We are anonymous, we are legion

Roundtable on A.I. and Manufacturing and Services

Admin — 2018-01-18T13:44:15Z

The Centre for Internet and Society (CIS), Bangalore is organizing a roundtable on ‘A.I. and Manufacturing and Services’ on the 19th of January, 2018 from 2 to 5 pm at ‘The Energy and Resources Institute’ (TERI) Bangalore. The Roundtable seeks to discuss the various issues and challenges surrounding the implementation of AI and related technologies on manufacturing processes and services.

Since the Industrial Revolution machines have substituted human labour and helped industries save time and money. This was succeeded by the advent of computers and technology which helped in completing tasks with better speed and accuracy than the human brain. The emergence of machine-learning technology and artificial intelligence has now made machines capable of doing work that was earlier considered to be something that could only be done by humans. From the use of AI in understanding customer shopping trends to its use in making automobiles, AI is becoming more of a norm than an exception. The analytics of how customers shop is now helping companies forecast their manufacturing needs. The synergy of technology and machines i.e. smart manufacturing, not only changes manufacturing and shipping but also improves worker safety. Different forms of smart manufacturing are also starting to come up in India: Wipro and Infosys have launched AI platforms, and the Indian Institute of Science is developing a smart factory with support from Boeing Company and General Electric. Infosys has also released an AI platform, ‘Nia’, which is programmed to forecast revenue and understand customer behaviour.

The instances of use of machines to substitute human workforce, in some cases, has brought about a sense of worry. Recent trends in factory hiring show that jobs are being lost to automated forms of labour, further evidenced by a report from the research firm HorsesforSources, which predicts that India is set to lose 640,000 low-skilled job positions to automation by the year 2021.The IT sector in India is also under risk from the use of AI. Reports have also found that the rising unemployment in the IT sector has led to increased pressure on labour regulators.

Although there are some studies that state that the use of AI would bring about a market for people who would need to work along with AI, the FICCI and EY’s 2016 Report on the Future of jobs and its implication on Indian higher education suggests that one of the ways to combat the loss of jobs was reskilling and upskilling the labour force. India has taken the first step towards this by launching the National Skill Development Mission.

From the use of neural networks to monitor steel plants for packing and shipping groceries, the use of intelligent machines has begun disrupting traditional business models in the industry. However, these advancements raise questions around labour, ethics, liability, and machine-human cooperation. Dialogue and debate are needed to understand how AI is being used in manufacturing, the potential benefits, and challenges of the same, and a way forward that optimizes innovation and protects human rights.

Roundtable Agenda

Friday 19th January | 2:00 p.m - 5:00 p.m.

2:00 - 2:30 Introduction and setting the scene

2:30 - 3:30 Discussion on the AI landscape in the manufacturing and services industry:

Manner and extent of integration of AI into manufacturing and services
Relevant stakeholders and their roles in implementing AI in manufacturing and services
Future of AI and related technologies in AI in manufacturing and services
Impact on work and labour

3:30 - 4:30 Discussion on challenges and solutions towards regulating AI in India:

Challenges faced in the conception and implementation of the AI product/ service, and reasons for such challenges.
Regulatory provisions for implementation of AI in the manufacturing and services under the existing laws, and need for reforms.
Challenges posed by AI to existing policy and regulatory frameworks in the Indian as well as the global context, and possible solutions.

4.30 - 5.00 Conclusion and way forward

For more details visit https://cis-india.org/internet-governance/events/roundtable-on-ai-and-manufacturing-and-services

Roundtable on A.I. and Governance in India

pranav — 2018-04-20T07:41:21Z

The Centre for Internet and Society (CIS), Bangalore is organizing a roundtable on ‘A.I. and Governance in India' at India Islamic Cultural Centre in New Delhi on March 16, 2018 from 10.00 a.m. to 1.30 p.m.

Download the Event Report

The Roundtable seeks to discuss the various issues and challenges surrounding the design, development and use of AI in Governance (including law enforcement and legal institutions).

In line with the changing times, the government, as well as its agencies, have started using technology and digitization to make governance more efficient and accessible. For example,through its flagship project Digital India, the Indian government has undertaken digitization and revamping of systems related to railways, land records, educational resource etc. As the government pursues its digital agenda, artificial intelligence can be a tool for efficiency and decision making. To realize the potential of AI, a clear understanding of the technology and how it can and should be used is necessary. The first step towards a robust AI policy is a sound Information and Communication Technology (ICT) policy that lays the edifice for algorithmic decision making using AI.

