attacks and Address harvesting software "No person shall send, cause to be sent, or authorize the sending of, an electronic message to electronic addresses generated or obtained through the use of- a) a dictionary attack; b) address harvesting software.[25] Where, "dictionary attack" means the method which by which the electronic address of a recipient is obtained using an automated means that generates possible electronic addresses by combining names, letters, numbers, punctuation marks or symbols into numerous permutations.[26] And, "address harvesting software" means software that is specifically designed or marketed for use for- a)searching the Internet for electronic addresses; and, b) collecting, compiling, capturing or otherwise harvesting those electronic addresses."[27]	Altering Transmission Data "It is prohibited, in the course of a commercial activity, to alter or cause to be altered the transmission data in an electronic message so that the message is delivered to a destination other than or in addition to that specified by the sender, unless (a) the alteration is made with the express consent of the sender or the person to whom the message is sent, and the person altering or causing to be altered the data complies with subsection 11(4) of CASL; or (b) the alteration is made in accordance with a court order.[28] Installation of Computer Program A person must not, in the course of a commercial activity, install or cause to be installed a computer program on any other person's computer system or, having so installed or caused to be installed a computer program, cause an electronic message to be sent from that computer system, unless (a) the person has obtained the express consent of the owner or an authorized user of the computer system and complies with subsection 11(5) of the CASL; or (b) the person is acting in accordance with a court order. (2) A person contravenes subsection (1) only if the computer system is located in Canada at the relevant time or if the person either is in Canada at the relevant time or is acting under the direction of a person who is in Canada at the time when they give the directions."[29]	Electronic mail for direct marketing purposes where the identity or address of the sender is concealed A person shall neither transmit, nor instigate the transmission of, a communication for the purposes of direct marketing by means of electronic mail- (a) where the identity of the person on whose behalf the communication has been sent has been disguised or concealed; or (b)where a valid address to which the recipient of the communication may send a request that such communications cease has not been provided.
Types of Senders Covered	Spammers and beneficiaries- the term ''sender'', when used with respect to a commercial electronic mail message, means a person who initiates such a message and whose product, service, or Internet web site is advertised or promoted by the message."[30]	Spammers and beneficiaries- A person must not send, or cause to be sent, a commercial electronic message that: (a) has an Australian link; and (b) is not a designated commercial electronic message.[31]	Spammers, beneficiaries, and providers of support services "sender" means a person who sends a message, causes the message to be sent, or authorizes the sending of the message.[32] Further, persons aiding or abetting the offences under Section 9 or 11 are also punishable under the Act.[33]	Spammers and beneficiaries- Under Section 6, it is prohibited to send or cause or permit to be sent to an electronic address a CEM. Under Section 7, It is prohibited, in the course of a commercial activity, to alter or cause to be altered the transmission data in a CEM. Under Section 8, A person must not, in the course of a commercial activity, install or cause to be installed a computer program on any other person's computer system or, having so installed or caused to be installed a computer program, cause an electronic message to be sent from that computer system.	Spammers and beneficiaries- The texts of Sections 19, 20, 21 and 22 all prohibit the transmission as well as the instigation of the transmission of, communications for direct marketing purposes without the consent of the recipient.
Who Can Sue	FTC[34], Attorney Generals[35], ISPs and IAPs[36] and most recently even companies/private entities[37]	Australian Communications and Media Agency (ACMA)[38]	Any injured party, including individual users.[39]	Any injured party, including individual users.[40]	Any person who suffers damage by reason of any contravention of any of the requirements of these Regulations.[41]
Exceptions	Transactional or Relationship Messages [42] where, The term ''transactional or relationship message'' means an electronic mail message the primary purpose of which is- (i) to facilitate, complete, or confirm a commercial transaction; (ii) to provide warranty information, product recall information, etc. with respect to a commercial product or service used or purchased by the recipient; (iii) to provide notifications- (I) concerning a change in the terms or features of; (II) of a change in the recipient's standing or status with respect to; or (III) information with respect to a subscription, membership, account, loan, or comparable ongoing commercial relationship involving the ongoing purchase or use by the recipient of products or services offered by the sender; (iv) to provide information directly related to an employment relationship or related benefit plan in which the recipient is currently involved, participating, or enrolled; or (v) to deliver goods or services, including product updates or upgrades, that the recipient is entitled to receive under the terms of a transaction that the recipient has previously agreed to enter into with the sender.	Designated Commercial Electronic Message (DCEM). A DCEM is a message containing purely factual information, any related comments of non-commercial nature and some limited commercial information as to the identity of the sender company/individual.[43] A message is a DCEMs if- a) the sending of the message is authorized by any of the following bodies: (i) a government body; (ii) a registered political party; (iii) a religious organization; (iv) a charity or charitable institution; and (b) the message relates to goods or services; and (c) the body is the supplier, or prospective supplier, of the goods or services concerned.[44] Messages from educational institutions: an electronic message is a *DCEM* if: (a) the sending of the message is authorised by an educational institution; and (b) either or both of the following subparagraphs applies: (i) the relevant electronic account‑holder is, or has been, enrolled as a student in that institution; (ii) a member or former member of the household of the relevant electronic account‑holder is, or has been, enrolled as a student in that institution; and (c) the message relates to goods or services; and (d) the institution is the supplier, or prospective supplier, of the goods or services concerned.	Electronic Messages authorized by the Government[45] The Act does not apply to any electronic message where the sending of the message is authorized by the Government or a statutory body on the occurrence of any public emergency, in the public interest or in the interests of public security or national defence.[46] A certificate signed by the Minister shall be conclusive evidence of existence of a public emergency and the other above stated matters.[47]	Family and Personal relationships, where "Family relationship" is a relationship between two people related through marriage, a common law partnership, or any legal parent-child relationship who have had direct, voluntary two-way communications; and "personal relationship" means a relationship between two people who have had direct, voluntary two-way communications where it would be reasonable to conclude that the relationship is personal.[48] Mails sent to an individual who practices a particular commercial activity with the mail containing solely an inquiry or application related to that activity[49]. A mail which - provides a quote or estimate for the supply of a product, goods, a service, etc. if requested by the recipient; · facilitates, completes or confirms a commercial transaction that the recipient previously agreed to enter into with the sender; · provides warranty information, product recall information etc. about a product, goods or a service that the recipient uses, has used or has purchased; · provides notification of factual information about- (i) the ongoing use or ongoing purchase by the recipient of a product, goods or a service offered under a subscription, membership, account, loan or similar relationship by the sender, or · provides information directly related to an employment relationship or related benefit plan in which the recipient is currently involved, is currently participating or is currently enrolled; · delivers a product, goods or a service, including updates or upgrades, that the recipient is entitled to receive under the terms of a transaction that they have previously entered into with the sender.[50] · Telecommunications service provider merely because the service provider provides a telecommunications service that enables the transmission of the message.[51] · CEMs which are two-way voice communication between individuals sent by means of a facsimile or a voice recording sent to a telephone account.[52]	A person may send or instigate the sending of electronic mail for the purposes of direct marketing where - (a) the contact details of the recipient of that electronic mail in the course of the sale or negotiations for the sale of a product or service to that recipient; (b) the direct marketing is in respect of that person's similar products and services only; and (c) the recipient has been given a simple means of refusing (free of charge except for the costs of the transmission of the refusal) the use of his contact details for the purposes of such direct marketing, at the time that the details were initially collected, and, where he did not initially refuse the use of the details, at the time of each subsequent communication.[53]
Penalties	Civil and Criminal Statutory damages- Amount calculated by multiplying the number of violations by up to $250. Total amount of damages may not exceed $2,000,000. [54] Imprisonment- upto 5 years.[55] Forfeiture from the offender, of- i) any property, real or personal, constituting or traceable to gross proceeds obtained from such offense; ii) any equipment, software, or other technology used or intended to be used to commit or to facilitate the commission of such offense.[56]	Civil only For a body corporate without prior record, for upto 2 contraventions, civil penalty should not exceed i) 100 penalty units if the if the civil penalty provision is subsection 16(1), (6) or (9); or ii) 50 penalty units in any other case. For more than 2 contraventions, civil penalty should not exceed i) 2000 penalty units if the if the civil penalty provision is subsection 16(1), (6) or (9); or ii) 1000 penalty units in any other case. For a body corporate with prior record, for upto 2 contravention, civil penalty should not exceed i) 500 penalty units if the if the civil penalty provision is subsection 16(1), (6) or (9); or ii) 250 penalty units in any other case. For more than 2 contraventions, civil penalty should not exceed i) 10,000 penalty units if the if the civil penalty provision is subsection 16(1), (6) or (9); or ii) 5,000 penalty units in any other case. For a person without prior record, for upto 2 contraventions, civil penalty should not exceed i) 20 penalty units if the if the civil penalty provision is subsection 16(1), (6) or (9); or ii) 10 penalty units in any other case. For more than 2 contraventions, civil penalty should not exceed i) 400 penalty units if the if the civil penalty provision is subsection 16(1), (6) or (9); or ii) 200 penalty units in any other case. For a person with prior record, for upto 2 contravention, civil penalty should not exceed i) 100 penalty units if the if the civil penalty provision is subsection 16(1), (6) or (9); or ii) 50 penalty units in any other case. For more than 2 contraventions, civil penalty should not exceed i) 2,000 penalty units if the if the civil penalty provision is subsection 16(1), (6) or (9); or ii) 1,000 penalty units in any other case.[57]	Civil only i) Injunction ii) Damages- calculated in terms of loss suffered as a direct or indirect result of the contravention of the Act. ii) Statutory Damages not exceeding $25 for each CEM; and not exceeding in the aggregate $1 million, unless the plaintiff proves that his actual loss from such CEMs exceeds $1 million.[58] iii)Costs of litigation to the plaintiff.[59]	Civil only Administrative Monetary Penalty , the purpose of which is to promote compliance with the Act and not to punish.[60] The maximum penalty for a violation is $1,000,000 in the case of an individual, and $10,000,000 in the case of any other person.[61]	Civil on private action; Criminal for non-compliance with IC's notice A person who suffers damage by reason of any contravention of any of the requirements of these Regulations by any other person shall be entitled to bring proceedings for compensation from that other person for that damage.[62] The enforcement authority for these regulations is Britain's Information Commissioner who oversees both the Act and the Regulations, and investigates complaints and makes findings in the form of various types of notices.[63] Failure to comply with any notice issued by the Information Commissioner is a criminal offence and is punishable with a fine of upto £5000 in England and Wales and £10,000 Scotland.[64]

