We are anonymous, we are legion

The Internet Way

nishant — 2014-02-14T06:59:48Z

Dr. Nishant Shah's review of the book “The Everything Store: Jeff Bezos and the Age of Amazon” by Bantam Press/Random House Group, London was published in Biblio Vol. 19 No.8 (1&2), January – February 2014.

Click to download the file (PDF, 2436 Kb). Dr. Nishant Shah's review can be found on page 16.

The Age of Amazon’ is not just the title of a book, it is a retrospective on the history of e-commerce as well as a prophecy for the shape of things to come. In his meticulously reported book, Brad Stone takes us through the roller coaster ride of the ‘Everything Store’ that Amazon has become, building a gripping tale of an idea that has become synonymous to the world of online shopping in just over two decades.

The book reads well as a biopic on the visionary lunacy of Jeff Bezos, the founder of Amazon, as well as a gripping tale of how ideas grow and develop in the digital information age. Stone is an expert storyteller, not only because of his eye for the whimsical, the curious and the enchantment of the seemingly banal, but also because of his ability to question his own craft.

At the very outset, Stone warns us that the book has been compiled through workers at employee, but not Bezos himself. This helps Stone separate the maker from the brand — unlike Steve Jobs who became the cult icon for Apple, Bezos himself has never become the poster child of his brand, allowing

Amazon to become not only an everything store but everybody store. But it means that Stone’s task was to weave together the personal biography of Bezos, his dramatic journey through life with the tumultuous and adventurous inception and growth of Amazon, and his skill lies in the meeting of the twines, which he does with style, ease and charm.

One of the easiest accusations to throw at a book like this is to state that it reduces the murky, blurred, messy and incoherent set of events into a narrative that establishes causes and attributes design and intention where none existed. However, Stone was confronted with the idea of ‘Narrative Fallacy’ — a concept coined by Nassim Nicholas Taleb in his Black Swan, referring to the tendency of human beings to reduce complex phenomenon to “soothing but oversimplified stories”. In fact, the challenge to not reduce the book to a series of connected anecdotes was posed by Bezos when Stone pitched the book to him. And what has emerged is a book about accidents, serendipity, risk, redundancy, failure charting the ineffable, inscrutable and inexplicable ways in which digital technologies are shaping the worlds we live in.

With the rigour and journalistic inquiry that Stone has displayed in his regular writings in The Businessweek, The Everything Store has stories which are as memorable as they are unexpected. Stone does a fantastic job of charting Bezos’ life — from tracking down the lost father who had no idea what his son, who he had abandoned at age three, has become, to the chuckleworthy compilation of Bezos’ favourite quotes (Stone calls it his ‘greatest hits’), the book is filled with pointed and poignant observations and stories that give us an idea of the extraordinary life of Jeff Bezos. But unlike the expected character creation of a mad genius, what you get is the image of a man who lived in contradictions: wedded to his internal idea of truth but also ruthless in his business policies which were predatory and competitive to say the least; a businessman who once wrote a memo titled ‘Amazon.love’ about how he wanted a company to be “loved not feared” but also used the metaphor of a “cheetah preying on the gazelles” in its acquisition of smaller businesses; a man who thought of himself as a “missionary rather than a mercenary” and yet built a business empire that embodies some of the most discriminatory, exploitative and stark conditions of adjunct, adhoc, underpaid and contract-based labour of our precariously mobile worlds.

Stone is masterful as he segues from Bezos’ personal life and ambitions into the monomaniacal and turbulent trajectory of Amazon. Amazon is not a simple success story. It tried and failed at many things, but what remains important is how, it failed at the traditional way of doing things and succeeded at the internet way of thinking. So when Amazon failed, it was not a failure to succeed, but a failure that resulted because the infrastructure needed to make it succeed was not yet in place. Stone’s narrative that effortlessly takes us through the economics, trade, policies, regulation, administration and struggles of Amazon, shows how it was a company that had to invent the world it wanted to succeed in, in order to succeed. In many ways, the book becomes not only about Amazon and its ambitions to sell everything from A-Z, but about how it built prototypes for the rest of the world so that it could become relevant and rule.

But the book is not a Martin-Scorsese-type homage to the scoundrel or the villain. While it is imbued up and spit you out. And if you are good, he will jump on your back and ride you into the ground.” Or as Stone himself suggests, that is the way the company is going to grow “until either Jeff Bezos exits the scene or no one is left to stand in his way”. This policy of taking everything from its employees and channelling it to the relentless growth of the company accounts for not only the high attrition rate of top executives but also the growing controversies about work and labour conditions in Amazon warehouses and on-the-ground delivery services.

Stone’s book does not go into great detail about the new work force that companies like Amazon produce — a work force that is reduced to being a cog in a system, performing mechanical tasks, working at minimal wage, and without the protections that are offered to the white collar high-level technology executives that are the popup children of the digital trade. Stone reminds us that behind the incredible platform that Amazon is, is a massive physical infrastructure which almost reminds us of the early industrial days where the labourer was in a state of exploitation and precariousness. And even as we celebrate the rise of these global behemoths, we might forget that behind the seductive interfaces and big data applications, that under the excitement of drone-based delivery systems and artificial intelligence that will start delivering things even before you place the order, is a system that pushes more and more workers in unprotected and exploitative work conditions.

All in all, The Everything Store is a little bit like Amazon itself. It is a love story of a man with his ideas, and how the rest of the world has shifted, tectonically, to accommodate these eruptions. In its historical retrospective, it shows us the full scope of the ideas and possibilities that inform Amazon, and thus the future that it is going to build for us. And with masterful craftsmanship, Brad Stone writes that it is as much about the one man and his company, as it is about the physical and affective infrastructure of our rapidly transforming digital worlds.

For more details visit https://cis-india.org/internet-governance/blog/biblio-january-february-volume-ix-8-nishant-shah-the-internet-way

The Internet Has a New Standard for Censorship

jyoti — 2016-01-30T09:17:54Z

The introduction of the new 451 HTTP Error Status Code for blocked websites is a big step forward in cataloguing online censorship, especially in a country like India where access to information is routinely restricted.

The article was published in the Wire on January 29, 2016. The original can be read here.

Ray Bradbury’s dystopian novel Fahrenheit 451 opens with the declaration, “It was a pleasure to burn.” The six unassuming words offer a glimpse into the mindset of the novel’s protagonist, ‘the fireman’ Guy Montag, who burns books. Montag occupies a world of totalitarian state control over the media where learning is suppressed and censorship prevails. The title alludes to the ‘temperature at which book paper catches fire and burns,’ an apt reference to the act of violence committed against citizens through the systematic destruction of literature. It is tempting to think about the novel solely as a story of censorship. It certainly is. But it is also a story about the value of intellectual freedom and the importance of information.

Published in 1953, Bradbury’s story predates home computers, the Internet, Twitter and Facebook, and yet it anticipates the evolution of these technologies as tools for censorship. When the state seeks to censor speech, they use the most effective and easiest mechanisms available. In Bradbury’s dystopian world, burning books did the trick; in today’s world, governments achieve this by blocking access to information online. The majority of the world’s Internet users encounter censorship even if the contours of control vary depending on the country’s policies and infrastructure.

Online censorship in India

In India, information access blockades have become commonplace and are increasingly enforced across the country for maintaining political stability, for economic reasons, in defence of national security or preserving social values. Last week, the Maharashtra Anti-terror Squad blocked 94 websites that were allegedly radicalising the youth to join the militant group ISIS. Memorably, in 2015 the NDA government’s ham-fisted attempts at enforcing a ban on online pornography resulted in widespread public outrage. Instead of revoking the ban, the government issued yet another vaguely worded and in many senses astonishing order. As reported by Medianama, the revised order delegates the responsibility of determining whether banned websites should remain unavailable to private intermediaries.

The state’s shifting reasons for blocking access to information is reflective of its tendentious attitude towards speech and expression. Free speech in India is messily contested and normally, the role of the judiciary acts as a check on the executive’s proclivity for banning. For instance, in 2010 the Supreme Court upheld the Maharashtra High Court’s decision to revoke the ban on the book on Shivaji by American author James Laine, which, according to the state government, contained material promoting social enmity. However, in the context of communications technology the traditional role of courts is increasingly being passed on to private intermediaries.

The delegation of authority is evident in the government notifying intermediaries to proactively filter content for ‘child pornography’ in the revised order issued to deal with websites blocked as result of its crackdown on pornography. Such screening and filtering requires intermediaries to make a determination on the legality of content in order to avoid direct liability. As international best practices such as the Manila Principles on Intermediary Liability point out, such screening is a slow process and costly and intermediaries are incentivised to simply limit access to information.

Blocking procedures and secrecy

The constitutional validity of Section 69A of the Information Technology Act, 2008 which grants power to the executive to block access to information unchecked, and in secrecy was challenged in Shreya Singhal v. Union of India. Curiously, the Supreme Court upheld S69A reasoning that the provisions were narrowly-drawn with adequate safeguards and noted that any procedural inconsistencies may be challenged through writ petitions under Article 226 of the Constitution. Unfortunately as past instances of blocking under S69A reveal the provisions are littered with procedural deficiencies, amplified manifold by the authorities responsible for interpreting and implementing the orders.