Though the adoption of AI in the public sector is still in its nascent stages, the government of India is taking various steps to increase the scale of adoption. The Union Ministry of Commerce and Industry has constituted a task force on AI to facilitate India's economic transformation. This year’s Union Budget also recognised the need for government investment in research, training and skill development in robotics, AI, digital manufacturing, Big Data intelligence and Quantum communications. Though the adoption of AI in the public sector is still in its nascent stages, the government of India is taking various steps to increase the scale of adoption. The Union Ministry of Commerce and Industry has constituted a task force on AI to facilitate India's economic transformation. This year’s Union Budget also recognised the need for government investment in research, training and skill development in robotics, AI, digital manufacturing, Big Data intelligence and Quantum communications.

Our research on the application of AI in Indian governance aims to examine five broad sectors of application: law enforcement, discharge of governmental functions, defense,judicial/administrative decision making, and education. A few of the existing government research initiatives identified by CIS include the Center for Artificial Intelligence and Robotics (CAIR) hosted by the Indian Defense Research and Development Organization which focuses on research and development of ICT solutions for defense, and the Ministry of Finance’s use of geospatial analytics for their economic survey on human settlements. There are already instances where government bodies are using AI, an example being the case of the Indian Police force, which is revamping its investigation procedures by using Big Data and Artificial Intelligence. The Delhi police has already started using data and analytics to control crime. In the field of agriculture too, the Indian government has partnered with Microsoft to use AI to improve crop production.

While AI can aid governance in numerous ways, there needs to be a system of checks and balances in order to ensure effectiveness, transparency, and accountability. Hence,governance mechanisms must be able to ensure inclusiveness, while minimising the risks that might arise with the use of the technology. Experts have also predicted that, as the government incorporates AI into specific areas of governance- such as service delivery, it will simultaneously need to incorporate it into broader policy structures such as cyber security and the national education framework.

The process of designing a governance ecosystem is a complex one, and AI poses several pre-existing ethical and legal for each application within this ecosystem. The effectiveness ofAI and Machine learning inherently depends on the availability of data, and it is predicted that the most imminent challenge will also involve the same, especially as India becomesincreasingly data dense and the government is entrusted with its citizens’ data. These challenges could range from the collection, storage, and use of data, to having to answerquestions of fairness, safety, and prevention of misuse. This roundtable seeks to deliberate on these questions and more so as to understand how to optimise the use of AI ingovernance for the public interest. In doing so, the roundtable will use preliminary research that CIS has undertaken into the use of AI and governance in India as an entry point into broader discussions on the challenges and benefits and way forward for AI.

Agenda

For more details visit https://cis-india.org/internet-governance/events/roundtable-on-a-i-and-governance-in-india

Roundtable discussion on WHOIS

vidushi — 2015-08-24T14:16:12Z

Sunil Abraham and Vidushi Marda participated remotely in a round-table discussion organized by the Department of Electronics & Information Technology (DeitY), Govt. of India on July 28, 2015. Aditya Garg, an intern at the Centre for Internet & Society also participated (in person) from New Delhi and made an intervention.

Dr. Ajay Kumar, Joint Secretary, DeitY chaired the round-table to seek expert input from all stakeholders at the national level, on various issues related to WHOIS (domain name) which are currently being discussed at the Public Safety Working Group (PSWG), an internal working group of Governmental Advisory Committee (GAC) of ICANN.

The PSWG will be focusing on ICANN’s policies and procedures that raise questions or have implications for the safety of the public, in connection with their use of the Internet. Current major areas of interest for PSWG are:

WHOIS
Enforcing Contractual Compliance with Registries and Registrars
Implementation of new gTLDs
Internationalized Domain Names (IDNs)

WHOIS is a long-term strategic priority for ICANN. ICANN’s Security and Stability Advisory Committee (SSAC) has issued 12 reports/advisories with reference to WHOIS.

The roundtable will served as a platform to discuss WHOIS policy / implementation issues for .IN <http://for .IN> registry.

For more details visit https://cis-india.org/internet-governance/news/round-table-discussion-on-whois

Roundtable Discussion on Intermediary Liability

Admin — 2019-10-20T07:08:11Z

Tanaya Rajwade participated in a roundtable discussion on intermediary liability organised by SFLC and the Dialogue in New Delhi on October 17, 2019.

Click to view the agenda.

For more details visit https://cis-india.org/internet-governance/news/roundtable-discussion-on-intermediary-liability

Roundtable Discussion on “The Future of AI Policy in India” @ ICRIER

Admin — 2019-07-10T01:46:36Z

Radhika Radhakrishnan, attended a Roundtable Discussion on “The Future of AI Policy in India” organized by the Indian Council for Research on International Economic Relations (ICRIER) in New Delhi on July 1, 2019, to arrive at actionable recommendations for promotion of AI in India.