THE PROBLEM OF SPAM -WHY IT PERSISTS

As per a study conducted by Kaspersky Lab in 2014, 66.34% of all messages exchanged over the internet were spam.[65] Over the 2000s, several countries recognized the threats posed by spam and enacted specific legislations to tackle the same. The ones taken into consideration in this paper are the CAN-SPAM Act, 2003 of the United States, Canada's Anti-Spam Legislation, 2014, The Spam Act, 2003 of Australia, Singapore's Spam Control Act, 2007 and The Privacy and Electronic Communications (EC Directive) Regulations, 2003 (United Kingdom). As will be analyzed in the course of this paper, none of these laws have evolved to become comprehensive mechanisms for combating spam yet. Nevertheless, post the enactment of these laws, spam has reduced as a percentage of the net email traffic; however, the absolute quantity of spam has increased owing to the exponential growth of email traffic universally.[66]

Who Benefits from Spam?

1. Commercial establishments - Spamming is one of the most cost-effective means of promoting products and services to a large number of potential customers. Spams are not necessarily duplicitous and often contain legitimate information to which a fraction of the recipients respond positively. As per a recent study, for spam to be profitable, only 1 in 25,000 spam recipients needs to open the email, get enticed, and make a gray-market purchase.[67]

2. Non-commercial establishments benefitting from advertisements - Many seemingly non-profit messages benefit from revenue generated through advertisements when recipients visit their site. Advertisers pay these sites either per click or per impression.

3. Spammers - The costs incurred by spammers largely include the cost of e-mail/phone number harvesting and the cost of paying botnet operators. As compared to the revenue generated as a percentage of profits earned by the merchant on whose behalf spam messages are sent, these costs are negligible.[68]

Thus, spamming proves to be an activity that involves minimal investment and often yields some response from prospective clients.

The impact of spam is clearly widespread. Presently, India lacks a specific anti-spam legislation. In consideration of the swelling growth of spam across the globe and the increasing number of Indian users, it is of utmost urgency that a specific legislation is formulated to tackle the issue.

OBSERVATIONS AND ANALYSIS

1. Definition of Spam

a. 'Spam' must be defined in a technologically neutral manner

The legislations analyzed in this paper deal with either one or a cluster of modes of communication through which spam may be sent. However, it is essential that 'spam' is defined in a manner that is technologically neutral. Most commercial spam is aimed at promoting products and services to a large number of prospective customers. Thus, making only spam e-mails illegal, like the CAN-SPAM Act does, fails to address the issue wholly as companies would always retain the option of sending unsolicited messages through other communicative devices. It becomes an issue of merely switching modes of communication without there being any actual deterrence to spamming. Thus, a narrow understanding of spam, limiting it to one or few modes of communication, is problematic and for a model law, a broader definition that discourages unsolicited messages sent via any network is warranted.

b. Non-commercial spam must also be addressed

The five legislations examined in this paper address only the issue of unsolicited 'commercial' mails/messages. For instance, under the CAN-SPAM, a commercial mail means " any electronic mail message the primary purpose of which is the commercial advertisement or promotion of a commercial product or service". Singapore's Spam Control Act defines a commercial message in a similar fashion but more elaborately. CASL, while limiting the scope of the law to commercial mail, additionally prescribes that such communication need not have a profit motive. Australia's Spam Act defines a commercial message as a message that has the purpose of offering, advertising or promoting goods or services or the supplier or prospective supplier of goods or services. Under the EC Directive, the term used is 'marketing communication'; however, in essence, it includes only commercial communications.[69] These definitions suffer from an obvious exclusion error. It is known from experience that not all unsolicited messages received are in pursuance of commercial interests. Often, unsolicited mails and messages are received with explicit sexual content as well as promoting political and religious agendas sent by party volunteers.

