We are anonymous, we are legion

Stockholm Internet Forum 2017

praskrishna — 2017-06-06T13:43:25Z

Elonnai Hickok participated in the Stockholm Internet Forum 2017 held in Stockholm from May 15 to 18, 2017. She spoke on the panel "Private sector and civil society collaboration to advance freedom online". The event was organized by Swedish International Development Cooperation Agency.

Pre-SIF 15 May at Sida HQ

Welcoming and informal lunch at Sida 12.00 – 14.00 (Location: Oasen)

Pre-SIF regional sessions: 14.00 – 17.00 (breaks included)

MENA: Access, power and gender (Location: Hörsalen)

AFRICA: Inequality and the digital revolution in Africa (Location: Oasen)

LATIN AMERICA: Human rights and technology in Latin America: Where to from here? (Location: Room 19, Asante)

EURASIA: Media freedom and fact checking practices (Location: Room 18, Djenné)

SOUTH EAST ASIA: Regional internet freedom unconference (Location: Room 23, Quirigua)

STUDY VISIT: Kista Science City

Mingle: 17.00 – 18.00

Dinner: 18.00 – 20.00

Pre-SIF 16 May at Sida HQ

Welcome and framing access and power 09.00 – 11.30 (break included, location: Oasen)

Pre-SIF Parallel sessions: 11.30 – 13.00

1A From divides to dividends – DDP and SDG17 (Location: Oasen)

1B Online threats: Operational response and kick-ass solutions (Location: Hörsalen)

Mingle and lunch: 13.00 – 15.00 (Location: Oasen)

Pre-SIF Parallel sessions: 15.00 – 17.00

2A Financial services in a digital era: Development, livelihoods and privacy (Location: Oasen)

2B Responsible data forum: Open source investigation for human rights (Location: Hörsalen)

Mingle: 17.00 – 18.00

Dinner: 18.00 – 20.00

SIF 17 May at Münchenbryggeriet

Opening and main session 1: 9.00 – 11.00 (Location: Mässhallen)

Welcoming remarks by Sida Director General Lennart Båge

Speech by Swedish Minister of Culture and Democracy Alice Bah Kuhnke

Main session 1: Equal access – Distributed power

The theme of SIF 2017 is “Access and Power” – a duality that can be analysed in many different ways. It is not enough to have access to the Internet, ICT’s and digital tools to achieve social justice and development outcomes. The question of what people have access to and what possibilities access gives also needs to be addressed. Access to the Internet is more than technical aspects and solutions – there are also dimensions related to rights, policy and power that need to be addressed.

At SIF we are keen on framing the current struggles and challenges in order to formulate possible ways ahead. One way to approach this is to discuss the co-relation between access and power. The first main session on the various aspects of access and power, is designed to get the conversation started.

Speech by State Secretary Annika Söder 11.00 – 11.15 (Location: Mässhallen)

Coffee break 11.15 – 11.45

Parallel sessions: 11.45 – 13.00

#SIF1A Digital Identity (Location: Mässhallen)

#SIF1B Community access – Helping the last 4 billion get connected (Location: Fogelström)

#SIF1C Gender based violence online: levelling the discussion (Location: Riddarsalen)

Mingle and lunch: 13.00 – 14.00

Parallel sessions: 14.00 – 15.30

#SIF2A OPEN SIF (Location: Mässhallen)

#SIF2B The promises and risks of the platform economy (Location: Fogelström)

#SIF2C The global shut down epidemic – From rights, tech and economic perspective (Location: Riddarsalen)

Coffee break 15.30 – 16.00

Breakout sessions: 16.00 – 17.30

#SIFB1 The (alternative) truth is out there (Location: Mässhallen)

#SIFB2 Private sector and civil society collaboration to advance freedom online (Location: Galleriet)

#SIFB3 Access and human rights in the smart city (Location: Riddarsalen)

#SIFB4 Empowering technologies in hostile environments (Location: Milles)

#SIFB5 Freedom Online Coalition: Open forum (Location: Fogelström)

Reflections and highlights from the day: 17.45 – 18.45

(Location: Mässhallen)

Mingle and Dinner: 19.00 – 21.00

SIF 18 May at Münchenbryggeriet

Welcome and keynote: 09.00 – 09.30 (Location: Mässhallen)

Parallel sessions: 09.30 – 11.00

#SIF3A OPEN SIF (Location: Mässhallen)

#SIF3B Digital rights 2.0: challenges and opportunities to empowerment (Location: Fogelström)

#SIF3C Safe media in conflict and chaos (Location: Riddarsalen)

Coffee break: 11.00 – 11.30

Main session 2: 11.30 – 13.00 (Location: Mässhallen)

A positive outlook: Leave no one offline

Half of the world’s population — specifically women, the poor and marginalised populations in developing countries — are still being left offline. What is needed to reach those still offline?

Beyond access, there are still many obstacles to achieving a digital inclusive society. Access to the Internet, ICT’s and digital tools is not only a catalyst for economic growth but increasingly a means for people to participate in today’s society. Too often access is measured by number of subscribers. This session will address access and power from a multidimensional approach – including infrastructure, affordability and contextual factors such as regulation and social and power structures.

Mingle and lunch: 13.00 – 14.00

Closing session: 14.00 – 15.00 (Location: Mässhallen)

This session will focus on summarizing knowledge and experiences shared at SIF17 and mapping the road ahead – identifying constraints but also opportunities for equal access and Internet freedom in the strive for global development and a digital inclusive society. The closing session will be interactive with the participants being the centre of the discussion.

Side happenings

During breaks you will have the opportunity to develop your digital skills, participate in discussions and expand your knowledge at this year’s side happenings.

16 May at Sida HQ

11.00 – 17.30

New media documentation clinic with Witness

(Location: Room 19 Asante)

11.00 – 17.00

Developing Internet universality indicators with UNESCO and the APC Internet indicators consortium

(Location: Room 21 Tsodilo)

14.30 – 17.30

Local access and community based networks with APC and ISOC

(Location: Djenné)

17 – 18 May at Münchenbryggeriet

All day

Digital security clinic with Access Now

(Location: Mässtorget)

Healing justice pod with Astraea Foundation

(Location: Bergrummet)

For more details visit https://cis-india.org/internet-governance/news/stockholm-internet-forum-2017

Stock Brokers Don't Love an Internet Shutdown

Binita Parikh — 2017-12-19T16:20:49Z

Strap: For a trade that rides on price volatility and fast reactions, an internet shutdown is a costly slowdown.

Ahmedabad, Gujarat: An internet shutdown means breaking contact with the lifeline of the stock market: information about share price movement. “The entire momentum for trading and investing comes from the control the trader feels he has on information about share prices," says Minesh Modi, a trader based in Ahmedabad. "The internet puts information on our fingertips, so the trader could play on the stock exchange. It gives you a sense of control on the data, and is also mechanism to trade."

So, when the Gujarat government shut the internet down for a week during the Patel agitation in September 2015, and for four hours to prevent cheating on phones during a Revenue Accountants Recruitment Exam in February 2016, Modi says, "That intense feeling of connect goes away, and the faith is shaken.”

An obvious fallout of mobile internet shutdown is that terminals connected via phone internet stop working, and mobile trade is not possible. However, many Gujarati investors say that while they check price variations and movements online, they still trade through brokerage houses. Playing the stock market is usually a part-time business activity for most Gujaratis. “I don’t trade online directly. I place actual orders of purchase/sell through my broker," says YK Gupta, an investor in the city. Still, he did struggle during the internet shutdown. “I couldn't keep a tab on the price movement, and had to call up my broker for updates. How many times can I take updates on the phone? The television gives prices of only a few stocks, and there is a delay of three to five minutes of prices on the television. Stock prices being as volatile as they are, that time gap can be life-changing in the stock market.” Not willing to risk a huge mistake, Gupta chose to stay away from making any stock transactions during internet shut down.

The stock market rides on people's aspirations and individual deductions about trends and data, which in turn impacts business valuations. Since internet penetration has increased, traders say there is a premium on speedy reaction as well. Anil Shah, a former director with the Bombay Stock Exchange (2011-14) and a member of the National Stock Exchange, believes that an internet shutdown, however partial, will paralyse the ecosystem that sustains the share market. “Most of our work is on the terminals and when they stop, the smooth flow gets disrupted. The information that is the base in the stock market, the actual trading and fund flow work, all this will stop. When the internet stops, data stops, and the flow of work stops. It's as simple as that,” he says.

Recalling the impact of the internet and how it has evolved and woven itself into the stock market ecosystem, Shah adds, “Earlier, when the telephone number was the basis of trading, we could establish connectivity via phones. But since 2006-7, we have slowly moved to the internet to establish interconnectivity. The more reliable, faster and cheaper the internet services got, the more it integrated itself into our trading patterns. More people shifted to it as a connecting platform. About 95% connections are now established online."

He says that NSE/BSE members now have a dedicated lease line so that they don’t lose contact with the stock market. "Many brokerage firms are connected via VSAT linkages, so that we, as Gujarat state, don’t get disconnected fully with the rest of India. The loss due to internet shutdown is not quantifiable. It will have to be measured as the cost of a missed opportunity."

It is not just the stocks, but also banking transactions that stop or decrease drastically in volume when the internet stops, Shah says. “During the Patidar agitation, mobile internet services in most areas were shut down. However, broadband services were not stopped, so the brokers managed to keep the ball rolling. But brokers will lose in volumes. It is difficult to put a figure to it, but the movement and momentum of trade goes down.”

