We are anonymous, we are legion

The Appropriate Use of Digital Identity

amber — 2019-08-08T10:24:40Z

As governments across the globe implement new, foundational, digital identification systems (“Digital ID”), or modernize existing ID programs, there is dire need for greater research and discussion about appropriate uses of Digital ID systems. This significant momentum for creating Digital ID in several parts of the world has been accompanied with concerns about the privacy and exclusion harms of a state issued Digital ID system, resulting in campaigns and litigations in countries such as UK, India, Kenya, and Jamaica. Given the very large range of considerations required to evaluate Digital ID projects, it is necessary to think of evaluation frameworks that can be used for this purpose.

At RightsCon 2019 in Tunis, we presented working drafts on appropriate use of Digital ID by the partner organisations of this three-region research alliance - ITS from Brazil, CIPIT from Kenya, and CIS from India.

In the draft by CIS, we propose a set of principles against which Digital ID may be evaluated. We hope that these draft principles can evolve into a set of best practices that can be used by policymakers when they create and implement Digital ID systems, provide guidance to civil society examinations of Digital ID and highlight questions for further research on the subject. We have drawn from approaches used in documents such as the necessary and proportionate principles, the OECD privacy guidelines and scholarship on harms based approach.

Read and comment on CIS’s Draft framework here.

Download Working drafts by CIPIT, CIS, and ITS here.

For more details visit https://cis-india.org/internet-governance/blog/the-appropriate-use-of-digital-identity

The All India Privacy Symposium: Conference Report

natasha — 2012-04-30T05:16:41Z

Privacy India, the Centre for Internet and Society and Society in Action Group, with support from the International Development Research Centre, Privacy International and Commonwealth Human Rights Initiative had organised the All India Privacy Symposium at the India International Centre in New Delhi, on February 4, 2012. Natasha Vaz reports about the event.

The symposium was organized around five thematic panel discussions:
Panel 1: Privacy and Transparency
Panel 2: Privacy and E-Governance Initiatives
Panel 3: Privacy and National Security
Panel 4: Privacy and Banking
Panel 5: Privacy and Health

Introduction

Elonnai Hickok (Policy Advocate, Privacy India) introduced the objectives of Privacy India. The primary objectives were to raise national awareness about privacy, do an in-depth study of privacy in India and provide feedback on the proposed ‘Right to Privacy’ Bill. Privacy India has reviewed case laws, legislations, including the upcoming policy and conducted state-level privacy workshops and consultations across India in Kolkata, Bangalore, Ahmedabad, Guwahati, Chennai, and Mumbai. India like the rest of the world is answering some fundamental questions about the powers of the government and citizen’s rights and complications that arise from emerging technologies. Through our research we have come to understand that privacy varies across cultures and contexts, and there is no one concept of privacy but instead several distinct core notions that serve as complex duties, claims and obligations.

Privacy and Transparency

Panelists: Ponnurangam K, (Assistant Professor, IIIT New Delhi), ), Chitra Ahanthem (Journalist, Imphal), Nikhil Dey (Social & Political Activist), Deepak Maheshwari (Director, Corporate Affairs, Microsoft), Gus Hosein (Executive Director, Privacy International, UK), and Prashant Bhushan, (Senior Advocate, Supreme Court of India).
Moderator: Sunil Abraham (Executive Director, Centre for Internet and Society, Bangalore)
Poster: Srishti Goyal (Law Student, NUJS)

Srishti Goyal provided the general contours, privacy protections, limits to privacy and loopholes of policy relating to transparency and privacy, specifically analyzing the Right to Information Act, Public Interest Disclosures Act, and the Official Secrets Act.

Nikhil Dey commented on the interaction between the right to privacy and the right to information (RTI). He referred to Gopal Gandhi, the former Governor of West Bengal, “we must ensure that tools like the UID must help the citizen watch every move of government; not allow the government watch every move of the citizen.” Currently, the RTI and the UID stand on contrary sides of the information debate. A privacy law could allow for a backdoor to curb RTI. So, utmost care has to be taken while drafting legislation with respect to right to privacy.

Data and information has leaked furiously in India and it has leaked to the powerful. A person who is in a position of power can access private information irrespective of any laws in place to safeguard privacy. It is necessary to look at the power dynamics, which exists in the society before formulating legislation on right to privacy. According to Nikhil Dey, there should be different standards of privacy with respect to public servants. A citizen should be entitled to information related to funds, functions and functionaries. The main problem arises while defining the private space of a public servant or functionaries.

The RTI Act has failed to address the legal protection for the right to privacy. Perhaps, rules regarding privacy can be added to the Act. It can be defined by answering the questions: (i) what is ‘personal information’? (ii) what is it’s relation to public activity or public interest? (iii) what is the unwarranted invasion of the privacy of an individual? and (iv) what is the larger public good? Expanding on these four points can provide greater legal protection for the right to privacy.

Gus Hosein described the intersection and interaction of the right to information and the right to privacy. He referred to a petition filed by Privacy International requesting information on the expenses of members of parliament. Privacy and transparency of the government are compatible in the public interest. Gross abuse of the public funds by MPs was revealed by this particular petition such as pornography or cleaning of moats of MPs homes. Privacy advocates are supporters of RTI, however, it cannot be denied that there is no tension between transparency and privacy. In order chalk out the differences, there is a need of a legal framework. According to Gus Hosein, in many countries the government office that deals with right to information also deals with cases related to right to privacy.

Mumbai and New Delhi police have started using social media very aggressively, encouraging citizens to take photographs of traffic violations and upload them to Facebook or Twitter. In reference to this, Ponnurangam described the perceptions of privacy and if it agreed or conflicted with his research findings. Ponnurangam has empirically explored the awareness and perspective of privacy in India with respect to other countries. He conducted a privacy survey in Hyderabad, Chennai and Mumbai. People are very comfortable in posting pictures of others committing a traffic violation or running a red light. Ironically, many people have posted pictures of police officers committing a traffic violation such as not wearing a helmet or running a red light.

Chitra Ahanthem described the barriers and challenges of using RTI in Manipur. There are more than 40 armed militia groups, which are banned by the central and state government. The central government provides economic packages for the development of the north-east region. However, the state government officials and armed groups pocket the economic packages. These armed groups have imposed a ban on RTI. Furthermore, Manipur is a very small community. If people try and access information through RTI they risk getting threatened by the Panchayat members and being ostracized from the community or their clan.

People are apprehensive about filing RTI because they believe that these procedures are costly and the police and government may also get involved. Officials use the privacy plea to avoid giving out information. Since certain information are private and not in the public domain, government officials, use the defense of privacy to hide information. In addition, the police brutality prevalent in the area deters people to even have interactions with government officials.

According to Deepak Maheshwari, the open data initiative is a subset within the larger context of open information. There is an onus on the government to publish information, which is in the public domain. As a result, one does not necessarily have to go through the entire process of filing an RTI to get information, which is already there in the public domain. Moreover, if it is freely available in public domain, then one can anonymously access such information; this further strengthens the privacy aspects of requesting information and facilitating anonymity with respect to access to such information in the public domain. It has also to be noted that it is not sufficient to put data out in the public domain but it should also disclose the basis of the data for example, if there is representation of a data on a pie chart, the data which was used to arrive at the pie chart should also be available in the public domain. The main intention of releasing data to the public domain or having open data standards should not only be to provide access to such data but also should be in such a fashion so as to enable people to use the data for multiple purposes.

Prashant Bhushan noted that one of the grounds for withholding information in the RTI Act is privacy. An RTI officer can disclose personal information if he feels that larger public interest warrants the disclosure, even if it is personal information, which has no relationship to public activity or interest. This raises the important question, “what constitutes personal information?” He referred to the Radia Tapes controversy. Ratan Tata has filed a petition in the Supreme Court on the grounds that the Nira Radia tapes contained personal information and that the release of these tapes into the public domain violated his privacy. The Centre for Public Interest Litigation has filed a counter petition on the grounds that the nature of the conversations was not personal but in relation to public activity. They were between a lobbyist and bureaucrats, journalists and ministers. Prashant Bhushan stressed the importance of releasing these tapes into the public domain to show glimpses of all kinds of fixing, deal-making and show how the whole ruling establishment functions. It is absurd for Ratan Tata to claim that this is an invasion of privacy. Lastly, he felt when drafting a privacy law, clearly defining and distinguishing personal information and public is extremely important.

One of the interesting comments made during the panel was on the assumption that data is transparent. Transparency can be staged; questions have to be asked around whether the word is itself transparent.

Privacy and E-Governance Initiatives

Panelists: Anant Maringanti, (Independent Social Researcher), Usha Ramanathan, (Advocate & Social Activist), Gus Hosein, (Executive Director, Privacy International, UK), Apar Gupta, (Advocate, Supreme Court of India), and Elida Kristine Undrum Jacobsen (Doctoral Researcher, The Peace Research Institute Oslo).
Moderator: Sudhir Krishnaswamy (Centre for Law and Policy Research)
Poster: Adrija Das (Law Student, NUJS)

Adrija Das discussed the legal provision relating to identity projects and e-governance initiatives in India. The objective of any e-governance project is to increase efficiency and accessibility of public services. However, a major problem that arises is the linkage of the data results in the creation of a central database, accessible by every department of the government. Furthermore, implementing data protection and security standards are very expensive.

Sudhir Krishnaswamy highlighted the default assumptions surrounding e-governance initiatives: e-governance initiatives solve governance problems, increase efficiency, increase transparency and increase accountability. It is important to analyze the problems that arise from e-governance initiatives, such as privacy.

Usha Ramanathan described the increased number and vastness of e-governance initiatives such as UID, NPR, IT Rules and NATGRID. There are also many burdens on privacy that emanate from the introduction and existence of electronic data management systems. Electronic data management systems have allowed state to collect, store and use personal information of individual. Currently, the DNA Profiling Bill is pending before the Parliament. It is important to question the purpose and need for the government to collect such personal information. It is also to be noted that, there are certain laws such as Collection of Statistics Act, 2008 that penalize individuals if they do not comply with the information requests of the government.

Anant Maringanti discussed the limitations of data sharing that once existed. Currently, data can move across space in a very short time. He analyzed the state and market rationalities involved in e-governance initiatives, which raise the question “who can access data and at what price?”. Data may seem to be innocent or neutral, but data in the hands of wrong people becomes very crucial due to abuse and misuse. For example, Andhra Pradesh was praised as the model state for UID implementation. However, during the process of collecting data for UID a company bought personal information and sold the data to third parties.

Apar Gupta discussed the dilemmas of e-governance. Generally information in the form of an electronic record is presumed to be authentic. The data which government collects is most often inaccurate and wrong. So the digital identity of a person can be totally different from the real identity of that particular person. The process for correcting such information is also very inconvenient and sometimes impossible.
Under the evidence law any electronic evidence is presumed to be authentic and admissible as evidence. The Bombay High Court decided a case involving the authenticity of a telephone bill generated by a machine. The judgment said that since it is being generated by a machine, through and automated process, there is no need to challenge the authenticity of the document, it is presumed to true and authentic. The main danger in such case is that one does away with the process of law and attaches certain sanctity to the electronic record and evidence.

It should be also observed that how government maintains secrecy as to the ways in which it collects data. For example, the Election Commission has refused to disclose the functioning and design of electronic voting machines. The reason given for such secrecy is that if such information is put in the public domain then the electronic voting machines will be vulnerable and can be tampered with. But we, who use the voting machines, will never find out its vulnerabilities.

According to Gus Hosein, politicians generally have this wrong notion that technology can solve complex administrative problems. Furthermore, the industry is complicit; they indulge in anti-competitive market practice to sell these technologies as a solution to problems. However, such technology does not solve any problems rather it gives rise to problems.

Huge amount of government funds is associated with collection of personal data but such data is rendered useless or rather misused, because the government does not have clue as to how to use the data for development and security purposes. The UK National Health Records project estimated to cost around twelve to twenty billion pounds. However, a survey carried out by a professor in University College London showed that the hospital and other health institutions do not use the information collected by the National Health Records. Similarly, the UK Identity Card scheme was estimated to cost 1.3 billion pounds and finally it was estimated to cost five billion pounds. The identity cards are rendered obsolete, the sole department interested in the identity card was the Home Office Department, no other department intended on using it.

Technology should be built in such a manner that it empowers the individual. Technology should allow the individual to control his identity and as well as access all kinds of information available to the government and private bodies on that individual.

According to Elida Kristine Undrum Jacobsen, technology is regarded in this linear manner. It is increasingly being naturalized and as an all-encompassing solution. The use of biometric systems in the UID raises three areas of concern: power, value and social relationships.

With regards to power, there is a difference between providing documentation and information for identification. However, problems arise when the mode of identification becomes one’s body. It also leads to absolute reliance on technology, if the machine says that this is an individual’s identity then it is considered to be the absolute truth and it does not matter even if the individual is someone else. It becomes furthermore problematic with biometric system because it is generally used for forensic purposes.

The other component of UID or any national identification scheme is the question of consent and its relationship to privacy. In the case of UID project, people are totally unaware about how their information will be used and what purposes can it be used or misused for. Therefore, there is no informed consent when it comes to collection of biometric data under the UID project.

On the issue of social value it is to be noted that the value of efficiency becomes the most important value, which is valued. Many of the UIDAI documents state that the UID will provide a transactional identity. However, at the same time it takes away societal layers, which is inherently part of one’s identity. In addition, it makes it possible for the identity of a person to become a commodity to be sold. This also means that the personal information has economic value and players in the market such as insurance companies, banks can buy and sell the information.

When there is identification projects using biometrics it gives the State a lot of power; the power to determine and dictate one’s identity irrespective of the difference in real identity. Moreover, when such identifications projects are carried out at a national level it also gives rise to problem related to exclusion and inclusion of people or various purposes. The classification of the society based on various factors becomes easy and there is a huge risk involved with such classification.

The issues, which came out from the Q&A session, were:

The interplay between fairness and lawfulness in the context of privacy and data collection. There has to be a question asked as to why certain information is required by the State and how is it lawful.
In the neo-liberal era corporations are generally considered to be private. This has to be questioned and furthermore the difference between what is private and what is public. There are also concerns about corporations increasingly collaborating with the State. Can it be still considered as private?

Privacy and National Security

Panelists: PK Hormis Tharakan (Former Chief of Research and Analysis Wing, Government of India), Saikat Datta (Journalist), Menaka Guruswamy, (Advocate, Supreme Court, New Delhi), Prasanth Sugathan, (Legal Counsel, Software Freedom Law Center), and Oxblood Ruffin, (Cult of the Dead Cow Security and Publishing Collective).
Moderator: Danish Sheikh (Alternative Law Forum)
Poster: Suchitra Menon (Law Student, NUJS)

Suchitra Menon discussed the legal provisions for national security in relation to privacy. Specifically, she described the guidelines and procedural safeguards with respect to phone tapping and interception of communication decisional jurisprudence.

In the year 2000, the Information Technology Act (IT Act), 2000 was enacted, this Act had under section 69 allowed the State to monitor and intercept information through intermediaries. Prasanth Sugathan described how the government has been trying to bypass the procedural safeguard laid down by the Supreme Court in the PUCL case by using Section 28 of the IT Act, 2000. The provision deals with certifying authority for digital signatures. The certifying authority under the Act also has the authority to investigate offences under the Act. The provision mainly deals with digital signature but it is used by the government to intercept communication without implementing the procedural safeguards laid down for such interception. Furthermore, the IT Rules which was notified by the government in April, 2007 allows the government to intercept any communication with the help of the intermediaries. The 2008 amendment to the IT Act was an after effect of the 26/11 attacks in Mumbai. The legislation has become draconian since then and privacy has been sacrificed to meet the ends of national security.

Oxblood Ruffin read out his speech and the same is reproduced below.

“The online citizenry of any country is part of its national security infrastructure. And the extent to which individual privacy rights are protected will determine whether democracy continues to succeed, or inches towards tyranny. The challenge then is to balance the legitimate needs of the state to secure its sovereignty with protecting its most valuable asset: The citizen.

It has become trite to say that 9/11 changed everything. Yet it is as true for the West as it is for the global South. 9/11 kick started the downward spiral of individual privacy rights across the entire internet. It also ushered in a false dichotomy of choice, that in choosing between security and privacy, it was privacy that had adapted to the new realities, or so we’ve been told.

Let’s examine some of the fallacies of this argument.

The false equation which many argue is that we must give up privacy to ensure security. But no one argues the opposite. We needn’t balance the costs of surveillance over privacy, because rarely banning a security measure protects privacy. Rather, protecting privacy typically means that government surveillance must be subjected to judicial oversight and justification of the need to surveillance. In most cases privacy protection will not diminish the state’s effectiveness to secure itself.