Thus, it would be in higher consonance with the greater aim of curbing spam to broaden the scope of these legislations to address both commercial as well as non-commercial messages.

c. Bulk requirement and its quantification

The Singaporean law makes 'sent in bulk' a mandatory requirement for spam. However, deciding what quantity of a particular message qualifies it as bulk is difficult. If an objective threshold is set, say 100 messages in 24 hours, then anything short of that, say even 99 messages, go unaddressed simply because it does not meet the statutory requirement of being in bulk. This enables spammers to misuse the law by marginally falling short of the threshold and still continuing to spam. The issue here is comparable to the one faced in setting age as bar to criminal culpability. No matter what, any number arrived at is likely to be arbitrary and consequently subject of criticism. A possible way to tackle this would be to strengthen the unsubscribe mechanisms by virtue of which individuals are able to, at the very least, stop receiving unsolicited mails. For the determination of threshold for State action and its feasibility, a much more detailed study is merited.

2. Consent Requirement

	Opt- out Model	Opt-in Model	Double Opt-in Model
Countries following the model	United States of America and Singapore	Canada, Australia and the United Kingdom	None at present.
When messages may be sent	At all times until recipient voluntarily opts out/unsubscribes.	Only after the recipient voluntarily opts-in/subscribes to receive messages by submitting his/her contact details to be part of a particular mailing list.	Only after the recipient responds in the affirmative to the confirmation mail sent by the sender on receiving an opt-in request from the recipient.
Specific requirements	1. The mail/message must bear a clear identifier of its content. E.g. marked as 'ADVT' for advertisements; 2. An 'unsubscribe' option must be provided in the message which may be utilized by the recipient to express his/her disinterest in the message; and 3. The message must conspicuously bear a valid physical postal address.	N/A	N/A
Advantages	Promotes commercial speech rights- Since the default position presumes the right to market, average collection rates are considerably higher as more emails can be sent to more people.	1. Reduction in unsolicited messages- Commercial messages are not sent until the recipient voluntarily consents to receiving such messages by submitting his/her contact information. 2. Availability of unsubscribe option- Even after a recipient voluntarily opts in, he/she still has the right to withdraw from such messages by unsubscribing.	1. Ensures people are entering their information correctly, which equals a cleaner list and lowers bounce rates. 2. Reduces the probability of spam complaints because subscribers have had to take the extra step to confirm their consent.
Disadvantages	1. This merely places the burden of reduction of spam on the recipients. 2. The functionality of the 'unsubscribe' link is itself questionable. Very often these links themselves are fraudulent. In such a case, the recipient is further harmed before any opting-out can even take place. 3. In the absence of any strict regulatory oversight, there exists no incentive for the senders to strictly address unsubscribe requests.	1. Consent may be obtained in fact but not in spirit through inconspicuous pre-ticked check boxes. 2. E-mail addresses may be added to a list by spambots. Where, the person 'opted-in' may not actually be the person opting in. 3. Errors may be made when entering emails; a typo may result in someone submitting an address that is not theirs. 4. Legitimate addresses may be added by someone who does not own the address.	1. Genuine subscribers may not understand clearly the confirmation process and fail to click the verification link. 2. Confirmation emails may get stuck in spam filters.

The comparison above highlights that the opt-out model as well as the opt-in model may leave loopholes. The opt-in model has been advocated for as the better model as compared to the opt-out model as it prohibits the sending of messages unless the recipient consents to receiving such messages. However, as pointed out above, in this model consent may be given by entities other than the owner of the contact details. In such a situation, a double opt-in model may be a viable option to contemplate as it is the only model where it can be ensured that only the addressee is enabled to successfully opt-in.[70]

Presently, the double opt-in model has not been adopted by any of the countries discussed in this paper. Nonetheless, it seems to have the potential to aid the fight against spam more effectively than the existing models. Its real efficacy however, shall be proven only on practical implementation.

3. Exceptions

a. Family and Personal Relationships

Under the CASL, an exception is made for 'personal relationships' and 'family relationship'. However, these terms are defined quite narrowly. For instance, family relationship is defined as 'a relationship between two people related through marriage, a common law partnership, or any legal parent-child relationship and those individuals have had direct, voluntary, two-way communication'.^[71] This implies that in a situation where an individual wants to send a message offering to sell something to an individual in his extended family, say his cousins, doing so without obtaining their consent first, would qualify his mail as spam under the CASL. This would become especially problematic in the Indian context where comparatively larger family structures prevail.

In the anti-spam legislations of the other four countries, no such exceptions are made. Quite obviously, these exceptions are of crucial significance and must be provided in any anti-spam legislation; however, it is important that they are defined in a manner such that their actual purpose i.e. of exclusion of familial and personal relationships from regulations applicable to spammers, is effectively achieved and the law does not become a creator for unnecessary litigation.

b. Transactional Messages

The term 'transactional messages' is used only under the CAN-SPAM Act of the USA. It basically covers messages sent when the recipient stands in an existing transactional relationship with the sender and the mail contains information specific to the recipient. It also includes employment relationships. In CASL, a similar exception is made under Section 6(6). The section is worded almost identically as the CAN-SPAM provision, though the term 'transactional messages' is not used. In the UK laws, messages for the purpose of direct marketing may be sent where the contact information of the recipient is received in the course of the sale or negotiations for the sale of a product or service to that recipient, thus implying an existing transactional relationship. One added proviso under the UK law is that the recipient must be clearly and distinctively given the opportunity to object, free of charge and in an easy manner, to the use of the e-mail address when collected and on the occasion of each message in case the customer has not initially refused such use.[72]

An exception for transactional messages is essential to ensure freedom of commercial speech rights even while effectively tackling spam. In the formulation of a model law, a combination of the American and the English laws may be workable.

c. Governmental Messages

The Spam Act, 2003 of Australia makes an exemption for 'designated commercial electronic message (DCEM)'. This exemption is to avoid any unintended restriction on communication between the government and the community.^[73] In order to be a DCEM, a message must-

1. Be authorized by the government;

2. Contain purely factual information and any related comments of non-commercial nature; and

3. Contain some information as to the identity of the sender company/individual.

DCEMs need not always be sent by government bodies and may also be sent by third parties authorized by the government.^[74] Such messages are exempt from the consent requirement as well as the unsubscribe option requirement but must comply with the identifier requirement. However, where government bodies are operating in a competitive environment, the provisions of the act would apply normally to them.^[75]

Similarly, Singapore's Spam Control Act does not apply to any electronic message where the sending of the message is authorized by the Government or a statutory body on the occurrence of any public emergency, in public interest or in the interests of public security or national defence.

These exemptions are essential in order to enable free communication of important information between the government and the citizens. The Singaporean wording of the exception is rather broad and would give the government immense space for misusing the law. Such a wording might be more effective if supplemented with the Australian proviso wherein governmental communications operating in a competitive environment are excluded.