Problematically, an opaque confidentiality criteria built into the blocking rules mandates secrecy in requests and recommendations for blocking and places written orders outside the purview of public scrutiny. As there are no comprehensive list of blocked websites or of the legal orders, the public has to rely on ISPs leaking orders, or media reports to understand the censorship regime in India. RTI applications requesting further information on the implementation of these safeguards have at best provided incomplete information.

Historically, the courts in India have held that Article 19(1)(a) of the Constitution of India is as much about the right to receive information as it is to disseminate, and when there is a chilling effect on speech, it also violates the right to receive information. Therefore, if a website is blocked citizens have a constitutional right to know the legal grounds on which access is being restricted. Just like the government announces and clarifies the grounds when banning a book, users have a right to know the grounds for restrictions on their speech online.

Unfortunately, under the present blocking regime in India there is no easy way for a service provider to comply with a blocking order while also notifying users that censorship has taken place. The ‘Blocking Rules’ require notice “person or intermediary” thus implying that notice may be sent to either the originator or the intermediary. Further, the confidentiality clause raises the presumption that nobody beyond the intermediaries ought to know about a block.

Naturally, intermediaries interested in self-preservation and avoiding conflict with the government become complicit in maintaining secrecy in blocking orders. As a result, it is often difficult to determine why content is inaccessible and users often mistake censorship for technical problem in accessing content. Consequently, pursuing legal recourse or trying to hold the government accountable for their censorious activity becomes a challenge. In failing to consider the constitutional merits of the confidentiality clause, the Supreme Court has shied away from addressing the over-broad reach of the executive.

Secrecy in removing or blocking access is a global problem that places limits on the transparency expected from ISPs. Across many jurisdictions intermediaries are legally prohibited from publicising filtering orders as well as information relating to content or service restrictions. For example in United Kingdom, ISPs are prohibited from revealing blocking orders related to terrorism and surveillance. In South Korea, the Korean Communications Standards Commission holds public meetings that are open to the public. However, the sheer volume of censorship (i.e. close to 10,000 URLs a month) makes it unwieldy for public oversight.

As the Manila Principles note, providing users with an explanation and reasons for placing restrictions on their speech and expression increases civic engagement. Transparency standards will empower citizens to demand that companies and governments they interact with are more accountable when it comes to content regulation. It is worth noting, for conduits as opposed to content hosts, it may not always be technically feasible for to provide a notice when content is unavailable due to filtering. A new standard helps improve transparency standards for network level intermediaries and for websites bound by confidentiality requirements. The recently introduced HTTP code for errors is a critical step forward in cataloguing censorship on the Internet.

A standardised code for censorship

On December 21, 2015, the Internet Engineering Standards Group (IESG) which is the organisation responsible for reviewing and updating the internet’s operating standards approved the publication of 451-’An HTTP Status Code to Report Legal Obstacles’. The code provides intermediaries a standardised way to notify users know when a website is unavailable following a legal order. Publishing the code allows intermediaries to be transparent about their compliance with court and executive orders across jurisdictions and is a huge step forward for capturing online censorship. HTTP code 451 was introduced by software engineer Tim Bray and the code’s name is an homage to Bradbury’s novel Fahrenheit 451.

Bray began developing the code after being inspired by a blog post by Terence Eden calling for a censorship error code. The code’s official status comes after two years of discussions within the technical community and is a result of campaigning from transparency and civil society advocates who have been pushing for clearer labelling of internet censorship. Initially, the code received pushback from within the technical community for reasons enumerated by Mark Nottingham, Chair of the IETF HTTP Working Group in his blog. However, soon sites began using the code on an experimental and unsanctioned basis and faced with increasing demand for and feedback, the code was accepted.

The HTTP code 451 works as a machine-readable flag and has immense potential as a tool for organisations and users who want to quantify and understand censorship on the internet. Cataloguing online censorship is a challenging, time-consuming and expensive task. The HTTP code 451 circumvents confidentiality obligations built into blocking or licensing regimes and reduces the cost of accessing blocking orders.

The code creates a distinction between websites blocked following a court or an executive order, and when information is inaccessible due to technical errors. If implemented widely, Bray’s new code will help prevent confusion around blocked sites. The code addresses the issue of the ISP’s misleading and inaccurate usage of Error 403 ‘Forbidden’ (to indicate that the server can be reached and understood the request, but refuses to take any further action) or 404 ‘Not Found’ (to indicate that the requested resource could not be found but may be available again in the future).

Adoption of the new standard is optional, though at present there are no laws in India that prevent intermediaries doing so. Implementing a standardised machine-readable flag for censorship will go a long way in bolstering the accountability of ISPs that have in the past targeted an entire domain instead of the specified URL. Adoption of the standard by ISPs will also improve the understanding of the burden imposed on intermediaries for censoring and filtering content as presently, there is no clarity on what constitutes compliance. Of course, censorious governments may prohibit the use of the code, for example by issuing an order that specifies not only that a page be blocked, but also precisely which HTTP return code should be used. Though such sanctions should be viewed as evidence of systematic rights violation and totalitarian regimes.

In India where access to software code repositories such as Github and Sourceforge are routinely restricted, the need for such code is obvious. The use of the code will improve confidence in blocking practices, allowing users to understand the grounds on which their right to information is being restricted. Improving transparency around censorship is the only way to build trust between the government and its citizens about the laws and policies applicable to internet content.

For more details visit https://cis-india.org/internet-governance/blog/the-wire-jyoti-panday-january-29-2016-internet-has-a-new-standard-for-censorship

The Internet and Illusions of Space and Liberty

sachia — 2011-04-05T04:40:05Z

Talk by Kiran Sahi

The Centre for Internet and Society invites you to a talk by Kiran Sahi on 'The Internet and Illusions of Space and Liberty'. Kiran will use this talk as an opportunity to look at the parallels that can be drawn between the spatial elements of the mind, corporal physical space, and the virtual domains of the internet. Reflecting on the roles of these parallel domains, we can discuss how dissident elements within society, traditionally found in geographical wildernesses, have found new opportunities for freedom in the realms of the internet. The talk will also explore the idea of the internet as a heterotopia, a safe space for displaced realities, and the pressures which make it adopt a panoptic structure.

Speaker

Kiran Sahi is is a designer and educator working from his home in a village north of Bangalore. His work involves presenting and interpreting the changing socio-political geography of his locality for teachers and students visiting from international academic institutions and education authorities. He also advises on local education development projects. Kiran works as a consultant design faculty, teaching materials and sculptural design, and runs a ceramic studio that produces large scale ceramic murals for public spaces. His previous work has involved exploring cultural narratives and their visual representations. He has been interested in exploring the possibilities of a collaborative community based business involving professional designers and local craftsmen.

Time and Date

Saturday, 7 March, 2009; 5.00-6.30 pm

Venue

Centre for Internet and Society, No. D2, 3rd Floor, Sheriff Chambers, 14, Cunningham Road, Bangalore - 560052

Map

For a map, please click here.

For more details visit https://cis-india.org/events/the-internet-and-illusions-of-space-and-liberty

The India Privacy Monitor Map

maria — 2013-10-09T16:26:14Z

The Centre for Internet and Society has started the first Privacy Watch in India! Check out our map which includes data on the UID, NPR and CCTNS schemes, as well as on the installation of CCTV cameras and the use of drones throughout the country.

In a country of twenty-eight diverse states and seven union territories, it remained unclear to what extent surveillance, biometric and other privacy-intrusive schemes are being implemented. We are trying to make up for this by mapping out data in every single state in India on the UID, CCTNS and NPR schemes, as well as on the installation of CCTV cameras and the use of Unmanned Aerial Vehicles (UAVs), otherwise known as drones.

In particular, the map in its current format includes data on the following:

UID: The Unique Identification Number (UID), also known as AADHAAR, is a 12-digit unique identification number which the Unique Identification Authority of India (UIDAI) is currently issuing for all residents in India (on a voluntary basis). Each UID is stored in a centralised database and linked to the basic demographic and biometric information of each individual. The UIDAI and AADHAAR currently lack legal backing.

NPR: Under the National Population Register (NPR), the demographic data of all residents in India is collected on a mandatory basis. The Unique Identification Authority of India (UIDAI) supplements the NPR with the collection of biometric data and the issue of the AADHAAR number.

CCTV: Closed-circuit television cameras which can produce images or recordings for surveillance purposes.

UAV: Unmanned Aerial Vehicles (UAVs), otherwise known as drones, are aircrafts without a human pilot on board. The flight of a UAV is controlled either autonomously by computers in the vehicle or under the remote control of a pilot on the ground or in another vehicle. UAVs are used for surveillance purposes.

CCTNS: The Crime and Criminal Tracking Networks and Systems (CCTNS) is a nationwide networking infrastructure for enhancing efficiency and effectiveness of policing and sharing data among 14,000 police stations across India.

Our India Privacy Monitor Map can be viewed through the following link: http://cis-india.org/cisprivacymonitor

This map is part of on-going research and will hopefully expand to include other schemes and projects which are potentially privacy-intrusive. We encourage all feedback and additional data!