Echoing a similar sentiment, VK Sharma, head of Public Consulting Group and Capital Market Strategy at HDFC Securities, says that large companies have the facility to call their other branch offices and get the transactions through. So only customers and traders who don’t have a landline fallback option will be affected. However, those who wish to transact on the stock market with help of mobiles will not be able to do so. “This way, the volume of transactions is not stopped completely, but definitely curtailed,” Sharma says. “The decrease can be roughly estimated to be around 3%, but the state-wise breakdown of transactions and impact is not available from the exchange. Moreover, internet slowdown or shutdown results in a lot of disputes among traders and brokers - about the price entered into for transaction and the price that the deal is finalised on.”

Sarit Choksi, an investor who trades regularly, lamented the absence of a recovery mechanism for the losses that the people incurred. “When the net shuts off, we have to call the broker, who does not have dedicated phone lines to handle the huge hike in calls, so getting through to him is itself a challenge,” he says. “Then, as we don’t have the information at our fingertips, we cannot adjust the mutual funds choice, ‘stop loss’ and set ‘buy or sell’ limits in tune with the market movement. By the time I see it on tv, and get through to the broker to execute the deal, the price has changed. Who is going to compensate for this loss?”

It’s impractical to tell the Stock Exchange Bureau of India or the traders that the transactions could not go through due to internet shutdown, or ask them to forgive the price difference due to the long waiting time on the telephone. If brokerage houses makes a mistake, Choksi explains, arbitration is available, but there is no platform to claim or address the kind of losses one incurs due to external limitations like an internet ban.

“If internet connectivity is put on ransom due to political ambitions, it is very disruptive,” Choksi says. “In a society deliberately being pushed to go digital, the impact of such a shutdown is felt in financial and social sectors. When such political decisions are taken without considering the other impacts, our bread and butter is affected, and we are left high and dry, with no recourse or means to compensate the loss.”

Binita Parikh is a Ahmedabad - based freelance writer and a member of 101Reporters.com, a pan-India network of grassroots reporters.

Shutdown stories are the output of a collaboration between 101 Reporters and CIS with support from Facebook.

For more details visit https://cis-india.org/internet-governance/blog/stock-brokers-dont-love-an-internet-shutdown

Stiff Resistance Dogs India's ID Plan

praskrishna — 2011-04-02T09:59:06Z

An article about the UID project by Indrajit Basu in Asia Times Online.

Tembhali is little known beyond its neighborhood in northern Maharashtra. Yet, as Manmohan Singh and Sonia Gandhi descended by on Wednesday, the tiny hamlet with less than 1,500 residents suddenly became the center of attraction in the global arena of e-governance.

India's prime minister and the ruling Congress party's leader were helicoptered in to officially flag India's most ambitious attempt to transform the way the state reaches its citizens - and also the world's largest identity program.

The so-called Unique Identification (UID) mission, which has been dubbed locally as "Aadhar" ("foundation"), the project will create unique biometric identification numbers for each and every one of India's 1.2 billion people.

Ambitious yet highly controversial, UID numbers will be linked to fingerprints, iris scans, personal information, a microchip for easy scanning, and more. Led by a new government agency called the Unique Identification Authority of India (UIDAI), the project is spearheaded by Nandan Nilekeni, one of India's most famous techie-entrepreneurs as the co-founder of Infosys, who has been given ministerial powers and a magnanimous (rumored to be US$3 billion or more) budget to implement the grand plan.

According to Nilekeni, among the scores of advantages for the country's people, the millions of India's poor who are without access to the government's plethora of welfare schemes would benefit the most from the new identification system. Much like the mobile telephony, the UID number would connect the poor to the broader and advancing economy of India, he says.

"The government has taken up this project for two reason; one is there are large number of Indians specially those who are urban migrants and rural poor who do not have any form of acknowledged existence by the state and therefore they face the challenge of harassment in their lives. They do not get access to public services either. So the one of the main purposes of this program is to make life easier for the millions of poor, migrants and marginalized (expected to be over 300 million) people. As well as to give inclusion to them," said Nilekeni.

The other is to make all government welfare schemes far more efficient by ensuring that they reach "each and every deserving poor", he says.

Even as the impoverished tribal farming community in Tembhali - many of whom do not even own the land they till - wonder how a unique identity, as Manmohan declared on Wednesday, "can change their lives", UID is meeting stiff resistance from civil liberties groups, privacy advocates, and legal eagles.

Critics condemn the UID as a blatant intrusion to privacy, a tool that will increase bureaucracy and corruption, and say that in addition to being hugely expensive and even illegal, the UID goes against basic human values.

"This project, has been initiated without any prelude: there is no project document; there is no feasibility study; there has been no cost-to-benefit analysis and there are serious concerns about data and identity theft," said Gopal Krishna, Member Citizens Forum for Civil Liberties.

Worse, Krishna added, a project "that could change the status of the people in this country, with regard to security and constitutional rights has been initiated without any legal authorization; just on the basis of an executive order".

The strongest opposition to the project has been generated by the fact that it aims to create a huge digital database containing sensitive personal information in one central location. This is a security risk of "immense" proportions, according to critics.

"Given that the country has hardly any capability in securing its digital database, and an absence of privacy laws, UID's plans of storing its data in one centralized database is an immense risk," said Sunil Abraham, an activist at the People Union for Civil Liberties. "The trouble with a centralized infrastructure is that if it is compromised, then all of it will be compromised, which can result in the collapse of the country's information systems."

Nilekeni deflects these criticisms, saying that the UID Authority will use "the best expertise for security and we also have a policy of proactively publishing strategy policy report and committee reports on our website as well." But arguments against the project stretch on.

"The other opposition is the use of biometrics for ID," says Abraham. "Our fear is that most parts of the country do not have power and if the system mandates that every time a rural resident has to prove his identity biometrically for say collecting subsidized food, chances are that the process will be slower and more prone to failure because of lack of infrastructure."

That, according to critics, could give rise to newer complication or even manipulation of the biometric data - and hence an additional opportunity for corruption.

"A typical unlettered person does not understand the complexities of biometric data collection and verification," says Jiti Nichani, a researcher and an advocate, Alternative Law Forum. "Given the rampant bureaucracy and corruption in the country, this would give yet another reason for the corrupt to siphon off the largesse of a welfare scheme elsewhere; corruption will increase manifold as a consequence."

Still, its flip side is not really devoid of selling points; some of UID's beneficial characteristics are undeniable.

For one, experts say, for every rupee spent on the government's welfare schemes, lack of identity of a poor Indian results in just 15 paisa reaching them. UID then can really revolutionize the way government services are delivered.

Besides, inability to prove identity is not only one of the biggest barriers that prevent the poor from accessing benefits and subsidies, or stymie the government from reaching out to the deserving. It also stops the government formulating appropriate welfare polices, plugging leakages, and above all, eliminating fraud and duplicate identities.

UID, say its proponents, will no longer allow someone to represent themselves differently across a number of agencies, which could solve a lot these problems.

"A UID will enable the poor grab the right to education, get jobs on migration, get medical benefits and even open a bank account and get a mobile phone connection," said Nilekni. "The transformative capability of the UID scheme can be enormous."

Nevertheless, providing an identity to one billion plus Indians in a country so devoid of basic infrastructure is a Herculean task.

Its real challenge may not lie in the concerns that critics have raised, but perhaps in the politics of governance and its reforms. Experts say the success of the project depends on the effective use of political authority, and how Nilekeni and Manmohan manage to address corruption in the political and official systems.

Nilekeni though is undaunted. "I am aware that there are a lot of challenges and this is a humongous project," he said. "But there is a lot of political will and support, and the government is firmly convinced that this project could change the face of India."

Read the original in Asia Times Online

Note: Sunil Abraham does not work for People's Union for Civil Liberties

For more details visit https://cis-india.org/news/stiff-resistance

Steady Steps.....FOSS and the MDG's

praskrishna — 2012-12-09T01:11:31Z

Pranesh Prakash was a panelist at this IGF workshop held on November 9, 2012. It was organised by International Center For Free and Open Source Software and Free Software and OpenSource Foundation For Africa.

IG4D Thematic Cluster 2 "Enabling Environment" Question 1: What does it take to attract investment in infrastructure and enc

Concise Description of Workshop:

This workshop will address some key areas, where Free and open source software has made a milestone, in the last few years to fulfill the Millennium development goal, across the globe. Many a times whenever FOSS is mentioned, , thoughts quickly run to ‘techies’ . In this session , the Panelists will give practical presentations/projects on Free and Open Source Software, outside the technical arena and show how it has changed the face of : 1) Governments:- We will look at, Policy in the area of Open Data, 2) In Academia:- We will look at, Open Education Resources (OER) , FOSS in schools etc, both in Africa and India. 3) In Private Sector- we will look at , Wealth creation, innovation and job creation, just to mention but a few. 1) Secondly we will look at how FOSS is bridging the digital divide, existing between the different age groups more especially the Youth, Women, between the different social circles/media , inclusion of person's with disabilities.etc, through partnerships and rural deployment of FOSS. We will have the privilege to look at initiative(s), in Brazil. 1) Last but not least, It will address, the key policies, that governments should embrace, that would continue to enhance FOSS in the Internet development goal at national level , regional level and at the global level. A rich discussion will be encouraged, from the participants to ensure that the FOSS community understands its strength and role in the internet governance realm, in policy making process and in the privacy, security and openness arena.

Workshop Agenda:
1. What Milestone has FOSS made in:
i) Academia
ii) Government
iii) Private Sector
2. Is FOSS factor to consider in bridging the digital divide?
3. Regarding the Milestone that FOSS has achieved, should there be national, regional, global.etc policies to ensure a fair palying field it?
- Closing remarks, What actions to be taken, conclusion.