Radhika's inputs primarily focused on - capacity and skilling for AI adoption in India, sectoral opportunities for the adoption of AI, regulation of explanations for AI, fairness and bias in AI models, and actionable recommendations for government priorites for AI policies in India.

Concept Note

India’s Artificial Intelligence moment is truly here and now. At a time when a diverse range of applications based on AI are being developed, pushing its frontier further into uncharted realms of business and society, Indian policy makers are contemplating not just AI’s potential for growth and social transformation, but also its proclivity to create divides and inequality. Our study attempts to understand the impacts of AI and trace the pathways to realizing it.

AI’s transformational potential stems from its ability to lend itself to a diverse range of applications across a range of sectors. One can witness AI based applications in traditional spheres of manufacturing, which are transforming quality control, production lines, and supply chain management, and in services, which are creating personalized product offerings and high-quality customer engagement. AI applications are also common in sectors such as agriculture that have taken a back seat in technological innovations in the post-industrial world. AI also demonstrates potential for impacting developmental challenges by responding to societies’ immediate demand for healthcare, education and expanding access to finance and banking.

The consequences of AI diffusion stem from AI’s pervasiveness across society, its ability to trigger innovation, and its tendencies to undergo transformation and evolution. These are typical characteristics of a class of technologies that can be found across history, the emergence and diffusion of which have enabled the wealth of nations. These are called General Purpose Technologies (GPT). Technologies such as steam engine, electricity, computers, semi-conductors, and more recently the Internet, can all be conceived as belonging to the GPT class of technologies. Our study is based on the understanding that the implications of AI can be best understood by viewing AI as a GPT.

Historically, the economic impacts of GPTs have not been immediate but follow after its diffusion across the economy, i.e. over a period of time. There are two reasons that explain this phenomenon: firstly, in early phases of technology diffusion, an economy diverts part of its resources from productive activities to costly activities aimed at enabling the GPT. For instance, organizations adopting computers must also invest in training employees or hire computer scientists, re-arrange production activities or organizational structures to accommodate computer driven work-flows, all of which are costly economic activities. Secondly, it is only after the GPT is diffused and widely used in the economy that the statistics measuring GDP start counting and fully measuring the GPT.

Empirical research on GPTs such as AI, including ours, means confronting the challenge of measurement. Estimates on the economic impact of AI are bound to be imprecise because data on AI’s adoption is not available or adequately reflected in the data used to compute economic growth, at least not yet. Measuring the economic impact of AI is also difficult because of the magnitude of indirect effects on productivity that GPTs trigger. It is not therefore uncommon that studies on GPTs, while attempting to estimate their economic impacts, also engage in in-depth case studies and historical analysis of its impacts.

Our findings show unambiguous and positive impacts of AI on firm level productivity across sectors, although there is variation in the magnitude of positive impacts across sectors. We complement our findings with case studies that cover different firms that are developing AI based applications across a range of sectors to understand the underlying firm-level capabilities that drive innovations in AI based applications. Our study leads us towards high-level policy challenges facing organizations, civil society and government, and which when addressed enable the full realization of economic growth triggered by AI.

However, our conclusions are a step-away from actionable policy recommendations. Given your experience with and within India’s AI based ecosystem, we invite you to deliberate and recommend insights and strategies that can help us arrive at concrete and practicable policy recommendations towards achieving a growth and welfare enhancing AI-based ecosystem in India.

Proposed Questions for Deliberation

In which sectors do we observe an immediate opportunity for the adoption of AI? What could be the nature of these applications?
In which areas of AI development and application is there an immediate opportunity for governments, industry and academia to collaborate?
What should be the Government’s top five priorities in the next one year to catalyse the growth of AI in India?
How and what agencies of the Government should be involved in implementation of India’s National AI mission?
What aspects of the Government’s capacity requires enhancement to adapt to challenges of a growing Indian AI based ecosystem?
What measures can the Government take to regulate for AI safety and ethical use of AI?
What are the policy measures that the Government can undertake to safeguard against the consequences of AI based inequality?

For more details visit https://cis-india.org/internet-governance/news/roundtable-discussion-on-201cthe-future-of-ai-policy-in-india201d-icrier

Round-table on User Safety on the Internet

praskrishna — 2014-05-06T09:55:07Z

Elonnai Hickok participated in this round-table meeting organized by Consumer Voice in collaboration with Google at Infantry Road, Bangalore on April 24, 2014.

