We are anonymous, we are legion

Sales of surveillance cameras are soaring, raising questions about privacy

Admin — 2018-10-16T14:22:55Z

The Telangana government wants more eyes on the streets to upgrade Hyderabad’s safety. It has asked enterprises, public sectors, residential associations and individuals to install closed-circuit television cameras (CCTVs) in and around their premises.

The article by Rahul Sachitanand was published in Economic Times on October 14, 2018. Elonnai Hickok was quoted.

More than a lakh CCTVs are expected to be installed across the city in the next few years. The initiative is part of the Nenu Saitham (Telugu for Me Too) project — being promoted by Hyderabad Police, which will monitor the feed. To ensure that lowquality CCTVs are not installed and the project is sustainable, the police has asked citizens to only buy from selected vendors.

With this move, launched in November 2017, the Telangana govt joins a growing list of governments, corporations, educational institutes, residential buildings and small businesses across the country that are buying such technology.

According to industry estimates, over a million surveillance units were sold every month a couple of years ago. Now it is two million. The Indian market is growing 20-25% annually, say experts. Frost & Sullivan says the security & surveillance market was worth Rs 8,200 crore in FY2017, reached Rs 11,000 crore in FY2018 and is expected to touch Rs 20,000 crore in FY2020.

The rise in CCTV coverage can also be observed anecdotally. There’s a steady uptick in CCTV clips circulating on Whatsapp, capturing crimes or funny events that would otherwise have gone undocumented. Many of the sensational crimes recently, including multiple incidents of murder in Tamil Nadu, were captured on CCTV cameras, distilling the pure horror of those moments on our mobile screens, and also offering valuable proof to nail the culprits.

The surveillance and security boom is fed by several companies, ranging from homegrown firms such as CP Plus to joint ventures such as Prama Hikvision to multinationals such as Bosch, Panasonic, Honeywell and Axis. The Telangana project, for example, helped Sweden-based Axis Communications widen its India market. It has already installed 1,500 cameras, and more will be installed soon. Other state governments have or are in the process of placing orders.

The Swedish company says it recently installed cameras and associated technology across a range of large corporate and government establishments across India. “We are at the beginning of a five-year boom cycle for these devices,” says Sudhindra Holla, sales director (India & Saarc), Axis Communications. “We are catering to a rush of orders ranging from large companies with complex security infrastructure to deals from government agencies in small towns such as Nanded and Kolhapur.”

Multiple factors are driving the growth in the CCTV segment, says Manu Tiwari, programme manager (automation and electronics practice), Frost and Sullivan. A strong government push to enhance security; purchases for initiatives such as the Smart City project, which covers 100 cities, and the Rs 2,219 crore allocated under the Nirbhaya Fund for women’s safety, which covers eight cities, are some of the growth drivers.

According to Sanjay Kaushik, managing director of security consultancy Netrika Consulting, there is a push to better use CCTV feeds to improve security across India. “While the focus hitherto has been on post facto scouting of footage to find perpetrators, organisations are now trying to be more proactive with their monitoring to spot suspicious people and packages before crimes occur.”

This could involve closely looking at footage to spot suspicious movements at places such as malls or airports or using technology to spot suspicious objects left unattended for long periods. Then, there’s also a focus on making sure the cameras are installed correctly. “Recognisability is key. Organisations are being pushed to ensure simple things like camera feeds are free of obstructions, licence plates are visible in feeds and there is adequate lighting,” adds Kaushik. Advances in technology have ensured that CCTV systems are cheaper and more accessible.

While large enterprises had taken to such technology earlier, even smaller commercial establishments and private residents now can afford to install security systems. The prices have practically halved over the last couple of years. An entry-level camera is now available for a little over Rs 2,000. “Even the cost of an integrated solution, which was as much as Rs 40,000 to Rs 50,000 three or four years ago, is today available for as little as Rs 15,000,” says Yogesh Dutta, COO of New Delhi-based CP Plus. “A rapid increase in the number of CCTVs sellers and technicians has also helped widen access.” The devices have become popular as it helps law enforcers to tackle crime, he adds.

CP Plus’s customers include Vedanta Power and Odisha Police, which has also decided to use e-surveillance to enhance security. Frost and Sullivan says small & medium enterprises and large corporations were together the biggest end-user segments in FY18. This segment had a market share of 33%. Residential had a 28% market share; the industrial segment had 18% and the government 13%, it said. Other major end-user segments are hospitality, education and healthcare.

An increase in such surveillance, however, may be double-edged, say privacy advocates. While a blanket coverage using CCTVs may give citizens a feeling of security, India’s rudimentary legislation around who can access these feeds is a problem. Some countries such as the UK and UAE have stricter guidelines on this. Law-enforcement agencies can access such feeds while following up on their investigations, says Supreme Court lawyer Karnika Seth, without procuring a warrant. “As long as it is for this purpose, it is within the purview of the law. However, with the new judgment on privacy, anything more would be a no-go area.”

The use of CCTV can potentially impinge on the rights of an individual, says Elonnai Hickok, who heads privacy research at the Centre for Internet and Society, an advocacy outfit in Bengaluru. “Technically speaking, the feed can reveal personal information about an individual, including identity, location and daily patterns. Because the feed captures individuals in public spaces, it is not possible for people to have an opt-out option. The access and use of the data are often unclear.” Regulations are starting to address the use of CCTV imagery in some places. The European Union’s General Data Protection Regulation, for example, has recognised that imagery that identifies an individual is personal data and thus requires lawful, fair and transparent processing.

The draft data protection bill by the Srikrishna committee also says CCTV imagery would be considered personal data. If CCTV cameras are put in place by a private actor, Hickok contends, they would need to adhere to the principles laid out in chapters II and III of the draft — which covers fair and reasonable processing, purpose limitation, collection limitation, lawful processing, notice, data quality, data storage limitation, accountability and consent.

For feeds used by the state for reasons such as public safety, the consent clause will not apply. But state actors will still need to adhere to the principles laid out in chapter II. If CCTVs are used for the purpose of prevention, detection, investigation and prosecution of a crime, it will be exempt from adhering to the requirements of the bill. However, this use must be backed by a law passed in Parliament and the data cannot be retained once its purpose has been met.

There are more legal restrictions if the CCTV application is integrated with capabilities that capture biometrics. "Clear responsibilities and reasons should be enunciated, the policies should be clearly documented and publicised and, importantly, the cost and benefits should be ascertained," Hickock argues. ¡§It is important to have technical safeguards like encryption and procurement guidelines.

Legal and privacy issues aside, the commercial aspect is clearly looking bright. Prama Hikvision, a Chinese-Indian joint venture, has invested Rs 100 crore in a factory in Bhiwandi to make 500,000 cameras a month. A second factory, possibly in Telangana, is expected to go on stream soon, with a monthly capacity of 1,50,000 units. "CCTVs have gone from being used by a sliver of companies, primarily banks and jewellers, to being adopted by a much broader audience," says Ashish Dhakan, MD and CEO, Prama Hikvision. "Our client list includes companies in the sectors of transportation, power, petroleum, oil and gas and retail."