Submitted Workshop Panelists:

1. Mr. Satish Babu - ICFOSS, India (Government)- Moderator- Confirmed
2. Mr. Fernando Botelho- F123.org, Brazil (Remote Participation)- Confirmed
3. Ms. Anne Rachel Inne, ICANN- Confirmed
4. Mr. Pranesh Prakash, CIS Bangalore, India- Confirmed
5. Ms. Mishi Choudhary, Executive Director of International programs at Software Freedom Law Center (SFLC), India- Confirmed
6. Mr. Yves Miezan Ezo, FOSSFA , CHALA, France- Confirmed
7.Ms. Nnenna Nwakanma, CEO, Nnenna.org, Cote d' Ivoire- Confirmed

Name of Remote Moderator(s):

Ms. Judy Okite, FOSSFA

Assigned Panellists:

For more details visit https://cis-india.org/news/steady-steps-foss-and-mdgs

Stay connected even when you go underground

praskrishna — 2014-07-04T15:15:11Z

CMRL may soon start making arrangements to ensure good mobile connectivity on the underground stretch.

The article by Sunita Sekhar was published in the Hindu on June 12, 2014. Nishant Shah gave his inputs.

A really erratic mobile network connection is something all of us have probably experienced, while on the move, every now and then.

If your mobile phone signal can fail you on the road, have you thought what it will be like when you ride underground?

Perhaps it is time to put that thought into your head. Not very many years from now, it is likely you will be riding the Chennai Metro underground.

Folks at Chennai Metro Rail Ltd. (CMRL) have, however, already thought of this, to their credit.

CMRL may soon start making arrangements to ensure good mobile connectivity on the underground stretch.

“We are considering various options to boost mobile network underground. It is important we provide such a service,” says a CMRL official. Chennai Metro, built at a cost of Rs. 14,600 crore, 45 km across the city, will have 24 km underground. Of the 32 stations, 19 will be underground.

CMRL has drawn the idea from Delhi Metro Rail Corporation (DMRC), a principal consultant. Sometime back, Delhi Metro Rail had installed additional cellular towers at its underground stations to improve mobile connectivity.

The value of such a facility will surface especially during a crisis, according to Nishant Shah of Centre for Internet and Society.

“Connectivity becomes crucial when something untoward — be it breakdown of infrastructure or even sexual harassment — occurs on the underground stretch. It needs to be recorded or documented immediately,” he says.

Janaki Pillai of Ability Foundation says connectivity is particularly critical for the hearing impaired, who often use the messaging and WhatsApp services.

“But the question of them using the underground stations and the need for mobile connectivity arises only when the stations are accessible. Whether I choose to use it or not is different, but the service should be available and the choice should be mine,” she says.

For more details visit https://cis-india.org/news/the-hindu-june-11-2014-sunita-sekhar-stay-connected-even-when-you-go-underground

Statutory Motion Against Intermediary Guidelines Rules

pranesh — 2012-04-03T09:35:41Z

Rajya Sabha MP, Shri P. Rajeev has moved a motion that the much-criticised Intermediary Guidelines Rules be annulled.

Motion to Annul Intermediary Guidelines Rules

A motion to annul the Intermediary Guidelines Rules was moved on March 23, 2012, by Shri P. Rajeeve, CPI(M) MP in the Rajya Sabha from Thrissur, Kerala.

The motion reads:

"That this House resolves that the Information Technology (Intermediaries Guidelines) Rules, 2011 issued under clause (zg) of sub-section (2) of Section 87 read with sub-section (2) of Section 79 of the Information Technology Act, 2000 published in the Gazette of India dated the 13th April, 2011 vide Notification No. G.S.R 314(E) and laid on the Table of the House on the 12th August, 2011, be annuled; and

That this House recommends to Lok Sabha that Lok Sabha do concur on this Motion."

This isn't the first time that Mr. Rajeeve is raising his voice against the Intermediary Guidelines Rules. Indeed, even when the Rules were just in draft stage, he along with the MPs Kumar Deepak Das, Rajeev Chandrashekar, and Mahendra Mohan drew Parliamentarians' attention to the rules. Yet, the government did not heed the MPs' concern, nor the concern of all the civil society organizations that wrote in to them concerned about human rights implications of the new laws. On September 6, 2011, Lok Sabha MP Jayant Choudhary gave notice (under Rule 377 of the Lok Sabha Rules) that the Intermediary Guidelines Rules as well as the Reasonable Security Practices Rules need to be reviewed. Yet, the government has not even addressed those concerns, and indeed has cracked down even harder on online freedom of speech since then.

Fundamental Problems with Intermediary Guidelines Rules

The fundamental problems with the Rules, which deal with objectionable material online:

Shifting blame.

It makes the 'intermediary', including ISPs like BSNL and Airtel responsible for objectionable content that their users have put up.

No chance to defend.

There is no need to inform users before this content is removed. So, even material put up by a political party can be removed based on anyone's complaint, without telling that party. This was done against a site called *CartoonsAgainstCorruption.com". This goes against Article 19(1)(a).

Lack of transparency

No information is required to be provided that content has been removed. It's a black-box system, with no one, not even the government, knowing that content has been removed following a request. So even the government does not know how many sites have been removed after these Rules have come into effect.

No differentiation between intermediaries.

A one-size-fits-all system is followed where an e-mail provider is equated with an online newspaper, which is equated with a video upload site, which is equated with a search engine. This is like equating the post-office and a book publisher as being equivalent for, say, defamatory speech. This is violative of Article 14 of the Constitution, which requires that unequals be treated unequally by the law.

No proportionality.

A DNS provider (i.e., the person who gives you your web address) is an intermediary who can be asked to 'disable access' to a website on the basis of a single page, even though the rest of the site has nothing objectionable.

Vague and unconstitutional requirements.

Disparaging speech, as long as it isn't defamatory, is not criminalised in India, and can't be because the Constitution does not allow for it. Content about gambling in print is not unlawful, but now all Internet intermediaries are required to remove any content that promotes gambling.

Allows private censorship.

The Rules do not draw a distinction between arbitrary actions of an intermediary and take-downs subsequent to a request.

Presumption of illegality.

The Rules are based on the presumption that all complaints (and resultant mandatory taking down of the content) are correct, and that the incorrectness of the take-downs can be disputed in court (if they ever discover that it has been removed). This is contrary to the presumption of validity of speech used by Indian courts, and is akin to prior restraint on speech. Courts have held that for content such as defamation, prior restraints cannot be put on speech, and that civil and criminal action can only be taken post-speech.

Government censorship, not 'self-regulation'.

The government says these are industry best-practices in existing terms of service agreements. But the Rules require all intermediaries to include the government-prescribed terms in an agreement, no matter what services they provide. It is one thing for a company to choose the terms of its terms of service agreement, and completely another for the government to dictate those terms of service.

Problems Noted Early

We have noted in the past the problems with the Rules, including when the Rules were still in draft form:

Other organizations like the Software Freedom Law Centre also sent in scathing comments on the law, noting that they are unconstitutional.

We are very glad that Shri Rajeeve has moved this motion, and we hope that it gets adopted in the Lok Sabha as well, and that the Rules get defeated.

For more details visit https://cis-india.org/internet-governance/blog/statutory-motion-against-intermediary-guidelines-rules

Stats from 2014 reveal horror of scrapped section 66A of IT Act

praskrishna — 2015-09-26T07:28:13Z

An average of six netizens were arrested every day in 2014 for posting offensive content online under section 66A of the Information Technology Act, a draconian and much abused law no longer in use.

The article by Aloke Tikku was published in the Hindustan Times on August 20, 2015. Pranesh Prakash gave inputs.

A first-of-its-kind set of statistics compiled by the National Crime Records Bureau reveals that 2,402 people, including 29 women, were arrested in 4,192 cases under section 66A — which was struck down in March by the Supreme Court that ruled that it violated the constitutional freedom of speech.

These arrests made up nearly 60% of all arrests under the IT Act, and 40% of arrests for cyber crimes in 2014. It was also a little less than twice the number of people caught red-handed accepting bribes the same year.

“These statistics are shocking. I had assumed there may be a few hundred cases, at worst,” said Shreya Singhal, on whose petition the top court had scrapped the provision.

“It validates the judgment even more than when it was delivered,” said Singhal, a law student.

Quite like Rinu Srinivasan – one of two Mumbai girls arrested in 2012 for a Facebook post regarding Shiv Sena chief Bal Thackrey’s death — nearly half of those arrested (1,217) were in the 18-29 age group. This included nine girls. Another 1,015 were in the 30-44 age group while 166 were between 45 and 59 years old.

The now-repealed section 66A prescribed a three-year jail term for online content that could be construed to be offensive or false.

This is the first time the NCRB has collected detailed statistics on cyber crimes, listing out the number of cases registered under each section of the IT Act.

A government official conceded that the large number of cases registered under section 66A meant that the Centre’s guidelines — issued after a public outcry in November 2012 against its misuse — had served little purpose. In May 2013, the Supreme Court too put its weight behind the guidelines and made it legally binding on them.

In these guidelines, the Centre had made prior approval of an inspector general of police-rank officer mandatory for all arrests under section 66A. “Either this rule wasn’t followed or the IGPs did not rise to the occasion,” the official said.

The NCRB did not give a state-wise break-up of arrests under section 66A.

But in terms of cases registered, Uttar Pradesh led the pack with 898, followed by Karnataka (603), Assam (377), Maharashtra (375), Telangana (352), Rajasthan (291), Kerala (229), Punjab (123) and Delhi (137).

“It was “unconscionable that 2,402 persons were arrested in 2014, and many made to languish in jail, under a provision that we now know to have been unconstitutional,” said Pranesh Prakash at the Bengaluru-headquartered research and advocacy group, Centre for Internet and Society.