For more details visit https://cis-india.org/internet-governance/blog/india-privacy-monitor-map

The India Conference on Cyber Security and Cyber Governance

praskrishna — 2014-10-13T07:10:19Z

Following the success of CYFY 2013 the CYFY 2014 will be held from October 15 to 17, 2014 in New Delhi. The Centre for Internet and Society is a knowledge partner for this event and Sunil Abraham is participating as a panelist in the session "Privacy is Dead".

Click to download the event details. The event brochure can be downloaded here.

For more details visit https://cis-india.org/internet-governance/news/india-conference-cyber-security-and-cyber-governance

The Impact of Consolidation in the Internet Economy on the Evolution of the Internet

Akriti Bopanna and Gurshabad Grover — 2019-07-03T12:53:53Z

The Centre for Internet and Society in partnership with the Internet Society organized an event on the impact of consolidation in the Internet economy. It was divided into two roundtable discussions, the first one focusing on the policies and regulation while the latter dealt with the technical evolution of the Internet. This report contributed to the Internet Society’s 2019 Global Internet Report on Consolidation in the Internet Economy.

Edited by Swaraj Barooah, Elonnai Hickok and Vishnu Ramachandran. Inputs by Swagam Dasgupta

This report is a summary of the proceedings of the roundtables organized by the Centre for Internet and Society in partnership with the Internet Society on the impact of consolidation in the Internet economy. It was conducted under the Chatham House Rule, at The Energy and Resource Institute, Bangalore on the 29 June 2018 from 11AM to 4PM. This report was authored on 29 June 2018, and subsequently edited for readability on 25 June 2019. This report contributed to the Internet Society’s 2019 Global Internet Report on Consolidation in the Internet Economy.

The roundtables aimed to analyze how growing forces of consolidation, including concentration, vertical and horizontal integration, and barriers to market entry and competition would influence the Internet in the next 3 to 5 years.

To provide for sufficient investigation, the discussions were divided across two sessions. The focus of the first group was the impact of consolidation on applicable regulatory andpolicy norms including regulation of internet services, the potential to secure or undermine people’s ability to choose services, and the overall impact on the political economy. Thesecond discussion delved into the effect of consolidation on the technical evolution of the internet (in terms of standards, tools and software practices) and consumer choices (interms of standards of privacy, security, other human rights).

The sessions had participants from the private sector (2), research (4), government (1), technical community (3) and civil society organizations (6). Five women and eleven men constituted the participant list.

Click to download and read the full report

For more details visit https://cis-india.org/internet-governance/blog/akriti-bopanna-and-gurshabad-grover-july-3-2019-impact-of-consolidation-in-the-internet-economy-on-the-evolution-of-the-internet

The Idea of the Book

nishant — 2012-04-10T09:53:27Z

Its future lies in a trans-media format that is ever evolving, writes Nishant Shah in an article which was published in the Indian Express on April 8, 2012.

If you are a true bibliophile, you have long transcended making mortal judgements about books, based on insignificant factors such as plot, narrative, or writing style. A true bibliophile is in love with the form of the book — the joy that comes from the rustle of a turned page, the euphoria of holding a book in your arms, the satisfaction that rises from watching a tottering stack of books. For hardcore bibliomaniacs, the love is at a sub-molecular level, so to speak, finding their happiness and content in shapes of fonts, thickness of paper, methods of binding, imprints and meta-data that tells its own story. For all these true lovers of books, their affection goes beyond the content of the book. They love the book as an artefact, as an object of desire. It is as if there was a “bookness” to the book that they deeply appreciate.

It is these people, along with many others, who mourn the death of the book in the age of digital mass production. With the advent of the e-book and the ubiquitous presence of reading devices, many have announced the death of the book. The ‘dead-tree book’, as it is often derisively described in many circles, is a thing of the past. As we live in worlds of increasing interface, the surfaces we read on, the way we read, and the forms that we read have undergone a dramatic reconfiguration. Swype-and-touch has replaced turn-and-fold and the book as we know it, is growing extinct.

Professor Bruno Latour — one of the first theorists and critics of digital technologies, large-scale networks, and new methods of knowledge production — from Sciences Po in Paris, during his recent visit to Bangalore, suggested that instead of accepting the imminent death of the book and mourning its demise, it might be more fruitful to look at its future. The digital, he says, does not question the idea of the book, but merely the form. This, for me, is a fascinating idea. We often recognise the book as a form — something that is written, something that is bound, or something that is found in libraries. If you were to define a book, you would talk about the different kinds, shapes, colours and sizes of books but you won’t necessarily be able to explain it. This is because a book is only a material manifestation of a much larger idea and this is what we need to focus on.

The book has seen many transitions in its form from the pre-print, hand-written manuscripts by trained scribes to the print-on-demand paperbacks which can be assembled easily. Technologies have not threatened but actually helped it change, evolve and keep up with the times. When we think of the digital book and the possibilities it offers, these are much more exciting than the rather Luddite lament about how the book is dead.

In the digital medium, the future of multimedia narratives is convergence. An ability to tell stories, record knowledge, share information and make connections through a variety of media forms and styles changes the future of the book. Imagine a book that begins with a text, continues through music, blends into user-generated pictures and ends with a video. Imagine this book being written, not only in different media but also by different people, simultaneously, resulting in a layered palimpsest rather than a static page. Imagine each page and every word on the page not as a fixed thing but one of a series of alternatives. Imagine a book that is written as it is read, and no longer excludes print-challenged or differently-abled people from contributing to the writing, reading and sharing process.

A trans-media format would stay true to the democratic and inclusive vision of a book and correct the limitations of print. Such a book would also free knowledge and information from businesses — let’s not forget that the publishing and education system is a business — and allow a new audience to participate in knowledge production. This is not a mere fantasy. We already have new models such as mash-ups which give us a new logic to sort and store information. Imagine Facebook as a collaborative platform where different information can come together to supplement the traditional book. Wikipedia is a space of knowledge production, which might simulate the older encyclopaedia form, but it is written by unpaid contributors, collaboratively, even as the Encyclopaedia Britannica announces its last ever print publication.

The form of the book is going to change as it has over the last 500 years. However, the idea of the book — a receptacle that contains and records collective wisdom, information, ideas, knowledge, experiences and imagination of humankind – is here to stay. The digital book has to be understood not merely as a digitisation of an older book, but has to be imagined as a smorgasbord of possibilities which will revolutionise the form of the book and bring it closer to its intended vision. It is time indeed to announce, ‘The Book is Dead! Long Live the Book!’

Read the original from the Indian Express

For more details visit https://cis-india.org/internet-governance/idea-of-the-book

The I-MACX Summit & Demo Day (Spring 2015)

praskrishna — 2015-08-23T09:37:40Z

IIIT-B Innovation Center organized this event in Bangalore on June 18, 2015. Sunil Abraham participated as a speaker.

Programme

Time	Agenda
1.00 p.m.	Registration
1.15 p.m.	Welcome Address
1.30 p.m.	Keynote: “Solving Civic Issues through Technology Platforms” by Dr. Pramod Varma, Chief Architect – Technology, UIDAI
1.50 p.m.	Panel Discussion: “Opportunities and Challenges in Civic-Tech Startup Space” Ms. Radha Kizhanattam, Principal – Unitus Seed Fund Mr. Shyam Menon, Co-founder – Infuse Ventures Mr. Sunil Abraham, Executive Director – The Center for Internet & Society Mr. Rajith Shaji, Product Manager – Janaagraha Mr. VS Prakash, Director – Karnataka State Natural Disasters Monitoring Center (Retd.); Currently Registrar – IIIT Bangalore Mr. Syed Suhale Perveez, Senior Manager – Emergency Management Research Institute (108) Moderated by Dr. TK Srikanth, Professor – IIIT Bangalore
2.45 p.m.	Startups Pitch
3.55 p.m.	Vote of Thanks
4.00 p.m.	Investors – Startups discuss over High Tea Startups demonstrate their innovative solutions

About the Summit:

The I-MACX Summit is a civic-tech focused event that intends to bring together innovators from government and social organizations along with civic-minded startups, influencers, activists, investors and entrepreneurs.

The I-MACX Summit aims to not only bring out the opportunities and the challenges in the civictech space, but also showcase the offerings that are being created by the civic-tech startups nurtured at IIIT-B Innovation Center.

The I-MACX Summit, envisions itself as a thought-leadership forum that would delve into how the various players in the civic-tech ecosystem could potentially transform governance and society, using the emerging technologies (IOT, Data Analytics, Sensors, Mobile, Cloud).

For more details visit https://cis-india.org/internet-governance/news/icmax-summit-and-demo-day

The Humpty-Dumpty Censorship of Television in India

bhairav — 2015-11-29T08:37:53Z

The Modi government’s attack on Sathiyam TV is another manifestation of the Indian state’s paranoia of the medium of film and television, and consequently, the irrational controlling impulse of the law.

The article originally published in the Wire on September 8, 2015 was also mirrored on the website Free Speech/Privacy/Technology.

It is tempting to think of the Ministry of Information and Broadcasting’s (MIB) attack on Sathiyam TV solely as another authoritarian exhibition of Prime Minister Narendra Modi’s government’s intolerance of criticism and dissent. It certainly is. But it is also another manifestation of the Indian state’s paranoia of the medium of film and television, and consequently, the irrational controlling impulse of the law.