4. Penalties

a. Penalties must be higher than benefit from spamming

If the penalty prescribed itself is too low, such that loss suffered from paying penalties is lower than net benefit from spamming, the spammer is not sufficiently deterred. Four out of the five countries analyzed in this paper prescribe only civil penalties in the form of fines for spamming. Recently, a Facebook spammer was found to have made a profit of $200 million in a year.[76] For instance, as noted above, the Australian law sets a limit for penalty at $1 million. Thus, such a penalty would constitute a small fraction of the profit from spamming and would not deter a spammer.

b. High penalty does not imply effective deterrence where probability of prosecution is low.

The CAN-SPAM Act prescribes the harshest penalties including both civil as well as criminal penalties. However, it has been rather ineffective in reducing spam. This is for the reason that this Act is more about how to spam legally than anything else. It is more like- ' you can spam but do not use false headers.'[77] As a consequence, unintentional spam from ignorant commercial establishments has reduced. However, due to easy compliance standards, the 'real' spammers still go undetected to a large extent.[78] Thus, even moderate penalties may serve as good deterrents where the probability of prosecution is high.

c. Effective enforcement is the key to effective deterrence.

The cornerstone of an effective spam law is effective enforcement. Penalties must be enforced in a manner that the cost of punishment is always higher than the benefit from spamming and the probability of conviction is high. In order to implement legislative measures effectively, governments should also undertake an information campaign on spam issues targeting users, business communities, private sector groups and other stakeholders as the one primary reason for sustenance of spam is the response received from certain recipients. Such supplementary activities would also facilitate the preservation of commercial rights as excessive penalties could inhibit regular commercial activities.

CONCLUSION

The observations made in this paper are crucial to the formulation of a model anti-spam law for India. The most important part of any ant-spam legislation would be the definition of 'spam' which, as established above, must be technologically neutral in order to be able to address as much unsolicited communication as possible. On the question of consent, a double opt-in is what this paper would propose. This model has been contemplated and recommended by academic and policy researchers as a possibly more effective consent model for spam laws; however, it has not been codified as a legal regime till date. It could be a rather groundbreaking approach that India could adopt as this clearly is the only model where 'opting-in' is realized in fact and in spirit. Further, exceptions are necessary in order to prevent the abuse of laws making certain such exceptions do not suffer from inclusive or exclusion errors. A combination of the exceptions under the Australian and the American laws seems ideal at this stage of research. In terms of penalty, this paper observed that only prescribing harsh penalties is not sufficient to effectively deter spammers but efficient modes of enforcement have to be formulated to ensure actual deterrence. Lastly, while a well-drafted national anti-spam legislation is clearly the need of the hour for India; additional steps have to be taken towards sensitizing citizens to the fact that the problem of spam is real and a costly threat to the communications infrastructure of the country and combat has to begin at the individual level.

[1] CAN-SPAM Act, § 7706(f) (7).

[2] Spam Act, 2003, § 7

[3] Spam Control Act, 2007, § 7(2)

[4] Canada's Anti-Spam Legislation, 2014, § 6.

[5] Canada's Anti-Spam Legislation, 2014, § 12.

[6] 15 U.S.C. § 7701 (2003).

[7] CAN-SPAM Act, Section 3 (2)(A)

[8] Spam Act, 2003, § 6

[9] Spam Control Act, 2007, § 5(1)

[10] Canada's Anti-Spam Legislation, 2014, § 6

[11] Canada's Anti-Spam Legislation, 2014, § 1(1)

[12] Regulation 19, EC Directives, 2003

[13] Regulation 20, EC Directives, 2003

[14] Regulation 21, EC Directives, 2003

[15] Regulation 22, EC Directives, 2003

[16] Section 11, Data Protection Act, 1998

[17] CAN-SPAM Act, Section 5(5)

[18] Spam Act, 2003, § 16(2)

[19] Spam Act, 2003, Schedule 2 (2)

[20] Spam Control Act, 2007 Section 11, Schedule 2(2)

[21] Canada's Anti-Spam Legislation, 2014, Section 6

[22] CAN-SPAM Act, 2003, Section 5(d)

[23] Spam Control Act, 2007, Schedule 2, 3(1), Section 11

[24] Chapter 47 of title 18, U.S.C., § 1037, inserted through an amendment by the CAN-SPAM Act, § 4(a) (1); '§ 5(A)(1).

[25] Spam Control Act, 2007, '§ 9

[26] Spam Control Act, 2007, '§ 2

[27] Spam Control Act, 2007, '§ 2

[28] Canada's Anti-Spam Legislation, 2014, § 7

[29] Canada's Anti-Spam Legislation, 2014, § 8

[30] CAN-SPAM Act, 2003, § 3(16)(A)

[31] Spam Act, 2003, Section 16(1), Section 8

[32] Spam Control Act, 2007, § 2

[33] Spam Control Act, 2007, § 12

[34] CAN-SPAM Act, 2003, § 7(a)(c)(d)

[35] CAN-SPAM Act, 2003, § 7(f)

[36] CAN-SPAM Act, 2003, § 7(g)

[37] MySpace, Inc. v. The Globe.com, Inc., 2007 WL 1686966 (C.D. Cal., Feb. 27, 2007)

[38] Spam Act, 2003, § 26(1)

[39] Spam Control Act, 2007, § 13

[40] Canada's Anti-Spam Legislation, § 47

[41] Regulation 30(1), EC Directives, 2003

[42] CAN-SPAM Act, 2003, § 3(2)(B)

[43] Spam Act, 2003, Schedule 1, § 2

[44] Spam Act, 2003, Schedule 1, § 3

[45] Spam Control Act, 2007, § 7(3)

[46] Spam Control Act, 2007, First Schedule Clause (1)

[47] Spam Control Act, 2007, First Schedule Clause (2)

[48] Canada's Anti-Spam Legislation, § 6(5a)

[49] Canada's Anti-Spam Legislation, § 6(5b)

[50] Canada's Anti-Spam Legislation, § 6(6)

[51] Canada's Anti-Spam Legislation, § 7

[52] Canada's Anti-Spam Legislation, § 8

[53]Section 22(3), EC Directives, 2003

[54] CAN-SPAM Act, § 7 (f)(3)(A).

[55] CAN-SPAM Act, § 4 (b)

[56] CAN-SPAM Act, § 4 (c)

[57] Spam Act, 2003, Sections 24, 25

[58] Spam Control Act, 2007, § 14

[59] Spam Control Act, 2007, § 15

[60] Canada's Anti-Spam Legislation, 2014, § 20(2)

[61] Canada's Anti-Spam Legislation, 2014, § 20(4)

[62] Regulation 30(1), EC Directive, 2003

[63] Regulations 31-32, EC Directive, 2003

[64] Section 47 and 60, Data Protection Act, 1998

[65] Spam and Phishing Statistics Report Q1-2014, Kaspersky Lab

http://usa.kaspersky.com/internet-security-center/threats/spam-statistics-report-q1-2014#.VVQxNndqN5I (last accessed 29^th May, 2015)

[66] Snow and Jayakar, Krishna, Can We Can Spam? A Comparison of National Spam Regulations, August 15, 2013. TPRC 41: The 41st Research Conference on Communication, Information and Internet Policy.