Click to download the agenda.

For more details visit https://cis-india.org/news/round-table-on-user-safety-on-internet

Round Table on Privacy and Data Protection at NIPFP

praskrishna — 2017-03-27T16:02:59Z

National Institute of Public Finance & Policy organized a round-table on privacy and data protection on March 24, 2017 in New Delhi.

Click to see the agenda.

For more details visit https://cis-india.org/internet-governance/news/round-table-on-privacy-and-data-protection-at-nipfp

Rootconf 2018

Admin — 2018-05-18T06:40:31Z

Rootconf is an annual conference on DevOps and IT Infrastructure and is organised by HasGeek. On May 11 and 12, 2018, Gurshabad Grover, Natallia Khaniejo and Aayush Rathi attended Rootconf 2018.

Rootconf 2018 had two major themes - an infrastructure and systems security track and an infrastructure architecture track. All talks at the event were streamed live and videos of the same can be found at HasGeek's YouTube channel here.

Of special interest were the talks entitled 'Death of enterprise security: introduction to abstraction and machine-to-machine orchestration' by Pukhraj Singh and 'On ground realities of Aadhaar' by Rachna Khaira. Of special interest were the talks entitled 'Death of enterprise security: introduction to abstraction and machine-to-machine orchestration' byPukhraj Singh and 'On ground realities of Aadhaar' by Rachna Khaira.

Additionally, the community table was helpful for the purposes of outreach within the tech community about CIS' work and potential ways in which interested parties may engage with CIS.

For more details visit https://cis-india.org/internet-governance/news/rootconf-2018

Role of the US Tech Companies in Government Surveillance: A Lecture by Christopher Soghoian

praskrishna — 2012-08-26T11:03:19Z

Christopher Soghoian will deliver a lecture on the role US tech companies play in assisting government surveillance at the Centre for Internet & Society office in Bangalore on August 27, 2012, from 5.00 p.m. to 7.00 p.m.

Your internet, phone and web application providers are all, for the most part, in bed with US and other foreign government agencies. They all routinely disclose their customers' communications and other private data to law enforcement and intelligence agencies. Worse, firms like Google and Microsoft specifically log data in order to assist the government. How many government requests does your ISP get for its customers' communications each year? How many do they comply with? How many do they fight? How much do they charge for the surveillance assistance they provide? Who knows? Most companies have a strict policy of not discussing such topics.

The differences in the privacy practices of the major players in the telecommunications and internet applications market are significant. Some firms retain identifying data for years, while others retain no data at all; some voluntarily provide the government access to user data, while other companies refuse to voluntarily disclose data without a court order; some companies charge government agencies when they request user data, while others disclose it for free. For an individual, later investigated by the police or intelligence services, the data retention practices adopted by their phone company or email provider can significantly impact their freedom.

Unfortunately, although many companies claim to care about end-user privacy, and some even that they compete on their privacy features, none seem to be willing to compete on the extent to which they assist or resist the government in its surveillance activities. Because information about each firms' practices is not publicly known, consumers cannot vote with their wallets, and pick service providers that best protect their privacy.

This talk will pierce the veil of secrecy surrounding these practices. Based upon a combination of Freedom of Information Act requests, off the record conversations with industry lawyers, and investigative journalism, the practices of many of these firms will be revealed.

Christopher's Personal Experience

In the year 2006, the Federal Bureau of Investigation (FBI) raided Christopher’s home at 2.00 a.m. seizing his personal documents and computers. Two attorneys, Stephen Braga and Jennifer Granick came to his defence. With their expert assistance, Christopher was able to get back his possessions within three weeks, and FBI’s criminal and TSA’s civil investigations were closed without any charges being filed.

Jennifer Granick came to Christopher’s assistance once again (joined by Steve Leckar) in 2010 after the Federal Trade Commission’s Inspector General investigated Christopher for using his government badge to attend a closed-door surveillance industry conference. It was at that event that Christopher recorded an executive from wireless carrier ‘Sprint’ bragging about the eight million times his company had obtained GPS data on its customers for law enforcement agencies in the previous years.

To know more, read Christopher Soghoian’s dissertation titled "The Spies We Trust: Third Party Service Providers and Law Enforcement Surveillance". [PDF, 1056 Kb]

About Christopher Soghoian

Christopher Soghoian is a privacy researcher and activist, working at the intersection of technology, law and policy. He is a Principal Technologist and Senior Policy Analyst at the American Civil Liberties Union and is based in Washington, D.C.