Sathiyam TV’s transgressions

Sathiyam’s transgressions began more than a year ago, on May 9, 2014, when it broadcast a preacher saying of an unnamed person: “Oh Lord! Remove this satanic person from the world!” The preacher also allegedly claimed this “dreadful person” was threatening Christianity. This, the MIB reticently claims, “appeared to be targeting a political leader”, referring presumably to Prime Minister Modi, to “potentially give rise to a communally sensitive situation and incite the public to violent tendencies.”

The MIB was also offended by a “senior journalist” who, on the same day, participated in a non-religious news discussion to allegedly claim Modi “engineered crowds at his rallies” and used “his oratorical skills to make people believe his false statements”. According to the MIB, this was defamatory and “appeared to malign and slander the Prime Minister which was repugnant to (his) esteemed office”.

For these two incidents, Sathiyam was served a show-cause notice on 16 December 2014 which it responded to the next day, denying the MIB’s claims. Sathiyam was heard in-person by a committee of bureaucrats on 6 February 2015. On 12 May 2015, the MIB handed Sathiyam an official an official “Warning” which appears to be unsupported by law. Sathiyam moved the Delhi High Court to challenge this.

As Sathiyam sought judicial protection, the MIB issued the channel a second warning August 26, 2016 citing three more objectionable news broadcasts of: a child being subjected to cruelty by a traditional healer in Assam; a gun murder inside a government hospital in Madhya Pradesh; and, a self-immolating man rushing the dais at a BJP rally in Telangana. All three news items were carried by other news channels and websites.

Governing communications

Most news providers use multiple media to transmit their content and suffer from complex and confusing regulation. Cable television is one such medium, so is the Internet; both media swiftly evolve to follow technological change. As the law struggles to keep up, governmental anxiety at the inability to perfectly control this vast field of speech and expression frequently expresses itself through acts of overreach and censorship.

In the newly-liberalised media landscape of the early 1990s, cable television sprang up in a legal vacuum. Doordarshan, the sole broadcaster, flourished in the Centre’s constitutionally-sanctioned monopoly of broadcasting which was only broken by the Supreme Court in 1995. The same year, Parliament enacted the Cable Television Networks (Regulation) Act, 1995 (“Cable TV Act”) to create a licence regime to control cable television channels. The Cable TV Act is supplemented by the Cable Television Network Rules, 1994 (“Cable Rules”).

The state’s disquiet with communications technology is a recurring motif in modern Indian history. When the first telegraph line was laid in India, the colonial state was quick to recognize its potential for transmitting subversive speech and responded with strict controls. The fourth iteration of the telegraph law represents the colonial government’s perfection of the architecture of control. This law is the Indian Telegraph Act, 1885, which continues to dominate communications governance in India today including, following a directive in 2004, broadcasting.

Vague and arbitrary law

The Cable TV Act requires cable news channels such as Sathiyam to obey a list of restrictions on content that is contained in the Cable Rules (“Programme Code“). Failure to conform to the Programme Code can result in seizure of equipment and imprisonment; but, more importantly, creates the momentum necessary to invoke the broad powers of censorship to ban a programme, channel, or even the cable operator. But the Programme Code is littered with vague phrases and undefined terms that can mean anything the government wants them to mean.

By its first warning of May 12, 2015, the MIB claimed Sathiyam violated four rules in the Programme Code. These include rule 6(1)(c) which bans visuals or words “which promote communal attitudes”; rule 6(1)(d) which bans “deliberate, false and suggestive innuendos and half-truths”; rule 6(1)(e) which bans anything “which promotes anti-national attitudes”; and, rule 6(1)(i) which bans anything that “criticises, maligns or slanders any…person or…groups, segments of social, public and moral life of the country” (sic).

The rest of the Programme Code is no less imprecise. It proscribes content that “offends against good taste” and “reflects a slandering, ironical and snobbish attitude” against communities. On the face of it, several provisions of the Programme Code travel beyond the permissible restrictions on free speech listed in Article 19(2) of the Constitution to question their validity. The fiasco of implementing the vague provisions of the erstwhile section 66A of the Information Technology Act, 2000 is a recent reminder of the dangers presented by poorly-drafted censorship law – which is why it was struck down by the Supreme Court for infringing the right to free speech. The Programme Code is an older creation, it has simply evaded scrutiny for two decades.

The arbitrariness of the Programme Code is amplified manifold by the authorities responsible for interpreting and implementing it. An Inter-Ministerial Committee (IMC) of bureaucrats, supposedly a recommendatory body, interprets the Programme Code before the MIB takes action against channels. This is an executive power of censorship that must survive legal and constitutional scrutiny, but has never been subjected to it. Curiously, the courts have shied away from a proper analysis of the Programme Code and the IMC.

Judicial challenges

In 2011, a single judge of the Delhi High Court in the Star India case (2011) was asked to examine the legitimacy of the IMC as well as four separate clauses of the Programme Code including rule 6(1)(i), which has been invoked against Sathiyam. But the judge neatly sidestepped the issues. This feat of judicial adroitness was made possible by the crass indecency of the content in question, which could be reasonably restricted. Since the show clearly attracted at least one ground of legitimate censorship, the judge saw no cause to examine the other provisions of the Programme Code or even the composition of the IMC.

This judicial restraint has proved detrimental. In May 2013, another single judge of the Delhi High Court, who was asked by Comedy Central to adjudge the validity of the IMC’s decision-making process, relied on Star India (2011) to uphold the MIB’s action against the channel. The channel’s appeal to the Supreme Court is currently pending. If the Supreme Court decides to examine the validity of the IMC, the Delhi High Court may put aside Sathiyam’s petition to wait for legal clarity.

As it happens, in the Shreya Singhal case (2015) that struck down section 66A of the IT Act, the Supreme Court has an excellent precedent to follow to demand clarity and precision from the Programme Code, perhaps even strike it down, as well as due process from the MIB. On the accusation of defaming the Prime Minister, probably the only clearly stated objection by the MIB, the Supreme Court’s past law is clear: public servants cannot, for non-personal acts, claim defamation.

Censorship by blunt force

Beyond the IMC’s advisories and warnings, the Cable TV Act contains two broad powers of censorship. The first empowerment in section 19 enables a government official to ban any programme or channel if it fails to comply with the Programme Code or, “if it is likely to promote, on grounds of religion, race, language, caste or community or any other ground whatsoever, disharmony or feelings of enmity, hatred or ill-will between different religious, racial, linguistic or regional groups or castes or communities or which is likely to disturb the public tranquility.”

The second empowerment is much wider. Section 20 of the Cable TV Act permits the Central Government to ban an entire cable television operator, as opposed to a single channel or programmes within channels, if it “thinks it necessary or expedient so to do in public interest”. No reasons need be given and no grounds need be considered. Such a blunt use of force creates an overwhelming power of censorship. It is not a coincidence that section 20 resembles some provisions of nineteenth-century telegraph laws, which were designed to enable the colonial state to control the flow of information to its native subjects.

A manual for television bans

Film and television have always attracted political attention and state censorship. In 1970, Justice Hidayatullah of the Supreme Court explained why: “It has been almost universally recognised that the treatment of motion pictures must be different from that of other forms of art and expression. This arises from the instant appeal of the motion picture… The motion picture is able to stir up emotions more deeply than any other product of art.”

Within this historical narrative of censorship, television regulation is relatively new. Past governments have also been quick to threaten censorship for attacking an incumbent Prime Minister. There seems to be a pan-governmental consensus that senior political leaders ought to be beyond reproach, irrespective of their words and deeds.

But on what grounds could the state justify these bans? Lord Atkins’ celebrated war-time dissent in Liversidge (1941) offers an unlikely answer:

“When I use a word,’ Humpty Dumpty said in rather a scornful tone, ‘it means just what I choose it to mean – neither more nor less.’”

For more details visit https://cis-india.org/internet-governance/blog/the-wire-bhairav-acharya-humpty-dumpty-censorship-of-tv-in-india

The Historian Wins Over the Biographer

nishant — 2011-12-31T12:15:10Z

In Walter Isaacson's eponymous biography of Steve Jobs, the multibillion dollar man who is credited with single handedly changing the face of computing and the digital media industry, we face the dilemma of a biographer: how do you make sense of a history that is so new, it is still unfolding? Nishant Shah's detailed review of Steve Jobs' biography is now out in the Biblio and is is available online (after a free registration) as a PDF.

And how do you stitch it together around a person so iconic that he was always larger than life? Steve Jobs, the authorised story, that Steve Jobs never got to read because of his death to cancer on 5th October 2011, captures the tension between being a biographer and a historian that marks Isaacson's ambitious project. As a biographer, he hasn't yet achieved enough critical distance with the subject at hand, and hence, instead of engaging with Jobs to give us inroads into his mind, we get a history that dons the mantle of objectivity and accuracy, to create a eulogy that would fit Steve Jobs' journey from Apple II to Apps.