“Even after the Supreme Court laid down more stringent ad-hoc guidelines on arrests under Section 66A, it is clear they were not effective in the least: 860 charge-sheets were filed by the police under Section 66A in 2014,” the policy director at CIS said.

For more details visit https://cis-india.org/internet-governance/news/hindustan-times-august-20-2015-aloke-tikku-stats-from-2014-reveal-horror-of-scrapped-section-66-a-of-it-act

Statement of Solidarity on Freedom of Expression and Safety of Internet Users in Bangladesh

pranesh — 2013-01-15T11:51:44Z

This is a statement on the violent attack on blogger Asif Mohiuddin by the participants to the Third South Asian Meeting on the Internet and Freedom of Expression that took place in Dhaka, Bangladesh, on January 14–15, 2013.

Bangladeshi blogger Asif Mohiuddin was brutally attacked in a stabbing last evening. His condition is currently said to be critical. Violent attacks on mediapersons have led to at least four deaths in the past year. This trend is now extending to those writing online.

It is the duty of societies at large to ensure that principles we universally consider sacrosanct, such as the right to life and liberty and of freedom of expression are in fact ideas, and of the government to actively protect the rights guaranteed under the Constitution of Bangladesh and to ensure they are not just words on paper.

Article 39 of the Constitution of Bangladesh—and Article 19 of the Universal Declaration of Human Rights—guarantee both the freedom of thought and conscience, as well as the right of every citizen of freedom of speech and expression, and freedom of the press.

Article 32 of the Constitution of Bangladesh—and Article 3 of the Universal Declaration of Human Rights—guarantee that no person shall be deprived of life or personal liberty except by law.

The attack on Asif Mohiuddin constitutes a violation these fundamental principle by criminals, and we request the government to act decisively to show it will not tolerate such violations.

Reporters Without Borders note that "the ability of those in the media to work freely has deteriorated alarmingly in Bangladesh, which is now ranked 129th of 179 countries in the 2011-2012 World Press Freedom Index".

In general, the situation of those working as non-professional 'citizen journalists' is even worse. In a 2010 report, the UN Special Rapporteur wrote:

"Citizen journalists are by nature more isolated, they are more vulnerable to attack than professional journalists. However, citizen journalists enjoy less protection than their counterparts in traditional media, as they do not have the support of media organizations and networks, in particular the organizational resources, including lawyers and financial resources, which can help shield them from harassment."

This reality of greater vulnerability is equally applicable to those who do not self-identify as 'citizen journalists', but use social media to express unpopular opinions.

Keeping this in mind, we call upon the government on Bangladesh to carry out swift investigations into this particular incident and bring the perpetrators to justice, and to grant greater legal support to citizen journalists and ensure better protections for all those who use the Internet as a means of expression.

For more details visit https://cis-india.org/internet-governance/blog/statement-of-solidarity-asif-mohiuddin

Statement of Civil Society Members and Groups Participating in the "Best Bits" pre-IGF meeting at Baku in 2012

pranesh — 2012-12-07T08:06:25Z

The Centre for Internet & Society was one of the signatories for this submission made to the ITU on November 16, 2012.

Read the statement of civil society members and groups participating in the “Best Bits” pre-IGF meeting at Baku in 2012

We thank the Secretariat of the ITU for making the opportunity to submit our views.

Nevertheless, the process of the revision of the International Telecommunication Regulations (ITRs) has not been sufficiently inclusive and transparent, despite some recent efforts to facilitate public participation. Fundamental to the framing of public policy must be the pursuit of the public interest and fundamental human rights, and we urge Member States to uphold and protect these values.

We as civil society organizations wish to engage with the World Conference on International Telecommunication (WCIT) process in this spirit. Member States, in most cases, have not held open, broad-based, public consultations in the lead up to the WCIT, nor have they indicated such a process for the WCIT itself.

In order to address this deficiency, and at a minimum, we would urge:

All Member States and regional groups to make their proposals available to the public in sufficient time to allow for meaningfulpublic participation;
All delegates to support proposals to open sessions of the WCIT meeting to the public;
The ITU Secretariat to increase transparency of the WCIT including live webcast with the video, audio, and text transcripts, as far as possible, to enable participation by all, including persons with disabilities;
The ITU Secretariat, Member States, and regional groups to make as much documentation publicly available as possible on the ITU's website, so that civil society can provide substantive input on proposals as they are made available;
Member States to encourage and facilitate civil society participation in their national delegations;
The ITU to create spaces during the WCIT for civil society to express their views, as was done during the WSIS process.

Given the uncertainty about the nature of final proposals that will be presented, we urge delegates that the following criteria be applied to any proposed revisions of the ITRs.

That any proposed revisions are confined to the traditional scope of the ITRs, where international regulation is required around technical issues is limited to telecommunications networks and interoperability standards.
There should be no revisions to the ITRs that involve regulation of the Internet Protocol and the layers above.
There should be no revisions that could have a negative impact on affordable access to the Internet or the public's rights to privacy and freedom of expression.

More generally we call upon the ITU to promote principles of net neutrality, open standards, affordable access and universal service, and effective competition.

Signatories:

Access (Global)
Association for Progressive Communications (Global)
Bangladesh NGOs Network for Radio and Communication (Bangladesh)
Bytes for All (Pakistan)
Center for Democracy and Technology (United States of America)
Centre for Community Informatics Research (Canada)
Centre for Internet and Society (India)
Collaboration on International ICT Policy for East and Southern Africa (Eastern and Southern Africa)
Consumer Council of Fiji (Fiji)
Consumers International (Global)
Dynamic Coalition on Internet Rights and Principles (IRP) (Global)
Electronic Frontier Finland (Finland)
Imagining the Internet Center (United States of America)
Instituto Nupef (Brazil)
Internet Democracy Project (India)
Internet Research Project (Pakistan)
Global Partners and Associates (United Kingdom)
GobernanzadeInternet.co (Colombia)
ICT Watch Indonesia (Indonesia)
Instituto Brasileiro de Defesa do Consumidor / Brazilian Institute for
Consumer Defense (Brazil)
InternetNZ (New Zealand)
IT for Change (India)
Media Education Center (Armenia)
ONG Derechos Digitales (Chile)
OpenMedia (Canada)
Public Knowledge (United States of America)
Thai Netizen Network (Thailand)
Ginger Paque (Venezuala)
Nnenna Nwakanma (Côte d'Ivoire)
Sonigitu Ekpe (Nigeria)
Wolfgang Kleinwächter (Denmark)

For more details visit https://cis-india.org/internet-governance/blog/statement-of-civil-society-members-and-groups-at-best-bits-pre-igf-meeting

State-led interference in encrypted systems: A public debate on different policy approaches

Admin — 2017-12-05T14:03:09Z

State-led interference in encrypted systems. Sunil Abraham is a speaker for this event.

Proposer's Name: Mr. Carlos Alberto Afonso
Proposer's Organization: Instituto Nupef
Co-Proposer's Name: Mr. Hartmut Glaser
Co-Proposer's Organization: CGI.br

Co-Organizers:

Mr., Carlos, AFONSO,Civil Society, Instituto Nupef
Mr. Hartmut, GLASER, Technical Community, CGI.br
Ms. Jamila, VENTURINI,Technical Community, NIC.br
Mr. Diego, CANABARRO, Technical Community, NIC.br

Session Format: Other - 90 Min
Format description: The session is designed to host a dialectic debate segment followed by a traditional round-table segment structured around a Q&A format.

Proposer:
Country: Brazil
Stakeholder Group: Civil Society

Co-Proposer:
Country: Brazil
Stakeholder Group: Technical Community

Speakers

Christoph Steck (Telefonica, Spain)
Riana Pfefferkorn (Stanford CIS, EUA)
Cristine Hoepers (CERT.br, Brazil)
Carlos A. Afonso (Nupef Institute, Brazil)
Neide Oliveira (Federal Prosecution Service, Brazil)
Sunil Abraham (CIS India)
Monica Guise Rosina (Facebook Brazil)
Jonah F. Hill (NTIA, EUA)
Nina Leemhuis Janssen (Govt of The Netherlands)

Content of the Session

The workshop is built around a policy question that approaches some historical controversies inherent to the widespread use and availability of encryption in the Internet, with a special focus on the tension between the increasing use of cryptography after Snowden and the supposed challenges it poses to public and national security in a digital era. The session promotes a space for multistakeholder debate on: the state of the art in the development and employment of cryptography; different attitudes towards the freedom to use encryption in different jurisdictions; modes of state-led interference in/with encrypted systems; and the limits posed by national and international law to such interference, as well as the impacts it might have to the protection and promotion fundamental human rights and shared values, to permission-less innovation on the Internet and the open architecture of the network. The session will host two segments: one will consist of two presentations made by government officials from the UK and the Netherlands that will detail different policy approaches for dealing with the use of encryption. The second comprises a multistakeholder round-table that gathers comments and questions about the previous presentations. In the end, moderators will summarize discussions and an overarching and documented report of the session will be made available for the session. The unorthodox format chosen for this session allows public scrutiny over some very practical policy-oriented approaches. The bulk of discussions registered during the workshop can provide dialogued feedback into policy development processes elsewhere.

Relevance of the Session

The development and use of encryption to protect information and communication dates back to ancient times. Encryption has been mainly employed over the centuries to protect personal data, business information, governmental classified information, etc. Attempts to break encryption in general as well as the notion of inserting vulnerabilities (such as backdoors) in systems that rely on encryption have been a parallel phenomenon to (and also an integral part of) the longstanding efforts of cryptography. One might even say that those two processes function as the two different sides of the same coin.