Soghoian completed his Ph.D. at Indiana University in 2012, which focused on the role that third party service providers play in facilitating law enforcement surveillance of their customers. In order to gather data, he has made extensive use of the Freedom of Information Act, sued the Department of Justice pro se, and used several other investigative research methods. His research has appeared in publications including the Berkeley Technology Law Journal and been cited by several federal courts, including the Ninth Circuit Court of Appeals.

Between the years, 2009-2010, he was the first ever in-house technologist at the Federal Trade Commission's Division of Privacy and Identity Protection, where he worked on investigations of Facebook, Twitter, MySpace and Netflix. Prior to joining the FTC, he co-created the Do Not Track privacy anti-tracking mechanism now adopted by all of the major web browsers.

He is a TEDGlobal 2012 Fellow, was an Open Society Foundations Fellow between the years, 2011-2012, and was a Student Fellow at the Berkman Center for Internet & Society, Harvard University between 2008 and 2009.

For more details visit https://cis-india.org/internet-governance/role-of-us-tech-companies-in-govt-surveillance

Role of the Internet in Fostering Freedom of Expression and Strengthening Activism in India - A Workshop in Delhi

praskrishna — 2011-04-04T07:18:10Z

The Centre for Internet and Society (India) and the Central American Institute for Studies of Social Democracy DEMOS (Guatemala) have the pleasure to invite you to a day-long workshop on the role of the Internet in fostering freedom of expression and strengthening activism in India. The workshop will take place in the Constitution Club in Delhi on 4 March 2011.

With the significant role reported for new technologies in recent revolutions in Tunesia, Egypt, and elsewhere, activists in India, too, have taken a renewed interest in the potential of the Internet to support their struggles for social change and social justice. But what are some of the potential stumble blocks activists in India might run into in their exploration of the Internet's potential? What are the legal restrictions and frameworks activists should be aware of when they use new technologies in their work? And what can we do to create an environment in which the online world unequivocally supports efforts for greater democratisation and social justice offline, rather than thwart them?

It is questions such as these that this workshop seeks to answer, through a mix of panel discussions, unconference sessions, a film screening, and technical and legal clinics in its day-long program.

Our hope is that the workshop will help participants as well as organisers to get a stronger sense of the potential and challenges of online activism in the particular context of India, as well as to start building stronger networks among the activists interested in these issues in the country.

Participation in the workshop is free. However, we would be grateful if you could confirm your attendance by emailing Anja Kovacs at "anja at cisindia dot org", ideally by 2 March.

We hope you will join us to contribute your own insights and experiences as well as to learn from others about this important new arena of activists' work.

Looking forward to welcoming you at the workshop!

The Agenda

9.30-9.45: Welcome and introductions

9.45-10.15:   Introduction to the Internet and freedom of expression
   By Frank La Rue, President of the Central American Institute for Studies of Social Democracy
   and UN Special Rapporteur for Freedom of Expression and Opinion

10.15-10.45: Film screening: “Brave New Medium”
   By Delhi-based docu film maker Subasri Krishnan
   The film addresses Internet and censorship in South-East Asia
   while raising pertinent questions about the implications of this lessons for Indian activists,
   and will be screened in the presence of the filmmaker.

10.45-11.30: Unconference: Online challenges and ways forward for Indian activists:
where are we today and what to do next?
Small group discussion sessions, as per the priorities of the participants

11.30-11.50: Tea/Coffee Break

11.50-12.40: Reporting back and plenary discussion: Challenges for freedom of expression on
the Internet in India and abroad: legal framework, ground realities, alternative visions
With national and international activists, lawyers and researchers as additional resource persons

12.40-13.00: Consultation: Can a global “Internet Bill of Rights” help?
With Lisa Horner, Dynamic Coalition on Internet Rights and Principles of the UN Internet
Governance Forum

13.00 - 14.00: Lunch Break (lunch will be provided)

14.00 - 15.30: Parallel sessions:

legal clinic with a representative from Google and human rights lawyers – to answer any legal question regarding freedom of expression online you may have
technical clinic with a representative from Tactical Tech – to explore the significance of terms like
“Tor” and “proxy” and ways in which you can stay safe and secure online at all times.
If you have a laptop, bring it if you intend to attend this session!

15.30 - 16.15: Strategies for the way forward

Moderated by Mr Frank La Rue

16.15-16.30 : Closing remarks

16.30 - 17.00: Tea/Coffee

Followed by a public lecture by Mr. Frank La Rue at 6 pm, at the same venue, on Global Challenges to Freedom of Expression. Entrance free. All welcome.