[67] Justin Rao and David Reiley, The Economics of Spam, Vol. 26, No. 3 The Journal of Economic Perspectives (2012), p. 104.

[68] Supra n. 66; p. 7

[69] Refer Table in Section 1.

[70] Dr. Ralph F. Wilson, Spam, Spam Bots, and Double Opt-in E-mail Lists, April 21, 2010; available at http://webmarketingtoday.com/articles/wilson-double-optin/ (last accessed 29^th May 2015).

[71] Section 2(a), Electronic Commerce Protection Regulations, http://fightspam.gc.ca/eic/site/030.nsf/eng/00273.html (last accessed 29^th May 2015)

[72] Evangelos Moustakas, C. Ranganathan and Penny Duquenoy, Combating Spam Through Legislation: A Comparative Analysis Of US And European Approaches, available at http://ceas.cc/2005/papers/146.pdf

[73] Spam Act 2003- A Practical Guide for Government, Australian Communications Authority, available at- http://www.acma.gov.au/webwr/consumer_info/spam/spam_act_pracguide_govt.pdf (last accessed 29^th May 2015)

[74] Ibid

[75] Id

[76] Charles Arthur, Facebook spammers make $200m just posting links, researchers say, The Guardian, 28^th August 2013, http://www.theguardian.com/technology/2013/aug/28/facebook-spam-202-million-italian-research (last accessed 29^th May, 2015)

[77] Evangelos Moustakas, C. Ranganathan and Penny Duquenoy, Combating Spam Through Legislation: A Comparative Analysis Of US And European Approaches, available at http://ceas.cc/2005/papers/146.pdf

[78] Carolyn Duffy Marsan, CAN-SPAM: What went wrong?, 6^th October 2008, available at

http://www.networkworld.com/article/2276180/security/can-spam--what-went-wrong-.html (last accessed 29^th May, 2015)

For more details visit https://cis-india.org/internet-governance/blog/anti-spam-laws-in-different-jurisdictions

Anti-Social Network

praskrishna — 2011-04-01T15:59:51Z

Social media is driving teens to a reality they can't handle. This article by Max Martin was published in Mail Today on February 27, 2011.

THIS is the generation of instant messaging and two-minute noodles. Impatient teenagers are always plugged in to their computers and cell phones. Their reality is virtual and most of their friends can be found online. "It's the coolest way to keep in touch," says Charlotte William, a college student in Bangalore whose Facebook was got flooded with birthday greetings on Saturday. Her FB page is an almost-instantly updated open book of her life.

Such minute-by-minute minute updates are an integral part of any teenager's life but the older generation is cautious. Not just old-fashioned people but even the tech-savvy are raising several issues with this uncontrolled explosion of social networking. India is the seventh largest social networking market in the world, with millions of users and many issues like privacy, etiquette, commercial, and political interests. Even though people have control over the information they post online, unauthorised access -- usage and republication -- is a major cause of concern, says Nikhil Pahwa, who publishes MediaNama, a mobile business news site based in Delhi. "You put up information about friends and family without realising the enormous consequences of it being in the public domain," says Pahwa.

"I see a lot of people exchanging personal messages and phone numbers on their walls. A lot of people are rather nonchalant about it," says Christian Wolff, a German development researcher, living in Hyderabad, who finds it amazing how Indians are not as concerned about their privacy as they should be. Bangalore-based lawyer Sarim Naved says the internet gives people a misplaced sense of anonymity, which makes them shed their inhibitions -- and etiquette. Should you allow a friend to post pictures of you from that crazy party last night? What if a family member sees them? We still live by traditional values and customs and footloose pictures may not be appreciated.

And while you may think that your privacy settings are in place to never allow such an unfortunate incident take place, privacy settings give a false sense of security. "Many people cannot figure out how to put filters on," says Yamini Atmavilas, a teacher of gender studies in Hyderabad. She also says that social networking is a mixed bag: "Studies show that women use social networks differently from men. They have helped build women's social capital, providing an outlet for connection and expression."

AARTI Mundkur, who was involved in the national 'Pink Chaddi' campaign against the pub-attacking Sri Ram Sene, agrees. "Social networks capture only the imagination of the upper middle class -- and fail to evoke any other kind of response," says this activist lawyer. While the social media is powerful -- and can be used for many purposes -- it is limited in scope.

Also, these sites are turning into what Wolff calls 'all-devouring marketing machines'. Facebook, for instance, is always in the midst of some controversy over its automatic personalisation or using technology to accommodate differences between individuals, so that disbursing personalised advertisements gets easier. Most of us do not realise that every little bit of information we post online is under the scrutiny of corporate entities that analyse and track browsing, spending, networking, and even music preferences.

"They make money with the data you post online for free," says Anivar Aravind, an IT consultant and commentator who started the online campaign for justice for Binayak Sen. "Even worse is when these service providers pass on this personal information to the government as Yahoo did in China leading to the imprisonment of a journalist," says Aravind.

Also getting increasingly active in the online circuit are crooks, says Shantanu Ghosh, who handles the India product operations of Symantec, a leading network and computer security firm. These crooks, he says, launch virus attacks, put up false events to attract people, and spoof networking sites to extract personal data.

"This attack was observed before the Cricket World Cup 2011. Attackers had created a page offering ticket deals for the World Cup final in Mumbai, requiring users to log into their social networking accounts. Those who fell for this trick would have ended up revealing their confidential login information to these attackers." Ghosh advises: "You should treat anything you see online with skepticism -- especially if it involves clicking a link or installing an application." Also make sure you check and understand privacy policies and settings.

This is even more important because existing laws on cyber crime are not strong enough. Also, the question whether new laws will be effective remains.

"It really depends on the law. If it goes into too much detail then it will be rendered irrelevant because of advancements in technology," says Sunil Abraham, who heads Centre for Internet and Society, a Bangalore-based research group. "A good law usually focuses on principles. What we need in India is a privacy regulator that can dynamically interpret the principles in law to quickly react to developments on the internet."

Read the article in Mail Today here
Also see the article in the Free Library here
Download the news from Mail Today here (pdf, 2.92 MB)

For more details visit https://cis-india.org/news/anti-social-network

Anti-harassment app wins hackathon for women

praskrishna — 2015-05-20T13:25:33Z

A team of four young women coders from Porta Allegra in Brazil has won the IGNITE International Girls Hackathon with an anti-harassment app called Não Me Calo, which means “I will not shut up”.

The blog entry was published in Sci Dev Net on May 15, 2015. Rohini Lakshané gave her inputs.

Não Me Calo allows users to review restaurants based on how they treat women. The data then helps other patrons decide which restaurants are safest for women, and publicly encourages restaurant owners and government officials to fix harassment hotspots.

The team competed against coders from India, Taiwan and the United States to create the best app addressing the challenge of creating safe spaces for women. They will now work with partners from the Global Fund for Women, which organised the hackathon, to fully develop the app.

Catherine King, the executive producer of the Global Fund for Women, says that the hackathon is meant to address the gender gap in access to information technology, and to encourage women to create and shape technologies.

“If girls aren’t accessing the internet and aren’t creating culture themselves online and using their own voices online, then that means other people are doing that,” Sara Baker, the coordinator of Take Back the Tech!, a global campaign to get more women online, told SciDev.Net.