The deference argument is that security advocates insist that the courts should defer to elected officials when evaluating security measures. But when the judiciary weighs privacy against surveillance, privacy almost always loses. Unless the security measures are explored for efficacy they will win every time, especially when the word terrorism is invoked. The courts must take on a more active role to balance the interests of the state and its citizens.

For the war time argument security proponents argue that the war on terror requires greater security and less privacy. But this argument is backwards. During times of crisis the temptation is to make unnecessary sacrifices in the name of security. In the United States, for example, we saw that Japanese-American internment and the McCarthy-era witch-hunt for communists was in vain. The greatest challenge for safeguarding privacy comes during times when we are least inclined to protect it. We must be willing to be coldly rational and not emotional during such times.

We are often told that if you have nothing to hide, you have nothing to fear. This is the most pervasive argument the average person hears. But isn’t privacy a little like being naked? We might not be ashamed of our bodies but we don’t walk around naked. Being online isn’t so different. Our virtual selves should be as covered as our real selves. It’s a form of personal sovereignty. Being seen should require our consent, just as in the real world. The state has no business taking up the role of Peeping Tom.

I firmly believe that the state has a right and a duty to secure itself. And I equally believe that its citizens are entitled to those same rights. Citizens are part of the national security infrastructure. They conduct business; they share information; they are the benefactors of democratic values. Privacy rights are what, amongst others, separate us from the rule of tyrants. To protect them is to protect and preserve democracy. It is a fight worth dying for, as so many have done before us.

PK Hormis Tharakan discussed the importance of interception communication in intelligence gathering. In the western liberal democracies, restrictions of privacy were introduced for the anti-terrorism campaigns and these measures are far restrictive than what the Indian legislations contemplate. Preventive intelligence is a major component in maintenance of national security and this intelligence is generated and can be procured through interception.

We do need laws to make sure that the power of interception is not excessive or out of proportion. But the graver issue is that the equipment used for interception of communication is freely available in the market at a cheap price. This allows private citizens also to snoop into others conversation. So, interception by civilians should be the main concern.

Menaka Guruswamy discussed the lack of regulation of Indian intelligence agencies that creates burdens on privacy. When there is a conflict between individual privacy and national security, the court will always rule in favour of the national security. Public interest always takes precedence over individual interest.

When there is a claim right to privacy vis-à-vis national security, generally these claims are characterized by dissent, chilling effects on freedom of expression and government accountability. In India, privacy is fragile and relatively a less justifiable right. Another challenge to privacy is that, when communication is intercepted, which part of the conversation can be considered to be private and which part cannot be considered so.

Saikat Datta described his experience of being under illegal surveillance by an unauthorized intelligence agency. When a person is under surveillance, he or she is already considered to be suspect. If the State commits any mistake as to surveillance, carrying surveillance, who is not at all a person of interest in such case upon discovery, there is no penalty for such discrepancy.
He warned of the dangers of excessive wiretapping, a practice that currently generates such a “mountain” of information that anything with real intelligence value tends to be ignored until it is too late, as happened with the Mumbai bombings in 2008. It is clear that the Indian government’s surveillance and interception programmes far exceed what is necessary for legitimate law enforcement.

The issues, which came during the Q&A session was:

In case of national security vis-à-vis privacy in heavily militarized zone, legislations such as Armed Forces Special Powers Act actually give authority to the army to search and seizure on mere suspicion? This amounts gross violation of privacy.

Privacy and Banking

Panelists: M R Umarji, (Chief Legal Advisor, Indian Banks Associations), N A Vijayashankar, (Cyber Law Expert), Malavika Jayaram, (Advocate, Bangalore)
Moderator: Prashant Iyengar (Associate Professor, Jindal Law University)
Poster: Malavika Chandu (Law Student, NUJS)

Prashant Iyengar highlighted how privacy has been a central feature in banking and finance. Even before the notion of privacy came into existence, banks had developed an evolved notion of secrecy and confidentiality, which was fairly robust. Every legislation dealing with banking and finance generally have a clause related to privacy and confidentiality. It might seem that it would be easy to implement privacy in banking and finance given the long relationship between banking and secrecy and confidentiality. However, this is not the case in the contemporary times. Specifically, with the growth in issues related to national security, transparency and technology, the highly regarded notion of privacy seems to be slowly depleting.

Malavika Chandu described the data protection standards that govern the banking industry. As part of the know-you-customer guidelines, banks are required to provide the Reserve Bank with customer profiles and other identification information. Lastly, she described case laws in relation to privacy with respect to financial records.

N A Vijayashankar noted that the confidentiality and secrecy practices in the banking sector emanate from the banker-customer relationship. In the present context, secrecy and privacy maintained by the banks should be analyzed from the perspective of the right of the customer to safeguard his or her information from any third party. Generally, banks and other financial institutions protect personal information as a fraud control measure and not as duty to protect the privacy of a customer.

There has been a paradigm shift in banking practices from traditional banking practices to more efficient but less secure banking practice. Some of the terms and conditions of internet banking are illegal and do not stand the test of law. In contemporary times, banking institutions use confidentiality to cover up problems and data breach rather than protecting the customer. But the banks are not ready to disclose data breach as it apprehends that it will result in public losing faith in the system. The Reserve Bank of India, has recently notified that protection which is provided to the customers in banking services should also be extended to e-banking services. However, the banks have not properly implemented this.

M R Umarji highlighted fourteen laws related to banking which carries confidentiality clauses. In India, public sector banks dominate the market. These banks are created under a statute and such statute governs them. Therefore, they are duty bound to maintain secrecy and confidentiality. Private banks and cooperative banks are not bound by any statute. They do not have any obligations to maintain secrecy, but they do strictly observe confidentiality as a form of banking practice.

Banks are not allowed to reveal any personal information of an individual unless it is sought by some authority that has a legitimate right to claim such information. There has been a constant erosion of confidentiality due to various laws which empowers authorities to seek confidential information from the banks. Recently, in the light of the growing national security concerns, banks also have an obligation to report suspicious transactions. These have caused heavy burdens on right to privacy of an individual.

Under the Right to Information Act, 2005 public sector banks are considered to be public authorities. By the virtue of the Statute, any person can access information from banks. For example, in a recent case an information officer directed Reserve Bank of India, to disclose Inspection Reports. These reports generally contain information regarding doubtful accounts, non-performing account, etc. There is a need that banks should be exempted from the Right to Information Act, 2005. Since they are not dealing with public funds there is no need to apply transparency law to the banks.

Malavika Jayaram described the major conflicts and tensions with respect to privacy vis-à-vis banking and financial systems and financial data. Other privacy and transparency issues include: the publication of online tax information and income data.

Surveillance is built in the design of banking system, so it is capable of tracking personal information and activity. There is a need to implement more privacy friendly and privacy by design systems in the banking sector. Customers are generally ignorant about privacy policies and this influences informed consent and furthermore marketing institution may influence customers to behave in a particular manner. In this context privacy by design becomes very important.

Data minimization principles should be applied; since the more data collected the more there is a risk of data breach and misuse. In case of data retention it is necessary that person giving such data should know how much proportion of the data is being retained and for how long it is stored and also what is the scope of the data and for what purpose will it be used.

Personal information and data, which was previously collected by the government, are gradually being outsourced to private bodies. On one hand it is a good thing that private sector get their technology and security measures right as compared to the government agencies but it comes with the risk that it can be sold out by private bodies as commodities in the market. Private bodies that are harvesting the data can also be forced by the government to disclose it under a particular law or statute without taking into consideration the consent of the individual whose personal information is sought for.

There is multiplicity of documentation for identification, which makes transactions less efficient. This has attracted customers to more convenient systems such as one-access point systems, but people tend to forget the issues related to privacy, in using such a system. What is portrayed as efficient for the consumer is a tool for social control and who has access and authority to use such information.

Often the reason given for collecting information is that it will help the service provider to combat fraud. However, studies have shown people more often fake situation rather than identity. The other concerns are that of sharing of information and lack of choice with respect to such sharing. There should be check as to sharing of personal information as the data belongs to the individual and not the bank or any other institution which requires furnishing personal information in lieu of services. This gives rise to a binary choice to the user; either the individual has to provide information to avail the service or else one cannot avail the services.

There is supposed to be market for privacy. The notion of personal information is subjective and varies from person to person. For example, one might be comfortable to share certain information. However, others might not be.

The issues that came out of the Q&A sessions are:

The default settings are generally put at the low protection settings. Unless the user is aware of the privacy protection setting, he or she is prone to breach of privacy. Should the default privacy setting be set to maximum security and option can be given to the user to change it according to his or her preference?
Is there any system in the banks, which allows the customers of bank to know about which all third parties the bank has shared his or her personal information with?

Health Privacy

Panelists: K. K. Abraham, (President, Indian Network for People with HIV), Dr. B. S. Bedi, (Advisor, CDAC & Media Lab Asia), and Raman Chawla, (Senior Advocacy Officer, Lawyers Collective).
Moderator: Ashok Row Kavi (Journalist and LGBT Activist)
Poster: Danish Sheikh (Researcher, Alternative Law Forum)

Danish Sheikh outlined the possible health privacy violations. These included the disclosure of personal health information to third parties without consent, inadequate notification to a patient of a data breach, the purpose of collecting data is not specified and improper security standards, storage and disposal. The disclosure of personal health information has the potential to be embarrassing, stigmatizing or discriminatory.

Subsequently, Danish Sheikh examined the status of sexual minorities’ vis-à-vis the privacy framework. Culling out some real life examples based on various studies, media reports and judgments from the Supreme Court and the High Courts of Delhi and Allahabad, he also described privacy violations committed by both individuals as well as state authorities.

Ashok Row Kavi recounted how privacy was very contextual when debating section 377 in the LGBT community. The paradigm upon which they were going to fight the anti-sodomy law was that it was consenting sex between two adults in private space. However, this paradigm was not well received by women, as women did not see private space as safe space, due to domestic violence. Perceptions of privacy are very subjective and it differs from person to person.

Raman Chawla recounted the history of the Draft HIV/AIDS Bill. In 2002, the need for law related to HIV/AIDS was realized in order to protect right to consent, right against discrimination and right to confidentiality of HIV patients. The bill was finalized in the year 2006. Alarmingly, it is yet to be tabled before the Parliament.

The privacy provisions in the HIV bill clearly state that no person can be tested, treated or researched for HIV without the consent of the patient. It also casts that in a fiduciary relationship the health care provider must maintain confidentiality, however if the patient provides written consent then their status may be disclosed. The HIV condition of the patient can also revealed by the doctor if there is a court order demanding such disclosure. The doctor may disclose the status of the patient to his or her partner but he has to follow a particular protocol. The doctor should have sufficient belief that his or her partner is at risk of contracting HIV. The person who is infected will be asked for his/her views and counseled before his/her partner is informed. However, there are doubts as to the implementation and enforcement of this protocol.

Conclusion

Natasha Vaz (Policy Advocate, Privacy India) brought the symposium to a close by thanking the partners, the panelists, the moderators and the participants for their sincere efforts in making the All India Privacy Symposium a grand success. In India, a public discussion regarding privacy has been long over due. The symposium provided a platform for dialogue and building greater awareness around privacy issues in health, banking, national security, transparency and e-governance. Using our research, expert opinions, personal experiences, questions and comments various facets of privacy were explored.

Press Coverage

The event was featured in the media as well:

India needs an independent privacy law, says NGO Privacy India, Economic Times, February 2, 2012
New Bill to decide on individual’s right to privacy, Tehelka, February 6, 2012
Lack of strong privacy law in healthcare a big worry, Daily News & Analysis, February 13, 2012
Privacy concerns grow in India, Washington Post, February 3, 2012

Click to download the Agenda and Profile of Speakers (PDF, 1642 Kb)

Download the PDF (555 Kb)
Follow the webcast of the event

For more details visit https://cis-india.org/internet-governance/all-india-privacy-delhi-report

The AI Task Force Report - The first steps towards India’s AI framework

Elonnai Hickok, Shweta Mohandas and Swaraj Paul Barooah — 2018-06-27T14:32:56Z

The Task Force on Artificial Intelligence was established by the Ministry of Commerce and Industry to leverage AI for economic benefits, and provide policy recommendations on the deployment of AI for India.

The blog post was edited by Swagam Dasgupta. Download PDF here

The Task Force’s Report, released on March 21st 2018, is a result of the combined expertise of members from different sectors and examines how AI will benefit India. It sheds light on the Task Force’s perception of AI, the sectors in which AI can be leveraged in India, the challenges endemic to India and certain ethical considerations. It concludes with a set of policy recommendations for the government to leverage AI for the next five years. While acknowledging AI as a social and economic problem solver, the Report attempts to answer three policy questions:

What are the areas where government should play a role?
How can AI improve quality of life and solve problems at scale for Indian citizens?
What are the sectors that can generate employment and growth by the use of AI technology?

This blog will look at how the Task Force answered these three policy questions. In doing so, it gives an overview of salient aspects and reflects on the strengths and weaknesses of the Report.

Sectors of Relevance and Challenges

In order to navigate the outlined questions, the Report looks at ten sectors that it refers to as ‘domains of relevance to India’. Furthermore, it examines the use of AI along with its major challenges, and possible solutions for each sector. These sectors include: Manufacturing, FinTech, Agriculture, Healthcare, Technology for the Differently-abled, National Security, Environment, Public Utility Services, Retail and Customer Relationship, and Education. While these ten domains are part of the 16 domains of focus listed in the AITF’s web page, it would have been useful to know the basis on which these sectors were identified. A particular strength of the identified sectors is the consideration of technology for the differently abled as well as the recognition to the development of AI systems in spoken and sign languages in the Indian context.

Some of the problems endemic to India that were recognized include infrastructural barriers, managing scale and innovation, and the collection, validation and distribution of data. The Task Force also noted the lack of consumer awareness, and inability of technology providers to explain benefits to end users as further challenges. The Task Force — by putting the onus on the individual — seems to hint that the impediment to the uptake of technology is the inability of individuals to understand the benefits of the technology, rather than aspects such as poor design, opacity, or misuse of data and insights. Furthermore, although the Report recognizes the challenges associated to data in India and highlights the importance of quality and quantity of data; it overlooks the importance of data curation in creatinge reliable AI systems.

Although the Report examines challenges to AI in each sector, it fails to include all challenges that require addressal. For example, the report fails to acknowledge challenges such as the lack of appropriate certification systems for AI driven health systems and technologies. In the manufacturing sector, the Report fails to highlight contextual challenges associated with the use of AI. This includes the deployment of autonomous vehicles compared to the use of industrial robots.

On the use of AI in retail, the Report while examining consumer data and its respective regulatory policies, identified the issues to be related to the definition, discrimination, data breaches, digital products and safety awareness and reporting standards. In this, the Report is limited in its understanding of what categories of data can lead to discrimination and restricts mechanisms for transparency and accountability to data breaches. The Report could have also been more forward looking in its position on security — including security by design and security by default. Furthermore, these issues were noted only in the context of the retail sector and ideally should have been discussed across all sectors.

The challenges for utilizing AI for national security could have been examined beyond cost and capacity to include associated ethical and legal challenges such as the need for legal backing. The use of AI in national security demands clear accountability and oversight as it is a ground for legitimate state interference with fundamental rights such as privacy and freedom of expression. As such, there is a need for human rights impact assessments, as well as a need for such uses to be aligned with international human rights norms. Government initiatives that allow country wide surveillance and AI decisions based on such data should ideally be implemented only after a comprehensive privacy law is in place and India’s surveillance regime has been revisited.

Recognizing the potential of AI for the benefit of the differently abled is one of the key takeaways from this section of the Report. Furthermore, it also brings in the need for AI inclusivity. AI in natural language generation and translation systems have the potential to help the large number of youth that are disabled or deprived. Therefore, AI could have a large positive impact through inclusive growth and empowerment.

Although the Report examines each of the ten domains in an attempt to provide an insight into the role the government can play, there seems to be a lack of clarity in terms of the role that each department will and is playing with respect to AI. Even the section which lays down the relevant ministries for each of the ten domains failed to include key ministries and departments. For example, the Report does not identify the Ministry of Education, nor does it list the Ministry of Law for national security. The Report could have also identified government departments which would be responsible for regulation and standardization. This could include the Medical Council of India (healthcare), CII (manufacture and retail), RBI (Fintech) etc. The Report also does not recognize other developments around AI emerging out the government. For example, the Draft National Digital Communications Policy (published on May 1, 2018) seeks to empower the Department of Telecommunication to provide a roadmap for AI and robotics. Along similar lines, the Department of Defence Production has also created a task force earlier this year to study the use of AI to accelerate military technology and economic growth. The government should look at building a cohesive AI government body, or clearly delineating the role of each ministry, in order to ensure harmonization going forward.