The advent and the great pace of development of computing and networking technologies boosted the science behind cryptography to unprecedented levels of relevance for society in general. More recently, after the Snowden affairs, cryptography has been perceived as a necessary condition (not a sufficient one though) for Internet users to curb the abuses entailed by massive digital surveillance and espionage by an ever growing number of countries. In parallel, together with other measures, the deployment of encryption to commercial applications seems to have become a, somehow, sine qua non condition for some Internet companies to regain consumer trust and retain competitive advantages in relation to other players in the market.

The widespread use and availability of encryption tools however refueled tensions and entailed policy responses in a myriad of countries (e.g.: the Apple vs FBI case in the context of the San Bernadino Shooting; the announcement made by some European countries of their willingness to outlaw some uses of encryption as well as the public commitment of the Netherlands government to support encryption and oppose the development of backdoors; and the successive orders by Brazilian courts that aimed at blocking Whatsapp in the country due to the company’s denial to delivery communication records from some of its users). Those tensions generally revolve around the fact that as general-purpose technology, encryption can be also employed to conceal irregular and/or illicit activities, which would justify the creation of some narrow but allegedly needed exceptions to the constitutional limits built over the last century in several countries to impose limits to criminal investigation in order to uphold privacy and personal data protection.

The cases mentioned above gave rise to fierce discussions on whether or not the use of encryption increases by itself the likelihood of and facilitate the occurrence of crime and other illicit activities (most notably organized crime of all sorts and terrorism). Some law enforcement agencies and security forces have argued that encryption impairs crime investigation and the prosecution of criminals, and therefore the development of technology with embedded backdoors might be needed. Other actors, including representatives from the technical community, however, argue that such interference might disrupt regularly protected flows of information and communication as well as compromise privacy and the protection of other fundamental human rights. At this point, we are in a stage in which the trade-off between those two perspectives have to be settled through democratic means and public participation and that is why this workshop was submitted for the IGF 2017.

Besides dealing with several different topics that comprise the overarching agenda of Internet governance (human rights, cybersecurity, openness and permission-less innovation, economic development, infrastructure governance, etc), the topic of this workshop is directly connected to two different goals comprised in the UN SDGs: sound institutions and innovation. Discussions on the contours of sound political institutions and on challenges and incentives for innovation are integral components of any sort of political agenda that aims at reflecting upon the “digital future”, which is the case of the 2017 IGF and highlight the importance of adding this proposal to the overall agenda of the event.

For more details visit https://cis-india.org/internet-governance/news/state-led-interference-in-encrypted-systems-a-public-debate-on-different-policy-approaches

State Surveillance and Human Rights Camp: Summary

elonnai — 2013-07-12T16:02:51Z

On December 13 and 14, 2012, the Electronic Frontier Foundation organized the Surveillance and Human Rights Camp held in Rio de Janeiro, Brazil. The meeting examined trends in surveillance, reasons for state surveillance, surveillance tactics that governments are using, and safeguards that can be put in place to protect against unlawful or disproportionate surveillance.

This research was undertaken as part of the 'SAFEGUARDS' project that CIS is undertaking with Privacy International and IDRC.

The camp also examined different types of data, understanding tools that governments can use to access data, and looked at examples of surveillance measures in different contexts. The camp was divided into plenary sessions and individual participatory workshops, and brought together activists, researchers, and experts from all over the world. Experiences from multiple countries were shared, with an emphasis on the experience of surveillance in Latin America. Among other things, this blog summarizes my understanding of the discussions that took place.

The camp also served as a platform for collaboration on the Draft International Principles on Communications Surveillance and Human Rights. These principles seek to set an international standard for safeguards to the surveillance of communications that recognizes and upholds human rights, and provide guidance for legislative changes related to communications and communications meta data to ensure that the use of modern communications technology does not violate individual privacy. The principles were first drafted in October 2012 in Brussels, and are still in draft form. A global consultation is taking place to bring in feedback and perspective on the principles.

The draft principles were institutionalized for a number of reasons including:

Currently there are no principles or international best standards specifically prescribing necessary and important safeguards to surveillance of communication data.
Practices around surveillance of communications by governments and the technology used by governments is rapidly changing, while legislation and safeguards protecting individual communications from illegal or disproportionate surveillance are staying the same, and thus rapidly becoming outdated.
New legislation that allows surveillance through access to communication data that is being proposed often attempts to give sweeping powers to law enforcement for access to data across multiple jurisdictions, and mandates extensive cooperation and assistance from the private sector including extensive data retention policies, back doors, and built in monitoring capabilities.
Surveillance of communications is often carried out with few safeguards in place including limited transparency to the public, and limited forms of appeal or redress for the individual.

This has placed the individual in a vulnerable position as opaque surveillance of communications is carried out by governments across the world — the abuse of which is unclear. The principles try to address these challenges by establishing standards and safeguards which should be upheld and incorporated into legislation and practices allowing the surveillance of communications.

A summary of the draft principles is below. As the principles are still a working draft, the most up to date version of the principles can be accessed here .

Summary of the Draft International Principles on Communications Surveillance and Human Rights

Legality: Any surveillance of communications undertaken by the government must be codified by statute.

Legitimate Purpose: Laws should only allow surveillance of communications for legitimate purposes.

Necessity: Laws allowing surveillance of communications should limit such measures to what is demonstrably necessary.

Adequacy: Surveillance of communications should only be undertaken to the extent that is adequate for fulfilling legitimate and necessary purposes.

Competent Authority: Any authorization for surveillance of communications must be made by a competent and independent authority.

Proportionality: All measures of surveillance of communications must be specific and proportionate to what is necessary to achieve a specific purpose.

Due process: Governments undertaking surveillance of communications must respect and guarantee an individual’s human rights. Any interference with an individual's human rights must be authorized by a law in force.

User notification: Governments undertaking surveillance of communications must allow service providers to notify individuals of any legal access that takes place related to their personal information.

Transparency about use of government surveillance: The governments ability to survey communications and the process for surveillance should be transparent to the public.

Oversight: Governments must establish an independent oversight mechanism to ensure transparency and accountability of lawful surveillance measures carried out on communications.

Integrity of communications and systems: In order to enable service providers to secure communications securely, governments cannot require service providers to build in surveillance or monitoring capabilities.

Safeguards for international cooperation: When governments work with other governments across borders to fight crime, the higher/highest standard should apply.

Safeguards against illegitimate access: Governments should provide sufficient penalties to dissuade against unwarranted surveillance of communications.

Cost of surveillance: The financial cost of the surveillance on communications should be borne by the government undertaking the surveillance.

Types of Data

The conversations during the camp reviewed a number of practices related to surveillance of communications, and emphasized the importance of establishing the draft principles. Setting the background to various surveillance measures that can be carried out by the government, the different categories of communication data that can be easily accessed by governments and law enforcement were discussed. For example, law enforcement frequently accesses information such as IP address, account name and number, telephone number, transactional records, and location data. This data can be understood as 'non-content' data or communication data, and in many jurisdictions can easily be accessed by law enforcement/governments, as the requirements for accessing communication data are lower than the requirements for accessing the actual content of communications. For example, in the United States a court order is not needed to access communication data whereas a judicial order is needed to access the content of communications.[1]

Similarly, in the UK law enforcement can access communication data with authorization from a senior police officer.[2]

It was discussed how it is concerning that communication data can be accessed easily, as it provides a plethora of facts about an individual. Given the sensitivity of communication data and the ability for personal information to be derived from the data, the ease that law enforcement is accessing the data, and the unawareness of the individual about the access- places the privacy of users at risk.

Ways of Accessing Data

Ways in which governments and law enforcement access information and associated challenges was discussed, both in terms of the legislation that allows for access and the technology that is used for access.

Access and Technology

In this discussion it was pointed out that in traditional forms of accessing data governments are no longer effective for a number of reasons. For example, in many cases communications and transactions, etc., that take place on the internet are encrypted. The ubiquitous use of encryption means more protection for the individual in everyday use of the internet, but serves as an obstacle to law enforcement and governments, as the content of a message is even more difficult to access. Thus, law enforcement and governments are using technologies like commercial surveillance software, targeted hacking, and malware to survey individuals. The software is sold off the shelf at trade shows by commercial software companies to law enforcement and governments. Though the software has been developed to be a useful tool for governments, it was found that in some cases it has been abused by authoritarian regimes. For example in 2012, it was found that FinSpy, a computer espionage software made by the British company Gamma Group was being used to target political dissidents by the Government of Bahrain. FinSpy has the ability to capture computer screen shots, record Skype chats, turn on computer cameras and microphones, and log keystrokes.[3]

In order to intercept communications or block access to sites, governments and ISPs also rely on the use of deep packet inspection (DPI).[4] Deep packet inspection is a tool traditionally used by internet service providers for effective management of the network. DPI allows for ISP's to monitor and filter data flowing through the network by inspecting the header of a packet of data and the content of the packet.[5] With this information it is possible to read the actual content of packets, and identify the program or service being used.[6]

DPI can be used for the detection of viruses, spam, unfair use of bandwidth, and copyright enforcement. At the same time, DPI can allow for the possibility of unauthorized data mining and real time interception to take place, and can be used to block internet traffic whether it is encrypted or not.[7]

Governmental requirements for deep packet inspection can in some cases be found in legislation and policy. In other cases it is not clear if it is mandatory for ISP's to provide DPI capabilities, thus the use of DPI by governments is often an opaque area. Recently, the ITU has sought to define an international standard for deep packet inspection known as the "Y.2770" standard. The standard proposes a technical interoperable protocol for deep packet inspection systems, which would be applicable to "application identification, flow identification, and inspected traffic types".[8]

Access and Legislation

The discussions also examined similarities across legislation and policy which allows governments legal access to data. It was pointed out that legislation providing access to different types of data is increasingly becoming outdated, and is unable to distinguish between communications data and personal data. Thus, relevant legislation is often based on inaccurate and outdated assumptions about what information would be useful and what types of safeguards are necessary. For example, it was discussed how US surveillance law has traditionally established safeguards based on assumptions like: surveillance of data on a personal computer is more invasive than access to data stored in the cloud, real-time surveillance is more invasive than access to stored data, surveillance of newer communications is more invasive than surveillance of older communications, etc. These assumptions are no longer valid as information stored in the cloud, surveillance of older communications, and surveillance of stored data can be more invasive than access to newer communications, etc. It was also discussed that increasingly relevant legislation also contains provisions that have generic access standards, unclear authorization processes, and provide broad circumstances in which communication data and content can be accessed. The discussion also examined how governments are beginning to put in place mandatory and extensive data retention plans as tools of surveillance. These data retention mandates highlight the changing role of internet intermediaries including the fact that they are no longer independent from political pressure, and no longer have the ability to easily protect clients from unauthorized surveillance.