Another trend market players have spotted is a shift from analog, which used tapes to record footage, to digital systems, where recording time and storage space are not major constraints. "We see continuous enhancement to megapixel (displays) from lowresolution, improved compression technology. This allows more data, more storage capacity, and overall lowering of cost for storage recording devices," says Sharad Yadav, general manager, Honeywell Building Technologies, India. Frost and Sullivan analyst Tiwari lists emerging offerings - including intelligent video surveillance, wireless systems and higher resolution of visuals - as features that will define the next-generation devices.

But digital also comes with some dangers. As CCTV cameras go from standalone devices to being digital and connected ones, experts say there is a risk of hacking. Hackers may also be able to use the network as a gateway. This could give hackers access to much more than just the camera feed. "Cybersecurity is a constant focus for us," says Holla of Axis Communications. "While no camera is hackproof, we believe we have built enough capabilities to react to these hacks and quickly release patches to secure them."

Others such as Hickok of CIS say more safeguards are required. "Technical safeguards like encryption and procurement guidelines are also important, as has been highlighted by the UK Information Commissioner's Office," she says. Keeping the cameras safe may be as important as safeguarding the lives these devices monitor.

For more details visit https://cis-india.org/internet-governance/news/economic-times-rahul-sachitanand-october-14-2018-sales-of-surveillance-cameras-are-soaring-raising-questions-about-privacy

Russian social network VKontakte temporarily blocked in India for Blue Whale threat

Admin — 2017-09-14T01:17:51Z

Russian social network Vkontakte, where the suicidal online "game" Blue Whale+ is believed to have originated, was blocked on certain internet service provider networks on Tuesday.

The article by Kim Arora was published in the Times of India on September 12, 2017.

Internet users accessing the website through ACTFibernet in Bengaluru and Chennai, as well as YouBroadband in Bengaluru reported that visiting the its URL vk.com resulted in a page bearing the message: "The URL has been blocked as per the instructions of the Competent Government Authority/in compliance to the orders of the Court of Law." A senior official in the union ministry of electronics and information technology (MeitY) confirmed the block.

"Vkontakte has been blocked temporarily. We understand that it has been used for Blue Whale+ in the past, and are trying to ascertain its current usage. Law enforcement agencies are investigating the suspected cases of Blue Whale suicides and the modus operandi. We have held meeting with internet companies. We are taking several multi-dimensional ways of containing the Blue Whale threat in India," says Dr Ajay Kumar, additional secretary at the MeitY.

While blocked on some networks, vk.com was accessible on several other mobile internet networks such as Idea, Airtel, Vodafone, Jio etc on Tuesday afternoon.

The Blue Whale challenge involves a "curator" or "administrator" guiding a participant through a set of tasks involving self-harm culminating in suicide. These interactions happen through various online channels, like messaging apps or social networks, and allegedly involve participants uploading pictures after completing tasks like inflicting cuts on their bodies. In the last two to three months, India has seen several cases of young persons and teenagers attempting or committing suicide allegedly as part of the Blue Whale challenge.

Rohini Lakshane, program officer at Bengaluru's Centre for Internet and Society points to the lack of hard evidence definitively connecting the suicides to the Blue Whale game in India, and also to hoax-debunking websites that have questioned the veracity of the game. "If the game is so clandestine, then URL-level blocking will not work. Suicide is a mental health issue. Since the affected group here is teenagers, it would make sense for parents and school counselors to educate the children about the evils that exist online," she says.

For more details visit https://cis-india.org/internet-governance/news/the-times-of-india-kim-arora-russian-social-network-vkontakte-temporarily-blocked-in-india-for-blue-whale-threat

Rural Indians don’t trust messages on WhatsApp blindly: Survey

Admin — 2018-10-28T06:21:34Z

Only 8% of the respondents marked 10 as their trust score on a scale of 1-10, where 1 stands for complete distrust and 10 for complete trust, in information received on WhatsApp, found a survey.

The article by Vidhi Choudhary was published in the Hindustan Times on October 19, 2018. Sunil Abraham was quoted.

WhatsApp users in rural India do not blindly trust messages they receive on the messaging service, according to a limited survey across 14 states, a finding that must provide some cheer to law enforcement officials and policymakers trying to combat fake news and rumours, and to the messaging service itself.

Only 8% of the respondents marked 10 as their trust score on a scale of 1-10, where 1 stands for complete distrust and 10 for complete trust, in information received on WhatsApp, found a survey conducted by Digital Empowerment Foundation (DEF), a New Delhi-based non-profit organisation that seeks to find solutions to bridge the digital divide.

To be sure, the Digital Empowerment Foundation survey titled “What’s up Rural India?” recorded responses from only 1018 rural users in 14 states including districts like Bettiah in Bihar, Barabanki in Uttar Pradesh, Chamba, Narendra Nagar and Pratapnagar in Uttarakhand, Betul and Guna in Madhya Pradesh, Musiri in Tamil Nadu, Memboobnagar, Vikarabad and Warangal in Telangana and Alwar and Barmer in Rajasthan among others, and only a larger survey can authoritatively weigh in on the trust people have in the messaging service.

Since May, at least 30 people have been lynched by mobs with rumours on the messaging platform being responsible for some of the incidents. Fake videos and rumours of child-lifting circulated via WhatsApp have triggered lynchings in at least eight states. The Indian government wrote to WhatsApp about the incidents and the platform, owned by Facebook Inc made some changes, including a clear labelling of forwarded messages as well as limiting the number of forwards to tackle the spread of rumours and Fake News.

WhatsApp has over 200 million users in India, its largest market, and India’s chief election commissioner OP Rawat said in a recent interview with Hindustan Times that attempts to influence poll outcomes using technology was the biggest challenge before his organization, which is responsible for the conduct of polls in India.

According to the DEF survey, almost 70% of the respondents rated their trust score between 1-5. “This composition of trust is unlike what I’d imagined. Users in rural India have exercised restraint in believing the information they get from WhatsApp. They still prefer to check with peers and local communities about what is right and wrong,” said Osama Manzar, founder and director at DEF.

What’s up, rural India?

Survey on WhatsApp by Digital Empowerment Foundation:

It is heartening to know people in rural India are sceptical about messages shared on WhatsApp, said Sunil Abraham co-founder at think-tank Centre for Internet and Society. “It’s a societal learning curve. Most of these users have been exposed to WhatsApp over the last one year. Previous incidents where trust has been misused is perhaps a reason for their apprehension. Their scepticism will grow in the light of all the disappointments that have happened. Ask them this question in 2019 and the numbers are likely to rise further,” added Abraham. Statistics in terms of overall usage of WhatsApp shows that about 66% rural users interviewed in the survey spend 1-4 hours on the messaging app daily, 46% receive between 11-60 messages in a day, 38% are active on upto five WhatsApp groups with a majority being in groups with friends, followed by work colleagues, and family. Experts said the usage of WhatsApp in rural India is surprisingly high. The high usage can be attributed to the rise of smartphone penetration in these areas.