Areas in need of Government Intervention

The Report also lists out the grand challenges where government intervention is required. This includes data collection and management and the need for widespread expertise contributing to research, innovation, and response. However, while highlighting the need for AI experts from diverse backgrounds, it fails to include experts from law and policy into the discussion. While identifying manufacturing, agriculture, healthcare and public utility to be places where government intervention is needed, the Report failed to examine national security beyond an important domain to India and as a sector where government intervention is needed.

Participation in International Forums

Another relevant concern that the Report underscores is India’s scarce participation as researchers, AI developers and government engagement in global discussions around AI. The Report states that although efforts were being made by Indian universities to increase their presence in international AI conferences, they were lagging behind other nations. On the subject of participation by the government it recommends regular presence in International AI policy forums. Hence, emphasising the need for India’s active participation in global conversations around AI and international rulemaking.

Key Enablers to AI

The Report while analysing the key enablers for AI deployment in India states that positive societal attitudes will be the driving force behind the proliferation of AI. Although relying on positive social attitudes alone will not help in increasing the trust on AI, steps such as making algorithms that are used by public bodies public, enacting a data protection law etc. will be important in enabling trust beyond highlighting success stories.

Data and Data Marketplaces

While the Report identifies data as a challenge where government intervention is needed, it also points to the Aadhaar ecosystem as an enabler. It states that Aadhaar will help in the proliferation of AI in three ways: one as a creator of jobs as related to the collection and digitization of data, two as a collector of reliable data, and three as a repository of Indian data. However, since the very constitutionality of Aadhaar is yet to be determined by the Supreme Court, the task force should have used caution in identifying Aadhaar as a definitive solution. Especially while making statements that the Aadhaar along with the SC judgement has created adequate frameworks to protect consumer data. Additionally, the Task Force should have recognized the various concerns that have been voiced about Aadhaar, particularly in the context of the case before the Supreme Court.

This section also proposes the creation of a Digital Data Marketplace. A data marketplace needs to be framed carefully so as to not create a situation where privacy becomes a right available to only those who can afford it. It is concerning that the discussion on data protection and privacy in the Report is limited to policies and guidelines for businesses and not centered around the individual.

Innovation and Patents

The Report states that the Indian startups working in the field of AI must be encouraged, and industry collaborations and funding must be taken up as a policy measure. One of the ways in which this could be achieved is by encouraging innovations, and one of the ways to do so is by adding a commercial incentive to it, such as through IP rights. Although the Report calls for a stronger IP regime that protects and incentivises innovation, it remains ambiguous as to which aspect of IP rights — patents, trade secrets and copyrights — need significant changes. If the Report is specifically advocating for stronger patent rights in order to match those of China and US, then it shows that the the task force fails to understand the finer aspects of Indian patent law and the history behind India’s stance on patenting. This includes the fact that Indian patent law excludes algorithms from being patented. Indian patent law, by providing a higher threshold for patenting computer related inventions (CRIs), ensures that only truly innovative patents are granted. Given the controversies over CRIs that have dotted the Indian patent landscape, the task force would have done well to provide more clarity on the ‘how’ and ‘why’ of patenting in this sector, if that is their intent with this suggestion.

Ethical AI framework

Responsible AI

In terms of establishing an ethical AI framework, the Task Force suggests measures such as making AI explainable, transparent, and auditable for biases. The Report addresses the fact that currently with the increase in human and AI interaction there is a need to have new standards set for the deployment of AI as well as industrial standards for robots. However, the Report does not go into details of how AI could cause further bias based on various identifiers such as gender and caste, as well as the myriad concerns around privacy and security. This is especially a concern given that the Report envisions widespread use of AI in all major sectors. In this way, the Report looks at data as both a challenge and an enabler, but fails to dedicate time towards explaining the various ethical considerations behind the collection and use of data in the context of privacy, security and surveillance as well as account for unintended consequences. In laying out the ethical considerations associated with AI, the report does not make a distinction between the use of AI by the public sector and private sector. As the government is responsible for ensuring the rights of citizens and holds more power than the citizenry, the public sector needs to be more accountable in their use of AI. This is especially so in cases where AI is proposed to be used for sovereign functions such as national security.

Privacy and Data

The Report also recognises the significance of the implementation of the Aadhaar Act, the privacy judgement and the proposed data protection laws, on the development and use of AI for India. Yet, the Report does not seem to recognize the importance of a robust and multi-faceted privacy framework as it assumes that the Aadhaar Act and the Supreme Court Judgement on privacy and potential privacy law have already created a basis for safe and secure utilization and sharing of customer data. Although the Report has tried to be an expansive examination of various aspects of AI for India, it unfortunately has not looked in depth at the current issues and debates around AI privacy and ethics and makes policy recommendations without appearing to fully reflect on the implementation and potential impact of the same. Similar to the discussion paper by the Niti Aayog, this Report does not consider the emerging principles of data protection such as right to explanation and right to opt-out of automated processing, which directly relate to AI. Furthermore, there is a lack of discussion on issues such as data minimisation and purpose limitation which some big data and AI proponents argue against.

Liability

On the question of liability, the Report only states that specific liability mechanisms need to be worked out for certain categories of machines. The Report does not address the questions of liability that should be applicable to all AI systems, and on whom the duty of care lies, not only in case of robots but also in the case of automated decision making etc. Thus, there is a need for further thinking on mechanisms for determining liability and how these could apply to different types of AI (deep learning models and other machine learning models) and AI systems.

AI and Employment

On the topic of jobs and employment, the Report states that AI will create more jobs than it takes as a result of an increase in the number of companies and avenues created by AI technologies. Additionally, the Report provides examples of jobs where AI could replace the human (autonomous drivers, industrial robots etc,) but does not go as far as envisioning what jobs could be created directly from this replacement. Though the Report recognizes emerging forms of work such as crowdsourcing platforms like Mturk, it fails to examine the impact of such models of work on workers and traditional labour market structures and processes. Going forward, it will be important that the government and the private sector undertake the necessary steps to ensure that fair, protected, and fulfilling jobs are created simultaneously with the adoption of AI. This will include revisiting national and organizational skilling programmes, labor laws, social benefit schemes, relevant economic policies, and exploring best practices with respect to the adoption and integration of AI in work.

Education and Re-skilling

The task force emphasised the need for a change in the education curriculum as well as the need to reskill the labour force to ensure an AI ready future. This level of reskilling will be a massive effort, and a thorough review and audit of existing skilling programmes in India is needed before new skilling programmes are established and financed. The Report also clarifies that the statistics used were based on a study on the IT component of the industry, and that a similar study was required to analyse AI’s effect on the automation component. Going forward, there is the need for a comprehensive study of the labour intensive sectors and formal and informal sectors to develop evidence based policy responses.

Policy Recommendations

The Task Force_, in its policy recommendations, notes that the successful adoption of AI in India will depend on three factors: people, process and technology. However, it does not explain these three factors any further.

National Artificial Intelligence Mission

The most significant suggestion made in the Report is for the establishment of the National Artificial Intelligence Mission (N-AIM) — a centralised nodal agency for coordinating and facilitating research, collaboration and providing economic impetuous to AI startups. The mission with a budget allocation of Rs 1,200 crore over five years aims, among other things, to look at various ways to encourage AI research and deployment. Some of the suggestions include targeting and prototyping AI systems and setting up of a generic AI test bed. These suggestions seems to draw inspiration from other countries such as the US DARPA Challenge and Japan’s sandbox for self driving trucks. The establishment of N-AIM is a welcome step to encourage both AI research and development on a national scale. The availability of public funds will encourage more AI research and development.Additionally, government engagement in AI projects has thus far been fragmentedand a centralised body will presumably bring about better coordination and harmonization. Some of the initiatives such as Capture the flag competition that seeks to centre around the provision for real datasets to catalyze innovation will need to be implemented with appropriate safeguards in place.

Other recommendations

There are other suggestions that are problematic — particularly that of funding “an inter-disciplinary large data integration center in pilot mode to develop an autonomous AI Machine that can work on multiple data streams in real time and provide relevant information and predictions to public across all domains.” Before such a project is developed and implemented there are a number of factors where legal clarity is required; a few being: data collection and use, accuracy and quality of the AI system. There is also a need to ensure that bias and discrimination have been accounted for and fairness, responsibility and liability have been defined with consideration that this will be a government driven AI system. Additionally, such systems should be transparent by design and should include redress mechanisms for potential harms that may arise. This can be through the presence of a human in the loop, or the existence of a kill switch. These should be addressed through ethical principles, standards, and regulatory frameworks.

The recommendations propose establishing operation standards for data storage and privacy, communication standards for autonomous systems, and standards to allow for interoperability between AI based systems. A significant lacuna in this list is the development of safety, accuracy, and quality standards for AI algorithms and systems.

Similarly, although the proposed public private partnership model for research and startups is a good idea, this initiative should be undertaken only after questions such as the implications of liability, ownership of IP and data, and the exclusion of critical sectors are thought through.

Furthermore, the suggestion to ‘fund a national level survey on identification of cluster of clean annotated data necessary for building effective AI systems’ needs to recognize the existing initiatives around open data or use this as a starting place. The Report does not clarify if this survey would involve identifying data.

Conclusion

The inconspicuous release of the Report as well as the lack of a call for public comments results in the fact that the Report does not incorporate or reflect on the sentiments of the public or draw upon the expertise that exists in India on the topic or policies around emerging technologies, which will have a pervasive and wide effect on society. The need for multi stakeholder engagement and input cannot be understated. Nonetheless, the Report of the Task Force is a welcome step towards understanding the movement towards an definitive AI policy. The task force has attempted answering the three policy questions keeping people, process and technology in mind. However, it could have provided greater details about these indices. The Report, which is meant for a wider audience, would have done well to provide greater detail, while also providing clarity on technical terms. On a definitional plane, a list of technologies that the task force perceived as AI for this Report, could have also helped keep it grounded on possible and plausible 5 year recommendations.

Compared to the recent Niti Aayog Discussion Paper, this Report misses out on a detailed explanation on AI and ethics, however, it does spend some considerable amount of time on education and the use of AI for the differently abled. Additionally, the Report’s statement on the democratization of development and equal access as well as assigning ownership and framing transparent rules for usage of the infrastructure is a positive step towards making AI inclusive. Overall, the Report is a progressive step towards laying down India’s path forward in the field of Artificial Intelligence. The emphasis on India’s involvement in International rulemaking gives India an opportunity to be a leader of best practice in international forums by adopting forward looking and human rights respecting practices. Whether India will also become a strong contender in the AI race, with policies favouring the development of a socio-economically beneficial, and ethical-AI backed industries and services is yet to be seen.

The Task Force consists of 18 members in total. Of these, 11 members are from the field of AI technology both research and industry, three from the civil services, one from healthcare research, one with and Intellectual property law background, and two from a finance background. The specializations of the members are not limited to one area as the members have experience or education in various areas relevant to AI. https://www.aitf.org.in// There is a notable lack of members from Civil Society. It may also be noted that only 2 of the 18 members are women

The Report on the Artificial Intelligence Task Force, Pg. 1,http://dipp.nic.in/sites/default/files/Report_of_Task_Force_on_ArtificialIntelligence_20March2018_2.pdf

ibid.

The Artificial Intelligence Task Force https://www.aitf.org.in/

The Report on the Artificial Intelligence Task Force, Pg. 8

The Report on the Artificial Intelligence Task Force, Pg. 9,10.

The Report on the Artificial Intelligence Task Force, Pg. 9

ibid.

Artificial Intelligence in the Healthcare Industry in India https://cis-india.org/internet-governance/files/ai-and-healtchare-report

Artificial Intelligence in the Manufacturing and Services Sector https://cis-india.org/internet-governance/files/AIManufacturingandServices_Report _02.pdf

The Report on the Artificial Intelligence Task Force, Pg. 21.

Submission to the Committee of Experts on a Data Protection Framework for India, Centre for Internet and Society https://cis-india.org/internet-governance/files/data-protection-submission

The Report on the Artificial Intelligence Task Force, Pg. 22

Draft National Digital Communications Policy-2018, http://www.dot.gov.in/relatedlinks/draft-national-digital-communications-policy-2018

Task force set up to study AI application in military,https://indianexpress.com/article/technology/tech-news-technology/task-force-set-up-to-study-ai-application-in-military-5049568/

It is not just technical experts that are needed, ethical, technical, and legal experts as well as domain experts need to be part of the decision making process.

The Report on the Artificial Intelligence Task Force, Pg. 31

Constitutional validity of Aadhaar: the arguments in Supreme Court so far, http://www.thehindu.com/news/national/constitutional-validity-of-aadhaar-the-arguments-in-supreme-court-so-far/article22752084.ece

ibid.

CIS Submission to TRAI Consultation on Free Data http://trai.gov.in/Comments_FreeData/Companies_n_Organizations/Center_For_Internet_and_Society.pdf

The Report on the Artificial Intelligence Task Force, Pg. 30

Section 3(k) of the patent act describes that a mere mathematical or business method or a computer programme or algorithm cannot be patented.

Patent Office Reboots CRI Guidelines Yet Again: Removes “novel hardware” Requirement

https://spicyip.com/2017/07/patent-office-reboots-cri-guidelines-yet-again-removes-novel-hardware-requirement.html

The Report on the Artificial Intelligence Task Force, Pg. 37

The Report on the Artificial Intelligence Task Force, Pg. 7

ibid.

The Report on the Artificial Intelligence Task Force, Pg. 8

National Strategy for Artificial Intelligence: http://niti.gov.in/writereaddata/files/document_publication/NationalStrategy-for-AI-Discussion-Paper.pdf

Meaningful information and the right to explanation,Andrew D Selbst Julia Powles, International Data Privacy Law, Volume 7, Issue 4, 1 November 2017, Pages 233–242

The Principle of Purpose Limitation and Big Data, https://www.researchgate.net/publication/319467399_The_Principle_of_Purpose_Limitation_and_Big_Data

M-Turk https://www.mturk.com/

For example a lesser threshold of minimum wages, no job secuirity etc, https://blogs.scientificamerican.com/guilty-planet/httpblogsscientificamericancomguilty-planet20110707the-pros-cons-of-amazon-mechanical-turk-for-scientific-surveys/

The Report on the Artificial Intelligence Task Force, Pg. 41

Report of Artificial Intelligence Task Force Pg, 46, 47

ibid.

The DARPAChallenge https://www.darpa.mil/program/darpa-robotics-challenge

Japan may set regulatory sandboxes to test drones and self driving vehicles http://techwireasia.com/2017/10/japan-may-set-regulatory-sandboxes-test-drones-self-driving-vehicles/

Mariana Mazzucato in her 2013 book The Entrepreneurial State, argued that it was the government that drives technological innovation. In her book she stated that high-risk discovery and development were made possible by government spending, which the private enterprises capitalised once the difficult work was done.

https://tech.economictimes.indiatimes.com/news/technology/govt-of-karnataka-launches-centre-of-excellence-for-data-science-and-artificial-intelligence/61689977,https://analyticsindiamag.com/amaravati-world-centre-for-ai-data/

The Report on the Artificial Intelligence Task Force, Pg. 47

Report of Artificial Intelligence Task Force Pg. 49

The Report on the Artificial Intelligence Task Force, Pg. 47

The AI task force website has a provision for public comments although it is only for the vision and mission and the domains mentioned in the website.

National Strategy for Artificial Intelligence: http://niti.gov.in/writereaddata/files/document_publication/NationalStrategy-for-AI-Discussion-Paper.pdf

For more details visit https://cis-india.org/internet-governance/blog/the-ai-task-force-report-the-first-steps-towards-indias-ai-framework

The Age of Shame

nishant — 2014-04-04T04:05:31Z

The ability to capture private images is breeding a dangerous form of digital shaming. Within the online space, where wonderments often run rife, and conspiracy theories travel at the speed of light, there are many dark recesses where netizens half-jokingly, self-referentially, in a spirit of part-truth, part-exaggeration, often wonder on what the real reason is for the internet to exist.

Dr. Nishant Shah's column was published in the Indian Express on March 30, 2014.

Within the online space, where wonderments often run rife, and conspiracy theories travel at the speed of light, there are many dark recesses where netizens half-jokingly, self-referentially, in a spirit of part-truth, part-exaggeration, often wonder on what the real reason is for the internet to exist.

One suggestion, and probably the most persuasive one, drawing from the Broadway musical Avenue Q, is that the internet was made for porn. Positing a competing argument is a clowder of cat lovers, who insist that the internet was made for cats. Or, at least, it is definitely made of cats.

From the first internet memes like LOL Cats (and then subsequently Grumpy Cat, Ceiling Cat and Hipster Kitty), which had pictures of cats used for strong social, cultural and political commentary, to Caturday — a practice where users on the Web’s largest unmoderated discussion board, 4Chan, post pictures of cats every Saturday — cats are everywhere.