Written lucidly in a fairly conversational style reminiscent of Isaacson’s time spent with the Time Magazine, Steve Jobs is a story stitched together with love, care, rigour and honesty, to look at the times, people, places and circumstances that created the megalith icon Steve Jobs. Isaacson, whose earlier works include biographical histories of Benjamin Franklin (Simon & Schuster, 2003) and Albert Einstein (Simon & Schuster, 2008), confesses to his love of exploring the intersections of technology and humanity. He establishes Steve Jobs as a worthy successor in the series, using Jobs’ own description of himself – “I always thought of myself as a Humanities person as a kid, but I liked electronics” – as the springboard for writing this ambitious history.

Like a good historian, Isaacson refuses to take Jobs at face value, well aware of his ‘Reality Distortion Field’ that sucks you in even if you are aware of it, making reality appear in morphed forms. With a rigour that befits the project, he sets out in search of the historical truth using over a hundred interview sources comprised of influential people in Jobs’ life, an exhaustive riffling through the public discourse around Apple and its poster boy, a shrewd hand on the economic and technological pulse of the late 20th century and an uncanny ability to read between the lines. The result is a biography filled with tales that we know, stories that we speculated about, anecdotes about what we suspected.

In one of the most memorable interviews in the book, Isaacson interviews Debi Coleman, one of the early managers at Apple, who says, “He would shout at a meeting, ‘You ---hole, you never do anything right.’ ... Yet I consider myself the absolute luckiest person in the world to have worked with him.” Isaacson traces
this peculiar power that Jobs had over people in his life, to make them feel special and worthless at the same time, to Jobs’ own early knowledge of his adoption and of his oscillations between feeling “Abandoned. Special”. Isaacson shows how Jobs’ own life constantly referenced these two positions – from his dysfunctional relationships with women (the short story of how he got his girlfriend pregnant at 23 and then abandoned her, even denying paternity), to his long travels to India in search of spiritual belonging, and the lessons he learned from his adoptive father, who he hero-worshipped only to later realise that he was “smarter than him” — the adoption and its effects on his young mind, come up repeatedly. It serves as a way of understanding his abrasive attitude to authority, his rude and insensitive behaviour with colleagues and friends, and his strange fads at self improvement that ranged from fruitarian diets to extreme purging and fasting.

Steve Jobs offers a wide range of examples of his awful behaviour – the bullying, the belittling, the lying – till you are numbed by them. At the same time, there is a fanboy who takes us gleefully through the history that preceded the world of iPod, iPhone and iPad, with backstories of the known, the presumed and the plausible. The book quenches the thirst for information about one of the most private public figures and confirms the polarity, not only of Jobs’ dealings with the world, but also his own life and how he saw it. There is an explosion of facts – unknown facts – that entice you into reading the book, but facts alone do not a good biography make.

What is missing from the book, is insight. Throughout the book, while Jobs’ own dramatic life choices sustain your attention and interest, the author does not work too hard at either creating his own impressions of Jobs or at giving insight in more than the surface. There is no doubt that Isaacson is an expert historian— the most enjoyable parts of the book are when he looks at the histories that came together to create Jobs. Using his rich knowledge of the ’70s and the ’80s in the USA he portrays an enchanted universe of the hippy lifestyle, rebellious attitudes to authority, reforming education system, the transition from the analogue to digital technologies, and the heyday of creative experimentation enjoyed by a plush economy.

The layers of enchantment start fading when Isaacson lets go of the mantle of history and starts talking about the person he is studying. It is almost as if after having done his research on Jobs and then failing to invest in him as an author, he sought respite in writing history rather than giving us more of the person involved. Which is why, after reading the first half of the book, going through a series of strategic beginnings, looking at a wide range of people like Steve Wozniak, Nolan Bushnell, Andrea Cunningham, Daniel Kotke and Mike Markkula, one gets a feeling that you know more about these people than you know about Jobs. While each one of these characters, even in their cameo appearances, bring flavour, variety, complexity and emotionality to the tale, Jobs remains the “enlightened but cruel” person who, even as he grows and transforms, remains tied to that description. Jobs becomes an organising principal for making sense of the jumbled influences behind the making of Apple rather than a person we can know more about. He is often named as an enigma but there is very little effort put into actually exploring his mystery. The historian wins over the biographer in getting you more interested in the time-space continuum rather than in the person.

I don’t want you to go away with the idea that there is not much substance to Isaacson’s writing. With a fine pen (which could have done with a little reflexive editing — and I am sure this would have happened had the book been released as planned in January of next year instead of being brought forward to fill the void created by Jobs’ death), Isaacson does lead us into Jobs’ universe (if not into his head) in interesting ways. He paints little sketches of the past — like Jobs’ run-in with Bill Gates, like Apple’s rivalry with IBM, like Apple’s ‘stealing’ of the GUI (Graphic User Interface) ideas and technology from Xerox PARC, like the first Mac advertisement that posited Apple as the rebel against the ‘thought police’ in George Orwell’s dystopian epic 1984, or even in the parting of ways between the two Steves (Jobs and Wozniak). Isaacson knows how to tell even an oft-told story well and takes you through a simple but intricate narrative of how Jobs became the poster-boy of the company he founded and his eventual ousting from it as a result of his obnoxious behaviour and the obsessive compulsive personality that was affecting the productivity and business of Apple.

However, the second half of the book, separated with some poignant and memorable pictures from Jobs’ life, makes it clearer than ever that Isaacson’s interest in Jobs is not as a biographer but as a historian. It deals with Jobs’ ousting from Apple, his near bankrupt status as both Next and Pixar fell to bad days, and the eventual return of Jobs to the Apple empire not as the prodigal son but the ascendant angel. In pithy prose, Isaacson captures the turmoil, frustration and chaos that emerged when the brightest star of the computing industry almost collapsed in his own overambition. We get a sense of the ruthlessness, the hard heartedness and the short memory of a technology industry that is simultaneously unforgiving, forgetful and hinged on a business ethic of capital and market expansion. If Isaacson notices the irony of Jobs’ own firing of “B grade players” from his Macintosh project and the abrasive dismissal of “shitheads” that Jobs regularly engaged in, to feed his own sense of power and control, he doesn’t dwell on it.

The most dramatic rags-to-riches fairy tale of Jobs’ rise to power and his subsequent emergence as a tech superstar who changed the world as we know it with the iPod, iTunes, iPhone and iPad, in a quest to make his mark in history, is a lacklustre effort. The narrative is slow and sluggish, often making you want to skim through the page and move on. There is also a repeated emphasis on how Jobs was a visionary, was brilliant, was a man who, as he grew, was getting to deal with his life better, instead of an analysis of the different events that have marked Jobs’ public and personal life. The historian, when faced with the present just rushes through it to complete the book. Yet, the last interviews with Jobs, where he refers to himself as a machine, “one click, and it is all gone” are rich in emotions and texture. Isaascon does justice to Jobs’ belief in his being good “at making people talk”. There is a sense of closure that comes with angst, grief, pain and the feeling of loss that Jobs’ death must incite.

The discontent I am left with is that in what is being read as a homily to the man, there is very little of the man in it. I knew Steve Jobs, through the legends and stories that surround him, as an abrasive and arrogant whizkid who manipulated everybody around him ruthlessly to execute his own visions and dreams. I knew Steve Jobs, through the public discourse and rumours, as a flawed man who could be at once the best and the worst thing that could happen to you, using people as gods when he needed them and shattering them when he no longer needed them in his new visions. I knew Steve Jobs, through the grapevine and the gossip as a man who was obsessed with control and as one who sought spirituality in design and salvation in a good sale. I knew Steve Jobs as a bundle of contradictions and contrariness and while this book explains in fascinating ways the confluences that created this legend, it gives me very little in terms of understanding the man behind the mask.

The interwebz are already abuzz with the debates for or against Steve Jobs. There is surprise at how Isaacson waters down some of the personal and professional scuffles, often bordering on the unrelenting and the unethical, in his rendering of Jobs’ life. Speculation is rife about some of the more controversial decisions that Jobs took and whose side Isaacson is on. The book captures, comprehensively, so much of Jobs’ life that it is bound to lead to infinite discussion and critique. However, I would recommend that you read the book not as a biography but as a history. If you read it as a history where Steve Jobs features prominently, because, after all, histories are written by those who win, you will be rewarded richly. It is a history that offers innovative ways of looking at technology, one that maps one of the most crucial transitions of the 20th century from the analogue to the digital and shows how a handful of people have shaped the information age we live in. However, if you approach Steve Jobs as a way of understanding Steve Jobs, chances are you will feel short changed.

Read the original published in the Biblio VOL. XV NOS. 11 & 12, NOVEMBER- DECEMBER 2011

For more details visit https://cis-india.org/internet-governance/historian-wins-over-biographer

The High Level Privacy Conclave — Conference Report

natasha — 2012-04-30T09:46:12Z

Privacy India, the Centre for Internet and Society and the Society in Action Group, with support from IDRC and Privacy International, have spent 18 months studying the state of privacy in India, and conducting consultations across India in Kolkata, Bangalore, Ahmedabad, Guwahati, Chennai, and Mumbai. On February 3, 2012, a high-level conclave was held in New Delhi with representatives from government, industry, media, and civil society participating in the event. At the conclave the discussions were focused on Internet Privacy, National Security & Privacy, and the future of Privacy in India.