1]. EFF. Mandatory Data Retention: United States. Available at: https://www.eff.org/issues/mandatory-data-retention/us
[2].Espiner, T. Communications Data Bill: Need to Know. ZDNet. June 18th 2012. http://www.zdnet.com/communications-data-bill-need-to-know-3040155406/
[3]. Perlroth, M. Software Meant to Fight Crime is Used to Spy on Dissidents. The New York Times. August 30th 2012. Available at: http://www.nytimes.com/2012/08/31/technology/finspy-software-is-tracking-political-dissidents.html?_r=0
[4]. Wawro, A. What is Deep Packet Inspection?. PCWorld. February 1st 2012. Available at: http://www.pcworld.com/article/249137/what_is_deep_packet_inspection_.html
[5]. Geere, D. How deep packet inspection works. Wired. April 27th 2012. Available at: http://www.wired.co.uk/news/archive/2012-04/27/how-deep-packet-inspection-works
[6]. Kassner. M. Deep Packet Inspection: What You Need to Know. Tech Republic. July 27th 2008. Available at: http://www.techrepublic.com/blog/networking/deep-packet-inspection-what-you-need-to-know/609
[7]. Anonyproz. How to Bypass Deep Packet Inspection Devices or ISPs Blocking Open VPN Traffic. Available at: http://www.anonyproz.com/supportsuite/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=138
[8].Chirgwin. R. Revealed: ITU's deep packet snooping standard leaks online: Boring tech doc or Internet eating monster. The Register. December 6th 2012. Available at: http://www.theregister.co.uk/2012/12/06/dpi_standard_leaked/

For more details visit https://cis-india.org/internet-governance/blog/state-surveillance-human-rights-camp-summary

State Surveillance and Human Rights Camp

praskrishna — 2012-12-21T07:19:55Z

A two-day conference was held in Rio on December 13 and 14 at Sheraton Rio Hotel & Resort. Elonnai Hickok participated in the event and made a presentation on MLATS and International Cooperation for Law Enforcement Purposes.

Click here to see the Wiki page of the event. See Elonnai's presentation here [PDF, 313 Kb].

DAY 1: Mapping Out Government Surveillance Problems

8:30 - 9:00 Registration

9:00 - 9:10 Welcome/Introduction

Katitza Rodriguez, Electronic Frontier Foundation [Peru, ES]

Simultaneous interpretation from Spanish to English and Portuguese.

Plenary: Kinds of Data, Ways of Getting It

09:10 - 10:30

Chair: Enrique Chaparro, Fundacion Via Libre [Argentina, ES]

Metadata, online identifiers, and technologies of surveillance

Seth Schoen, Electronic Frontier Foundation [United States, EN]

Simultaneous interpretation from English to Spanish and Portuguese.

Surveillance is getting easier and cheaper for many reasons, not least because people are using electronic communications more than ever before, and there are so many facts out there to be noticed about the ways devices are talking to each other.
I will talk about the kinds of things that refer to people and their devices, with a particular focus on telecommunications metadata and transactional records that are described as "non-content" and may receive lower levels of legal protection. I'll discuss who is in a position to record this information, some of the things that can be learned from it, and why traffic analysis is powerful and difficult to defend against.
I'll try to explain concepts like MAC address, IP address, account name and number, telephone number, IMEI, IMSI, transient identifiers, log files, transactional records, locational privacy, and associational privacy.

How law enforcement agencies use cell phone location tracking technology in criminal cases

Hanni Fakhoury, Electronic Frontier Foundation [United States, EN]

With the rise of smartphones, the U.S. government's use of cell site location data to pinpoint our exact location has grown more widespread (and precise) over time. For years, U.S. courts permitted the government to get this location data without a search warrant under a tortured interpretation of federal electronic privacy statutes and an even more alarming constitutional argument: that we don't have any privacy in data we turn over to third parties, like cell phone companies. This talk will review what location data is and why the police want it, how they can get it under U.S. law, and legal and practical steps that need to be taken to safeguard our privacy.

Simultaneous interpretation from English to Spanish and Portuguese.

Deep packet inspection: What it is, how it works, and how it is used for surveillance

Chris Parsons, Doctoral Candidate, University of Victoria [Canada, EN]

Simultaneous interpretation from English to Spanish and Portuguese.

We are in the midst of a standardization revolution, a mass translation of discordant analogue signal types to interoperable digital transmission standards. All this digitized consumer traffic passes through the gateways of Internet Service Providers’ (ISPs). ISPs function as communicative bottlenecks, ideally positioning them to monitor, mine, and modify data using the Deep Packet Inspection (DPI) appliances situated within their networks. Some uses of these appliances could reshape the conditions of communication in democracies, blocking or modifying data transmissions in near real time.
In this presentation I discuss the technical capabilities of deep packet inspection and its significance for increased private and public surveillance capabilities. Drawing from case material from academic and advocacy work, I identify how the technology has been used for ISP-level surveillance, for copyright purposes, for national security purposes, and for advertising purposes. Moreover, I address how advocates in differing nations have opposed various uses of the technology, why they have done so, and conditions that facilitate domestic resistance to deep packet inspections' uses.

Advances in online spying: Commercial surveillance software, targeted hacking and beyond

Morgan Marquis-Boire, Google [New Zealand, EN]

Eva Galperin, Electronic Frontier Foundation [United States, EN]

Simultaneous interpretation from English to Spanish and Portuguese.

Against an increasingly security-aware online community, the traditional tools of blocking, filtering, and wiretapping have become less effective. Nervous regimes turn to the largely unregulated $5 billion a year industry in Internet surveillance tools.
Once the realm of the black market and intelligence agencies, the latest computer spyware is now sold at trade shows for dictator pocket change.
This talk will detail the cat and mouse game between authoritarian regimes and dissidents, as well as ongoing efforts to map out the relationship between surveillance software companies and governments.

10:30 - 10:40 Coffee Break

Workshops: Round I

10:40 - 11:50

Format: Interactive sessions with active participat0ion from the audience.

Workshop 1: Mobile privacy threats

This workshop addresses the ways governments are tracking mobile devices’ location and use, and why it’s been harder to protect communications privacy on mobile devices than on PCs.

Facilitators:
Hanni Fakhoury, Electronic Frontier Foundation [United States, EN]
Seth Schoen, Electronic Frontier Foundation [United States, EN/PT]

Rapporteur:
Enrique Chaparro, Fundación Vía Libre [Argentina, EN/ES]

Workshop 2: Training activists about state surveillance capabilities

In this workshop we’ll talk about some of new surveillance technologies that states are deploying, and the tactics that are used to legitimize the surveillance.
Going beyond just ‘what is used and how’, we speak to some political tactics that advocates have used to resist these tools on practical and principled levels, some of the conditions that contribute to successes, and ways of mobilizing effective strategies against expansions of state surveillance.

Facilitator:
Chris Parsons, University of Victoria [Canada, EN]

Rapporteur:
Katarzyna Szymielewicz, European Digital Rights [Poland, EN]

Workshop 3: Tactics for opposing state sponsored malware and surveillance

This workshop will review the different tactics government and non-government actors have employed to stop authoritarian regimes from making use of surveillance technology built in the United States and Europe to spy on their citizens.
We will discuss corporate responsibility, export controls, as well as the role of security research and user education campaigns. The workshop will end with a brainstorm of at least one concrete action each workshop attendee can take.

Facilitators:

Eva Galperin, Electronic Frontier Foundation [United States, EN]
Morgan Marquis-Boire [New Zealand, EN]

Rapporteur:
Silvio Rhatto, Sarava Group [Brazil, PT]

Reporting Back Session

11:50 - 12:40 Chair:

Katitza Rodriguez, Electronic Frontier Foundation [Peru, ES]

Rapporteurs:
Enrique Chaparro, Fundación Vía Libre [Argentina, EN/ES]
Katarzyna Szymielewicz, European Digital Rights [Poland, EN]

Report: Training Activists about State Surveillance Capabilities

Silvio Rhatto, Sarava Group [Brazil, PT]

Format: Each rapporteur has 10 minutes to report back about the results of their workshop discussion and 20 minutes to answer questions.

12:40 - 2:00 Lunch

Legal and Policy Plenary: Government Access to People’s Data

2:00 - 3:20

Chair: Pedro Paranaguá, Advisor for Internet Policy to the Workers’ Party in the Brazilian Chamber of Deputies [Brazil, PT/EN]

Different data, different rules? How the law has assigned varying levels of privacy protection to different categories of personal information

Kevin Bankston, Center for Democracy and Technology [United States, EN]

Using the example of US law, this presentation will map the different legal protections that have traditionally been applied to different types surveillance of different types of data, and consider how to redraw that map in light of new technologies.
Speaking generally, US surveillance law has been written based on the assumptions that: (1) surveillance of data on your computer is more invasive than access to your data in the cloud;(2) real-time surveillance is more invasive than access to stored data; (3) surveillance of the content of communications is more invasive than surveillance of non-content meta-data; (4) surveillance of newer communications is more invasive than surveillance of older communications.
These assumptions have long defined which types of surveillance are most strongly regulated against and which types of data are most strongly protected by law. Changing technology has made these assumptions about invasiveness and privacy increasingly obsolete, assuming that they ever made sense at all. But if these distinctions are outdated, what if any legal distinctions between different types of surveillance or data should replace them? How, if at all, can the law sensibly distinguish between personal communications and communications data in which we have a reasonable expectation of privacy, and that which we do not?