I want to add to this list and suggest that the internet was meant for “shame”. With the explosion of the interactive Web, more people getting access to mobile computing devices, and more websites inviting users to write reviews, leak pictures, expose videos and reveal more personal and private information online, there seems to be no doubt that we live in the age of digital shaming.

The aesthetic, also embedded in peer-to-peer platforms like chatroulete, or snapchat, where people often engage in sexting, is also becoming common in popular media. The ability to spy, to capture private images and videos, and expose the people who violate some imagined moral code has dangerous implications for the future of the Web and our own private lives. And as more of it goes unpunished and gets naturalised in our everyday digital practices, it is time to realise that the titillation it offers through scandal is far outweighed by the growing stress and grief it causes to victims. While there are some values to public shaming that ask for more transparency and accountability, we need to reflect on how it is creating societies of shame.

It sometimes emerges as an attempt to shame governments, private institutions, places of consumption, for compromise of the rights of the users.

Anything, from denial of service and corruption in government offices to bad food and substandard goods in restaurants and malls, is now reported in an attempt to shame the people responsible for it. This kind of “citizen journalism” allows for individual voices and experiences to be heard and documented, and the people in question are forced to be accountable for their jobs.

From fascinating websites like IPaidABribe.com to restaurant review sites like Zomato, we have seen an interesting phenomenon of “naming and shaming” that gives voice to individual discontent and anger. And so commonplace has this become, that most managers of different services and goods track, respond and mitigate the situation, often offering apologies and freebies to make up for that one bad experience.

Most big organisations have Twitter handles that function in a similar way, addressing grievances of users in real time, and helping to deliver better services and products. It is a new era of granular accountability that ensures that individual acts of discrimination, neglect or just disservice get reported and have direct impact on those responsible for it.

On the other end of the spectrum of this call for transparent and accountable structures, is the phenomenon of shaming and cyber bullying that is also increasing, especially with digital natives who spend more time online. On social networking sites, it has become almost passé, for personal and sensitive information to be leaked in order to shame and expose a person’s weaknesses and vulnerabilities. Especially for young teens who might be in a disadvantaged position — for reasons of sexual orientation, location, practices or interests — the shaming through exposing their private information often creates extremely traumatic conditions, even leading people to take their lives.
Shaming takes up particularly dire forms on websites and platforms that are designed to leak this kind of information. Hunter Moore, who has recently earned the title of being the most hated man on the internet, was the founder of a revenge-porn website, which invited male users to reveal sexual and embarrassing pictures of their former girlfriends and even spouses, to reveal them in compromising positions and shame them for being “sluts”.

Moore’s website has been shut down now and he is facing multiple charges of felony in the US, but that one site was just the tip of the iceberg. Slut shaming and trying to humiliate women has become a strong underground practice on the dark web. Hidden by anonymity and the security that the Web can sometimes offer, people betray the trust of their friends and lovers and expose them to be punished by voyeuristic audiences.

For more details visit https://cis-india.org/internet-governance/blog/indian-express-march-30-2014-nishant-shah-the-age-of-shame

The Aadhaar of all things

praskrishna — 2017-04-03T15:46:23Z

From a severely critical stand against Aadhaar in 2014, the Modi-led BJP in power has made a sharp U-turn to bulldoze its way into having every Indian scanned, tagged and labelled. A timeline of the country’s chequered date with the unique identification project.

The article by Shriya Mohan was published in the Hindu Businessline on March 31, 2017. Sunil Abraham was quoted.

You’ve probably read the WhatsApp joke about a post-Aadhaar scenario in 2020 India. A man orders pizza over phone. He is asked for his Aadhaar number first. He then orders a family-size seafood pizza, only to be reminded by the attendant about his high blood pressure and cholesterol levels (thanks to his Aadhaar history visible to everybody “on the system”) and is advised to order the low-fat Hokkien Mee pizza instead, based on his recent search history on Hokkien cuisine. As if this isn’t creepy enough, the pizza guy refuses a card payment, citing the man’s maxed-out credit cards, advises against ATM withdrawal owing to his massive overdraft and even decides to hold off the free cola offer given his dire health situation. When the man turns livid, he is told to mind his language, given that in 2007 he was already imprisoned for verbally abusing a policeman!

2020 is two and a half years away, and the WhatsApp scenario appears less incredulous by the day.

By the government’s latest estimate, 112,01,12,468 Aadhaar cards have been issued since January 2009, when the Unique Identification Authority of India (UIDAI) was set up under the Planning Commission. So if you are an adult Indian resident without an Aadhaar card, you are in a two per cent minority (98 per cent adults are covered).

Last week, Finance Minister Arun Jaitley said the 12-digit number would be the single monolith identity for all Indians in the coming years, replacing every other identity card. The government is serious because each week a new scheme is added to the three dozen schemes in which Aadhaar has been made mandatory. All the 84 schemes under the direct subsidy benefit transfer programme are expected to follow suit.

Here are just a few instances in which you should be ready to whip out your Aadhaar card — a free midday meal at a government school, access to Sarv Shiksha Abhiyan, LPG subsidy and foodgrains under the public distribution system, six scholarship schemes for students with disabilities, getting your EPF pensions, booking a train ticket online, getting a backward caste quota or benefit, and, according to the most recent directive in the Finance Bill, filing your tax returns.

Why did a dispensation so critical of Aadhaar in 2014 make a sharp U-turn to bulldoze its way into having every single Indian citizen scanned, tagged and labelled?

The earliest felt need for an identification project can be traced to the Kargil Review Committee, instituted by the Vajpayee Government in 1999, in the wake of the Indo-Pak war. The Krishnaswamy Subrahmanyam-led panel had recommended a citizenship database for the identification of legitimate Indian citizens living in border areas.

As outlined in a Scroll article, this quickly expanded to include all Indians under the Multipurpose National Identity Card project, which was pilot tested in a few villages. The Citizenship Act was also amended to give a legislative backing to the scheme, which built on the Bharatiya Janata Party’s general stance against illegal immigrants.

The search for identity

The Citizenship Act was amended in 2004 by the incumbent Congress government to make way for the National Population Register (NPR), a database of the identities of all Indian residents, maintained by the Registrar General and Census Commissioner of India.

Eventually, in 2009, Aadhaar, or UIDAI, surfaced as a 12-digit identification number that served as proof of identity and address — meaning, it applies to all residents whether they are citizens or not, unlike with the NPR. Aadhaar, which means ‘basis’ in Hindi, is intended to be an all-encompassing substratum of identities that can provide “instant access to services like banking, mobile phone connections and other government and non-government services”. The United Progressive Alliance government managed to link it to its Direct Benefit Transfer (DBT) system for subsidies provided to targeted groups.

As the main Opposition party, the BJP had felt that the Aadhaar number ought to have been given only to Indian citizens, and not all residents, which, in its view, would include millions of illegal immigrants.

Nandan Nilekani, the former CEO of IT giant Infosys, was appointed UIDAI chairman in July 2009. The first Aadhaar number was issued in September 2010, and then the pace accelerated: 100 million by November 2011, 200 million by February 2012 and 500 million by end of 2013. “We felt speed was strategic. Doing and scaling things quickly was critical. If you move very quickly it doesn’t give opposition the time to consolidate,” Nilekani told Forbes India in a 2013 interview.

Here’s the part most of us forget: The largest opposition that Nilekani was referring to at that time was the BJP.

“The people who thought of themselves as having given birth to IT in this country refused to listen to a common man like me. Even the SC has demanded answers,” Narendra Modi, then Gujarat chief minister, had said and alleged that the Aadhaar programme was a bundle of lies to loot the country’s treasury.

As the BJP’s prime ministerial candidate for the 2014 Lok Sabha elections, days ahead of delivering the party’s biggest-ever victory, he had tweeted: “On Aadhaar, neither the Team that I met nor PM could answer my Qs on security threat it can pose. There is no vision, only political gimmick.” Recently, when Aadhaar enrolments had crossed the billion mark, this tweet was dug out prominently.

The U-turn

So, what changed? How did the Aadhaar’s primary opposition become it’s key crusader?

There were two meetings that supposedly changed the destiny of the Aadhaar project. In the first week of June 2014, as Nilekani was vacating his government-allotted Lutyen’s bungalow as UIDAI chief, he met Modi and Jaitley and persuaded the new regime to persist with Aadhaar. The more important meeting was with Vijay Madan, the UIDAI director general and mission director. According to a Governance Now article, when the UID team spoke of the potential savings from plugging subsidy leakages, and weeding out “ghost beneficiaries”, Modi asked them to give a precise estimate. The figure was “up to ₹50,000 crore a year” or a good 9.4 per cent of India’s ₹5,31,177-crore fiscal deficit.

Modi in his keenness to showcase the arrival of “acche din” immediately sought a 100-crore enrolment target at the ‘earliest’, putting paid to speculations that the new government would shelve the UIDAI project. A funding of ₹2,039.64 crore was formalised in the 2014-2015 Budget presented a week later, to create the infrastructure to enrol 30 crore people to add to the 70 crore already enrolled. The UIDAI targeted the 1-billion mark by the end of that fiscal.

Money bill to beat legal hurdles

It was in November 2012 that the SC admitted a PIL filed by retired Karnataka High Court judge KS Puttaswamy and advocate Parvesh Khanna, questioning the government’s decision to issue Aadhaar even as the National Identification Authority of India Bill 2010 was pending before the Rajya Sabha since December 3, 2010. They argued that there was no legislative backing for obtaining personal information. Also, the proposed law was rejected by the Parliamentary Standing Committee on Finance.

The PIL argued that linking the Aadhaar number with food security, LPG subsidy, the Employees’ Provident Fund and other direct benefit transfers made the enrolment mandatory, thereby falsifying the government’s claim that it was voluntary. Several other PILs too voiced similar privacy concerns.

Currently, there are two legal strictures governing the validity of Aadhaar: the apex court order of October 15, 2015, limiting the card’s voluntary use to six schemes (PDS, MGNREGA, LPG, NEPS and social assistance programmes) and prohibiting the government from making it mandatory for receiving any benefits or services; and the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016, which is under challenge today. Both strictures have distinct operational status, but petitioners argue that recent government directives making Aadhaar mandatory are leading them to wonder whether the SC’s interim order is overshadowed by the Aadhaar Act or if the government is defying the court.

On March 3, 2016, in a surprise move, to put all dissent to rest, the Aadhaar Act was introduced as a Money Bill in Parliament to give it legislative backing. Things moved pretty fast thereon. On March 11, the Aadhaar Act 2016 was passed in the Lok Sabha. On March 26, the Act was notified. Accusing the BJP-led NDA government of showing “utter contempt” for the Rajya Sabha by taking the Money Bill route, senior Congress leader Jairam Ramesh challenged it in the Supreme Court in April. He likened the use of the Money Bill, which was passed overruling amendments moved in the Rajya Sabha, to “knocking a nail in the coffin of the Upper House”.

The government’s move took many, including Aadhaar advocates, by surprise. “We need to separate Aadhaar as identity from its specific functionality for which it’s used,” says Praveen Chakravarty, a senior fellow at the IDFC institute and a former member of Nilekani’s core team. He believes that just as a voter ID alone isn’t enough to vote, seeing the ownership of an Aadhaar card as key for any transaction is “fear-mongering”. Its use will still involve a process of checks and balances.

But can’t thumb prints be replicated with Fevicol?

“Sure, there could be failures, as there are with any system. But this is a far more foolproof method than any we’ve had before. Internationally also, biometric is to authenticate a higher level of security.”

The argument for privacy

“Aadhaar has the potential to improve welfare service delivery. But it has to be achieved in an inclusive manner befitting a truly liberal society and not through coercion,” says Chakravarty.

His only misgiving is with the use of the Money Bill to introduce the Aadhaar, without any right to privacy. “It should have gone through the process of debate in Parliament. Then it wouldn’t have been passed without a strong right to privacy safeguard,” he says, pointing that even a junior UIDAI officer can access the data of anybody he/she chooses.

“Aadhaar inverts the idea of transparency. It makes people transparent but the State opaque,” says legal expert Usha Ramanathan, a legal expert and anti-Aadhaar crusader.

The use of Aadhar as verification at every instance can help piece together very detailed information about citizens. These include banking transactions, online purchases, travel itineraries, mobile phone usage, location history and practically anything that can be electronically recorded and verified with an Aadhaar.

In February this year, the UIDAI filed a police case against Axis Bank and others for alleged unauthorised authentication and impersonation attempts by illegally storing Aadhaar biometrics.

The latest outcry over breached privacy involved a screenshot of cricketer Mahendra Singh Dhoni’s personal details that went viral on Twitter. The UIDAI blacklisted the agency that revealed Dhoni’s Aadhaar details after his wife complained to the IT Minister. A recent Scroll report shows the UIDAI received 1,390 similar complaints but took no action.

There are legitimate fears such an information database might eventually be misused, for instance in racial profiling or revealing voting preferences.

In January this year, Hyderabad-based ECIL developed a biometric-enabled mobile terminal for instant authentication of a voter “to prevent rigging of votes”. Till August 2015, the Election Commission was working on seeding Aadhaar data with that of voter ID card, in an attempt to weed out fake voters. However, the poll panel stopped this exercise after the SC ruled that Aadhaar be made compulsory only for PDS and LPG distribution.

Nilekani, in an interview to BLink, insisted that the Aadhaar has more privacy regulations than any other service in the world. He also pointed out that all election commission data is already online, and anyone can look up any voter’s name, date of birth, gender and address.

Additionally, social media profiles too are shared publicly of our own volition.

Concurring with this view, Chakravarty says, “It is surprising that we’re perfectly okay with giving all our life information to a 32-year-old named Mark Zuckerberg. However, this is voluntary. Whether we fully know consequences or not is another matter altogether.”

With the Finance Bill requiring all PAN cards to be linked to Aadhaar, there is added concern over privacy. Sunil Abraham, founder of the Centre for Internet and Society, says Aadhaar runs the risk of being used fraudulently. “If I want to get you in trouble, I can make a large purchase of gold against your Aadhaar number, which is linked to your PAN,” he explains.

He advocates for a system where different government departments don’t store Aadhaar numbers in their databases but instead use a token issued by UIADI kiosks. This would prevent proliferation of the number.

Technical glitches

In February this year, Modi claimed in the Lok Sabha that plugging leakages through Aadhaar had saved the government ₹14,000 crore. And that nearly four crore fake ration cards have been seized till date.

One method of establishing a fake ration card is if the owner has not availed himself of his ration. Ever since Aadhaar’s biometric identification has been linked to point-of-sale (POS) machines at ration shops, residents have had to queue up with a prayer on their lips. A lot could go wrong — the biometric might not recognise them or, worse, there could be a network failure, forcing everyone to return home empty-handed. In both instances, while ration shop owners should ideally mark such transactions under ‘Transactions with “N” response from Aadhaar’, they invariably mark them under “Household yet to take ration”, implying that the beneficiary has chosen not to take home her share.

The February 2017 data for 22 ration shops across Delhi, accessed on the Department of Food & Supplies website, shows that none have a single beneficiary marked under “N”. At a Delhi Cantonment outlet, of the 1,038 registered beneficiaries only 168 have been marked “Y”, or ‘Yes’, showing they have taken their rations. Another 871 have been marked “Household yet to take ration” and none have been marked ‘N’ to indicate glitches in the Aadhaar authentication.

As Amrita Johri of citizens’ action group Satark Nagrik Sangathan explains, “Aadhaar relies on internet and electricity. This might seem like a problem only of rural areas. But we don’t have to go far. In South Delhi’s East Mehraam Nagar, there is a ration shop with no mobile signal and no network. Officials said we have to show that Aadhaar is a success, so the shop’s POS machine was finally hung on a jamun tree to get it to work.”

She questions the government’s reluctance to acknowledge the many instances of failure in the project.

Frighteningly, three consecutive failed attempts could lead to the card being placed in an abeyance list and possibly invalidated.

Top performers and laggards

Delhi is rated one of the better performing States/union territories, while Rajasthan has one of the worst records with the maximum number of biometric and network failures.

According to the government’s 2017 monthly estimates, 27 per cent of the residents whose Aadhaar cards have been seeded to the PDS were denied rations owing to biometric or network failure. This figure would be higher if the unseeded cards are also taken into account.

Nikhil Dey, founder of Rajasthan’s Mazdoor Kisan Shakti Sangathan (MKSS) says his organisation is fighting with its back against a wall.

“Nearly 73 lakh households get their monthly rations in this State, where a little over a crore households are eligible to receive them. We’re not even talking about exclusions here,” says Dey. Besides network failure, there are many instances of the old and sick who are unable to visit the shop to physically verify themselves.

“Back-up options such as OTP (one-time password) or facial recognition only work in theory,” says Dey. He alleges that shop owners often fudge the OTP system by punching in their own numbers and stealing the quotas of genuine beneficiaries.