Rajan Gandhi, CEO, Society in Action Group, opened the conference with an explanation of the mandate of Privacy India, which is to raise awareness, spark civil action, and promote democratic dialogue around privacy challenges and violations in India. He raised the question of whether Indians are concerned about privacy, while citing examples of banking institutions and telecom service providers, who ask for information more than required, such as marital status, financial status, etc. Lastly, he stressed the need for legislation and awareness about right to privacy.

Panel 1: National Security and Privacy

Malavika Jayaram (Advocate, Bangalore) moderated the first panel discussion on “National Security and Privacy”. The panel comprised of Manish Tewari (Member of Parliament, Ludhiana), PK Hormis Tharakan (Former Chief of Research and Analysis Wing, Government of India), Gus Hosein (Executive Director, Privacy International, UK), Vakul Sharma (Advocate, Supreme Court), Eric King (Human Rights and Technology Advisor, Privacy International, UK), Amol Sharma (Journalist, Wall Street Journal).

Malavika Jayaram started the discussion by posing the question as to what in their view is ‘national security’ and when can it be cited by the government to intrude upon our privacy? In response, the panel gave multiple views while agreeing that it is an abstract term. Gus Hosein, in response said that national security does not only mean protecting the national border of a nation, but also protecting the rights of the citizen. He also noted that national security is always implemented in a top-down manner. Thus, unfortunately national security has become the stick, which is used to beat down on people’s right.
PK Hormis Tharakan defined national security as the security of people and property. National security includes all the efforts of the government to raise poor above the poverty line. He also stated that anything that hinders the process of alleviating poverty is a matter of ‘national security’.

Manish Tewari stated that there is a need for legislation to address the various issues of violation of privacy. Specifically, he addressed the need of an independent oversight committee to put a check on the unrestricted powers of the law enforcement and intelligence agencies and the practice of intercepting communications on the grounds of national security. He pointed out that the rules, formulated by the Supreme Court in PUCL v. Union of India on interception of communication, are rarely implemented, and the guidelines are implemented more as an exception rather than a rule. The interception of communication by intelligence agencies should be regulated for a larger national interest.

Manish Tewari also observed that there is a nationwide lack of understanding about new technologies and judges are very rarely technologically literate. This has created a situation in which the government's efforts to fight crime and terrorism by intercepting communications has horribly backfired. By building backdoors into communications systems to allow lawful access, and by restricting cryptography to a 40-bit limit, the authorities have created serious vulnerabilities in India's communications system that can be easily exploited by any malicious third party or foreign government.

Privacy Protection

The panel discussion then moved on to the various tools for protecting privacy such data encryption. Amol Sharma referred to the process followed in the USA for interception of communication. Surveillance in the United States can be carried out by government agencies only on the basis of a court order or a warrant. He noted that in the US regime there is at least an independent body that gives orders of interception of communication. In comparison, in India, the power to authorize wiretaps lies with the government.

Amol Sharma also pointed out that, there are at least 5000-7000 interception requests from the government, out of which only three to five per cent requests for interception of communication are for white-collar crime. He cited the example of the government asking Research in Motion to provide their encryption keys and also provide a room in their offices for the purpose of interception of communication. He stated that he was very skeptic that terrorists will be using Blackberry services for communication, considering that there are many more convenient and untraceable means available to them such as Skype. He asserted that there is need of legislation for regulation and restricting invasion of privacy. He said, “National security is not a free ticket for any kind of wiretap”.

Concerns about Third Party Intrusion

Eric King noted that national security exists so that individuals can protect themselves from any kind of intrusion. Interception of communication is not only limited to government, equipment for interception of mobile phone calls are easily available and also affordable. So any individual can intercept calls. The notion that interception is only limited to the state is not true, it can be carried out by individuals as well. Heavily criticizing the restriction on encryption in India, he said that the people should be given the power to protect their own privacy. He also harped on the possibility that not only citizens are at risk also government high officials and military personnel can be targeted due to the low level of encryption.

Contributing to the conversation, Manish Tewari pointed out that while trying to intercept the mobile phone calls of an individual, the State could listen in to anyone’s conversation within the vicinity; hence there are gross privacy violations.

Gus Hosein added that the problem lies at a more basic level. Governments generally order telecom companies to build back door for the purposes of interception. These vulnerabilities in the system are not only used by the government, but also may be misused by third parties. He cited an incident in Greece, where the government asked a telecom service provider to build backdoors into the system. A third party was able to access the back door, during the Athens Olympics, when security was of utmost importance. He also said, “If you build a system that allows the state to listen in to communications, you build national security vulnerability”. This was followed by a Question & Answer session. The issues raised during the Q&A session were:

Nature of consent given by the user to the telecom service provider. Taking into consideration that service providers have a duty to disclose the user data to the government on request. A situation which gives rise to a binary choice, either use the services or do not use it at all.
At the wake of breaches in cyber-security, the use of general consumer e-mails by high government officials causes serious threat to nation’s security.
Lack of technical know-how among the government officials.
If government is inept in handling technology, then are there any concerns about public private partnership and outsourcing of governmental duties. (For example, UID).
Collection and collation of information by organizations such as NATGRID. Are they vulnerable to misuse?

In the concluding statement of the first panel discussion, Gus Hosein, made the argument that there cannot be a balance between right to privacy and national security, as the former is an individual right and the latter a community right. Community interest will always take precedence over individual right. National security is always the excuse given by government for invading individual privacy.

Panel 2: Internet and Privacy

Sunil Abraham (Executive Director, The Centre for Internet and Society, Bangalore) moderated the second panel discussion on “Internet and Privacy”. The panel comprised of Deepak Maheshwari (Director, Corporate Affairs, Microsoft), Amitabh Das (General Counsel, Yahoo! India), Ramanjit Singh Chima (Sr. Policy Analyst, Google), Talish Ray (Board Member, Software Freedom Law Center), and Vinayak Godse (Director- Data Protection, DSCI).

Defining Privacy

Sunil Abraham asked the panel questions with respect to defining privacy in the context of physical privacy and spatial privacy. In response, Amitabh Das said that the right to privacy of individuals should be protected in a similar fashion online, as it is protected offline. Referring to safeguards under PUCL v. Union of India (SC, 1996), he observed that communication and behavior on the Internet should be free from monitoring and interception. The procedural safeguards offline should be also present online.

Key Escrow Regime

Deepak Maheshwari talked about the inconsistencies in the encryption standards in India. For example, in case of ISP licensees, there is a 40-bit restriction (symmetric key). In case of adopting higher-level encryption, the ISP has to take permission from the government and deposit both the keys to the government.

He also pointed that online railway ticket booking services use 128-bit encryption. RBI mandates 128-bit encryption for online banking transaction. SBI recommends 64-128 bit encryption. The multiple regulations make it impossible to abide by the rules.

Anonymity and Pseudonymity

Sunil Abraham, while setting the context to India, where the government has taken stringent measures to cut down on anonymity and pseudonymity, asked the question whether such a step is welcomed by the internet users as well as intermediaries. Ramanjit Singh Chima, in reply said that for any business, it is necessary to give what the user wants. Real identity provides a better platform for discussion. He also discussed the choices provided by Google, mainly search without login, encrypted searches so it gives the user to be anonymous. He also noted that there are legal as well as technical restraints as to anonymity on the Internet. He also cited the example of Korea, where the government mandated real name verification process for posting comments on the Internet. Google was not able to comply with this request and had to disable comment section in Korea.

Data Privacy

Vinayak Godse analyzed the issue of data privacy in detail. He stressed upon the need of data privacy law in the country for the outsourcing industries. The European Union (EU) data protection laws govern most of the clients of firms that outsource. EU considers India is not a data safe country due to lack of data privacy legislation. He suggested that the data privacy law should be pragmatic, light touch and should allow industry self-regulation.

Conclusion

The High Level Privacy Conclave discussed various issues related to Internet and privacy and national security and privacy. The various concerns raised by the stakeholders were helpful in understanding the problems related to privacy. The main concerns raised by the first panel were about the interaction and relation of national security to privacy. The major concerns around national security and privacy were of data encryption vis-à-vis surveillance by the State and third party intrusion. There was also an attempt made to understand and define national security in the context of its ambit and when can it be used by the State to access private information. The second panel discussed various aspects of privacy on the Internet. The panel included discussions on anonymity and data privacy on the Internet.

We thank the moderators, panelists and participants for making High Level Privacy a constructive and a fruitful session on privacy and it also gave us insight to understand the problems related privacy and a way forward for possible solutions.

Download the PDF (195 Kb)

Click for the agenda and speakers profile.

For more details visit https://cis-india.org/internet-governance/high-level-privacy-report

The High Level Privacy Conclave

Natasha Vaz — 2012-03-01T06:09:21Z

India in dire need of privacy law; experts say government is ironically creating huge national security risks in attempts to prevent crime and terrorism.