Simultaneous interpretation from English to Spanish and Portuguese.

Internet companies as an agent of the state & european mandatory telecommunications data retention

Katarzyna Szymielewicz, European Digital Rights [Poland, EN]

In this short presentation I will introduce European (i.e. based on EU legislation) regime of mandatory retention of telecommunication data for law enforcement purposes, explaining its political context, implementation and negative impact on human rights standards (not just privacy-related!).
Using case studies of Poland and Germany I will present two strikingly different approaches to storing telecommunication data and law enforcement, thus questioning the necessity and proportionality of this controversial measure. I will also touch briefly on pending political developments (including the revision of the Data Retention Directive and the reform of data protection law in the EU), explaining what the stakes are, what European civil society organisations are fighting for and why it is such an important fight. Finally, I will explain how the debate about mandatory data retention feeds into a broader discussion about the role of Internet intermediaries, including both their independence from political pressure and protection of their clients from surveillance executed by “private police.”

Simultaneous interpretation from English to Spanish and Portuguese.

Crossborder access to citizen's data and cloud computing in the investigation of criminal cases: Regional trends

Marcos Salt, profesor de derecho penal y procesal penal de la universidad de Buenos Aires (UBA) [Argentina, ES]

During the brief presentation, I will present practical examples of the problems caused by the application by analogy of the rules on physical evidence to obtain digital evidence.
I try to show that this trend is inconvenient to both for efficiency in the investigation of crimes by the state as to the validity of individual rights. I will place special reference to cross-border access to citizen's data in the cloud.

Simultaneous interpretation from Spanish to English and Portuguese.

Background on lawful interception mandates and government access to encryption keys

Seth Schoen, Electronic Frontier Foundation [United States, EN]

Simultaneous interpretation from English to Spanish and Portuguese.

In this session, I'll discuss some of the history of fights over government surveillance powers and government access in the United States, starting in the early 1990s and continuing to the present day. These issues have centered on three main themes: restrictions on cryptography and privacy tools, obligations for communications intermediaries to acquire and implement surveillance capabilities, and mandatory retention of telecommunications data.
One interesting point is that many of the same themes keep recurring: the powers that the government is seeking today are often similar to those it sought two decades ago.
Another interesting point is that the government has not always been successful in expanding its surveillance powers. Many of its proposals never became law and there are still plenty of issues left to fight over. But governments around the world are continuing to having a major effect on the design of technology, getting wiretapping interfaces and backdoors added to communications systems and discouraging deployments of strong encryption.

MLATS and International Cooperation for Law Enforcement Purposes

Elonnai Hickok, Center for Internet & Society India [India, EN]

In this session I will be looking at the challenges, requisite safeguards, and possible solutions in the context of international cooperation for fighting crime. In doing so I will look closely at the proposed principle of safeguards for international cooperation.
The objective of this session will be to explore ways of improving MLATS and international law enforcement cooperation in order to ensure that basic safeguards can be built into the process of international cooperation.

Simultaneous interpretation from English to Spanish and Portuguese.

Format: 10-15 minutes for each five speakers to introduce legal issues and 20 minutes of discussions

3:10 - 3:20 Coffee Break

Workshops: Round II

3:20 - 4:30

Workshop 1: Electronic surveillance demonstrations

In this workshop, we'll take a look at a few electronic surveillance devices (including an ordinary laptop) and look at some of what they can intercept. Technological infrastructure permitting, we may have a live demonstration of intercepting or modifying users' Internet communications.
We'll also consider low-cost surveillance techniques and discuss what kinds of demonstrations have the most pedagogical value for making users aware of particular threats.

Facilitator:
Seth Schoen, Electronic Frontier Foundation [United States, EN]

Rapporteur:
Eva Galperin, Electronic Frontier Foundation [United States, EN/ES/PT]

Simultaneous interpretation from English to Spanish and Portuguese.

Workshop 2: Legal framework regarding compelled disclosure of communications, subscriber information, and cryptographic keys

In this workshop we will cover various examples of compelled disclosure of private information (from subscriber information and content of communication to cryptographic keys) in the context of law enforcement, focusing on their legal aspects. We will briefly present various legal frameworks, discussing both the examples of legal safeguards (“good practices”) and their shortcomings that allow for government surveillance.
We will also look at various human rights implications of these measures and (potential / existing) role of private companies from the perspective of their compliance with such measures (incl. when requested by non-democratic regimes).

Facilitators:
Katarzyna Szymielewicz, European Digital Rights [Poland, EN]
Elonnai Hickok, Center for Internet & Society India [India, EN]

Rapporteur:
Hanni Fakhoury, Electronic Frontier Foundation [United States, EN]

Workshop 3: What data is most private? What surveillance is most invasive? How if at all should laws treat them differently?

This workshop will build on the discussion that began in the law & policy plenary, discussing how certain surveillance laws have applied different legal protections to different types of data and surveillance, and questioning whether such distinctions make sense in light of new technology.
The workshop will address that question from legal, personal, and political perspectives. Participants will share with each other details of how the laws in their countries treat different types of data and different types of surveillance, to facilitate shared understanding of the existing legal frameworks and to identify existing gaps and discrepancies in current legal protections.
Based on their own personal experiences as Internet users and as advocates, participants will then discuss what data in their lives they consider most private and what types of surveillance they find most invasive, and reflect on how if at all the law should distinguish between them. Finally, participants will discuss the politics of these different frameworks: both how gaps and weaknesses in existing frameworks threaten the ability of advocates to politically organize in the face of government surveillance, and how we can best work through the political process and change those frameworks to better reflect current technology and human rights norms.

Facilitators:
Kevin Bankston, Center for Democracy and Technology [United States, EN]
Danilo Doneda, Fundação Getúlio Vargas [Brazil, PT/EN]

Rapporteur:
Beatriz Busaniche, Fundación Vía Libre [Argentina, ES]

Reporting Back Session & Closing Meeting Day 1

4:30 - 5:20

Chair:
Katitza Rodriguez, Electronic Frontier Foundation [Peru, ES]

Rapporteurs:
Eva Galperin, Electronic Frontier Foundation [United States, EN/ES/PT]

Report: Demonstrating Surveillance

Hanni Fakhoury, Electronic Frontier Foundation [United States, EN]

Report: Compelled Disclosure of Communications, Subscriber Information & Cryptographic Keys

Beatriz Busaniche, Fundación Vía Libre [Argentina, ES]

Report: What Data is Most Private? What Surveillance is Most Invasive? Should Laws Treat Different Data Differently?

8:30 pm Dinner

DAY 2: Challenges and Mapping Out Possible Solutions
8:55 - 9:00 Welcome

Plenary: Surveillance in Latin America
9:00 - 10:20

Chair: Camila Marques, Lawyer, ARTIGO 19 [Brazil, PT]

Surveillance in Colombia
Carlos Eduardo Huertas, Semana [Colombia, ES]

Surveillance in Cuba
“Mario Hernandez” [Cuba, ES]

Surveillance in the Northern Triangle
Renata Avila, Global Voices [Guatemala, ES]

Surveillance in Peru
Yonsi Solis, Global Voices [Peru, ES]

Surveillance in Mexico
Caracol Azul, [Mexico, ES]
This session will have simultaneous interpretation from Spanish to English and Portuguese

Keynote: Challenges Posed By Electronic Surveillance

10:20 - 10:40
Frank La Rue, United Nations Special Rapporteur on Freedom of Expression [Guatemala, ES]
Increasing pressure (legal and political) on private parties to help carry out the state’s surveillance mandate.

Simultaneous interpretation from Spanish to English and Portuguese

10:40 - 11:00 Coffee Break

Plenary: International Surveillance & Human Rights Principles: Challenges and Opportunities in Latin America

11:00 - 11:50

Chair: Carly Nyst, Privacy International [Australia/UK, EN]
Simultaneous interpretation from English to Spanish and Portuguese.

Explanation of the Principles: Background, purpose, need, challenges and opportunities

Chilean and Latin American perspectives

Alberto Cerda, Derechos Digitales [Chile, ES]
Simultaneous interpretation from Spanish to English and Portuguese

Expansion of Brazilian law enforcement powers to access users’ digital information

Pablo Ortellado, GPOPAI [Brasil, PT/EN]
Simultaneous interpretation from Portuguese to Spanish and English

Surveillance and regional human rights standards

Juan Camilo Rivera, Comisión Colombiana de Juristas [Colombia, ES]
Simultaneous interpretation from Spanish to English and Portuguese

Workshops: Round III

11:50 - 1:00

Workshop 1: International surveillance and human rights principles: Perspectives from Latin America

Facilitator:
Alberto Cerda, Derechos Digitales [ES] & Carly Nyst, Privacy International [UK, EN]

Rapporteur:
Juan Camilo Rivera, Comisión Colombiana de Juristas [Colombia, ES]

Workshop 2: Technical community activism
What is the technology community doing to defend privacy?

Facilitators:

Enrique Chaparro, Fundación Vía Libre [Argentina, ES ]
João Carlos Caribé, Movimento Mega (aka Mega Não) [Brazil, PT/EN]

Rapporteur:
Eva Galperin, Electronic Frontier Foundation [USA, EN]

Plenary: Hands-on Activism

2:40 - 3:50 p.m.