He too believes that several names have been struck off as dead to project that the Aadhaar has weeded out a high number of fake social security pension ers.

Nilekani applauds Andhra Pradesh for its progress in the Aadhaar project by investing in infrastructure to eliminate technical glitches. J Satyanarayana, the UIDAI’s part-time chairperson, told BLink in an email interview that Aadhaar has led to transparency and efficiency in nearly all government schemes in AP.

During March 2017, 42.29 lakh (93.02 per cent) pensioners received their payment through Aadhaar-based biometric authentication, he says, adding that real-time monitoring systems are in place.

“The entire PDS (rations) is linked to Aadhaar,” he says. As many as 1.21 crore (87.39 per cent) card holders collected their ration this month, and 95.94 lakh received wages (totalling ₹5,283 crore under MNREGA through Aadhaar-enabled systems, he informs.

Neighbouring Telangana too is known for its 99 per cent Aadhaar enrollment, leading to an impressive 80 per cent of its population accessing the PDS.

BP Acharya, special chief secretary in Telangana’s planning department says, “Aadhaar’s use can perhaps be most seen in Telangana’s speedy clearances, investment promotion, creating licences and clearances for shops and establishments.”

Telangana took the Aadhaar database project one step further through its Citizen 360 programme. In August 2014, months after the State was newly formed, it conducted one of the largest household surveys in a single day, covering one crore households. This data was integrated with the Aadhaar database and now links different benefits on the same platform. Now the Aadhaar identity is linked to other details such as the holder’s driving licence and even crime record.

The UIDAI holds out AP and Telangana as shining examples of Aadhaar’s efficiency when backed by the right network and infrastructure. But for the lakhs of biometric factory rejects who are denied their rights, Aadhaar can only mean a mass experiment gone horribly wrong.

Aadhaar Timeline

2006

The ministry of communications and information technology approves the ‘Unique ID for Below Poverty Line (BPL) families’ project under the chairmanship of Arvind Virmani, then principal advisor, Planning Commission

2008

Empowered group of ministers formed by former Prime Minister Manmohan Singh decides to collate two schemes — the National Population Register under the Citizenship Act, 1955 and the UID project — to conceive Aadhaar.

2009

Planning Commission issues a notification to constitute the Unique Identification Authority of India (UIDAI).

Government appoints Infosys co-founder Nandan Nilekani as the first chairman of UIDAI, with the rank and status of a cabinet minister.

2012

Former Karnataka high court judge justice K Puttaswamy files a public interest litigation before the Supreme Court (SC) declaring that Aadhaar violates an individual’s right to privacy and that the scheme lacks legislative backing.

2014

In an interim order, the SC restrains the UIDAI from transferring biometric information with an Aadhaar number to any other agency without the individual’s consent in writing.

2015

Three-judge bench of the apex court rules the unique identity number is not mandatory to avail of benefits from government programmes, restricting the use of Aadhaar to beneficiaries of the public distribution system and subsidies on cooking gas and kerosene, and refers the question on privacy to a larger constitution bench.

Centre moves SC seeking a review and modification of the August 11 interim order. A five-judge constitution bench modifies the same and extends the use of Aadhaar to Mahatma Gandhi National Rural Employment Guarantee Scheme, Jan Dhan Yojana, pensions and the Employees’ Provident Fund scheme.

2016

Finance minister Arun Jaitley announces in the budget speech that the government will offer statutory backing for Aadhaar. The Lok Sabha passes the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Bill, 2016 as a Money Bill, rejecting Rajya Sabha recommendations.

2017

Aadhaar is made mandatory for three dozen schemes with 84 more expected under direct benefit transfers, including midday meal scheme and universal education.

SC again rules that Aadhaar cannot be made mandatory for welfare schemes.

For more details visit https://cis-india.org/internet-governance/news/hindu-businessline-shriya-mohan-the-aadhaar-of-all-things

The Aadhaar Case

vipul — 2014-09-05T09:12:21Z

In 2012 a writ petition was filed by Justice K.S. Puttaswamy in the Supreme Court of India challenging the policy of the government in making an Aadhaar card for every person in India and its later plans to link various government benefit schemes to the same.

Over time a number of other cases have been filed in the Supreme Court challenging the Aadhaar mechanism and/or its procedure most of which have now been linked to the main petition filed by Justice Puttaswamy.[1] This means that the Supreme Court now hears all these cases together (i.e. at the same time) since they throw up similar questions and involve the same or similar issues. The court while hearing the case made an interim order on September 23, 2013 whereby it ordered that no person should suffer on account of not having an Aadhaar card and that Aadhaar cards should not be issued to any illegal immigrants. The relevant extract from the Order of the court is reproduced below:

"No person should suffer for not getting the Aadhaar card in spite of the fact that some authority had issued a circular making it mandatory and when any person applies to get the Aadhaar card voluntarily, it may be checked whether that person is entitled for it under the law and it should not be given to any illegal immigrant."[2]

It must be noted that the above order was only an interim measure taken by the Supreme Court till the time it finally decided all the issues involved in the case, which is still pending in the Supreme Court.

In November 2013 during one of the hearings of the matter, the Supreme Court came to the conclusion that it was an important enough matter for all the states and union territories to be impleaded as parties to the case and passed an order to this effect.[3] This was probably because the Aadhaar cards will be issued in the entire country and this is a national issue and therefore it is possible that the court thought that if any of the states have any concerns regarding the issue they should have the opportunity to present their case.

In another petition filed by the Unique Identification Authority of India (UIDAI), the Supreme Court on March 24, 2014 reiterated its earlier order and held that no person shall be deprived of any service just because such person lacked an aadhaar number if he/she was otherwise eligible for the service. A direction was issued to all government authorities and departments to modify their forms/circulars, etc., so as to not compulsorily require an aadhaar number. In the same order the Supreme Court also restrained the UIDAI from transferring any biometric data to any agency without the consent of the person in writing as an interim measure.[4] After passing these orders the Supreme Court linked this case as well to the petition filed by Justice Puttaswamy on which final arguments were being heard in February 2014 which so far do not seem to have concluded.

Note : Please note that the case is still being heard by the Supreme Court and the orders given so far and explained in this blog are all interim measures till the case is finally disposed off. The status of the cases can be seen on the following link:

http://courtnic.nic.in/supremecourt/casestatus_new/caseno_new_alt.asp

The names and number of the cases that have been covered in this blog are given below:

W.P(C) No. 439 of 2012 titled S. Raju v. Govt. of India and Others pending before the D.B. of the High Court of Judicature at Madras.
PIL No. 10 of 2012 titled Vickram Crishna and Others v. UIDAI and Others pending before the High Court of Judicature at Bombay.
W.P. No. 833 of 2013 titled Aruna Roy & Anr v. Union of India & Ors.
W.P. No. 829 of 2013 titled S.G. Vombatkere & Anr v. Union of India & Ors.
Petition(s) for Special Leave to Appeal (Crl) No(s).2524/2014 titled Unique Identification Authority of India & another v. Central Bureau of Investigation.

All the above cases have now been linked with the ongoing Supreme Court case of K. Puttaswamy v. Union of India.

[1] W.P(C) No. 439 of 2012 titled S. Raju v. Govt. of India and Others pending before the D.B. of the High Court of Judicature at Madras and PIL No. 10 of 2012 titled Vickram Crishna and Others v. UIDAI and Others pending before the High Court of Judicature at Bombay were transferred to the Supreme Court vide Order dated September 23, 2013. Also W.P. No. 833 of 2013 titled Aruna Roy & Anr Vs Union of India & Ors, W.P. No. 829 of 2013 titled S G Vombatkere & Anr Vs Union of India & Ors and Petition(s) for Special Leave to Appeal (Crl) No(s).2524/2014 titled Unique Identification Authority of India & another v. Central Bureau of Investigation.

[2] http://judis.nic.in/temp/494201232392013p.txt

[3] http://judis.nic.in/temp/4942012326112013p.txt

[4] http://courtnic.nic.in/supremecourt/temp/sr%20252414p.txt

For more details visit https://cis-india.org/internet-governance/blog/the-aadhaar-case

The Aadhaar Act is Not a Money Bill

Amber Sinha — 2016-04-25T10:51:37Z

While the authority of the Lok Sabha Speaker is final and binding, Jairam Ramesh’s writ petition may allow the Supreme Court to question an incorrect application of substantive principles. This article by Amber Sinha was published by The Wire on April 24, 2016.

Originally published by The Wire on April 24, 2016.

Since its introduction as a money bill in the Lok Sabha in the first week of March [1], the Aadhaar (Targeted delivery of Financial and other subsidies, benefits and services) Bill, 2016 has been embroiled in controversy. The Lok Sabha rejected the five recommendations of the Rajya Sabha and adopted the bill on March 16 and only presidential assent was required for it become to become valid law. However, former Union Minister Jairam Ramesh filed a writ petition contesting the decision to treat the Aadhaar Bill as a money bill. The petition is due to be heard before the Supreme Court on April 25, and should the court decide to entertain the petition, it could have far-reaching implications for the Aadhaar project and the manner in which money bills are passed by the Parliament.

There are three broad categories of bills (all legislations or Acts are known as ‘bills’ till they are passed by the Parliament) that the Parliament can pass. The first kind, Constitution Amendment Bills, are those that seek to amend a provision in the Constitution of India. The second are financial bills which contain provisions on matters of taxation and expenditure. Money bills are a subset of the financial bills which contain provisions only related to taxation, financial obligations of the government, expenditure from or receipt to the Consolidated Fund of India and any matters incidental to the above. The third category is of ordinary bills which includes all other bills. The process for the enactment of all these bills is different. Money bills are peculiar in that they can only be introduced in the Lok Sabha where it can be passed by simple majority. Following this, it is transmitted to the Rajya Sabha. The Rajya Sabha’s powers are restricted to giving recommendations on the Bill and sending it back to the Lok Sabha, which the Lok Sabha is under no obligation to accept. The decision to introduce the Aadhaar Bill as a money bill has been widely seen as an attempt to circumvent the Rajya Sabha where the ruling party is in a minority.

Article 110 (1) of the Constitution defines a money bill as one containing provisions only regarding the matters enumerated or any matters incidental to them. These are a) imposition, regulation and abolition of any tax, b) borrowing or other financial obligations of the Government of India, c) custody, withdrawal from or payment into the Consolidated Fund of India (CFI) or Contingent Fund of India, d) appropriation of money out of CFI, e) expenditure charged on the CFI or f) receipt or custody or audit of money into CFI or public account of India. Article 110 is modelled on Section 1(2) of the (UK) Parliament Act, 1911 which also defines the money bills as those only dealing with certain enumerated matters. The use of the word “only” was brought up by Ghanshyam Singh Gupta during the Constituent Assembly Debates. He pointed out that the use of the word “only” limits the scope of money bills to only those legislations which did not deal with other matters. His amendment to delete the word “only” was rejected clearly establishing the intent of the framers of the Constitution to keep the ambit of money bills extremely narrow.

While the Aadhaar Bill does make references to benefits, subsidies and services funded by the Consolidated Fund of India (CFI), even a cursory reading of the bill reveals its main objectives as creating a right to obtain a unique identification number and providing for a statutory apparatus to regulate the entire process. The mere fact of establishing the Aadhaar number as the identification mechanism for benefits and subsidies funded by the CFI does not give it the character of a money bill. The bill merely speaks of facilitating access to unspecified subsidies and benefits rather than their creation and provision being the primary object of the legislation. Erskine May’s seminal textbook, ‘Parliamentary Practice” is instructive in this respect and makes it clear that a legislation which simply makes a charge on the Consolidated Fund does not becomes a money bill if otherwise its character is not that of one.

PDT Achary, former secretary general of the Lok Sabha, has expressed concern about the use of Money Bills as a means to circumvent the Rajya Sabha. He has written here [2] and here [3], on what constitutes a money bill and how the attempts to pass off financial bills like the Aadhaar Bill as money bills could erode the supervisory role Rajya Sabha is supposed to play. This is especially true in the case of a legislation like the Aadhaar Bill which has far reaching implications for individual privacy as it governs the identification system conceptualised to provide a unique and lifelong identity to residents of India dealing with both the analog and digital machinery of the state and by virtue of Section 57 of any private entities. Already over 1 billion people have been enrolled under this identification scheme, and the project has been a subject of much debate and a petition before the Supreme Court. The project has been portrayed as both the last hope for a welfare state and surveillance infrastructure. Regardless of which of the two ends of spectrum one leans towards, it is undeniable that the law governing the Aadhaar project deserved a proper debate in the Parliament. Even those who are strong proponents of the project must accept the decision to pass it off as a money bill undermines the importance of democratic processes and is a travesty on the Constitution and a blatant abrogation of the constitutional duties of the speaker.

The petition by Jairam Ramesh would hinge largely on the powers of the judiciary to question the decision of the Speaker of the Lok Sabha. Article 110 (3) is very clear in pronouncing the authority of the Speaker as final and binding. Additionally, Article 122 prohibits the courts from questioning the validity of any proceedings in Parliament on the ground of any alleged irregularity of procedure. The powers of privilege that Parliamentarians enjoy are integral to the principle of separation of powers. However, the courts may be able to make a fine distinction between inquiring into procedural irregularity which is prohibited by the Constitution; and questioning an incorrect application of substantive principles, which I would argue, is the case with the Speaker decision.

References

[1] See: http://thewire.in/2016/03/07/arun-jaitley-introduces-money-bill-on-aadhar-in-lok-sabha-24115/.

[2] See: http://indianexpress.com/article/opinion/columns/show-me-the-money-4/.

[3] See: http://www.thehindu.com/opinion/lead/circumventing-the-rajya-sabha/article7531467.ece.

For more details visit https://cis-india.org/internet-governance/blog/the-aadhaar-act-is-not-a-money-bill

The 12-digit conundrum

praskrishna — 2017-03-14T13:50:05Z

Even as the Centre plans to link as many as 500 schemes to Aadhaar, concerns over data safety are rising. Richa Mishra reports.

The article by Richa Mishra was published in the Hindu Businessline on March 13, 2017. Sunil Abraham was quoted.

The developments of last few weeks seem to have made real some of the worst fears about Aadhaar. In February, UIDAI (Unique Identification Authority of India) filed a police complaint alleging attempts of unauthorised authentication and impersonation of data related to Aadhaar. Since then, each and every machinery within the government has been trying to convince otherwise, that Aadhaar database is safe and secure, and that the data is protected both by the best available advanced technology as well as by the stringent legal provisions in the Aadhaar Act.

Not everyone is convinced. Critics say, biometrics only make the citizen transparent to the State, it does not make the State transparent to citizens. “We warned the government six years ago, but they ignored us,” said Sunil Abraham, Executive Director of Bengaluru-based research organisation, Centre for Internet and Society. According to him, the legislation implementing Aadhaar has almost no data protection guarantees for citizens. He also believes that by opting for biometrics instead of smart cards the government is using surveillance technology instead of e-governance technology.

“Biometrics is remote, covert and non-consensual identification technology. It is totally inappropriate for authentication. This has only increased the fragility of Indian cyber security,” he stresses.

However, officials associated with UIDAI dismiss these arguments. Collecting biometrics does not pose any threat to the right to privacy because people have been giving their thumb impression for ages, they say. “The biometrics are encrypted at source and kept safe and secure. Unauthorised sharing and leakage of the data does not happen. Fears related to collection of biometrics are not justified,” an official at the helm of affairs said. He requested anonymity.

“However, as and when we find that some suspicious activity or misuse is happening, we will strike at the very beginning itself. UIDAI has full authentication regulation under the Aadhaar Act that has to be followed. It specifies in what manner authorities can use Aadhaar,” the official pointed out.

On the ground

Even as the debate over data security rages, the aam aadmi seem to be little perturbed about the alleged risks involved. For Padmini, who works as a domestic help in East Delhi and is the sole bread earner for her family of four, the Aadhaar card meant access to all government benefits.

“Koi farak nahi padta, kaun dekhta hai mera card. Mujhko LPG cylinder ka paisa bank mein mil jata hai,” (It doesn’t matter to me who sees my card. The subsidy for LPG gets transferred to my account) she says. “Baccho ke school admission mein bhi zaroorat pada,” (I needed it to get my children’s admission in school), she added. Sukh, a cab driver also uses it to get the LPG subsidy.

While everyone BusinessLine talked to were convinced that Aadhaar was not a citizenship card, the more aware ones saw it as a door that gave access to government schemes.

While they had a point, government officials are careful to make it clear that Aadhaar is not mandatory. But the popular perception increasingly points to the opposite view, especially after it emerged that Aadhaar might be made mandatory for children to receive midday meals at schools.