Privacy India, the Centre for Internet and Society and the Society in Action Group, with support from Privacy International, have spent 18 months studying the state of privacy across India, conducting consultations in Kolkata, Bangalore, Ahmedabad, Guwahati, Chennai and Mumbai. Today, the results of their research were discussed by representatives from government, industry, media and civil society at a high-level conclave in Delhi. In attendance were Manish Tewari MP, Microsoft Director of Corporate Affairs Deepak Maheshwari and P.K.H. Tharakan former Chief of the Research and Analysis Wing. A privacy symposium open to the general public will be held tomorrow afternoon at the Indian International Centre.

The 130-page long Country report details how government bodies like the National Technical Research Organization (NTRO) engage in pervasive and frequently unauthorized wiretapping, listening in on the private conversations of politicians and ordinary citizens alike. The Cabinet Secretary himself, in a report last year, noted that a body like the Central Board of Direct Taxes should never have been authorized to conduct telephone tapping, as the Supreme Court had long ago made clear. Privacy problems are arising from UID, NPR, and other e-governance projects that involve the creation of databases and the collection of personal information. Indian citizens are losing the ability to control who has access to their information, what that information says about them and how that information is used.

Overall, the study paints a picture of a dysfunctional system, with multiple pieces of legislation dealing with sectoral privacy-related issues like health, banking, phone tapping etc and no overarching legal guarantee of privacy. As Manish Tewari observed today, there is a nationwide lack of understanding about new technologies and judges are very rarely technologically literate. This has created a situation in which the government's efforts to fight crime and terrorism by intercepting communications has horribly backfired. By building backdoors into communications systems to allow lawful access, and by restricting cryptography to a 40-bit limit, the authorities have created serious vulnerabilities in India's communications system that can be easily exploited by any malicious third party or foreign government.

Gus Hosein, Executive Director of Privacy International: "In their efforts to preserve and defend democratic society, India has undermined the very thing it wanted to protect. Both citizens and state are now at serious risk of being spied upon by anyone with a small amount of technological know-how and a computer."

Usha Ramanathan, social and political activist, said: "In the name of state transparency, government projects are in fact rendering citizens transparent to the State, rather than the other way round. A comprehensive privacy law for India cannot come soon enough."

Privacy India

Privacy India was established in 2010 with the objective of raising awareness, sparking civil action and promoting democratic dialogue around privacy challenges and violations in India. One of our goals is to build consensus towards the promulgation of comprehensive privacy legislation in India through consultations with the public, policymakers, legislators and the legal and academic community.

For more details visit https://cis-india.org/internet-governance/the-high-level-privacy-conclave

The Hazards of a Non-neutral Internet

geetha — 2015-05-27T16:07:36Z

Spurred by recent events, India’s policy circles are dancing to the complex tunes of net neutrality. Airtel came under fire for pricing calls made over the Internet differentially; it has since withdrawn this plan. Airtel and Reliance Communications are caught in the storm as Airtel Zero and Internet.org, the Facebook-spearheaded product for low-cost Internet access, face stiff criticism for violating net neutrality. Companies like Flipkart, which earlier supported these products, have stepped back and are throwing their weight behind net neutrality. The Department of Telecommunications has set up a six-member panel to consult on net neutrality.

A modified version of the blog entry was published as an article titled "A must for free speech" in the Week on April 18, 2015

Responding to concerns, the Telecom Regulatory Authority of India (TRAI) released a consultation paper on OTT services on March 27, 2015. TRAI has called for public comments to be sent by April 24, 2015, and counter-comments to be sent by May 8, 2015. The TRAI consultation paper raises several crucial issues, including net neutrality. Given the heightened interest in the issue, let us two steps back and revisit the basics about net neutrality.

What is net neutrality?

In the simplest terms, net neutrality is the principle by which the carrier (telco/ISP like Reliance, Airtel) is prohibited from discriminating between any two ‘packets’ of data carried over its network. That is, ISPs ought not treat data packets differently, no matter what the content, source or price.

It follows, then, that when packets are given differential treatment, the principle of net neutrality is violated. As Centre for Internet and Society’s Sunil Abraham explains, differential treatment may occur in many ways: first, carriers may provide consumers with free access to certain websites or web content, while charging the sender or destination; second, ISPs may throttle traffic of one website/company to give it priority over other sites (the website will then load faster than others); third, ISPs may refuse access to some websites unless consumers or content-providers pay extra charges. Other violations abound too; this list is merely illustrative.

Diversity, Innovation & Competition: The Costs of Net Non-neutrality

Let us take zero-rating to explore the impacts of a net neutrality violation. In Internet.org and Airtel Zero, companies like Facebook and Flipkart (prior to the latter’s withdrawal) pay to provide users with free access to their cluster of websites; these are examples of “zero-rating”. Telcos and content-providers like Facebook argue that this is crucial to expand Internet access in price-sensitive markets like India. While this is an important consideration, zero-rating can have detrimental impacts on free speech and diversity, competition and innovation. It can result in “walled gardens” and a diversity-trap, where the only sites we can access are the walled gardens of curated information compiled by Facebook and the like.

Today, we can access an unprecedented variety of content across freely accessible platforms. We pay for our Internet connections and for data, but the content we access is neither set nor monitored by ISPs or content-providers, unless legally mandated to do so under Section 69 of Information Technology Act, 2000. Our freedom to access and receive diverse information is not curated by the companies themselves (as Facebook would in Internet.org) or their ability to pay ISPs to carry traffic. But with zero-rating, preferential access or traffic throttling, content diversity will suffer.

Of course, impact of receding diversity of content may not be felt in the short term, if access is made the priority. However, if net non-neutrality is allowed to continue in perpetuity, this may result in corporate curation and censorship of content. Moreover, since established players can better shell out the money needed for zero-rated or prioritised access, new companies and start-ups may find their entry blocked. Such a possibility is vexing for innovation, as greater costs will disincentivise smaller players from entering the market. There is also an impact on competition: entrenched players who can afford to pay carriers will dig their heels deeper, and become the sole curators of content. This is censorship by market design.

Access and Self-preservation, say the Telcos

Some telecom operators and ISPs argue that zero-rating is essential for universal access to data services, a dream of the Digital India mission. They also stress that OTTs like Whatsapp, Viber, Skype and others are free-riding on their networks and usurping their revenue, since it is the telcos and not OTTs who pay licence fees and spectrum charges. Finally, telcos and ISPs say that treating packets differently is a form of network and traffic management; such management is crucial to an efficient and open Internet, and is an age-old practice of operators.

Of course, traffic and network management practices do exist, and operators do block or manage speeds during congestion periods or when there are security threats. As users, we also experience different Internet speeds depending on the hardware and software employed by operators, the time of day, the type of content accessed (video/ audio/ text), etc. As Christopher Yoo says, operators should be free to experiment with network management practices (‘network diversity’) so long as consumers and competition suffer no detriment.

But as reports show, net non-neutrality practices have negative impacts on speech diversity, innovation and competition, among others. Any proposal to grant legal recognition to net non-neutrality practices like zero-rating, traffic-prioritization or others, which depend on the consumer or content-provider’s ability to pay and result in differential treatment of data packets, must answer these concerns and provide safeguards. In Shreya Singhal, the Supreme Court affirmed the value of freedom of speech and diversity; saying that “…a culture of open dialogue is important”, the Court declared that “…we need to tolerate unpopular views”. Internet companies and telcos provide the platforms to make such views available. Through traffic prioritization and zero-rating, and by chilling innovation and competition, net neutrality violations can stifle speech diversity. The Department of Telecom and TRAI must remember this when debating a net neutrality regulation.

For more details visit https://cis-india.org/internet-governance/blog/the-week-april-18-2015-geetha-hariharan-hazards-of-non-neutral-internet

The Gujarat High Court Judgment on the Snoopgate Issue

vipul — 2014-10-27T04:40:17Z

Pranlal N. Soni v. State of Gujarat, C/SCA/14389/2014

In the year 2013 the media widely reported that a female civil services officer was regularly spied upon in 2009 due to her acquaintance with the then Chief Minister of Gujarat (and current Prime Minister of India) Mr. Narendra Modi. It was reported that the surveillance was being supervised by the current president of the BJP, Mr. Amit Shah at the behest of Mr. Modi. The case took another twist when the officer and her father said that they had no problems with such surveillance, and had repeatedly conveyed to various statutory authorities including the National Commission for Women, the State Commission for Women, as also before the Hon’ble Supreme Court of India, that they never felt that their privacy was being interfered with by any of the actions of the State Authorities. Infact, para 3.5 of the petition indicated that it was at the behest of the father of the female officer that the State government had carried out the surveillance on his daughter as a security measure.

Inspite of the repeated claims of the subject of surveillance and her father, the Gujarat Government passed a Notification under the Commissions of Inquiry Act, 1952 appointing a two member Commission of Inquiry to enquire into this incident without jeopardizing the identity or interest of the female officer. This Notification was challenged in the Gujarat High Court by the very same female officer and her father on the ground that it violated their fundamental right to life and liberty. The petitioners claimed that they had to change their residential accommodation four times in the preceding few months due to the constant media glare. The print, electronic and social media, so called social workers and other busybodies constantly intruded into the private life of the petitioners and their family members. The petitioner's email accounts were hacked and scores of indecent calls were received from all over. Under the guise of protecting the petitioner's privacy, every action undertaken by the so called custodians for and on behalf of the petitioners resulted into a breach of privacy of the petitioners, making life impossible for them on a day to day basis.