Information about the Organisers

The Centre for Internet and Society

The Centre for Internet and Society is located in Bangalore, India. It critically engages with concerns of digital pluralism and public accountability in the field of Internet and Society, with particular emphasis on South-South dialogues and exchange. Through multidisciplinary research, intervention, and collaboration, it seeks to explore, understand, and affect the shape and form of the internet, and its relationship with the political, cultural, and social milieu of our times.

DEMOS Institute

The Demos Institute, based in Guatemala, is a research centre that promotes democratic alternatives for Guatemala, under the human rights framework. Within DEMOS, there is a research team which supports the mandate of Frank La Rue, United Nations Special Rapporteur on Freedom of Opinion and Expression, in the making of his annual reports before the United Nations Human Rights Council.

For more details visit https://cis-india.org/events/fostering-freedom-of-expression

Role of Intermediaries in Countering Online Abuse

jyoti — 2015-08-02T16:38:36Z

The Internet can be a hostile space and protecting users from abuse without curtailing freedom of expression requires a balancing act on the part of online intermediaries.

This got published as two blog entries in the NALSAR Law Tech Blog. Part 1 can be accessed here and Part 2 here.

As platforms and services coalesce around user-generated content (UGC) and entrench themselves in the digital publishing universe, they are increasingly taking on the duties and responsibilities of protecting rights including taking reasonable measures to restrict unlawful speech. Arguments around the role of intermediaries tackling unlawful content usually center around the issue of regulation—when is it feasible to regulate speech and how best should this regulation be enforced?

Recently, Twitter found itself at the periphery of such questions when an anonymous user of the platform, @LutyensInsider, began posting slanderous and sexually explicit comments about Swati Chaturvedi, a Delhi-based journalist. The online spat which began in February last year, culminated into Swati filing an FIR against the anonymous user, last week. Within hours of the FIR, the anonymous user deleted the tweets and went silent. Predictably, Twitter users hailed this as a much needed deterrence to online harassment. Swati’s personal victory is worth celebrating, it is an encouragement for the many women bullied daily on the Internet, where harassment is rampant. However, while Swati might be well within her legal rights to counter slander, the rights and liabilities of private companies in such circumstances are often not as clear cut.

Should platforms like Twitter take on the mantle of deciding what speech is permissible or not? When and how should the limits on speech be drawn? Does this amount to private censorship?The answers are not easy and as the recent Grand Chamber of the European Court of Human Rights (ECtHR) judgment in the case of Delfi AS v. Estonia confirms, the role of UGC platforms in balancing the user rights, is an issue far from being settled. In its ruling, the ECtHR reasoned that because of their role in facilitating expression, online platforms have a requirement “to take effective measures to limit the dissemination of hate speech and speech inciting violence was not ‘private censorship”.

This is problematic because the decision moves the regime away from a framework that grants immunity from liability, as long as platforms meet certain criteria and procedures. In other words the ruling establishes strict liability for intermediaries in relation to manifestly illegal content, even if they may have no knowledge. The 'obligation' placed on the intermediary does not grant them safe harbour and is not proportionate to the monitoring and blocking capacity thus necessitated. Consequently, platforms might be incentivized to err on the side of caution and restrict comments or confine speech resulting in censorship. The ruling is especially worrying, as the standard of care placed on the intermediary does not recognize the different role played by intermediaries in detection and removal of unlawful content. Further, intermediary liability is its own legal regime and is at the same time, a subset of various legal issues that need an understanding of variation in scenarios, mediums and technology both globally and in India.

Law and Short of IT

Earlier this year, in a leaked memo, the Twitter CEO Dick Costolo took personal responsibility for his platform's chronic problem and failure to deal with harassment and abuse. In Swati's case, Twitter did not intervene or take steps to address harrassment. If it had to, Twitter (India), as all online intermediaries would be bound by the provisions established under Section 79 and accompanying Rules of the Information Technology Act. These legislations outline the obligations and conditions that intermediaries must fulfill to claim immunity from liability for third party content. Under the regime, upon receiving actual knowledge of unlawful information on their platform, the intermediary must comply with the notice and takedown (NTD) procedure for blocking and removal of content.

Private complainants could invoke the NTD procedure forcing intermediaries to act as adjudicators of an unlawful act—a role they are clearly ill-equipped to perform, especially when the content relates to political speech or alleged defamation or obscenity. The SC judgment in Shreya Singhal addressing this issue, read down the provision (Section 79 by holding that a takedown notice can only be effected if the complainant secures a court order to support her allegation. Further, it was held that the scope of restrictions under the mechanism is restricted to the specific categories identified under Article 19(2). Effectively, this means Twitter need not take down content in the absence of a court order.