A majority of 88% users also knew what a WhatsApp forward is and 45% said they receive between 6-20 forwarded messages in a day. In July, WhatsApp launched a label to identify forwarded messages in a bid to combat fake news and the spread of misinformation globally, including India. It later set a limit to the use of forwarded messages to 5 chats in India.

In response to an email query, WhatsApp said it has made product changes that make it clear when users have received forwarded messages and also provided greater controls for group administrators to help reduce the spread of unwanted messages in private chats.

“WhatsApp is a private messaging service for communicating with friends and family... We are working together with a number organisations to step up our education efforts so that people know how to spot fake news and hoaxes circulating online. It is heartening to note that these efforts are making a difference and keeping our users safe,” said a WhatsApp spokesperson.

Among other findings, about 40% of respondents said they were part of WhatsApp groups created by members or representatives of political parties.

“This reflects the level of campaigning and penetration of political parties. Villages are always politically sensitive and also interested in politics,” said Manzar.

Interestingly, the survey noted that 63% of the respondents were not on the service in 2014. WhatsApp will play a key role in the campaigns for 2019 as this will be the first election with a host of rural India users actively part of the service.

Data shows that the share of active WhatsApp users in rural India has doubled since 2017, according to a survey done by the Centre for the Study of Developing Societies. Abraham added this means political parties have a “direct channel” of communication with a “huge percentage of the voter base”.

For more details visit https://cis-india.org/internet-governance/news/hindustan-times-october-19-2018-vidhi-choudhary-rural-indians-don-t-trust-messages-on-whatsapp-blindly-survey

Ruling in India shields Web posts

praskrishna — 2015-03-27T00:38:34Z

The Supreme Court in India struck down a section of its country’s information technology act Tuesday that had made it illegal for anyone to spread ‘‘offensive messages’’ on electronic devices and resulted in arrests over posts on Facebook and other social media.

This is the modified version of the article originally published by Washington Post and mirrored in Boston Globe. Sunil Abraham is quoted. Picture by Manjunath Kiran, AFP.

Supreme Court Judge Rohinton Fali Nariman wrote in the ruling that the section of the law, known as 66A, was unconstitutional, saying the vaguely worded legislation had wrongly swept up innocent people and had a ‘‘chilling’’ effect on free speech in the world’s most populous democracy.

‘‘Section 66A is cast so widely that virtually any opinion on any subject would be covered by it,’’ the judge wrote. ‘‘If it is to withstand the test of constitutionality, the chilling effect on free speech would be total.’’

India had first passed its Information Technology Act in 2000, but stricter provisions were added in 2008 and ratified in 2009 that gave police sweeping authority to arrest citizens for their personal posts on social media, a crime punishable for up to three years in jail and a fine.

Sunil Abraham, the executive director of the Center for Internet and Society in Bangalore, said that the section was originally intended to protect citizens from electronic spam, but it did not turn out that way.

‘‘Politicians who didn’t like what people were saying about them used it to crack down on online criticism,’’ he said.

In the end, there were more than 20 high-profile arrests, including a professor who posted an unflattering cartoon of a state political leader and an artist who drew a set of cartoons lampooning the government and Parliament.

The most well-known was the case of two young women arrested in the western town of Palghar after one of them posted a comment on Facebook that argued that the city of Mumbai should not have been shut down for the funeral of a famous conservative leader. A friend, who merely ‘‘liked’’ the post, was also arrested. After much outcry, the two were released on bail and the charges eventually dropped.

The case of the ‘‘Palghar Girls’’ inspired a young law student, Shreya Singhal, to take on the government’s law. Singhal became the chief petitioner for the case, along with other free speech advocates and an Indian information technology firm.

‘‘It’s a big victory,’’ Singhal said after the ruling. ‘‘The Internet is so far-reaching and so many people use it now, it’s very important for us to protect this right.’’

Singhal and other petitioners had also argued that another section of India’s technology act that allowed the government to block websites containing questionable material were also unconstitutional, but the court disagreed, saying there was a sufficient review process in place to avoid misuse.

Free speech in India is enshrined in the country’s constitution but has its limits. Books and movies are often banned or censored out of consideration for religious and minority groups.

In 2014, a conservative Hindu group persuaded Penguin India to withdraw a book on Hinduism by Wendy Doniger, a professor of religion at the University of Chicago, from the Indian market. And more recently, the government of India blocked a planned television debut of a documentary film on a 2012 gang rape case, ‘‘India’s Daughter.’’

Along with India, other nations have sharply increased monitoring and crackdowns on perceived insulting Web posts in recent years.

Across the Gulf Arab states, dozens of activists have been arrested for social media posts considered insulting to the country’s rulers or tarnishing the national image.

For more details visit https://cis-india.org/internet-governance/news/boston-globe-march-25-2015-annie-gowen-ruling-in-india-shields-web-posts

Rule 419A of the Indian Telegraph Rules, 1951

jdine — 2013-11-19T07:16:04Z

The Central Government made the following rules to amend the Indian Telegraph Rules, 1951.

G.S.R. 193 (E).— In exercise of the powers conferred by Section 7 of the Indian Telegraph Act, 1885 (13 of 1885), the Central Government hereby makes the following rules further to amend the Indian Telegraph Rules, 1951, namely:—

10 (1) These rules may be called the Indian Telegraph (Amendment) Rules, 2007.

(2) They shall come into force on the date of their publication in the Official Gazette.

20 In the Indian Telegraph Rules, 1951, after rule 419, the following rule shall be substituted, namely:—

[1] 419-A. (1) Directions for interception of any message or class of messages under sub-section (2) of Section 5 of the Indian Telegraph Act, 1885 (hereinafter referred to as the said (Act) shall not be issued except by an order made by the Secretary to the Government of India in the Ministry of Home Affairs in the case of Government of India and by the Secretary to the State Government in-charge of the Home Department in the case of a State Government. In unavoidable circumstances, such order may be made by an officer, not below the rank of a Joint Secretary to the Government of India, who has been duly authorized by the Union Home Secretary or the State Home Secretary, as the case may be:

Provided that in emergent cases—

(i) in remote areas, where obtaining of prior directions for interception of messages or class of messages is not feasible; or
(ii) for operational reasons, where obtaining of prior directions for interception of message or class of messages is not feasible;

the required interception of any message or class of messages shall be carried out with the prior approval of the Head or the second senior most officer of the authorized security i.e. Law Enforcement Agency at the Central Level and the officers authorised in this behalf, not below the rank of Inspector General of Police at the state level but the concerned competent authority shall be informed of such interceptions by the approving authority within three working days and that such interceptions shall be got confirmed by the concerned competent authority within a period of seven working days. If the confirmation from the competent authority is not received within the stipulated seven days, such interception shall cease and the same message or class of messages shall not be intercepted thereafter without the prior approval of the Union Home Secretary or the State Home Secretary, as the case may be.