Another senior government official said, “Aadhaar is not mandatory under any welfare scheme of the government and no one is being deprived of a service or benefit for the want of Aadhaar…it’s required for availing a service/subsidy/benefit that accrues through the Consolidated Fund of India.” He added that those who do not have the 12-digit number would be provided with the facility to enrol by the Requiring Agency. “And till the time Aadhaar is assigned, alternative IDs would be allowed,” he said.

If a school which has to get Aadhaar enrolment done for its students puts the Aadhaar numbers of its students on its site and the same is used by someone, you can’t blame us, the official argues. Then, who is accountable?

Pushing for Aadhaar, the UIDAI officials cite the example of Kerala’s Department of General Education (DGE), which has integrated Aadhaar with the student databases and has thereby optimised the teacher-student ratio and identified the schools with excess teachers. In a single academic year, 3,892 excess teacher posts were identified.

“Due to this exercise, no new posts have been sanctioned for the last two years, resulting in notional savings of ₹540 crore per annum,” said a UIDAI official. After student enrolment in the state was linked to Aadhaar since 2012-2013, the head count of pupils have fallen by 5 lakh. Similar trends have been reported in Haryana. Critics have also pointed out the possible security risk in using AadhaarPay, the Andriod-based app. Merchants can download the app in their phone and install a fingerprint scanner linked to the phone. Customers with Aadhaar numbers can use their fingerprints (like the secret PIN in case of debit cards) to do a transaction. While doubts have been raised about the safety of fingerprint data, officials in the know blame the controversy on the “card lobbies.”

“Thirty crore Indians have no mobiles. They find it difficult to handle password, pin or card, this is where AadhaarPay will come handy,” the official added. “They don’t need a smart phone or feature phone. They don’t need a debit card.

“Today more than 112 crore people have the Aadhaar card. Approximately, 52.95 crore people have linked their Aadhaar numbers to their bank accounts. We already have a system of Aadhaar authentication in place,” the official added.

Government officials are at pain to point out the larger benefits of Aadhaar, including savings of more than ₹49,000 crore by plugging leakages in government schemes like PDS. Government plans to increase the number of welfare schemes linked to Aadhaar from 36 to over 500. While the intent is good, concerns remain.

For more details visit https://cis-india.org/internet-governance/news/richa-mishra-hindu-businessline-march-13-2017-the-12-digit-conundrum

The 2nd IJLT-CIS Lecture Series — A Post-event Report

praskrishna — 2011-11-17T10:25:56Z

The Indian Journal of Law and Technology (IJLT) and the Centre for Internet and Society (CIS), organised the 2nd IJLT-CIS Lecture Series on the 21st and 22nd of May 2011 at the National Law School of India University, Nagarbhavi, Bangalore. The main theme for this year was Emerging Issues in Privacy Law: Law, Policy and Practice.

Speakers and Topics

Spread over two days, the National Law School hosted six speakers who held forth on the different aspects of privacy law, speaking from perspectives that were grounded in theory and actual practice and some that were India-centric while others applied equally to any jurisdiction.

Vivek Durai, Partner, Atman Law Partners, addressed the gathering and gave the general introduction to the need for a discussion relating to privacy and the law. He spoke of technology and certain current events, including technological advances, have made privacy an issue with which serious engagement of the law has become imperative.

Usha Ramanathan, an independent law researcher, spoke of the Unique Identity Project (Aadhar) launched by the Government of India and its implications on the privacy and data relating to the citizens. Ms. Ramanathan was critical of the Government’s plans on the basis that an ill-planned and executed project that sought to collect data such as this could provide easy fodder for data-mining. The latest 2011 rules that outline the relationship between the citizen and the state and the extent of privacy the citizen has in respect of this relationship.

Hamish Fraser, a leading Australian practitioner in the field of technology law, addressed the gathering via video conference and spoke about cloud computing and privacy of parties using such facilities. He highlighted how technology such as cloud computing where the storage of data is almost fully virtual, with only the weakest of links to any physical storage space, were being increasingly widely used. He helped provide a practitioners perspective to the lecture as well by discussing how companies and individuals seeking to utilise cloud computing facilities, particularly for business purposes, must check for some essential legal provisions that would allow them to retain control over their data and prevent their data from being misappropriated by the provider of the virtual storage space in the cloud. He briefly also discussed the draft Australian privacy legislation.

Sean Blagsvedt, founder of Baba Jobs, discussed the interplay between privacy and transparency and argued convincingly that under certain circumstances, transparency holds greater value than blind protection of privacy. He spoke of his experience in setting up Baba Jobs that seeks to act as a job portal-cum-social networking site for persons providing essential services such as plumbers, electricians, carpenters, house painters, etc. Rather than seeking to strictly protect the details and identity of these persons, Blagsvedt found that one of the most important factors for future employers while considering hiring such service personnel were the details of their previous assignments and testimonials from previous employers – the transparency that Baba Jobs offered became its USP. Blagsvedt talked of how a misplaced over-emphasis on privacy could often lead to greater detriments than benefits and prevent trust due to a lack of information. He concluded by predicting that as people increasingly shifted social and commercial transactions to the online world, the demands for privacy online would soon be offset by demands for greater transparency.

Sudhir Krishnaswamy, Professor of Law at the Azim Premji University, Bangalore delivered a lecture on the state and privacy in India illustrating the development of the law on the matter. He also discussed about the balance that needs to be struck between the individual’s requirement for privacy and the state’s desire for secrecy. He also spoke about two manners in which to conceptualise privacy — recognising privacy as an inherent right that may be at times restricted to a certain extent, vis-a-vis seeing privacy as a right that the state grants to a citizen.

Abhayraj Naik, Assistant Professor, Jindal Global Law School, Sonepat, gave a lecture on informational privacy in comparative contexts. The discussion centred on information surveillance in different jurisdictions and how the values attached to the attribution of information reflects in the laws relating to privacy in those different jurisdictions. His approach included mathematical modelling of information attribution and provided an interdisciplinary approach.

Participation

The lecture series saw registration from over 50 people, including students from law schools all over the country, practitioners, and even educators. Since the lectures were streamed live online, and this was only the second event in NLS to use this facility apart from the Annual Convocation, many more people listened to the lectures online. The lectures were available online for a period of one week after the conclusion of the lecture series.

IJLT-CIS Lecture Series 2011 Registration

The following people participated in the event:

Adithya Banavar, Akanksha Arora, Anand VJ, Aniket Singhania, Ankit Verma, Anupama Kumar, Aparna Gokhale, Arjun Krishnamoorthy, Arjun Sharma, Arun Menon, Asif Ayaz, B. N. Vivek, Batool, Chirag Tanna, Deepakar Livingston.P., Deepthi R, Dheer Bhatnagar, Dinesh Subramany, Esha Goel, Gopalakrishnan R., J Suresh, Jamshed Ansari, Kanti Jadia, Khadeeja Nadeem, Khumtiya Debbarma, Mani Bhushan, Manish, Nayan Jain, Neha Baglani, Panduranga Acharya, Partha Chakravarty, Parul Bali, Prashanth Ramdas, Prateek Rath, Preyanka Sapru, Prianca Ravichander, Priytosh Singh, Purushotham.G, Ralph A, Ruhi Chanda, S. Badrinath, S. Bhushan, S. K. Mohanty, Sahana Manjesh, Sanjana Chappalli, Santosh Dindima, Shalini Iyengar, Shalini S, Sibani Saxena, Spoorthy M. S., Tarang Shashishekar, Tarun Kovvali, Tejaswini Rajkumar, Vaishali Kant, and Y. Shiva Santosh Kumar.

See the Letter of Agreement [PDF, 1 MB]

For more details visit https://cis-india.org/internet-governance/ijlt-cis-lecture-series-report

The 'Global Multistakholder Community' is Neither Global Nor Multistakeholder

pranesh — 2016-11-03T10:42:53Z

CIS research shows how Western, male, and industry-driven the IANA transition process actually is.

In March 2014, the US government announced that they were going to end the contract they have with ICANN to run something called the Internet Assigned Numbers Authority (IANA), and hand over control to the “global multistakeholder community”. They insisted that the plan for transition had to come through a multistakeholder process and have stakeholders “across the global Internet community”.

Analysis of the process since then shows how flawed the “global multistakeholder community” that converges at ICANN has not actually represented the disparate interests and concerns of different stakeholders. CIS research has found that the discussions around IANA transition have not been driven by the “global multistakeholder community”, but mostly by males from industry in North America and Western Europe.

CIS analysed the five main mailing lists where the IANA transition plan was formulated: ICANN’s ICG Stewardship and CCWG Accountability lists; IETF’s IANAPLAN list; and the NRO’s IANAXFER list and CRISP lists. What we found was quite disheartening.

A total of 239 individuals participated cumulatively, across all five lists.
Only 98 substantively contributed to the final shape of the ICG proposal, if one takes a count of 20 mails (admittedly, an arbitrary cut-off) as a substantive contribution, with 12 of these 98 being ICANN staff some of whom were largely performing an administrative function.

We decided to look at the diversity within these substantive contributors using gender, stakeholder grouping, and region. We relied on public records, including GNSO SOI statements, and extensive searches on the Web. Given that, there may be inadvertent errors, but the findings are so stark that even a few errors wouldn’t affect them much.

2 in 5 (39 of 98, or 40%) were from a single country: the United States of America.
4 in 5 (77 of 98) were from countries which are part of the WEOG UN grouping (which includes Western Europe, US, Canada, Israel, Australia, and New Zealand), which only has developed countries.
None were from the EEC (Eastern European and Russia) group, and only 5 of 98 from all of GRULAC (Latin American and Caribbean Group).
4 in 5 (77 of 98) were male and 21 were female.
4 in 5 (76 of 98) were from industry or the technical community, and only 4 (or 1 in 25) were identifiable as primarily speaking on behalf of governments.

This shows also that the process has utterly failed in achieving the recommendation of Paragraph 6 of the 3 in 5 registrars are from the United States of America (624 out of 1010, as of March 2014, according to ICANN's accredited registrars list), with only 0.6% being from the 54 countries in Africa (7 out of 1010).

45% of all the registries are from the United States of America! (307 out of 672 registries listed in ICANN’s registry directory in August 2015.)

66% (34 of 51) of the Business Constituency at ICANN are from a single country: the United States of America. (N.B.: This page doesn’t seem to be up-to-date.)

This shows that businesses from the United States of America continues to dominate ICANN to a very significant degree, and this is also reflected in the nature of the dialogue within ICANN, including the fact that the proposal that came out of the ICANN ‘global multistakeholder community’ on IANA transition proposes a clause that requires the ‘IANA Functions Operator’ to be a US-based entity. For more on that issue, see this post on the jurisdiction issue at ICANN (or rather, on the lack of a jurisdiction issue at ICANN).

For more details visit https://cis-india.org/internet-governance/blog/global-multistakeholder-community-neither-global-nor-multistakeholder

That’s the unkindest cut, Mr Sibal

sunil — 2011-12-12T04:59:00Z

There’s Kolaveri-di on the Internet over Kapil Sibal’s diktat to social media sites to prescreen users’ posts. That diktat goes far beyond the restrictions placed on our freedom of expression by the IT Act. But, says Sunil Abraham of the Centre for Internet and Society, India is not going to be silenced online.

Thanks to leaked reports about unpublicised meetings that communications minister Kapil Sibal had with social media operators – or Internet intermediaries, to use legalese — such as Facebook, Google and Indiatimes.com, censorship policy in India has gained public attention, and caused massive outrage.

According to The New York Times India Ink reportage, quoting unnamed sources from the Internet intermediaries, Mr Sibal demanded proactive and pre-emptive screening of posts that people make on social media sites, ostensibly to filter out or remove “offensive” content and hate speech. In a television interview, however, the minister denied he wanted to censor what Indians thought and shared with others online.

One is tempted to believe him. He was, after all, the amicus for the landmark People’s Union of Civil Liberties (PUCL) wiretapping judgment of 1996, which is pivotal to protecting our civil liberties when using communication technology in India.

Last week, though, Mr Sibal came out in public with his demands, saying that there was a lot of content that risked hurting the sensibilities of people and could lead to violence. “It was brought to my notice some of the images and content on platforms like Facebook, Twitter and Google are extremely offensive to the religious sentiments of people ...”We will not allow Indian sentiments and religious sentiments of large sections of the community to be hurt,” he said.

There was even a threat of state action if Internet companies did not comply with demands to screen content before it was posted online.

The NYT blogpost said, however, quoting executives from the Internet companies Mr Sibal had reportedly met, that the minister showed them a Facebook page that maligned Congress president Sonia Gandhi and told them, “This is unacceptable.”

Google responded to Mr Sibal by releasing its Transparency Report, saying that out of 358 items that it had been requested to remove between January and June 2011, only eight requests pertained to hate speech, while as many as 255 complaints were against “government criticism”.

Indian netizens raged against Mr Sibal, and very quickly #IdiotKapil Sibal was ‘trending’ on Twitter, with thousands posting comments against attempts to ‘censor’ Internet content. Much has changed, in Mr Sibal’s reckoning, between 1996 and 2011.

So, what’s all the fuss over ‘pre-screening’ and what’s at stake here? Critics of Mr Sibal say, our freedom of speech and expression is under threat. They see a pattern in the way the government has sought to impose rules and restrictions on Internet and telecommunications players, with demands on BlackBerry-maker RIM to give it access to its users’ email and messenger content, on telecom players to install electronic surveillance equipment and let the government eavesdrop as it sees fit, and on the likes of Google and Yahoo to part with email content and users’ details.

It all started with the amendments to the Information Tech-nology Act 2000 in 2008. Together, they constitute damaging consequences for citizens, including the creation of a multi-tier blanket surveillance regime, inappropriate security recommendations, and undermining freedom of speech and expression.

The amendments passed in 2008 — without any discussion in Parliament – did solve some existing policy concerns, but simultaneously introduced new ones. For instance, Section 66, introduced during this amendment, criminalises sending offensive messages through any ICT-based communication service.

Offensive messages are described as “grossly offensive, menacing character..... or causing annoyance, inconvenience, danger, obstruction, insult, injury, criminal intimidation, enmity, hatred or ill will.” These terms are not defined in the IT Act or in any other existing law, rules or case-law, except for a couple of exceptions such as what constitutes “criminal intimidation”. These limits on the freedom of expression go well beyond Article 19(2) of the Constitution, which only permits “reasonable restrictions...in the interests of the sovereignty and integrity of India, the security of the State, friendly relations with foreign States, public order, decency or morality or in relation to contempt of court, defamation or incitement to an offence.”

If Mr Sibal himself were to don his lawyer’s coat again and launch a legal challenge to Section 66, in all likelihood, courts in India would strike it down as unconstitutional.

Section 79, which was amended, brought into being an intermediary liability regime. This was in part precipitated by the arrest of Avnish Bajaj, the former CEO of bazee.com in December 2004 for the infamous Delhi Public School MMS clip which was being sold on his e-commerce platform. Policy-makers were, however, convinced to follow international best practices and grant intermediaries immunity under certain conditions.

Just as the postal department is not considered liable for the content of letters or telecom operators liable for the content of phone conversations, Internet intermediaries, too, were to be considered “dumb pipes” or “common carriers” of content produced and distributed by users. Intermediaries therefore earned immunity from legal action so long as they acted upon take-down notices, or written requests for deletion of illegal content.

Section 79 was further clarified in April this year when the Intermediaries Guidelines Rules were notified. Stakeholders from the technology industry, media and civil society had sent feedback to the Department of Information Technology under the Ministry of Communication and Information Technology in February, but DIT choose to ignore the feedback and finalised rules with serious flaws in them. For one, a standardised “Terms of Service” that focused on limits on free expression had to be implemented by all intermediaries – forcing a one-size-fits-all approach.

Content that was 'harmful to minors' was not permissible regardless of the target market of the website. All intermediaries were supposed to act upon take-down notices within 36 hours, something that a Google may be able to do, but an average blogger could not.

Two, the vague terms introduced in Section 66A were left undefined. Intermediaries were asked to sit on judgment on the question of whether an article, image or video was causing 'inconvenience'.

Three, all principles of natural justice were ignored – the person responsible for posting the content would not be informed, s/he would not be given an opportunity to file a counter-notice to challenge the intermediary’s decision in court.

Four, the rules left it open for economically or politically motivated actors to seriously damage opponents online using fraudulent take-down notices, instead of treating abuse of the take-down notice system as an offence.

How the take-down system terrorises free expression on the Internet was illustrated when the Centre for Internet and Society, where this author works, undertook a research project. A pro-bono independent researcher who led the exercise sent fraudulent take-down notices to seven Internet companies in India. These included some of the largest and most popular Indian and foreign search engines, news portals and social media platforms.

Although they all employ the most competent lawyers in the country, six of the seven intermediaries over-complied, confirming our worst fears. In one case, a news portal deleted not just the specific comment that was mentioned in the take-down notice but 14 other comments as well. Most importantly, it must be pointed out, the comment identified in the take-down notice was itself an excellent piece of writing that could not be construed as “offensive” by any stretch!