Chair: Rebecca Bowe, Electronic Frontier Foundation [United States, EN]

Simultaneous interpretation from English to Spanish and Portuguese.

What is meant by Hands-On Activism? As you’ll learn from our panelists, there are many strategies that can be utilized to push back against a surveillance practice or proposal. We’ll cover the most effective ways to obtain public records; strategies for generating interest in digital rights issues; fresh and extraordinary approaches to creative campaigning, and tactics used by an international nonprofit to tackle privacy issues with online campaigns.

Raising digital awareness in Peru

Marco Sifuentes, Instituto Prensa y Sociedad [Peru, ES]

Peru has a very active and influential online community. It can affect the course of elections, prove the president wrong and stop law projects. It can work very well on "real world" matters. But when it comes to online issues, it's been hard to raise awareness on the Peruvian general public and even on the media. What went wrong? However, in the past year, some digital topics have received a lot of coverage. Some not. What changed? I’ll share Peru's experience in the hope that every participant can compare it with his or her own country's situation.

Online organizing for human rights

Fabiola Carrion, Access [Peru, ES/EN]

A recent addition to the Access Team, Fabiola will begin her presentation by talking about her own experiences in organizing and advocacy, arguing that the struggle for human rights is increasingly moving online. She will discuss new tools of organizing, and the importance of combining technology, policy, and grassroots advocacy tactics to affect holistic change in internet policy debates. Her presentation will include a series of short case studies from around the world where Access, along with its various allies, have successfully campaigned for a free and open internet. Her presentation will conclude with a discussion of lessons learned and best practices for online organizing, particularly around issues of surveillance and due process.

Surveillance and secrecy: Strategy and tactics - Using the law to uncover abuse of LEAs’ surveillance powers

Geoff King, Lawyer [United States, EN]

Open government laws, though riddled with exemptions, are powerful tools for shedding light on the governmental operations. One way in which these laws can be used is to uncover the existence of law enforcement surveillance, as well details about the tools used to achieve such surveillance. This portion of the presentation will explore how journalists and activists can employ successful transparency strategies in the face of various procedural pitfalls. It will also give concrete examples of how such strategies have paid off in the recent past.
Presentation Materials

Creative campaigning: tactical media mashup
Vladan Joler, Share Foundation [Serbia, EN]

Explore the beautiful world of tactical media as a creative tool for getting your message out there.
From creative campaigning during Serbian protests in the 90s to “lo fi” media interventions, protests inside computer games, media pranks and parasite media tactics to social media bots and Twitter bombs.
Presentation Materials

Simultaneous interpretation from English to Spanish and Portuguese Return to Top

3:50 - 4:10 Coffee Break

Workshops: Round IV

4:10 - 5:10

Workshop 1: What the international surveillance and human rights principles are asking the governments to do?

This session will be used to call out exactly what the International Surveillance and Human Rights Principles are asking governments to change or legislative/policy actions they are asking governments to take. This will hopefully be useful in helping individuals and organizations understand what aspects to highlight and push when proposing the principles and why.

Facilitators:

Katitza Rodriguez, Electronic Frontier Foundation [Peru, ES]
Elonnai Hickok, Center for Internet & Society India [India, EN]

Rapporteur:
Graciela Selaimen, NUPEF [Brasil, EN/ES/PT]

Workshop 2: Creative campaigning: tactical media mashup & anti-surveillance campaigns

What are activists around the world doing to counter surveillance proposals and practices? And what could they be doing, with just a little more knowledge and inspiration? At this session, workshop facilitators will share stories about successful campaigns launched around the world in response to government surveillance. How did a humorous Twitter hashtag about a proponent of surveillance legislation rise to “trending” status on Twitter? How did a small team of digital rights activists in Argentina manage to position themselves as one of the most trusted media sources on issues relating to privacy in the digital realm? How did a small group of activists manage to reach biggest world media and how are activists creating their own media? We’ll then open it up for a group discussion in which participants can share their own stories of effective tactics from around the world, and explore ideas for collaborating and harnessing the knowledge gleaned from our collective experiences.

Facilitators:

Rebecca Bowe, Electronic Frontier Foundation [United States, EN]
Vladan Joler, Share Foundation [Serbia, EN]

Rapporteur:
Hisham Almiraat, Global Voices Advocacy [Morocco, EN]

Reporting Back Session & Closing Remarks

5:10 - 6:00

Chair:
Katitza Rodriguez, Electronic Frontier Foundation [Peru, ES]

Rapporteurs:
Graciela Selaimen, NUPEF [Brasil, EN/ES/PT]

Renzo Lavin, Asociación Civil por la Igualdad y la Justicia [Argentina, ES]
Hisham Almiraat, Global Voices Advocacy [Morocco, EN]

Each breakout session will have one designated rapporteur, one note-taker, and a module to work around.

For more details visit https://cis-india.org/news/state-surveillance-and-human-rights-camp

State of Work in India

Admin — 2018-10-09T14:25:37Z

Aayush Rathi and Ambika Tandon attended a panel discussion organized by Bangalore International Centre (TERI) and Azim Premji University, on Wednesday, October 3, 2018 in Bengaluru. A report titled 'State of Working India' by the Centre for Sustainable Employment was released on the occasion.

The report can be accessed here

For more details visit https://cis-india.org/internet-governance/news/state-of-work-in-india

State of Digital Rights in India (Delhi, March 24)

Japreet Grewal and Sumandro Chattapadhyay — 2017-03-27T13:21:20Z

The Centre for Communication Governance at National Law University, Delhi and the Internet Freedom Foundation, in association with Access Now, are hosting a discussion on The State of Digital Rights in India on March 24, 2017 (Friday) from 6.00 pm onwards at Lecture Room-I, India International Centre- Annexe, New Delhi. Japreet Grewal and Sumandro Chattapadhyay will participate in the panel discussions.

Registration: Eventbrite

March 24, 2017 marks the two year anniversary of the landmark Shreya Singhal judgment. This was a very significant ruling on freedom of speech and expression and occupies an important place in the Supreme Court’s discourse on civil liberties. The judgment traces out the contours of free speech on the Internet in India and unequivocally holds that the right to freedom of expression provided under Article 19(1)(a) applies to speech over the Internet, making it clear that this is a medium-neutral right.

The event aims to shed some light on this key judgment and discuss ongoing discussions regarding our civil liberties and freedoms online before courts and the Parliament. We would also like to take this opportunity to discuss some of the other pressing issues like Network Neutrality, Internet shutdowns, Privacy and User Security which need immediate attention and engagement of our democratic institutions. We hope to formulate effective strategies which will further shape the legal and policy framework in India, and facilitate better collaborative efforts between stakeholders.

We hope to bring together everyone who contributed to the judgment, and those who do work connected with it, so that we may build on it to seek a better legal framework to protect online speech and to discuss the threats surrounding digital rights and how best build on the foundations of the judgment.

We would be grateful if you could take out some time on Friday evening (6PM) and be a part of this important discussion. The discussion will be followed by dinner and an Open Bar for an Open Internet, which will start from 9.00 pm at the Annexe Court in the India International Centre - Annexe. In case you are unable to attend the seminar, please do join us for dinner!

Featuring:

A keynote address on our online freedoms and policymaking, by Shri Tathagata Satpathy (Member of Parliament, Lok Sabha)
A legal panel analysing the legacy of the Shreya Singhal v. Union of India judgment
Beyond Shreya Singhal: A conversation with women on the future of our digital rights
Briefings on the state of digital rights in our courts and in Parliament
A conversation on the path ahead for our civil liberties and digital rights community

For more details visit https://cis-india.org/internet-governance/news/state-of-digital-rights-in-india-delhi-march-24

State of Consumer Digital Security in India

pranav — 2021-07-05T11:07:24Z

This report attempts to identify the existing state of digital safety in India, with a mapping of digital threats, which will aid stakeholders in identifying and addressing digital security problems in the country. This project was funded by the Asia Foundation.

Since 2006, successive Union governments in India have shown increased focus on digital governance. The National e-Governance Plan was launched by the UPA government in2006, and several digital projects led by the state such as digitisation of the filing of taxes, appointment process for passports, corporate governance, and the Aadhaar programme(India’s unique digital identity system that utilises biometric and demographic data) arose under it, in the form of mission mode projects (projects that are part of a broader National e-governance initiative, each focusing on specific e-Governance aspects, like banking, land records, or commercial taxes). In 2014, when the NDA government came to power, the National e-Governance Plan was subsumed under the government’s flagship project of Digital India, and several mission mode projects were added. In the meantime, the internet connectivity, first in the form of wire connectivity, and later in the form of mobile connectivity has increased greatly. In the same period, use of digital services, first in new services native to the Internet such as email, social networking, instant messaging, and later the platformization and disruption of traditional business models in transportation, healthcare, finance and virtually every sector, has led to a deluge of digital private service providers in India.

Currently, India has 500 million internet users — over a third of its total population — making it the country with the second largest number of Internet users after China. The uptake of these technological services has also been accompanied by several kinds of digital threats that an average digital consumer in India must regularly contend with. This report is a mapping of consumer-facing digital threats in India and is intended to aid stakeholders in identifying and addressing digital security problems. The first part of the report categorises digital threats into four kinds, Personal Data Threats, Online Content Related Threats, Financial Threats, and Online Sexual Harassment Threats. Threats under each category are then defined, with detailed consumer-facing consequences, and past instances where harm has been caused because of these threats.

Read the full report here.

For more details visit https://cis-india.org/internet-governance/blog/state-of-consumer-digital-security-in-india