(2) Any order issued by the competent authority under sub-rule (1) shall contain reasons for such direction and a copy of such order shall be forwarded to the concerned Review Committee within a period of seven working days.

(3) While issuing directions under sub-rule (1) the officer shall consider possibility of acquiring the necessary information by other means and the directions under sub-rule (1) shall be issued only when it is not possible to acquire the information by any other reasonable means.

(4) The interception directed shall be the interception of any message or class of messages as are sent to or from any person or class of persons or relating to any particular subject whether such message or class of messages are received with one or more addresses, specified in the order, being an address or addresses likely to be used for the transmission of communications from or to one particular person specified or described in the order or one particular set of premises specified or described in the order.

(5) The directions shall specify the name and designation of the officer or the authority to whom the intercepted message or class of messages is to be disclosed and also specify that the use of intercepted message or class of messages shall be subject to the provisions of sub-section (2) of Section 5 of the said Act.

(6) The directions for interception shall remain in force, unless revoked earlier, for a period not exceeding sixty days from the date of issue and may be renewed but the same shall not remain in force beyond a total period of one hundred and eighty days.

(7) The directions for interception issued under sub-rule (1) shall be conveyed to the designated officers of the licensee(s) who have been granted licenses under Section 4 of the said Act, in writing by an officer not below the rank of Superintendent of Police or Additional Superintendent of Police or the officer of the equivalent rank.

(8) The officer authorized to intercept any message or class of message shall maintain proper records mentioning therein, the intercepted message or class of messages, the particulars of persons whose message has been intercepted, the name and other particulars of the officer or the authority to whom the intercepted message or class of messages has been disclosed, the number of copies of the intercepted message or class of messages made and the mode or the method by which such copies are made, the date of destruction of the copies and the duration within which the directions remain in force.

(9) All the requisitioning security agencies shall designate one or more nodal officers not below the rank of Superintendent of Police or Additional Superintendent of Police or the officer of the equivalent rank to authenticate and send the requisitions for interception to the designated officers of the concerned service providers to be delivered by an officer not below the rank of Sub-lnspector of Police.

(10) The service providers shall designate two senior executives of the company in every licensed service area/State/Union Territory as the nodal officers to receive and handle such requisitions for interception.

(11) The designated nodal officers of the service providers shall issue acknowledgment letters to the concerned security and Law Enforcement Agency within two hours on receipt of intimations for interception.

(12) The system of designated nodal officers for communicating and receiving the requisitions for interceptions shall also be followed in emergent cases/unavoidable cases where prior approval of the competent authority has not been obtained.

(13) The designated nodal officers of the service providers shall forward every fifteen days a list of interception authorizations received by them during the preceding fortnight to the nodal officers of the security and Law Enforcement Agencies for confirmation of the authenticity of such authorizations. The list should include details such as the reference and date of orders of the Union Home Secretary or State Home Secretary, date and time of receipt of such orders and the date and time of Implementation of such orders.

(14) The service providers shall put in place adequate and effective internal checks to ensure that unauthorized interception of messages does not take place and extreme secrecy is maintained and utmost care and precaution is taken in the matter of interception of messages as it affects privacy of citizens and also that this matter is handled only by the designated nodal officers of the company.

(15) The service providers are responsible for actions for their employees also. In case of established violation of license conditions pertaining to maintenance of secrecy and confidentiality of information and unauthorized interception of communication, action shall be taken against the service providers as per Sections 20, 20-A, 23 & 24 of the said Act, and this shall include not only fine but also suspension or revocation of their licenses.

(16) The Central Government and the State Government, as the case may be, shall constitute a Review Committee. The Review Committee to be constituted by the Central Government shall consist of the following, namely:

(a) Cabinet Secretary — Chairman

(b) Secretary to the Government of India Incharge, Legal Affairs — Member

The Review Committee to be constituted by a State Government shall consist of the following, namely:

(a) Chief Secretary — Chairman

(b) Secretary Law/Legal Remembrancer Incharge, Legal Affairs — Member

(17) The Review Committee shall meet at least once in two months and record its findings whether the directions issued under sub-rule (1) are in accordance with the provisions of sub-section (2) of Section 5 of the said Act. When the Review Committee is of the opinion that the directions are not in accordance with the provisions referred to above it may set aside the directions and orders for destruction of the copies of the intercepted message or class of messages.

(18) Records pertaining to such directions for interception and of intercepted messages shall be destroyed by the relevant competent authority and the authorized security and Law Enforcement Agencies every six months unless these are, or likely to be, required for functional requirements.

(19) The service providers shall destroy records pertaining to directions for interception of message within two months of discontinuance of the interception of such messages and in doing so they shall maintain extreme secrecy.

[1].Subs, by G.S.R. 193 (E), dated 1.3.2007 (w.e.f. 12.3.2007).

For more details visit https://cis-india.org/internet-governance/resources/rule-419-a-indian-telegraph-rules-1951

RTI response regarding the UIDAI

vanya — 2015-12-22T02:57:21Z

This is a response to the RTI filed regarding UIDAI

The Supreme Curt of India, by virtue of an order dated 11th August 2015, directed the Government to widely publicize in electronic and print media, including radio and television networks that obtaining Aadhar card is not mandatory for the citizens to avail welfare schemes of the Government. (until the matter is resolved). CIS filed an RTI to get information about the steps taken by Government in this regard, the initiatives taken, and details about the expenditure incurred to publicize and inform the public about Aadhar not being mandatory to avail welfare schemes of the Government.

Response: It has been informed that an advisory was issued by UIDAI headquarters to all regional offices to comply with the order, along with several advertisement campaigns. The total cost incurred so far by UIDAI for this is Rs. 317.30 lakh.

Download the Response

For more details visit https://cis-india.org/internet-governance/blog/rti-response-regarding-the-uidai

RTI regarding Smart Cities Mission in India

Paul Thottan — 2016-04-21T02:25:28Z

Centre for Internet & Society (CIS) had filed an RTI on 3 February 2016 before the Ministry of Urban Development (MoUD) regarding the Smart Cities Mission in India. The RTI sought information regarding the role of various foreign governments, private industry, multilateral bodies that will provide technical and financial assistance for this project and information on Government agreements regarding PPP’s for financing the project.

A response to the RTI is here.

The various government, private industry and civil society actors involved in the Smart Cities Mission.
The various agreements the Government has undertaken through PPP’s for financing the mission.
Role of private companies in this project.
The process for selecting the cities for this mission and ministry responsible for this task.
The various international organisations, foreign governments and multilateral bodies that will provide technical and financial assistance for this project.