Content Policy as Due Diligence

Another provision, Rule 3(2) prescribes a content policy which, prior to the Shreya Singhal judgment was a criteria for administering takedown. This content policy includes an exhaustive list of types of restricted expressions, though worryingly, the terms included in it are not clearly defined and go beyond the reasonable restrictions envisioned under Article 19(2). Terms such as “grossly harmful”, “objectionable”, “harassing”, “disparaging” and “hateful” are not defined anywhere in the Rules, are subjective and contestable as alternate interpretation and standard could be offered for the same term. Further, this content policy is not applicable to content created by the intermediary.

Prior to the SC verdict in Shreya Singhal, actual knowledge could have been interpreted to mean the intermediary is called upon its own judgement under sub-rule (4) to restrict impugned content in order to seek exemption from liability. While liability accrued from not complying with takedown requests under the content policy was clear, this is not the case anymore. By reading down of S. 79 (3) (b) the court has addressed the issue of intermediaries complying with places limits on the private censorship of intermediaries and the invisible censorship of opaque government takedown requests as they must and should adhere, to the boundaries set by Article 19(2). Following the SC judgment intermediaries do not have to administer takedowns without a court order thereby rendering this content policy redundant. As it stands, the content policy is an obligation that intermediaries must fulfill in order to be exempted from liability for UGC and this due diligence is limited to publishing rules and regulations, terms and conditions or user agreement informing users of the restrictions on content. The penalties for not publishing this content policy should be clarified.

Further, having been informed of what is permissible users are agreeing to comply with the policy outlined, by signing up to and using these platforms and services. The requirement of publishing content policy as due diligence is unnecessary given that mandating such ‘standard’ terms of use negates the difference between different types of intermediaries which accrue different kinds of liability. This also places an extraordinary power of censorship in the hands of the intermediary, which could easily stifle freedom of speech online. Such heavy handed regulation could make it impossible to publish critical views about anything without the risk of being summarily censored.

Twitter may have complied with its duties by publishing the content policy, though the obligation does not seem to be an effective deterrence. Strong safe harbour provisions for intermediaries are a crucial element in the promotion and protection of the right to freedom of expression online. By absolving platforms of responsibility for UGC as long as they publish a content policy that is vague and subjective is the very reason why India’s IT Rules are in fact, in urgent need of improvement.

Size Matters

The standards for blocking, reporting and responding to abuse vary across different categories of platforms. For example, it may be easier to counter trolls and abuse on blogs or forums where the owner or an administrator is monitoring comments and UGC. Usually platforms outline monitoring and reporting policies and procedures including recourse available to victims and action to be taken against violators. However, these measures are not always effective in curbing abuse as it is possible for users to create new accounts under different usernames. For example, in Swati’s case the anonymous user behind @LutyensInsider account changed their handle to @gregoryzackim and @gzackim before deleting all tweets. In this case, perhaps the fear of criminal charges ahead was enough to silence the anonymous user, which may not always be the case.

Tackling the Trolls

Most large intermediaries have privacy settings which restrict the audience for user posts as well as prevent strangers from contacting them as a general measure against online harassment. Platforms also publish monitoring policy outlining the procedure and mechanisms for users to register their complaint or report abuse. Often reporting and blocking mechanisms rely on community standards and users reporting unlawful content. Last week Twitter announced a new feature allowing lists of blocked users to be shared between users. An improvement on existing mechanism for blocking, the feature is aimed at making the service safer for people facing similar issues and while an improvement on standard policies defining permissible limits on content, such efforts may have their limitations.

The mechanisms follow a one-size-fits-all policy. First, such community driven efforts do not address concerns of differences in opinion and subjectivity. Swati in defending her actions stressed the “coarse discourse” prevalent on social media, though as this article points out she might be assumed guilty of using offensive and abusive language. Subjectivity and many interpretations of the same opinion can pave the way for many taking offense online. Earlier this month, Nikhil Wagle’s tweets criticising Prime Minister Narendra Modi as a “pervert” was interpreted as “abusive”, “offensive” and “spreading religious disharmony”. While platforms are within their rights to establish policies for dealing with issues faced by users, there is a real danger of them doing so for “political reasons” and based on “popularity” measures which may chill free speech. When many get behind a particular interpretation of an opinion, lawful speech may also be stifled as Sreemoyee Kundu found out. A victim of online abuse her account was blocked by Facebook owing to multiple reports from a “faceless fanatical mob”. Allowing the users to set standards of permissible speech is an improvement, though it runs the risk of mob justice and platforms need to be vigilant in applying such standards.