The hackathon, which gave teams 24 hours to create their app, took place in February, and the winners were announced last month.

King says that the teams’ responses to the challenge were influenced by experiences in their own communities. For example, teams from India designed apps for learning self-defence and sex education.

Women’s safety apps or features are becoming increasingly popular, particularly in India where they are seen as a way to respond to public violence against women. Earlier this year, Uber, the taxi-hailing app, added a new ‘SOS button’ to their Indian version after a driver raped a passenger in December 2014.

But Rohini Lakshané, a researcher at the Centre for Internet and Society in India, points out that these technologies can only go so far towards preventing violence against women, and must be part of a broader approach that also addresses the underlying social and cultural causes of gender inequality.

She adds that many apps fail to protect women because they are designed by men who don’t understand the intricacies of women’s safety.

For more details visit https://cis-india.org/internet-governance/news/anti-harassment-app-wins-hackathon-for-women

Another Step towards Privacy Law

elonnai — 2018-01-18T01:50:59Z

A comparison between the 2012 experts’ report and the 2017 white paper on data protection.

The column was published in Governance Now in January 15, 2018 issue.


(Illustration: Ashish Asthana)

On July 31 the ministry of electronics and information technology (MeitY) constituted a committee of experts, headed by justice (retired) BN Srikrishna, to deliberate on a data protection framework for India. The committee is another step in India’s journey in formulating a national-level privacy legislation.

The formulation of a privacy law started as early as 2010 with an approach paper for a legislation on privacy towards envisioning a privacy framework for India. In 2011, a bill on right to privacy was drafted. In 2012 the planning commission constituted a group of experts, with justice (retired) AP Shah as its chief, which prepared a report recommending a privacy framework.

A month after the formation of the committee, in August, the sectoral regulator, Telecom Regulatory Authority of India (TRAI), released the consultation paper, ‘Privacy, Security and Ownership of the Data in the Telecom Sector’. In the same month, the supreme court in a landmark decision recognised privacy as a fundamental right.

In November 2017, the expert group released a ‘White Paper of the Committee of Experts on a Data Protection Framework for India’ to solicit public comments on the contours of a data protection law for India.

To understand the evolution of the thinking around a privacy framework for India, this article outlines and analyses common themes and differences between (a) the 2012 group of experts’ report, and the 2017 expert committee’s white paper.

The white paper seeks to gather inputs from the public on key issues towards the development of a data protection law for India. The paper places itself in the context of the NDA government’s Digital India initiative, the justice Shah committee report, and the judicial developments on the right to privacy in India. It is divided into three substantive parts: (1) scope and exemptions, (2) grounds of processing, obligation and entities, individual rights, and (3) regulation and enforcement. Each part is comprised of deep dives into key issues, international practices, preliminary views of the committee, and questions for public consultation.

Broadly, the 2012 report defined nine national-level privacy principles and recommended a co-regulatory framework that consisted of privacy commissioners, courts, self-regulating organisations, data controllers, and privacy officers at the organisational level. At the outset, the 2017 white paper is different from that report simply by the fact that it is a consultation paper soliciting views as compared to a report that recommends a broad privacy framework for India. In doing so, the white paper explores a broader set of issues than those discussed in the justice Shah report – ranging from the implications of emerging technologies on the relevance of traditional privacy principles, data localisation, child’s consent, individual participation rights, the right to be forgotten, cross-border flow of data, breach notification etc. Given that the white paper is a consultation paper, this article examines the provisional views shared in it with the recommendations of the 2012 report.

Key areas that the both the documents touch upon (though not necessarily agree on) include:

Applicability

The 2012 report of experts recommended a privacy legislation that extends the right to privacy to all persons in India, all data that is processed by a company or equipment located in India, and to data that originate in India.

Provisional views in the white paper reflect this position, but also offer that applicability could be in part determined by the legitimate interest of the state, carrying on a business or offering services or goods in India, and if, despite location, the entity is processing the personal data of Indian citizens. The provisional views also touch upon retrospective application of a data protection law and agree with the 2012 report by recommending that a law apply to privacy and public bodies. They also go a step further by recommending specific exemptions in application for well defined categories of public or private entities.

Exceptions

The experts’ report defined the following exceptions to the right to privacy: artistic and journalistic purposes, household purposes, historic and scientific research, and the Right to Information. Exceptions that must be weighed against the principles of proportionality, legality, and necessary in a democratic state included: national security, public order, disclosure in public interest, prevention, detection, investigation, and prosecution of criminal offences, and protection of the individual or of the rights and freedoms of others.

Provisional views in the 2017 white paper broadly mirror the exemptions defined in the experts’ report, but do not weigh exceptions related to national security and public interest etc. against the principles of proportionality, legality, and necessary in a democratic state and instead explored a review mechanism for these exceptions.

Consent

Provisional views in the white paper on consent note that aspects of consent should include that it is freely given, informed and specific and that standards for implied consent need to be evolved.

Though the 2012 experts’ report defined a principle for choice and consent, this principle did not define aspects of what would constitute valid consent, yet it did incorporate an opt-out mechanism.

Notice

Provisional views in the white paper hold that notice is important in enabling consent and explore a number of mechanisms that can be implemented to effect meaningful notice such as codes of practice for designing notice, multilayered notices, assessing notices in privacy impact assessments, assigning ‘data trust scores’ based on their data use policy, and having a ‘consent dashboard’ to help individuals manage their consent across entities.

These views build upon and complement the principle of notice defined in the 2012 report which defined components of a privacy policy as well as other forms of notice including data breach (also addressed in the white paper) and legal access to personal information.

Purpose limitation/minimisation

Provisional views in the white paper recognise the challenges that evolving technology is posing to the principle of purpose limitation and recommend that layered privacy policies and the standard of reasonableness can be used to contextualise this principle to actual purposes and uses.

Though the 2012 report defined a purpose limitation principle, the principle does not incorporate a standard of reasonableness or explore methods of implementation.

Data Retention and Quality

Provisional views in the white paper suggest that the principles of data retention and data quality can be guided by the terms “reasonably and necessary” to ensure that they are not overly burdensome on industry.

The 2012 report of experts briefly touched on data retention in the principle of purpose limitation –holding that practices should be in compliance with the national privacy principles.

Right to Access

Provisional views in the white paper recognise the importance of the right confirmation, access, and rectify personal information of the individual, but note that this is increasingly becoming harder to enforce with respect to data that is observed behavioral data and derived from habits. A suggested solution is to impose a fee on individuals for using these rights to deter frivolous requests.

Though the 2012 report defined a principle of access and correction it did not propose a fee for using this right and it included the caveat that if the access would affect the privacy rights of others, access may not be given by the data controller.

Enforcement Mechanisms

Provisional views in the 2017 white paper broadly agree with the appropriateness of the model of co-regulation and development of codes of practice as suggested in the 2012 report. Within the system envisioned in the 2012 report of experts, self-regulating organisations at the industry level will have the ability to develop industry specific norms and standards in compliance with the national privacy principles to be approved by the privacy commissioner.