The MoUD sent its reply to the RTI application and the response is as follows:

With reference to the first query, the answer provided was that the mission statement and guidelines are available on the Missions website - smartcities.gov.in. This mission statement essentially envisages the role of citizens/citizen groups such as Resident Welfare Associations, Taxpayers Associations, Senior Citizens and Slum Dwellers Associations etc, apart from the government of India, States, Union Territories and Urban local bodies.
Regarding information about agreements for the purpose of financing the project, it has been provided in the response that the Ministry would facilitate the execution of MoU’s between Foreign Agencies and States/UT’s for assistance under this mission. The two agreements that have been executed include the MoU between the United States Trade and Development Agency (USTDA) and the French Agency for Development (AFD) for the States/UT’s of Andhra Pradesh, Uttar Pradesh, Rajasthan, Maharashtra, Chandigarh and Puducherry. They have also provided us with copies of the same and they have been summarised below. They also go on to state that various countries like Spain, Canada, Germany, China, Singapore, UK and South Korea have also shown interest in collaborating with the Ministry for the development of Smart Cities.
CIS sought the documents relating to role of private actors in this field. This information could not be provided by the Department since it was not available with them. Further, an application has been sent to the SC-III Division for providing the information directly to us.
As regards the fourth query, the information provided states that the role of the government, States/UT’s and Urban Local Bodies has been envisaged in para 13 of the Smart Cities Mission Statement - smartcities.gov.in
With respect to the query regarding the foreign actors involved, the information provided states that the documents relating to the involvement of the same are scattered in different files. Compilation of such information would divert the limited resources of the Public Authority disproportionately. Another application must be filed if any specific information is required.

Copies of several MoUs signed between Foreign Development Agencies and States (for the respective cities) that were shared with us are:

Memorandum of Understanding between the United States Trade and Development Agency(USTDA) and the Government of Andhra Pradesh of the Republic of India on Cooperation to support the development of Smart Cities in Andhra Pradesh-namely Visakhapatnam.
Memorandum of Understanding between the United States Trade and Development Agency (USTDA) and the Government of Rajasthan of the Republic of India on Cooperation to support the development of Smart Cities in Rajasthan- namely Ajmer.
Memorandum of Understanding between the United States Trade and Development Agency (USTDA) and the Government of Uttar Pradesh of the Republic of India on Cooperation to support the development of Smart Cities in Uttar Pradesh- namely Allahabad.
Memorandum of Understanding between the Agence Francaise De Developpement and the Government of the Union Territory of Chandigarh of the Republic of India on Technical Cooperation in the field of Sustainable Urban Development.
Memorandum of Understanding between the Agence Francaise De Developpement and the Government of Maharashtra on Technical Cooperation in the field of Sustainable Urban Development.
Memorandum of Understanding between the Agence Francaise De Developpement and the Government of the Union Territory of Puducherry of the Republic of India on Technical Cooperation in the field of Sustainable Urban Development.

Key clauses under the MoU between the United States Trade and Development Agency (USTDA) and the governments of Andhra Pradesh, Rajasthan and Uttar Pradesh are:

The MoU undertaken by the USTDA for the development of Visakhapatnam, Allahabad and Ajmer clearly establishes that the document only cements the intention of the body to assist in the development of these cities and funding must be addressed separately.
The USTDA intends to contribute specific funding for feasibility studies, study tours, workshops/training, and any other projects mutually determined, in furtherance of this interest. The USTDA will also fund advisory services for the same.
The USTDA will seek to bring in other US government agencies such as the Department of Commerce, the US Export Import Bank and other trade and economic agencies to encourage US-India infrastructure development cooperation and support the development of smart cities in Vishakhapatnam, Allahabad and Ajmer.
One of the key points the USTDA stresses on is the creation of a Smart Solutions for Smart Cities Reverse Trade Mission, where Indian delegates will get a chance to showcase their methodologies and inventions in the United States.
The MoU also talks about involving industry organisations in the development of Smart Cities, to address important aviation and energy related infrastructure connected to developing smart cities.
The respective State Governments of the cities will provide resources for the development of these smart cities, including technical information and data related to smart cities planning; staff, logistical and travel support, and state budgetary resources will be allocated accordingly.

Key clauses under the MoU between the Agency Francaise De Developpement (AFD) and the governments of Maharashtra, Chandigarh and Puducherry are:

The MoU with AFD is along the same lines but with more detail provided in the field of research in sustainable urban development. It comprises of four articles dealing with implementation, research, resource allocation and cooperation.
The AFD clearly states that it will adopt an active role in managing and implementing the project.
The AFD will equip the respective state governments with a technical cooperation programme which will include a pool of French experts from the public sector, complemented by experts from the private sector.
The MoU goes on to state the various vectors of sustainable urban development that will be the focal point of this project – urban transport, water and waste management, integrated development and urban planning, architecture and heritage, renewable energy, energy efficiency etc.
Apart from strategizing, the AFD looks to provide technical support as well. This technical expertise would be used to strengthen strategy and management of urban services in the city.
They would also play a key role in management through the creation of a Special Purpose Vehicle(SPV) to build strategic management (Human Resources, finance, potential market assessment) and capacity building for financial management.
As per Article II of the MoU, this support framework will be accompanied by annual reviews, a policy similar to the USTDA Smart Solutions for Smart Cities Reverse Mission with Indian and French counterparts, collaboration between academic and research institutions for the exchange of information, documentation and results of research in the field of smart cities (a key policy to establish firm research groundwork and increase cooperation and innovation), capacity building research and development.
Article III of the MoU deals with resource allocation wherein the respective State Governments will assist AFD by providing technical information and data related to smart cities planning, and also meet their logistical requirements.

For more details visit https://cis-india.org/internet-governance/blog/rti-on-smart-cities-mission-in-india

RTI on Officials and Agencies Authorized to Intercept Telephone Messages in India

praskrishna — 2013-07-15T05:23:54Z

In an RTI mailed on April 17, 2013, the Centre for Internet and Society sought comprehensive information on the officials and agencies authorized to intercept telephone messages in India.

A portion of the RTI still awaits response, as it was redirected to the Department of Electronics and Information Technology. But on May 23, 2013 Rakesh Mittal of the Ministry of Home Affairs responded in brief and directed us to the 2007 Amendment to the 1885 Indian Telegraph Act.

Referring to rule 419-A of the amendment and the Ministry of Home Affairs website, we find that within central government the power to order communications surveillance is normally reserved for Union Home Secretary, a position held by Shir Anil Goswami as of June 30, 2013 (previously R.K. Singh). The amendment goes on to say, “In unavoidable circumstances,” however, such an order can be commanded by a Joint Secretary who has been authorized by Union Home Secretary Goswami. On the federal level, the Ministry of Home Affairs includes nearly 20 such Joint Secretaries able to be authorized for making interception commands.