After hearing the arguments of the petitioners, including arguments on technical points the Court struck down the Notification issued by the State government to enquire into the issue of the alleged illegal surveillance. However the Court also briefly touched upon the issue of violation of the privacy of the female officer in this whole episode. However, instead of enquiring into whether there was any breach of privacy in the facts of the case, the Court relied upon the statement made by the female officer that whatever surveillance was done did not cause any invasion into her privacy, rather it was the unwelcome media glare that followed the revelations regarding the surveillance which had caused an invasion of her privacy.

Thus we see that even though the whole snoopgate episode started out as one of “alleged” unwarranted and illegal surveillance this particular judgment is limited only to challenging the validity of the Inquiry Commission appointed by the State Government. In order to challenge the Notification in a PIL the female officer had to show that some fundamental right of hers was violated and in such circumstances privacy is the most obvious fundamental right which was violated.

Although this judgment talks about privacy, it does not have enough legal analysis of the right to privacy to have any significant ramifications for how privacy is interpreted in the Indian context. The only issue that could possibly be of some importance is that the we could interpret the Court’s reliance on the statement of the female officer that there was no breach of privacy rather than its own examination of facts to mean that in cases of breach of privacy, if the person whose privacy has been breached did not feel his or her privacy to have been invaded then the Courts would rely on the person’s statements rather than the facts. However this is only an interpretation from the facts and it does not seem that the Court has spent any significant amount of time to examine this issue, therefore it may not be prudent to consider this as establishing any legal principle.

Note: The details of the case as well as the judgment can be found at http://gujarathc-casestatus.nic.in/gujarathc/tabhome.jsp

For more details visit https://cis-india.org/internet-governance/blog/gujarat-high-court-judgment-on-snoopgate-issue

The Government’s Increased Focus on Regulating Non-Personal Data: A Look at the Draft National Data Governance Framework Policy

Digvijay Chaudhary and Anamika Kundu — 2022-06-30T13:24:35Z

Digvijay Chaudhary and Anamika Kundu wrote an article on the National Data Governance Framework Policy. It was edited by Shweta Mohandas.

Introduction

Non Personal Data (‘NPD’) can be understood as any information not relating to an identified or identifiable natural person. The origin of such data can be both human and non-human. Human NPD would be such data which has been anonymised in such a way that the person to whom the data relates cannot be re-identified. Non-human NPD would mean any such data that did not relate to a human being in the first place, for example, weather data. There has been a gradual demonstrated interest in NPD by the government in recent times. This new focus on regulating non personal data can be owed to the economic incentive it provides. In its report, the Sri Krishna committee, released in 2018 agreed that NPD holds considerable strategic or economic interest for the nation, however, it left the questions surrounding NPD to a future committee.

History of NPD Regulation

In 2020, the Ministry of Electronics and Information Technology (‘MEITY’) constituted an expert committee (‘NPD Committee’) to study various issues relating to NPD and to make suggestions on the regulation of non-personal data. The NPD Committee differentiated NPD into human and non-human NPD, based on the data’s origin. Human NPD would include all information that has been stripped of any personally identifiable information and non-human NPD meant any information that did not contain any personally identifiable information in the first place (eg. weather data). The final report of the NPD Committee is awaited but the Committee came out with a revised draft of its recommendations in December 2020. In its December 2020 report, the NPD Committee proposed the creation of a National Data Protection Authority (‘NPDA’) as it felt this is a new and emerging area of regulation. Thereafter, the Joint Parliamentary Committee on the Personal Data Protection Bill, 2019 (‘JPC’) came out with its version of the Data Protection Bill where it amended the short title of the PDP Bill 2019 to Data Protection Bill, 2021 widening the ambit of the Bill to include all types of data. The JPC report focuses only on human NPD, noting that non-personal data is essentially derived from one of the three sets of data - personal data, sensitive personal data, critical personal data - which is either anonymized or is in some way converted into non-re-identifiable data.

On February 21, 2022, the Ministry of Electronics and Information Technology (‘MEITY’) came out with the Draft India Data Accessibility and Use Policy, 2022 (‘Draft Policy’). The Draft Policy was strongly criticised mainly due to its aims to monetise data through its sale and licensing to body corporates. The Draft Policy had stated that anonymised and non-personal data collected by the State that has “undergone value addition” could be sold for an “appropriate price”. During the Draft Policy’s consultation process, it had been withdrawn several times and then finally removed from the website. The National Data Governance Framework Policy (‘NDGF Policy’) is a successor to this Draft Policy. There is a change in the language put forth in the NDGF Policy from the Draft Policy, where the latter mainly focused on monetary growth. The new NDGF Policy aims to regulate anonymised non-personal data (‘NPD’) kept with governmental authorities and make it accessible for research and improving governance. It wishes to create an ‘India Datasets programme’ which will consist of the aforementioned datasets. While MEITY has opened the draft for public comments, is a need to spell out the procedure in some ways for stakeholders to draft recommendations for the NDGF policies in an informed manner. Through this piece, we discuss the NDGF Policy in terms of issues related to the absence of a comprehensive Data Protection Framework in India and the jurisdictional overlap of authorities under the NDGF Policy and DPB.

What the National Data Governance Framework Policy Says

Presently in India, NPD is stored in a variety of governmental departments and bodies. It is difficult to access and use this stored data for governmental functions without modernising collection and management of governmental data. Through the NDGF Policy, the government aims to build an Indian data storehouse of anonymised non-personal datasets and make it accessible for both improving governance and encouraging research. It imagines the establishment of an Indian Data Office (‘IDO’) set up by MEITY , which shall be responsible for consolidating data access and sharing of non-personal data across the government. In addition, it also mandates a Data Management Unit for every Ministry/department that would work closely with the IDO. IDO will also be responsible for issuing protocols for sharing NPD. The policy further imagines an Indian Data Council (‘IDC’) whose function would be to define frameworks for important datasets, finalise data standards, and Metadata standards and also review the implementation of the policy. The NDGF Policy has provided a broad structure concerning the setting up of anonymisation standards, data retention policies, data quality, and data sharing toolkit. The NDGF Policy states that these standards shall be developed and notified by the IDO or MEITY or the Ministry in question and need to be adhered to by all entities.

The Data Protection Framework in India

The report adopted by the JPC, felt that it is simpler to enact a single law and a single regulator to oversee all the data that originates from any data principal and is in the custody of any data fiduciary. According to the JPC, the draft Bill deals with various kinds of data at various levels of security. The JPC also recommended that since the Data Protection Bill (‘DPB’) will handle both personal and non-personal data, any further policy / legal framework on non-personal data may be made a part of the same enactment instead of any separate legislation. The draft DPB states that what is to be done with the NDP shall be decided by the government from time to time according to its policy. As such, neither the DPB, 2021 nor the NDGF Policy go into details of regulating NPD but only provide a broad structure of facilitating free-flow of NPD, without taking into account the specific concerns that have been raised since the NPD committee came out with its draft report on regulating NPD dated December 2020.

Jurisdictional overlaps among authorities and other concerns

Under the NDGF policy, all guidelines and rules shall be published by a body known as the Indian Data Management Office (‘IDMO’). The IDMO is set to function under the MEITY and work with the Central government, state governments and other stakeholders to set standards. Currently, there is no sign of when the DPB will be passed as law. According to the JPC, the reason for including NPD within the DPB was because of the impossibility to differentiate between PD and NPD. There are also certain overlaps between the DPB and the NDGF which are not discussed by the NDGF. NDGF does not discuss the overlap between the IDMO and Data Protection Authority (‘DPA’) established under the DPB 2021.

Under the DPB, the DPA is tasked with specifying codes of practice under clause 49. On the other hand, the NDGF has imagined the setting up of IDO, IDMO, and the IDC, which shall be responsible for issuing codes of practice such as data retention, and data anonymisation, and data quality standards. As such, there appears to be some overlap in the functions of the to-be-constituted DPA and the NDGF Policy.

Furthermore, while the NDGF Policy aims to promote openness with respect to government data, there is a conflict with open government data (‘OGD’) principles when there is a price attached to such data. OGD is data which is collected and processed by the government for free use, reuse and distribution. Any database created by the government must be publicly accessible to ensure compliance with the OGD principles.

Conclusion

Streamlining datasets across different authorities is a huge challenge for the government and hence the NGDF policy in its current draft requires a lot of clarification. The government can take inspiration from the European Union which in 2018, came out with a principles-based approach coupled with self-regulation on the framework of the free flow of non-personal data. The guidance on the free-flow of non-personal data defines non-personal data based on the origin of data - data which originally did not relate to any personal data (non-human NPD) and data which originated from personal data but was subsequently anonymised (human NPD). The regulation further realises the reality of mixed data sets and regulates only the non-personal part of such datasets and where the datasets are inextricably linked, the GDPR would apply to such datasets. Moreover, any policy that seeks to govern the free flow of NPD ought to make it clear that in case of re-identification of anonymised data, such re-identified data would be considered personal data. The DPB, 2021 and the NGDF, both fail to take into account this difference.

For more details visit https://cis-india.org/internet-governance/blog/national-data-governance-framework-policy