Accountability

The provisional views of the white paper go beyond the principle of accountability defined in the 2012 report by suggesting that data controllers should not only be held accountable for implementation of defined data protection standards, but in defined circumstances, also for harm that is caused to an individual.

Additional Obligations and Data Controllers

Provisional views in the white paper suggest the following mechanisms as methods towards ensuring accountability of specific categories of data controllers: registration, data protection impact assessment, data audits, and data protection officers that are centres of accountability.

The 2012 experts’ report also envisioned impact assessments and investigations carried out by the privacy commissioner and the role of a data controller, but did not explore registration of these entities.

Authorities and Adjudication

The both documents are in agreement on the need for a privacy commissioner/data protection authority and envision similar functions such as conducting privacy impact assessments, audits, investigation, and levying of fines. The white paper differs from the 2012 experts’ report in its view that the appellate tribunals under the IT Act and bodies like the National Commission Disputes Redressal Commission could potentially be appropriate venues for adjudicating and resolving disputes.

Though the 2012 experts’ report recommended that complaints can be issued through an alternative dispute resolution mechanism, to central and regional level commissioners, or to the courts – for remedies– enforcement of penalties should involve district and high-level courts and the supreme court. The 2012 report specified that a distinct tribunal should not be created nor should existing tribunals be relied upon as there is the possibility that the institution will not have the capacity to rule on a broad right of privacy. Individuals that can be held liable by individuals include data controllers, organisation directors, agency directors, and heads of governmental departments.

Penalty and Remedy

The white paper goes much further in its thinking on penalties, remedies and compensation than the 2012 report of experts – discussing potential models for calculation of civil penalties including nature and extent of violation of the data protection obligation, nature of personal information involved, number of individuals affected, whether infringement was intentional or negligent, measures taken by the data controller to mitigate the damage, and previous track record of the data controller.

The white paper is a progressive and positive step towards formulating a data protection law for India that is effective and relevant nationally and internationally. It will be interesting to see the public response to it and the response of the committee to the inputs received from the consultation as well as how the final recommendations differ, build upon, and incorporate previous policy steps towards a comprehensive privacy framework for India.

For more details visit https://cis-india.org/internet-governance/blog/governance-now-elonnai-hickok-another-step-towards-privacy-law-data-protection

Anonymous joins protests against Internet shutdown in Kashmir

praskrishna — 2013-03-01T04:46:06Z

Hacktivist group Anonymous joined thousands of others to protest the shutdown of internet services in Kashmir for the fourth consecutive day by authorities after the hanging of Afzal Guru, a key accused in the Parliament attack case.

Indu Nandakumar's article was published in the Economic Times on February 12, 2013. Sunil Abraham is quoted.

Anonymous, which shot to fame in India after it brought down the websites of the Supreme Court and Congress Party last year, on Tuesday expressed its support to the people of Kashmir until the ban on internet and media services are lifted.

"We stand with # Kashmiras it comes to the end of its 3rd day under curfew. The comms blockade will fall. We are with you. # KashmirNow," a message posted on one of the Twitter accounts of Anonymous read.

Another Twitter account of the same group said, "#OpKashmir - Lift the media and internet blackout in #Kashmir".

Mobile internet services were suspended across Kashmir Valley on Saturday after the hanging of Afzal Guru in New Delhi. Online protests gathered steam by evening and thousands took to Twitter to express their anger censorships and blockades.

A senior official from the Department of Telecom, which had last year ordered the blocking of several Twitter accounts and websites, said internet services were blocked to avoid any further escalation of violence in Kashmir. But internet experts said a ban of communication services do not result in peace, instead it curtails the basic right of citizens to exchange messages.

"Government can ban certain class of messages and certain class of users, but definitely not a blanket ban of all services," said Sunil Abraham, executive director of Bangalore-based research organisation, the Centre for Internet and Society.

Essential commodities such as medicines, newspapers etc too are in short supply in Kashmir, where three people died and over 50 were injured in clashes since Saturday.

Anonymous has also been posting photographs from the region. One of the Twitter accounts of the group, @ anon_warlockon Tuesday tweeted, "A gag has been put on everything, information at best is trickling down".

Last year, Anonymous, known for its use of Guy Fawkes masks, had organised rallies across Indian cities to protest internet censorship after India's Department of Telecom blocked over 250 websites and 30 Twitter accounts for posting communal images and videos that led to people from Northeast exit Bangalore and a few other Indian cities.

"Internet service providers in the Valley were asked by officials in the Ministry of Home Affairs to switch off connectivity on Saturday morning. There has been no further communication from the Ministry until now and we don't expect any withdrawal in the next few days," a senior industry executive with direct knowledge of the matter told ET. He added that any decision on withdrawal of the ban will be taken only after the MHA and intelligence officials take stock of the situation.

Centre of Internet's Abraham said he was not sure if messages on social media were being taken seriously by the government. "Research shows that during the times of public disruption, ban of communication services will only make things worse. Enlightened governments should know this and act accordingly."

For more details visit https://cis-india.org/news/economic-times-feb-12-2013-indu-nandakumar-anonymous-joins-protests-against-internet-shutdown-in-kashmir

Anonymous India’s Takedowns Could Be Counterproductive

praskrishna — 2012-06-18T06:05:13Z

Nikhil Pahwa's blog post was published in Medianama on June 6, 2012.

As I write this, Anonymous India has apparently taken down MTNL’s website, citing the ISPs decision to block sites, without apparently being quite aware why it is doing that. Last night, the collective claimed to have taken down the website of the ISPAI, India’s ISP Association. Last Saturday, there were discussions on the groups IRC to take down the website for the Ministry of Company Affairs. So far, it has taken down websites for the Andhra Pradesh Power Generation Corporation Limited, All Indian Trinamool Congress (AITMC), as well as several websites related to the Mizoram government, apart from accessing and publishing server logs from Reliance Communications.

Anonymous India’s activities do help: they increase awareness of India’s war on the Internet, both by the government through legislation and censorship, and by movie producers and copyright owners through takedown notices and John Doe orders. There still remain citizens online who aren’t aware of why they aren’t able to access legitimate content – last night, someone from the books publishing industry asked me why she wasn’t able to access the video in this post on ‘Designing for the Future Book‘ on her Airtel connection. The video is hosted on Vimeo, which remains blocked in India. Now she knows why.

Anonymous India has also shed light on what all is being blocked by sharing what are allegedly Reliance Communications’ logs on blocks. These logs suggest that ISPs were going beyond the mandate given to them by the courts and the government. It’s also clear that ISPs aren’t protecting the rights of their customers, and are implementing blocks either in a ham-handed manner, or in a manner that suits them or their related companies. They are as much to blame as those getting the orders issued, and so there is undoubtedly some schadenfreude in seeing both government and ISP websites taken down by Anonymous India.

Still, you have to wonder about how the powers that be will react to this situation: no government will show that it is bucking under what it perceives to be cyber terrorism: it’s not just an ego thing; there is also a legitimate fear that if the government is seen as buckling under such attacks, it would lead to cyber attacks whenever there is something that warrants a protest. The attacks by Anonymous could be counterproductive for two other reasons: firstly, because the natural reaction to any kind of attack is to increase spending and changes in laws. While India is already spending on surveillance and identification, cyberattacks will justify these spends, make the case for more, and lead to more changes in government policy.