A listing of the original question requests are given below:

Please provide a list containing name, rank and office address of the officers/agencies authorized by the Central Government to issue an order for interception under section 5(2) of the Telegraph Act, 1885
Please provide a list containing name, rank and office address of the officers authorized to issue interception orders under Rule 419A(1) of the Telegraph Rules, 1951 in unavoidable circumstances when such orders cannot be issued by the secretary to the Government of India, Ministry of Home Affairs.
Please provide a list containing the name, rank and office address of the officers/agencies designated as “competent authority” in terms of the Rule 419A(1) proviso of the Telegraph Rules, 1951.
Please provide a list of the agencies authorized by the Central Government to intercept, monitor, decrypt any information generated, transmitted, received or stored in any computer resource under section 69(1) of the Information Technology Act, 2000.
Please provide a list of the agencies authorized by the Central Government to monitor and collect traffic data or information generated, transmitted, received or stored in any computer resource under section 69-B of the Information Technology Act, 2000.
Please provide a list containing name, rank and office address of the officers/agencies authorized to issue interception orders under Rule 3, first proviso, of the Information Technology (Procedure and Safeguards for Interception, Monitoring and Decryption of Information) Rules, 2009.
Please provide a list of the agencies authorised to intercept, monitor, decrypt any information generated, transmitted, received or stored in any computer resource under Rule 4 of the Information Technology (Procedure and Safeguards for Interception, Monitoring, and Decryption of Information) Rules, 2009.

For more details visit https://cis-india.org/internet-governance/resources/rti-on-officials-and-agencies-authorized-to-intercept-telephone-messages-in-india

RTI on Complaints under Section 79 of IT Act

praskrishna — 2013-06-12T09:50:40Z

The Department of Electronics and Information Technology, Ministry of Communications and Information Technology, gave its reply to an RTI application filed by Saket Bisani. We are reproducing the text below:

No. 14(146)/2012-ESD
M/o Communications & Information Technololgy
Department of Electronics & Information Technology
Electronics Niketan,6, CGO Complex
New Delhi-110003

																					Dated: 15.1.13

Subject: RTI application received from Shri Saket Biswani

With reference to your RTI application requesting for the following information.

In an article titled "We believe in the freedom of speech and expression" published in Mint of February 1, 2012, Dr. Gulshan Rai has been quoted saying:

"if the police say something has to be disabled, we tell then (Google and others) that a complaint has come under section 79 of the IT Act. We feel them: "we're bringing it to your notice. Please look at it and do whatever best you can do under the law."

With respect the above quote I request you to provide me the following information under Right to Information Act, 2005:

Please provide me a copy of every complaint that has been received by the Department of Information Technology (now the Department of Electronics and Information Technology) under Section 79 of the Information Technology Act, 2000.
Please provide me a copy of every notice and complaint that your office has sent pursuant to complaints received under section79 of the Information Technology Act, 2000.

The information as received from the custodian of the information is placed below:

Department of Electronics and Information Technology has not received any complaint quoting specifically under Section 79 of the Information Technology Act,2000.
Not applicable.

																		(A.K. Kaushik) Additional Director & CPIO (E-Security & Cyber Laws)

Shri Saket Bisani
No. 194, 2nd ׳C Cross
Domlur 2nd Stage *
Bangalore-560 071

Read a scanned version of the reply that we got from the Department of Electronics and Information Technology.

For more details visit https://cis-india.org/internet-governance/resources/rti-on-complaints-under-it-act-section-79

RTI and Third Party Information: What Constitutes the Private and Public?

Noopur Raval — 2011-11-24T09:21:20Z

The passing of the Right to Information Act, 2005 was seen as giving an empowering tool in the hands of the citizens of India, six years post its implementation, loopholes have surfaced with misuse of the many fundamental concepts, which have yet not been defined to allow for a consistent pattern of decisions. Among many problems that emerge with the Act, a major problem is defining the extent to which an individual has access to other people’s information. While most of us tend to think that asking for other people’s phone numbers, personal details like passport number or IT returns are private and would be kept so, under the RTI Act and as seen in the Central Information Commission (CIC) decisions, all of these details can be availed of by someone who doesn’t know you at all!

According to section 2 (n) of the RTI Act, 2005, 'third party' means a person other than the citizen making a request for information and includes a 'public authority'. This implies that the term 'third party' includes anyone other than the appellant or the respondent. In matters where an appellant is seeking information not regarding his or her own activities, or is asking for details of shared records that list details of several persons other than him or her, information cannot be provided until the ‘third party’ consents to disclosure and subsequently until the Central Public Information Office (CPIO), after considering the implications of such disclosure allows it. Section 11 (1) the Act provides the procedure to access third party information wherein the appellant needs to request for the third party’s consent after which the CPIO will produce a written request to the 'third party' and within a stipulated time period obtain their response. However, it is not the information bearer (third party) who holds the key to disclosure. The power, by the RTI Act, 2005, is vested in the public information officer who will then, either see a 'larger public interest', or otherwise allow disclosure based on the merits of the case.

In such a situation, it is interesting to see who the Central Information Commission (CIC) regards as 'third party'. While going through the judgments delivered by the CIC, one comes across several judgments that tell you who can and who cannot access your information. While a son or daughter naturally inherits his/her father’s wealth, land or other possessions, they do not inherit his position for obtaining information. This is just one instance. Similar holds true for access to information of a deceased kin. Unless the public information officer sees a ‘larger public interest’ in disclosure of such information, it cannot be revealed even to the deceased’s wife, husband or children unless they hold a power of attorney specifically to a right to access information.

This brings us to the question of ‘larger public interest’ and what information can be delved to anyone for this cause. While the RTI Act, 2005, clearly states that the appellant needs not a reason to ask for any information, it is largely based on the public information officer’s inference as to what the appellant may do with the data and hence, maybe deemed as acting in public interest or for personal gains. This also produces positions of potential criminality and the need for State subjects to prove themselves as ideal information seekers, void of malice in order for the public information officer to rule in their favour.

Third party position is a problematic one as it only goes so far as to define the state-mediated interaction between two subjects in relation to each other through legal machinery that holds massive discretionary powers to disclose or withhold information. Hence, while, in relation to ‘third party’, a subject may need to justify his larger benevolent interests, the State finds no problems revealing or disclosing information for its own good. In Shri Rajender Kumar Arya vs Dy. Commissioner of Police (DCP), (4 March 2009), the commission ruled that they now have the decision of the Madras High Court in the context of right to privacy in light of the RTI Act. The Madras High Court observed that with the advent of the Right to Information Act, section 3 of the Act entitles a citizen to the right of information. Section 4(2) of the said Act obliges a public authority to disclose information to common people. Even personal information or information, which may otherwise amount to an invasion of privacy, may also be disclosed if the larger public interest so warrants. The court in fact came to the conclusion that the right to privacy virtually fades out in front of the 'Right to Information' and 'larger public interest’. This tells us that ‘third party’ is a mere negotiating position from which the State itself regulates information flow to citizens and can revoke these privileges as and when needed.

Moreover, there is no clear definition to the ‘larger public interest’ or ‘invasion of privacy’. In several judgments, the committee upholds principles of natural justice to justify instance of public good but these cannot be upheld for all decisions. It is also interesting to see what comes under the purview of ‘public information’. It’s a misconception if you think that you hold the right to revealing your age, birth date, place you belong to, your marks, the rank that you hold, the salary you get, the returns you file or subsequently any of this information regarding your children. As upheld in Madhulika Rastogi vs Regional Passport Office, New Delhi, on 4 February 2009, M. Rajamannar vs PIO, AC Division, Indira Gandhi National Open University on 18 February 2009 and A.V.Subrahmanyam vs BSNL, Hyderabad on 16 February 2009 — the judgments illustrate that information submitted to public authorities at any point in time whether to get admitted to school, to get a license, to pass a public services examination or even file a divorce; all qualify for access to other people because they have been knowingly submitted to the public domain. A lot of sensitive information like passport details, telephone call records and medical records that can map intimate interactions of a person’s daily life can also be obtained if larger public interest is proven.