In the single exception to the rule, one e-commerce portal refused to act upon a take-down notice trying to prevent the sale of diapers on the grounds that it was “harmful to minors”, rightly dismissing the notice as frivolous. But that exception simply proved a rule: Private intermediaries use their best lawyers to protect their commercial interests, but are highly risk-averse and do not value freedom of expression, unless it affects their bottomline.

Proactive and pre-emptive screening of social media content, as Mr Sibal has demanded, will only further compromise online civil liberties in what’s already a dismal situation. In short, we move from a post-facto to a pre-emptive censorship regime.

In fact, given the magnitude of the task of pre-screening in a nation with a 100 million Internet users and growing, such an intense censorship regime will mean not only that what Indian citizens say or post will be censored by private companies, but those private companies will, in turn, use machines to screen what humans are saying and doing! After all, otherwise, companies would require armies of human censors to screen the millions of posts that are made on Twitter and Facebook every minute.

But the Supreme Court has held that even the executive arm of government cannot engage in censorship prior to publication, let alone ordering private companies to do so. In any case, it’s a policy that’s bound to fail, for both technical reasons and for its failure to take into account human motivations.

Machines, as we know, continue to be poor judges of the nuances of human expression and will likely cause massive damage to the idea of public debate. Humans, on the other hand, will begin to circumvent machine filters – for example, content labelled as PRON instead of PORN will go through.

Draconian crackdown on certain types of fringe content is likely to have the counterproductive result of the general society developing an unhealthy obsession for exactly such content. Despite the comprehensive censorship controls in Saudi Arabia, for instance, pornography consumption is rampant, usually accessed via pirated satellite TV and circulated using personal computing devices and mobile phones.

But all is not lost yet, perhaps. Faced with the barrage of criticism, Mr Sibal has now called for public consultations on the issue of pre-screening content. There’s hope yet for freedom of speech and expression in India. Thanks to the Internet, a throwback to 1975 simply does not look possible.

Sunil Abraham is executive director of the Centre for Internet and Society, Bengaluru. He wrote this article in the Deccan Chronicle on December 11, 2011. Read the original here

For more details visit https://cis-india.org/internet-governance/unkindest-cut-mr-sibal

Thank You To Our 2014 Sponsors

praskrishna — 2014-12-27T14:27:26Z

Today’s the last day of work in 2014 for the editorial team at MediaNama, though we’ll run a Holiday Wire update intermittently this week, we’ll have a brief year end review for each major segment. Thank you for reading us in 2014, and have a great Christmas and New Year.

The blog entry was published in Medianama on December 22, 2014.

From the business side, it’s been a great 2015 for us, and we really appreciate the support we received in 2014 from all our sponsors, especially Spice Digital, our annual sponsor, and Antfarm, which supported us for almost the entire year. We’re still working, for an idea of our 2015 plans and editorial calendar, please see the presentation here.

Annual Sponsor:

- Spice Digital Ltd: a part of Spice Global Group – US$2 Billion conglomerate promoted by Dr. BK Modi, is one of India’s leading Mobile Value Added Services company and offers innovative solutions for Telecom Operators, Enterprises and Government using mobile connectivity media – Voice, SMS, USSD, WAP & 3G. We are preferred partner of all major telecom service providers in India and providing services to international telecom players in over 20 countries across the globe. We are pioneers in innovation and technology and committed to deliver excellent Award winning products and services to the customers.

We have exclusive tie-ups with Hungama and PPL for music streaming services.
We have acquired two leading international VAS players, MMS (Indonesia) and Beoworld (Malaysia).
Recently, we had a major financial investment from MediaTek (Taiwan).

Our sponsors during 2014:

- Antfarm is an innovation sandbox based out of Mumbai. It is led by a team of blue sky thinkers, entrepreneurs and professionals. The company takes great ideas with disruptive potential, puts together all the key ingredients of people, technology, strategy, marketing and capital to build these into scalable companies. The ultimate aim is to create global businesses that are ideated and built out of India. The first set of companies launched are Stylista.com, Arrive.com, Fork Media, and the farm is currently scaling up ideas in education, travel & leisure, retail, ad-tech and healthcare.

- Astro-Vision is a name easily recognized and held in great esteem in the world of astrology services. Its products range from software that run on the latest operating systems to web based solutions for major portals and the latest range of mobile phones. Astro-Vision’s focus has always been on providing innovative astrology solutions using the latest technologies in the field of IT and communications. From Desktop PCs to internet portals and mobiles phones, Astro- Vision’s range of solutions includes stand alone applications, online apps and astro content services. The company has strategic tie-ups with major IT enabled service networks like Suvidhaa, Reliance world, One stop shop and many networks under the Government of India’s CSC scheme, including Spanco and GNG. Many popular Indian websites today are powered by Astro-Vision’s web based astrology solutions and astrology content.

– Bruce Clay

- Buongiorno, founded in 1999, is known in the worldwide mobile commerce ecosystem for developing and managing paid apps and content that help consumers get greater enjoyment from mobile devices. On July 2012, after the settlement of a successful public tender offer, Buongiorno became a wholly-owned subsidiary of NTT DOCOMO – a global leader in mobile telecommunications technologies and services.

With direct connections to more than 130 telecom operators in 25 countries, over 10 years’ experience and a team of 600 professionals, Buongiorno makes the mobile internet experience happen for consumers globally.

- CCAvenue is India’s largest payment gateway solution powering 85% of the eMerchants in India across all verticals & has played the role of a catalyst to the growth of ecommerce with real time, multi-currency, multiple payment options online payment processing services. The solution is powered by proprietary technology that integrates transaction-processing, advance shopping cart, Invoicing, mobile page, risk assessment and fraud control, smart analytical dashboards, live monitoring of bank gateways, financial reporting etc. CCAvenue is the only complete PG solution in the country that has the unique ability to offer the full spectrum of 100+ Internet payment options.

5 Credit Cards
50 Debit Cards
6 ATM cum Debit Cards
50+ Netbankings
Mobile Payments
4 Cash Cards
CCAvenue PhonePay IVRS Based Payment Systems.

– The Centre for Internet and Society (CIS) is a non-profit research organization that works on policy issues relating to freedom of expression, privacy, accessibility for persons with disabilities, access to knowledge and IPR reform, and openness (including open government data, free/open source software, open standards, open access to scholarly literature, open educational resources, and open video), and engages in academic research on digital natives and digital humanities.

CIS critically engages with concerns of digital pluralism, public accountability and pedagogic practices, in the field of Internet and Society, with particular emphasis on South-South dialogues and exchange.

Hosting and Support

- E2E Networks: India’s most clued in dedicated hosting company founded by geeks. E2E Networks Private Limited has been into the business of providing Low latency Dedicated Servers and VPS Servers in India since 2009. E2E Networks goes way beyond merely provisioning servers/cloud infrastructure. Our expertise includes strategies and managed services help for implementing the most suitable cloud architecture based on public, private or hybrid cloud platforms for your web facing or enterprise applications.

- Fortumo allows any developer to set up payment processing for web and mobile services, games or apps using carrier billing. Payments work for PC applications, web services and HTML5, Android, Windows Phone & Windows 8 apps. Fortumo supports payments in 81 countries through 300 mobile operators. Get started with our self-service setup (no monthly fees or minimum volume commitments) at http://fortumo.com.

– Getit Infomedia is India’s digital supermarket for SMEs to get relevant business leads. We seamlessly deliver excellent value across all media platforms be it Voice, Mobile Applications, Online, WAP, Web chat, Print etc. The services provide presence, enquiries and leads to its advertisers while ensuring end users (consumers) have access to the best information, benefits and offers.

Event Sponsor

- Google is a global technology leader focused on improving the ways people connect with information. Google’s innovations in web search and advertising have made its website a top internet property and its brand one of the most recognized in the world.

- India.com is a joint venture between two media giants – Zee Entertainment Enterprise Ltd (ZEEL) and www.PMC.com is all about the new India that is funny, witty, shocking. It shows the new age Indian in their language. India.com provides a perspective that is reflective of the changing dynamic of the role media plays in India. Find out what the new India is saying only at india.com. Discover India and Indians at india.com for no one covers the new India as india.com! Get the latest updates follow @indiacom on Twitter.

– Info Edge (India) Limited is among the leading internet companies in India. Info Edge runs leading internet businesses – Naukri.com -India’s no. 1 job site, Jeevansathi.com – one of the leading matrimonial portal,99acres.com – India’s No.1 real estate portal and Shiksha.com – India’s leading education portal. The company also owns Quadrangle – an offline executive search business, and Naukri Gulf (a leading jobsite in the Middle East market). Info Edge also owns Brijj.com, a professional networking site and Allcheckdeals.com, an online real estate brokerage firm which is run as a subsidiary company.

- OnMobile Global Ltd. is a pioneer in white-labelled, Value Added Products and Services [VAS] for mobile, landline and media service providers. The #1 VAS specialist in emerging and high-growth markets, OnMobile touches the lives of over 1500 million mobile users across 55 countries each month. With our diverse product portfolio of Mobile Music, multi-screen Video Gateway and delivery solutions, Phone Backup and Personal Cloud Management solutions, Voice and Video portals, M-Commerce products and services, we generate 2 – 5% contribution for top customers and top line revenues of over US $800 million for over 92 customers globally. We deliver our products by the best combination of a hosted Cloud with on-site operations at the customer premises or through products deployed in customer networks.

Founded in 2000, OnMobile has business spread across India, U.S., LATAM, Africa, Australia, Middle East and Europe. The company was publicly listed in India in 2008. Recent acquisitions include Voxmobili (2007), Telisma (2008), Dilithium Networks (2010) and LiveWire (2013).

OnMobile is the first Indian telecom VAS Company to go public. The company’s shares are listed on the Bombay Stock Exchange (BSE) and the National Stock Exchange (NSE) as on March 31, 2010

– Qualcomm Ventures is the investment arm of Qualcomm Inc. (NASDAQ: QCOM), a Fortune 500 company with operations across the globe.As the Venture Capital investment arm of Qualcomm, the world leader in next-generation mobile technologies, Qualcomm Ventures has been making strategic investments in early-stage technology companies since 2000. With a $500 million fund commitment, Qualcomm Ventures seeks to make strategic investments in early stage high-technology companies that have the potential to dramatically transform our world.

QPRIZE (www.qprize.com)

QPrize™ is Qualcomm Venture’s Seed investment competition. It’s designed to provide entrepreneurs their first level of funding so they can launch their idea into a successful start-up business. The QPRIZE competition was first launched in 2009 to promote innovation in the technology industry and is designed to identify the industry’s most promising early-stage technology companies. We are looking for bright, energetic and resourceful entrepreneurs who have a passion for bringing new technologies and services to market. Our goal is to have QPrize act as a catalyst for our winners, providing the initial capital to launch their great ideas and support the company to its first institutional funding round.

– Times Internet (TIL) is a premier digital product company and the digital arm of The Times of India Group. It reaches over 100m visitors and serves 2 billion pageviews every month across web and mobile, with businesses across news, entertainment, sports, local, ecommerce, classifieds, startup investments, local partnerships, and more.TIL’s key properties in the news category includetimesofindia.com, economictimes.com and navbharattimes.com. Under its fold are topmost internet entertainment portals in India — Gaana.com – the music broadcasting service and BoxTV.com – the video streaming site. Indiatimes Shopping emerges as one of the top five e-commerce companies in India & TimesCity, a lifestyle destination covering recommendations across Restaurants, Movies, Events, Nightlife in your city. Times Internet has also entered into partnerships with global companies offering them its tremendous reach through online media platforms under its initiative called Times Global Partners(TGP). The TGP portfolio ranges from licensing partnerships to investments and acquisition. In the last year, TGP has made four acquisitions, twelve global partnerships, four minority investments and over 20 investments into start-ups through TLabs in the Indian ecosystem.

For more details visit https://cis-india.org/internet-governance/news/medianama-december-22-2014-thank-you-to-our-2014-sponsors

Text of DIT's Response to Second RTI on Website Blocking

pranesh — 2011-10-28T14:37:34Z

CIS had filed a request under the Right to Information Act with the government, asking a number of questions relating to blocking of content under the IT Act. We have reproduced below the response we got from the government.

Government of India
Ministry of Communications & Information Technology
Department of Information Technology
Electronics Niketan, 6 CGO Complex,
New Delhi-110003

No: 14(12)/2011-ESD
10.6.2011

Shri Pranesh Prakash,
Centre for Internet and Society,
194, 2C Cross, Domlur Stage II,
Bangalore - 560071

Subject: Request for information under RTI Act, 2005.

Sir,
Reference your request dated 13 May 2011, which was received in this office on 18.5.2011 on the above subject.

The information as received from the custodian of information is attached herewith (Annexure-I, II and III).

Yours faithfully,
(A.K.Kaushik)
Additional Director & CPIO
Cyber Laws & E-Security Division
Tel: 011-24364803

Annexure I

Reply to Shri Pranesh Prakash

How many orders have been issued for blocking of computer resources prior to the coming into force of the Information Technology (Amendment) Act, 2008 (i.e., before October 27, 2009) under the Information Technology Act, 2000, or any other law for the time being in force.

Reply - Five orders were issued for blocking access to web content.

Please provide a list of all the websites for which the DIT has issued blocking orders and the dates on which each website was blocked.

Reply - The following websites have been blocked pursuant to court orders

Sl	Website	Date of issuing direction by designated officer
1.	www.zone-h.org	08.03.2010
2.	http://donotdiall00.webs.com (IP 216.52.115.50)	08.08.2010
3.	www.bloggernews.net/124029	15.11.2010
4.	http://www.google.co.in/#hl=en&source=hp&biw=-1276&bih=843&=dr+babasaheb+ambedkar+wallpaper&aq=4&aqi=gl0&aql=&oq=dr+babas& gs_ rfai=&fp=e791fe993fa412ba	20.12.2010
5.	http://www.cinemahd.net/desktopenhancements/wallpaper/23945-wallpapers-beautiful-girl-wallpaper.html	20.12.2010
6.	http://www.chakpak.com/find/images/kamasutra-hindi-movie	20.12.2010
7.	http://www.submitlink.khatana.net/2010/09/jennifer-stano-is-engaged-to.html	20.12.2010
8.	http://www.result.khatana.net/2010/11/im-no-panty-girl-yana-gupta-wardrobe.html	20.12.2010
9.	http://www.facebook.com/pages/I-Hate-Ambedkar/172025102828076	25.02.2011
10.	www.indybay.org	17.03.2011
11.	www.arizona.indymedia.org	17.03.2011

Please provide a list of all the persons to whom such orders were issued.

Reply - The directions were issued to Department of Telecommunications.
Please provide a list of all the requests for blocking of information that have been received by the Designated Officer under the Information Technology (Procedures and Safeguards for Blocking Access of Information by Public) Rules, 2009 ("Rules").
Please provide a list of all persons/authorities from whom the Designated Officer under the Rules has received requests for blocking of information and the dates these requests were received.

Reply 4 & 5 - The details are given in Annexure-II.
Please provide the files on all the complaints and requests that have been rejected, including file noting.
Please provide the files on all the complaints and requests that have been accepted, including file noting.
Please provide the files on all the complaints and requests that are still being processed (e.g. more information has been sought on the request), including file notings.

Reply 6,7 & 8 - Files are available in section and can be viewed.
Please provide us copies of the minutes of all meetings held by the Committee for Examination of Requests under Rule 8(4) of the Rules.
Please provide copies of all the recommendations of the Committee for Examination of requests under Rule 8(4) of the Rules.

Reply 9 & 10 - Copy of the minutes/recommendation of the meeting of the Committee is at Annexure III.
Please provide us the dates and copies of the minutes of all meetings held by the Review Committee under Rule 14 of the Rules to periodically review the blocked resources.
Please provide us copies of all the findings of the Review Committee.
If the Review Committee has not met, please provide us the reason for the meetings not happenings as per the requirement of Rule 14 of the Rules.

Reply 11, 12 & 13 - This meeting is coordinated by Department of Telecommunications and DIT is not in possession of details.
Does "intermediary" in Rule 13 include intermediaries not located in India?

Reply - Such type of information is not permitted under RTI Act as per DOPT OM No. 1/7/2009 - IR dated 1st June 2009.
Has any block ordered by the DIT ever been revoked by the DIT or any other governmental authority?

Reply - Such questions are not permitted under RTI Act as per DOPT OM No. 1 /7/2009 IR dated 1st June 2009.
On what basis does the DIT decide whether the appropriate intermediary is the person who has put up content, the web host, or the different Internet service providers in India?

Reply - Such type of information is not permitted under RTI Act as per DOPT OM No. 1/7/2009 - IR dated 1st June 2009.
Does Rule 16 of the Rules override the Right to Information Act?