The second reason is that these attacks could lead to the undoing of a lot of work done by activists for Internet freedom. The Software Freedom Law Center, Centre For Internet and Society, Avaaz, Change.org, The Internet Democracy Project, and many many others have spent many months reaching out to and educating parliamentarians and the lawmakers of the country on issues related to the draconian IT Rules. The IT Rules have resulted in websites and ISPs censoring content online when they have been send unfair and flawed takedown notices, and they need to be changed. The cyberattacks could once again be used by the Home Ministry and those at CERT-IN to justify continuing with such draconian rules, and especially since many MP’s are not aware of the nuances of the potential for misuse; some MPs (I’ve observed) appear to be choosing to be on the fence on this, either on account of lack of interest or lack of depth of understanding.

Activities that bring more information on the blocks to light help strengthen the case for more specificity in court orders by highlighting misuse by copyright owners and ISPs, and also for modification in the IT Rules. Taking down sites weakens it.

Click to read the original here

For more details visit https://cis-india.org/news/anonymous-indias-takedowns-could-be-counterproductive

Annual Conference on Human Rights 2012

praskrishna — 2013-01-07T10:47:00Z

Malavika Jayaram participated in this conference as a panelist in this event organised by Estonia and Google.

Read the original published by Estonian Institute of Human Rights on December 9, 2012.

Monday, December 10, 2012

09:30-10:00 Registration of participants

10:00-11:00 Opening session

Welcoming remarks:	Hanno Pevkur, Minister of Social of Affairs
Presentation of the Report on Human Rights in Estonia:	Mart Nutt, MP, Member of Supervising Board of Estonian Institute of Human Rights Karin Reivart, Research Manager, Turu-uuringute AS
Moderator:	Vootele Hansen, Chairman of Estonian Institute of Human Rights

11:00 – 12:40 Session 1

Human Rights and Security: Protecting victims and providing justice

In the modern world, the vast majority of casualties in armed conflicts are civilians. How should the international community react to human rights violations in conflict zones? Could a conflict exist between the requirements of peace on the one hand and justice, on the other? How can we implement the concept of Responsibility to Protect in practice? How does the promotion of human rights influence the ability of Western nations and institutions to interact with the rest of the world?

Keynote speech:	Stephen J. Rapp, United States Ambassador-at-Large for War Crimes Issues in the Office of Global Criminal Justice.
Panelists:	Anthony Dworkin, European Council on Foreign Relations, Senior Policy Fellow Gentian Zyberi, University of Oslo, Norwegian Centre for Human Rights, Associate Professor Jeffrey D. Levine, United States Ambassador in Estonia
Moderator:	Riina Kionka, Head of Central Asia Division, European External Action Service; former Personal Representative for Human Rights in the area of CFSP for SG/HR

12:40 – 14:00 Lunch

14:00 – 15:40 Session 2

Human Rights and the Internet: Shuting down the Internet, shuting up the world

UN Human Rights Council Resolution L13 (6 July 2012) stresses that human rights must also be guaranteed in cyberspace. There is no doubt that the Internet has become an important resource for acquiring information, disseminating points of view and creating networks. Restricting Internet freedom also poses a direct threat to human rights. The panel will discuss these threats: who wants to restrict the Internet? Why and how are they doing it? How should we respond?

Keynote speech:	Dunja Mijatovic, OSCE Representative on Freedom of the Media
Panelists:	Toomas Hendrik Ilves, President of Estonia Thomas Zerdick, policy officer, DG Justice, European Commission Malavika Jayaram, Fellow at the Centre for Internet and Society, India David Mothander, Google Nordic Policy Counsel
Moderator:	Dr Katrin Merike Nyman-Metcalf, Tallinn University of Technology, member of the Council of Estonian Human Rights Centre

15:40 – 16:10 Coffee break

16:10 – 17:50 Session 3

Contemporary Human Rights Challenges in a Changing Global Balance of Power

The panel will focus on the role of human rights policy in the changing international environment. Does the shift in global power away from the West force a system based on democracy, human rights and the rule of law onto the defensive? How do we promote our values while engaging with authoritarian countries? Should human rights policy consider local needs and conditions?

Panelists:	Anna Sevortian, Director of Human Rights Watch´s Russia Office Frank Johansson, Director of Amnesty International´s Finland Office Douglas Davidson, US State Department Special Envoy for Holocaust Issues; former Head of the OSCE Mission to Bosnia and Herzegovina Dr Anja Mihr, Netherlands Institute of Human Rights, Associate Professor
Moderator:	Hannes Hanso, Researcher, International Centre for Defence Studies

17:50 – 18:00 Conclusions

Dr Mart Nutt, MP, Member of Supervising Board of EIHR

18:30 – 21:30 Dinner, hosted by the President of Estonia, Toomas Hendrik Ilves

The dinner will be the Swissôtel Tallinn (6. floor).

N.B! The organiser reserves the right to make changes in the programme and the presenters

For more details visit https://cis-india.org/news/estonian-institute-of-human-rights-december-9-2012-annual-conference-on-human-rights-2012

We are anonymous, we are legion

April 2012 Bulletin

Internet Governance

Google Policy Fellowship

Announcement

Op-ed in the Hindu

Columns in the Indian Express

Event Reports

Events Organised

Events Participated

Video

Media Coverage

Digital Natives

Public Lecture

Book Review...a few excerpts

Accessibility

Event Report

New Fellow at CIS

Access to Knowledge

New Event

News & Media Coverage

Openness

Event Reports and Video

Events Organised

Telecom

Column in Business Standard

About CIS

Follow us elsewhere

April 2011 Bulletin

Researchers@Work

Workshops organised in Bangalore

Digital Natives with a Cause?

Columns on Digital Natives

Digital Natives Newsletter

New Blog Entry by Samuel Tettner

Accessibility

Workshop organised in Hyderabad

Openness

Submission

New Blog Entry

Internet Governance

Featured

New Blog Entries

Study Tour

Featured Research

Interview

Workshops organized in Ahmedabad and Bangalore

New Blog Entries

Telecom

Column

News & Media Coverage

Follow us elsewhere

April 2010 Bulletin

News Updates

Research

Advocacy

Accessibility

Intellectual Property

Openness

Internet Governance

Telecom

Other Advocacy

Apps can give personal information to strangers

Any failure to resolve the Kashmir problem could lead the South Asia to a nuclear disaster

Anvar v. Basheer and the New (Old) Law of Electronic Evidence

The case

The hearsay rule

Hearsay in documents

Electronic documents

New provisions for electronic records

Non-use of the special provisions

Flawed justice and political expediency in wiretap cases

Returning sanity to electronic record evidence, but at a price

Video

Anushka finds support for her anti-litter tirade

Anti-trafficking Bill may lead to censorship

Anti-Spam Laws in Different Jurisdictions: A Comparative Analysis

Anti-Social Network

Anti-harassment app wins hackathon for women

Another Step towards Privacy Law