Hence, it becomes important to revise and rethink the commonly accepted notions of privacy, especially when information gains such strategic importance as well as fluidity through fast expanding platforms as well as tools such as RTI. While one may confidently think that information generated by the self, pertaining to one’s own business and life rightfully belongs to the private domain, it is very important to realize the constantly looming hold of the State to any information. In such a situation, what you can claim as private data totally depends on how much common interest it garners.

For more details visit https://cis-india.org/internet-governance/blog/rti-and-third-party-info

Roundtable: Identifying and Limiting Hate Speech and Harassment Online

praskrishna — 2016-08-09T13:31:58Z

Japreet Grewal attended this event organized by Software Freedom Law Centre at Constitution Club Of India, Rafi Marg, New Delhi on July 28, 2016.

See the original report published by SFLC here.

SFLC.in organized a roundtable discussion on 28^th July, 2016 in New Delhi to initiate a focused and collaborative dialogue around the increasingly important issues of online harassment and hate speech. This roundtable was intended as the first in a series of discussions around said issues, and was attended by representatives from various stakeholder groups including intermediary platforms, civil society groups, and media houses, along with individuals who had personally experienced such online abuse & harassment. The core objective of this discussion was to recognize and understand the vast range of concerns that exist in this sphere, in an effort to develop a framework for the regulation of such activities, without stepping on the right to freedom of expression. The discussion was conducted under Chatham House rules so as to facilitate an uninhibited exchange of views.

Over the course of the event, the complex and multifaceted nature of its overarching theme unraveled, as the discussion moved from underlying social constructs, to responsibilities of intermediary platforms, adequacy of existing laws, sensitization of everyday users and effective handling of grievances by law enforcement agencies. At the very outset, it was highlighted that social media platforms, with their increasing popularity, are being considered centralized hubs for businesses and others. However, individuals, communities & institutions often find themselves at the receiving end of sustained abuse and threats either on grounds of their actual or perceived characteristics, or over their online expression. The dynamic discussion that ensued brought to light significant concerns that would require a collaborative effort across stakeholder groups to address. For the sake of clarity, we are categorizing these learnings under the following heads:

Conceptual understanding of online harassment and hate speech: It was discussed at length that hate speech and speech that culminates in harassment on the online sphere, are reflective of the social outlook of the country at large. Women were seen as more frequent targets of harassment in the form of rape threats, sexual remarks, and name calling, whereas men are mostly called out for their beliefs and opinions. When discussing hate speech relations, it was considered important to take note of the power dynamics at play amongst the stronger groups, and the vulnerable ones. Limiting such content gets specially complicated considering the apprehension that in an effort to monitor hate speech and harassment, free speech may get stifled. The paradox of anonymity being an enabler of free speech, as well the reason for unabashed harassment adds yet another layer of complexity to the issue. Moreover, it was felt that a nuanced distinction needed to be made regarding the systematic attacks by online mobs against a particular person, as opposed to hateful and/or harassing speech that engages on a one to one level. This all culminated in a realization that this issue goes beyond the online domain, into the societal mindset that is amplified on the Internet, and that the faint line between free speech, and hateful & harassing speech is very difficult to pin-point.
Role of intermediaries: It was the opinion of the representatives of intermediary platforms at the roundtable that the current legal frameworks in the country are sufficient to tackle this issue and they should operate in compliance with such laws. While the specific terms of service may differ in terms of permissible content depending on the type of service being provided by the intermediary, these platforms do invariably keep a check on the content being generated and evaluate them for compliance with the applicable terms of service. Additionally, platforms that have the option of users creating & generating their own content, give the user various tools such as block, filter, un-follow, and other customized options to moderate the content they receive. though the intermediaries, in their own words ‘ are not a delete squad, but a compliance team’, it was said that they ran the perpetual risk of either censoring content that should not have been censored, or not censoring enough of the content that should have been censored. This incentivizes them to exercise zero-tolerance policies in certain areas such as child sexual abuse or terrorism, and resort to immediate take down of content related to such themes. However, in spite of the sheer volume of material that is generated and reported, it was felt that a completely automated approach cannot be followed for filtering hateful and harassing content that violates terms of service Taking down content and expression requires processing various factors that determine the context of that material, and this calls for a subjective approach that requires a set of human eyes. Therefore, the intermediaries do have tools for users that protect them from hate and harassing speech, and they work with certain safety experts to ensure that the users feel safe while using their services.
Adequacy of legal frameworks: A distinction was drawn over the course of the discussion between hate speech as a social as opposed to a legal concept. For legal purposes, speech would not attract penalties until it incites a real threat of violence and civic disorder. However, the law is not sufficiently equipped to deal with speech that does not incite violence, but causes psychological damage. It was undisputed that the concerns in this area cannot be solved by creating more statutes. Going down this road could lead to the creation of a Section 66A equivalent that would lead to censorship through law and cause a chilling effect on freedom of expression. It was emphasized that the existing laws have adequate provisions, but a strict implementation is required.
Response from law enforcement agencies: An evaluation of this point led to the conclusion that people who are harassed online, or are the targets of hate speech, are hesitant to approach the police and law enforcement agencies for their help. There have been instances where the police is unable to help due to the limited application of laws in such cases, as mentioned above.
Possible remedies: As a part of this roundtable, SFLC.in had proposed a set of best practices aimed at limiting hateful and harassing content online. These were intended as self-regulatory measures that could be followed by intermediaries functioning as speech platforms, where users could create and publish content without pre-filtrations. Amongst the measures that was discussed extensively was the practice of promoting ‘counter speech’ on the platforms that are most frequently used to spread hateful propaganda and harassment. This was generally seen as an effective counter-measure deserving further exploration, and one of the intermediaries mentioned a project they were formulating on ‘counter radicalization’. However, concerns were raised with respect to the identification of areas that would benefit from counter speech, and its effectiveness with respect to mob attacks. Another unique approach suggested by the participants was to ‘vaccinate’ first time users by educating them about the enormity and complexity of the Internet, including intiation of such users to the idea that freedom of expression online often crosses over to hate speech and harassment. This would act as an initiation process to understand the working of the Internet and the prevalence of hateful and harassing content on its numerous speech platforms, so that first-time users are not discouraged from using the Internet merely due to the presence of negative content. An interesting suggestion for the platforms was to work towards a mechanism that is more offender centric, and facilitates the tracking of repeat offenders along with providing tools of blocking for users.