Reply - Such type of information is not admissible under RTI Act as per DOPT OM No. 1/7/2009 - IR dated 1st June 2009.
If the answer to the previous question is yes, please provide any correspondence with any legal officer who provided the DIT advice that it could override the Right to Information Act through delegated legislation.

Reply - Such type of information is not admissible under RTI Act as per DOPT OM No. 1/7/2009 - IR dated 1st June 2009.

Annexure II

Request received by Designated Officer

Website	Date of receipt of request	Request by
www.tamil.net.in	29.03.2010	Secretary Public (Law & Order) Deptt. Secretariat, Chennai 600 009
www.betfair.com	28.06.2010	Sr. Inspector, Cyber Crime Cell, Mumbai
http://www.youtube.com/ch?watv=tHUNESaC0E4	05.07.2010	Jt. Commissioner of Police (Crime), Mumbai
http://ulaginazhagiyamuthalpenn.blogspot.com	21.07.2010	Principal Secretary, IT Department, Chennai–600 009
en.wikipedia.org/Wiki/Sukhbir Singh Badal	11.08.2010	Principal Secretary to Govt. of Punjab, Dept. of IT, Chandigarh
http://www.exbii.com http://www.topix.net	05.10.2010	Commissioner, Maharashtra State, Colaba, Mumbai–400 001
http://ashsyumul.blogspot.com/2009/12/penginaan-terhadap-islam.html	20.08.2010	Shri Haneef Ali, State President, Bharatiya Janata Minority Morcha, Andhra Pradesh
http://www.angelsofindia.com/ http://www.adult-gals.com/ http://www.indianangels.net/ http://www.arabexposed.com/ http://indiamafia.com/ http://www.indianasfuckers.com http://www.indianpronvideos.in/ http://www.peterporntube.com http://www.bollywood-sex.net/ http://www.indianworldsex.com/ http://indianhomevideo.com/ http://indian-pakistani-girls.com http://indianvidz.com http://indianparadise.net/ http://bollywoodscandals.net/ http://indiansexpics.net/ http://www.indian-hardcore-movies.com/ http://www.bollywoodnudesex.net/ http://www.bangmyindianwife.com/ http://www.indian-angel-teens.com/ http://south-indian-sex.com/ http://www.indianseduction.com/ http://www.indiansexuniversity.com http://www.indianpassion.com/ http://fuckmyindianass.com http://indiansexwebcams.com/ http://exoticpics4u.com/ http://www.indianfreesexmovies.com/ http://www.newsindiansexmovies.com/ http://www.peterporn.net/ http://www.3xindianmovies.com/ http://www.amateur-indian-girls.com/ http://www.bollywoodhardcore.net http://www. indiansexpost.com/ http://www.desi-amateurs.com/ http://www.3xasianmovies.com/ http://allindiansex.com/ http://www.indiapornmovies.com http://www.3xindiansex.com/ http://www.indianxclips.com/ http://indiansexvideos.org http://www.pureindianporn.com/ http://indian-porn-sex.com http://www.newsindianpornmovies.com http://juicyindiangirls.com http://www/hardcoreindiansex.net http://bollywoodboobs.com http://indianmovietgp.com/ http://www.365indian.com http://www.indian-sex-hoes.com/ http://www.indian-sex-photos.net/ http://www.indian-free-sex.com/ http://www.indian-sex-movies.org http://ww.tamil-sex-movies.net/ http://www.indianteens.org/ http://www.sexyindianbooty.com http://www.indianposing.com http://www.pornhub.com/ http://www.indianpornhub.com/ http://www.exvideos.com	25.11.2010	Jt.Commissioner of Police (Crime), Mumbai

Annexure III

Minutes of the meeting held on 24-08-2010 for the request for blocking of website www.betfair.com

A meeting of "Committee for examination of request" constituted under the provisions of Information Technology (Procedure and Safeguards for Blocking for Access of Information by Public) Rules, 2009 under section 69A of the Information Technology Act, 2000 was held on 24.08.2010 at Electronics Niketan. New Delhi to examine the Request sent by Government of Maharashtra to block the website www.betfair.com. The meeting was participated by the following members:

Dr. Gulshan Rai, Group Coordinator, Department of Information Technology
Shri Dharmendra Sharma, Joint Secretary, Ministry of Home Affairs
Shri Arvind Kumar, Joint Secretary, Ministry of Information & Broadcasting
Shri Ashok C. Prakash, Additional L.A., Department of Legal Affairs
Shri B.J. Srinath, Sr. Director, CERT-In

The Committee discussed the case and observed that Govt. of Maharashtra has requested for blocking of website www.betfair.com on the grounds of "public order". The Committee also noted the reply from Cyber Crime Cell, Mumbai that no case has been registered against www.betfair.com. Further, no details suggesting the "impact" of the said site on public order has been made available by the State Government.

Keeping in view the directions of the Hon'ble High Court to dispose the application strictly as per law, the Committee assessed that based on the data/facts/details provided by Government of Maharashtra and Cyber Crime Cell, Mumbai, violation of section 69A of the Information Technology Act, 2000 is not being established.

Download a scanned version of the letter received from the DIT office here [PDF, 1.74 MB]

For more details visit https://cis-india.org/internet-governance/dit-response-2nd-rti-blocking

Terror recruiters target Indians on internet

praskrishna — 2014-07-18T06:57:56Z

What's in a name? If it indicates your religious identity, then you could get trolled by strangers wanting to draw you in with videos on the importance of archaic customs and doctored accounts of world history.

The article by Sandhya Soman was published in the Times of India on July 18, 2014. Sunil Abraham gave his inputs.

City-based lawyer Shakeel Ahmed recently took one such bait on the Holocaust from a stranger on WhatsApp just to know what kind of propaganda is in circulation.

"I can laugh at such videos and false images but they might confuse youngsters," says Ahmed. Online baiting to lure sympathizers and recruits by seasoned extremists has been on the police radar. If the four youngsters from Thane and Kalyan are indeed now in Iraq fighting for the Islamic militia ISIS, then a good part of their indoctrination could have happened online, say experts.

ISIS is known to have an aggressive social media policy, including an Arabic-language Twitter app, to spread their message and recruit supporters even after the Iraqi government curtailed internet in areas captured by the group recently. "There are many websites, including jihadi ones, favoured by people with extremist leanings," says Anti-Terrorism Squad (ATS) chief Himanshu Roy. Often, the initial contact is made on social networking sites and messenger services.

"The organizations spot youngsters and befriend them before inviting the trusted select to closed chat rooms," says K P Raghuvanshi, senior police official and former ATS head.

The discussion ranges from arranging finance to direct involvement, says Roy. "We have reason to believe that these four boys, who are all educated and come from reasonably well-off families, would have visited such sites and exchanged views with others," he says, refusing to elaborate. The youngsters are supposed to have been in touch with each other.

Those without a wide social network are easy targets, says Sunil Abraham, executive director of Centre for Internet and Society, a research organization. "If, as a young Muslim, you are in touch with only your friends and family, you might believe the false information that enters your circle of trust," he says. Contrary to belief, you don't meet a variety of people on social media. "Unless you have a critical understanding of internet, the medium with its interactivity and multi-media potential could aid propaganda," he says.

It was terrorist group Al-Qaeda that started using technology effectively since 2001. Its supporters came together to upload good quality videos of beheadings and suicide bombings to grab attention. Now, there is a variety of 'jihadist' software to prevent detection, whether it is a plug-in for instant messaging service, encryption for text messages or a stealth online network, according to media reports.

In India, terrorists took to technology in a big way from 2008 onwards when Indian groups like Indian Mujahideen recruited educated people, says an official. "Even a man who didn't know English, learnt to type Hindi using English alphabets and send and receive attachments," says the officer.

While officials say that it is difficult to monitor all the online activity, Roy says that ATS will tackle it. "This is the first instance of youngsters from Maharashtra going out to fight some other war," he says.

For more details visit https://cis-india.org/news/the-times-of-india-july-18-2014-sandhya-soman-terror-recruiters-target-indians-on-internet

Terms of Website Use

praskrishna — 2013-07-01T07:16:15Z

Parties and Ownership

These Terms of Website Use ("Terms") is made between the Centre for Internet & Society ("CIS") and you.
In these Terms, all references to "you" or "user" shall mean the end-user accessing the Website, its contents and using the services offered through the Website. "Service providers" mean independent third party service providers. All references to "we", "us" and "our" shall mean CIS.
The domain name www.cis-india.org ("Website") is owned by CIS. CIS offers this web site, including all information, tools and services available from this site, to you, the user, conditioned upon your acceptance of all the terms, conditions, policies and notices stated here. Your use of this site indicates that you have read, acknowledged and agreed to these Terms.

Due Diligence

These Terms are published in compliance with Rule 3(1) of the Information Technology (Intermediaries Guidelines) Rules, 2011 notified by the Central Government in the Gazette of India Extraordinary vide Notification GSR 314(E) on 11 April 2011 ("Intermediaries Rules"). These Terms constitute an electronic record for the purposes of the Information Technology Act, 2000 ("IT Act").
You agree that you will not host, display, upload, modify, publish, transmit, update or share any information that:
- belongs to another person and to which you do not have any right to;
- is grossly harmful, harassing, blasphemous defamatory, obscene, pornographic, paedophilic, libellous, invasive of another's privacy, hateful, racially or ethnically objectionable, disparaging, relating or encouraging money laundering or gambling, or otherwise unlawful in any manner whatever;
- harms minors in any way;
- infringes any patent, trademark, copyright or other proprietary rights;
- violates any law for the time being in force;
- deceives or misleads the addressee about the origin of such messages or communicates any information which is grossly offensive or menacing in nature;
- impersonates another person;
- contains software viruses or any other computer code, files or programs designed to interrupt, destroy or limit the functionality of any computer resource; or,
- threatens the unity, integrity, defence, security or sovereignty of India, friendly relations with foreign states, or public order or causes incitement to the commission of any cognisable offence or prevents investigation of any offence or is insulting to any other nation.
You agree that in the event of any non-compliance with these Terms, we have the right to immediately terminate your access or usage rights to this Website and our services and/or remove any information that is, or is deemed by us to be, non-compliant.

Use of this Website

Unauthorised use of this Website, any information contained therein and unauthorised entry into our systems is strictly prohibited. You may not use contact information provided on this Website for unauthorized purposes, including marketing. You may not use any hardware or software intended to damage or interfere with the proper working of this Website or to surreptitiously intercept any system, data or personal information from this Website. You agree not to interrupt or attempt to interrupt the operation of this Website in any way.
We reserve the right, in our sole discretion, to limit or terminate your access to or use of this Website at any time without notice. Termination of your access or use will not waive or affect any other right or relief to which we may be entitled at law or in equity.
You represent and warrant that you own or otherwise control all the rights to the content you supply; that the content is accurate; that use of the content you supply does not violate any provision herein and will not cause injury to any person or entity; and that you will indemnify us for all claims resulting from content you supply.
You shall comply, and cause compliance, with all applicable provisions of any law, statute, ordinance, order, rule, regulation, bye-law, notification, custom, circular, press note, policy or other usage or mandatory requirement having, in the territory of India, the force of law.

Information on this Website

We are not responsible if information made available on this Website is not accurate, complete or current. The material on this Website is provided for general information only and should not be relied upon or used as the sole basis for making decisions without consulting primary, more accurate, more complete or timelier sources of information. Any reliance on the material on this Website is at your own risk. This Website may contain information that has typographical errors or inaccuracies. This Website may contain certain historical information. Historical information is provided for your reference only. We reserve the right to modify the contents of this Website at any time, but we have no obligation to update any information on this Website. You agree that it is your responsibility to monitor changes to this Website. Your use of this Website constitutes agreement to all such changes. We may discontinue or change any product or service described or offered on this Website at any time.

Trademarks, Copyright and Other Proprietary Rights

You or third parties acting on your behalf are not allowed to frame this site or use our proprietary marks as meta tags, without our written consent. These marks include, but are not limited to:

You may not use frames or utilize framing techniques or technology to enclose any content included on the site without our express written consent. Further, you may not utilize any site content in any meta tags or any other "hidden text" techniques or technologies without our express written consent.
Trademarks, logos and service marks displayed on this site are registered and unregistered trademarks of ours and our partners, sponsors, content providers, or other third parties. All of these trademarks, logos and service marks are the property of their respective owners. Nothing on this site shall be construed as granting, by implication, estoppel, or otherwise, any license or right to use any trademark, logo or service mark displayed on the site without the owner's prior written permission, except as otherwise described herein. We reserve all rights not expressly granted in and to the site and its content.

Disclaimer of Warranties

Your use of this Website is at your sole risk. This Website is provided on an "as is" basis. We reserve the right to restrict or terminate your access to this Website or any feature or part thereof at any time. We expressly disclaim all warranties of any kind, whether express or implied, including but not limited to the implied warranties of merchantability and fitness for a particular purpose and any warranties that materials on this Website are non-infringing, as well as warranties implied from a course of performance or course of dealing; that access to this Website will be uninterrupted or error-free; that this Website will be secure; that the site or the server that makes this Website available will be virus-free; or that information on this Website will be complete, accurate or timely. If you download any materials from this Website, you do so at your own discretion and risk. You will be solely responsible for any damage to your computer system or loss of data that results from the download of any such materials. No advice or information, whether oral or written, obtained by you from us shall create any warranty of any kind. We do not make any warranties or representations regarding the use of the materials on this Website in terms of their completeness, correctness, accuracy, adequacy, usefulness, timeliness, reliability or otherwise.

Limitation of Liability

You acknowledge and agree that you assume full responsibility for your use of this Website. You acknowledge and agree that any information you send or receive during your use of this Website may not be secure and may be intercepted by unauthorized parties. You acknowledge and agree that your use of this Website is at your own risk. Recognizing such, you acknowledge and agree that, to the fullest extent permitted by applicable law, neither we, our partners, sponsors or content providers will be liable for any direct, indirect, punitive, exemplary, incidental, special, consequential or other damages arising out of or in any way related to this Website, or any other site you access through a link from this Website or from any actions we take or fail to take as a result of communications you send to us, or the delay or inability to use this Website, or for any information, products or services advertised in or obtained through this Website, removal or deletion of any materials submitted or posted on this Website, or otherwise arising out of the use of this Website, whether based on contract, tort, strict liability or otherwise, even if we, our affiliates or any of our suppliers have been advised of the possibility of damages.
This disclaimer applies, without limitation, to any damages or injury arising from any failure of performance, error, omission, interruption, deletion, defects, delay in operation or transmission, computer viruses, file corruption, communication-line failure, network or system outage, your loss of profits, or theft, destruction, unauthorized access to, alteration of, loss or use of any record or data, and any other tangible or intangible loss. You specifically acknowledge and agree that neither we nor our suppliers shall be liable for any defamatory, offensive or illegal conduct of any user of this Website. Your sole and exclusive remedy for any of the above claims or any dispute with us is to discontinue your use of this Website. Subject to the terms of the Limitation Act, 1963, you agree that any cause of action arising out of or related to the site must commence within one (1) year after the cause of action accrues otherwise the cause of action is permanently barred.

Indemnification

You agree to indemnify us, defend us and hold us harmless, including our affiliates and our officers, members, directors, employees, consultants, contractors, agents, licensors, service providers, subcontractors and suppliers from and against any and all losses, liabilities, expenses, damages and costs, including reasonable attorneys' fees and court costs, arising or resulting from your use of this Website and any violation of these Terms. If you cause a technical disruption to this Website or the systems transmitting this Website to you or others, you agree to be responsible for any and all losses, liabilities, expenses, damages and costs, including reasonable attorneys' fees and court costs, arising or resulting from that disruption. We reserve the right to assume exclusive defence and control of any matter otherwise subject to indemnification by you and, in such an event, you agree to cooperate with us in the defence of such matter.

Governing Law, Jurisdiction and Definitive Agreement

This Website is controlled, operated and administered within India. We do not make any representation that materials on this Website are appropriate or available for use at other locations outside India and access to them from territories where their contents are illegal is prohibited. You may not use this Website in violation of Indian laws. If you access this Website from locations outside India, you are responsible for compliance with all local laws. These Terms shall be governed by the laws of India, without giving effect to its conflict of laws provisions. You agree that the courts at Bangalore shall have exclusive jurisdiction to settle any dispute or claim that arises out of or in connection with your use of this Website and these Terms.
These Terms constitute the entire and definitive agreement between you and us with respect to your use of this Website. If for any reason a court of competent jurisdiction finds any provision of these Terms, or portion thereof, to be unenforceable, that provision shall be enforced to the maximum extent permissible so as to give effect to the intent of these Terms, and the remainder of these Terms shall continue in full force and effect.

For more details visit https://cis-india.org/about/policies/website-use