This roundtable served in exploring the many layers of hateful and harassing speech that runs across roles and responsibilities of various stakeholder groups and concerns that are deeply entrenched in our societal outlook. The increasing frequency and amount of such content on the Internet is an indication of the urgent need to collaborate and develop a framework for limiting such speech, while balancing the fundamental right to freedom of expression. We thank all the participants and appreciate their valuable contributions that facilitated a better understanding of the overall theme.

For more details visit https://cis-india.org/internet-governance/news/roundtable-identifying-and-limiting-hate-speech-and-harassment-online

Roundtable with the WhatsApp leadership

Admin — 2019-07-30T00:33:15Z

Will Cathcart, WhatsApp's new global head, visited India and invited Sunil Abraham for a discussion on 26 July 2019 at the Mountbatten, The Oberoi, New Delhi. Sunil met with some other people from WhatsApp leadership.

Discussions took place on the changing policy landscape in India. The event was a free flowing off the record discussion for about an hour between Will Cathcart and representatives of leading civil society organizations.

For more details visit https://cis-india.org/internet-governance/news/roundtable-with-the-whatsapp-leadership

Roundtable on Intermediary Liability and Gender Based Violence at the Digital Citizen Summit, 2018

Admin — 2018-11-07T02:55:40Z

Akriti Bopanna and Ambika Tandon conducted a panel on 'Gender and Intermediary Liability' at the Digital Citizen Summit, hosted by the Digital Empowerment Foundation, on November 1, 2018 at India International Centre, New Delhi.

Ambika was the moderator for the panel, with Apar Gupta, Jyoti Pandey, Amrita Vasudevan, Anja Kovacs, and Japleen Pasricha as speakers. Click to read the concept note and the agenda.

For more details visit https://cis-india.org/internet-governance/news/roundtable-on-intermediary-liability-and-gender-based-violence-at-the-digital-citizen-summit-2018

Roundtable on Indian Privacy Law and Policy

bhairav — 2014-12-27T14:18:16Z

This event was hosted by the Centre for Law and Development of the National University of Advanced Legal Studies (NUALS) in Kochi. It was attended by members of the faculty of NUALS, some students from the 2nd year, 3rd year, 4th year, and 5th year.

The meeting began with a talk by Bhairav Acharya on the origin of privacy law, its jurisprudential evolution, and the current context in which privacy is being debated in India and around the world.

Bhairav began by talking about the nature of privacy law around the world. Privacy has, until recently, never been a right in English common law. Indeed, the tort of invasion of privacy is also relatively incomplete. Privacy is protected through other torts, including the torts of nuisance, trespass, and others. European treaty requirements have foisted a right to privacy upon the British legal system; the contours of this right remain unclear.

American courts, on the other hand, have been more receptive to claims of the right to privacy. There is much in the American political and legal tradition that has contributed to the easy acceptability of privacy claims. Not least among these are the strong emphasis on the individual as the fundamental unit of governance and sovereignty, and the American libertarian tradition of autonomy.

Bhairav then spoke of the right to privacy in India. Early cases in the Supreme Court of India see privacy as a negotiation between the liberties of citizens and the power of the state. In a legal tradition deeply influenced by colonialism, Indian courts readily accepted claims against physical police surveillance and other related rights in the criminal justice process – public rights against the state that were once denied to Indian subjects of colonial rule, but held short of viewing privacy as a necessary individual protection against society. This has resulted in dichotomous privacy jurisprudence.

Bhairav then talked about the contexts in which privacy claims arise in India today. Specifically, he spoke about increasingly sophisticated surveillance techniques and large-scale personal data collection and processing. There are many complexities in both these fields and a lot of time and questions were spent going over them. Surveillance is older than the nation-state; privacy law does not seek the end of surveillance, but only its optimal use. There are many kinds of surveillance, the contemporary debate deals solely with wiretapping and electronic surveillance. Privacy law cannot be blind to the many other kinds of surveillance, including old-fashioned physical surveillance on the road.

Data collection, too, cannot be ended, nor should it for it forms the basis of modern commerce and is tied to India’s economic growth. There were questions and discussion on ‘big data’, data mining, analytics, business models, and other related areas. In India, however, in the absence of an innovative IT industry, the dominant business model is of receiving foreign personal data, usually of Europeans and Americans, to provide cheap processing services. This model depends entirely on comparatively lower Indian wages. Hence, it is not surprising that the first personal data protection rules issued by the Indian government in 2011 applied solely to foreign data that was outsourced to India.

Bhairav then introduced the 2011 draft Right to Privacy Bill that was proposed by the Department of Personnel and Training of the Indian government, as well as the Personal Data Protection Rules issued under the Information Technology Act, 2000. These measures were studied clause-by-clause.

Similarly, Indian law in respect of communications surveillance was analysed in detail. The Indian Telegraph Act 1885, the Indian Telegraph Rules 1951 (including the amendments of 1961, 1999, 2007, and 2014) were looked at in detail. These laws were compared to the Indian Post Office Act 1898 and the Information Technology Act 2000. The 1968 report of the Law Commission of India that examined the wiretapping power and suggested possible overreach was also examined.

Bhairav reviewed Indian law in respect of wiretapping. All Supreme Court case law, especially the cases of Hukum Chand and Peoples Union for Civil Liberties, were analysed. Finally, the group looked at how the legal principles applicable to wiretapping have been extended to electronic and Internet surveillance. Over here, the group studied the two sets of 2011 Rules under the IT Act that enable Internet and email surveillance of both content and metadata.

After a lunch break, the group spoke about possible models for privacy regulation and protection in India. In respect of surveillance, a lot of time was spent discussing the merits and demerits of judicial warranting of surveillance, as opposed to executive authorisations. The consensus of the group, with a few exceptions, was that judicial warranting would not be a suitable model for Indian surveillance, due to several systemic weaknesses. The group also rejected several of the principles proposed by Justice A. P. Shah in the 2012 Report that was commissioned by the Planning Commission.

After a discussion on legislative models, the group discussed, clause-by-clause, the CIS proposal on privacy that was read through by Bhairav. This discussion lasted several hours, and covered many areas.

For more details visit https://cis-india.org/internet-governance/blog/roundtable-on-indian-privacy-law-and-policy

Roundtable on ICANN Accountability

praskrishna — 2015-04-03T16:54:41Z

The roundtable was organised by the Department of Electronics and Information Technology (DeitY), National Internet Exchange of India and Centre for Communication Governance, National Law University, Delhi at the Indian International Centre, New Delhi on 13 March 2015. Geetha Hariharan participated in the roundtable.

Timings	Programme
10.00 10.30	Welcome Address by Chimayi Arun, Research Director, Centre for Communication Governance at National Law University, Delhi
10.30 10.40	Introductory Remarks by Dr. Ajay Kumar (IAS) Joint Secretary, DeitY
10.45 11.15	Session I: NTIA IANA Functions' Stewardship Transition
13.15 14.30	Lunch
14.30 16.30	Session II: Accountability and Transparency at ICANN
16.30	Tea

For more details visit https://cis-india.org/internet-governance/news/roundtable-on-icann-accountability