While it may be in the interest of platforms to keep a hands off approach to community policies, certain kind of content may necessiate intervention by the intermediary. There has been an increase in private companies modifying their content policy to place reasonable restriction on certain hateful behaviour in order to protect vulnerable or marginalised voices. Twitter and Reddit's policy change in addressing revenge porn are reflective of a growing understanding amongst stakeholders that in order to promote free expression of ideas, recognition and protection of certain rights on the Internet may be necessary. However, any approach to regulate user content must assess the effect of policy decisions on user rights. Google's stand on tackling revenge porn may be laudable, though the decision to push down 'piracy' sites in its search results could be seen to adversely impact the choice that users have. Terms of service implemented with subjectivity and lack of transparency can and does lead to private censorship.

The Way Forward

Harassment is damaging, because of the feeling of powerlessness that it invokes in the victims and online intermediaries represent new forms of power through which users' negotiate and manage their online identity. Content restriction policies and practices must address this power imbalance by adopting baseline safeguards and best practices. It is only fair that based on principles of equality and justice, intermediaries be held responsible for the damage caused to users due to wrongdoings of other users or when they fail to carry out their operations and services as prescribed by the law. However, in its present state, the intermediary liability regime in India is not sufficient to deal with online harassment and needs to evolve into a more nuanced form of governance.

Any liability framework must evolve bearing in mind the slippery slope of overbroad regulation and differing standards of community responsibility. Therefore, a balanced framework would need to include elements of both targeted regulation and soft forms of governance as liability regimes need to balance fundamental human rights and the interests of private companies. Often, achieving this balance is problematic given that these companies are expected to be adjudicators and may also be the target of the breach of rights, as is the case in Delfi v Estonia. Global frameworks such as the Manila Principles can be a way forward in developing effective mechanisms. The determination of content restriction practices should always adopt the least restrictive means of doing so, distinguishing between the classes of intermediary. They must evolve considering the proportionality of the harm, the nature of the content and the impact on affected users including the proximity of affected party to content uploader.

Further, intermediaries and governments should communicate a clear mechanism for review and appeal of restriction decisions. Content restriction policies should incorporate an effective right to be heard. In exceptional circumstances when this is not possible, a post facto review of the restricton order and its implementation must take place as soon as practicable. Further, unlawful content restricted for a limited duration or within a specific geography, must not extend beyond these limits and a periodic review should take place to ensure the validity of the restriction. Regular, systematic review of rules and guidelines guiding intermediary liability will go a long way in ensuring that such frameworks are not overly burdensome and remain effective.

For more details visit https://cis-india.org/internet-governance/blog/role-of-intermediaries-in-counting-online-abuse

Risk integration is key to better cybersecurity management

Dr. R. Seetharaman — 2019-03-03T06:26:44Z

Digital connectivity plays an anchor role in unlocking innovation and prosperity around the world, but increasing cyber threat is a roadblock to collective path of progress.

The article by Dr. R. Seetharaman was published in the Gulf Times on February 24, 2019.

The fourth industrial revolution, which combines advanced technologies in innovative ways, is set to dramatically reshape the way people live, work and relate to one another. As per Cybersecurity Ventures, the cybercrime will cost the world $6tn annually by 2021, this is up from $3tn in 2015.

Cybercrime costs include damage and destruction of data, stolen money, lost productivity, and theft of intellectual property, theft of personal and financial data, embezzlement, fraud, and post-attack disruption to the normal course of business, forensic investigation, restoration and deletion of hacked data and systems, and reputational harm.

The work space is undergoing changes, robotics and artificial intelligence are going to play important roles and the customer will be more empowered in the digital environment. Data breaches in 2018 compromised the personal information of millions of people around the world.

The latest victims were Marriott hotels, which recently revealed that hackers had accessed the information of an estimated 500mn customers. Payment card information and personal data such as billing addresses, phone numbers and e-mails of British Airways were hacked. For Cathay Pacific, passenger data was accessed without authorisation. Centre for Internet and Society (CIS) also pointed out that about 130mn Aadhar numbers along with other sensitive data were available on the Internet.

The reason for the data leak was narrowed down to four government-run schemes ranging from National Social Assistance Programme by the Ministry of Rural Development, the National Rural Employment Guarantee Act (NREGA), also by the Ministry of Rural Development, Daily Online Payment Reports under NREGA by the government of Andhra Pradesh and the Chandranna Bima Scheme, also by the government of Andhra Pradesh.

The public and private partnership model should be adopted to face the challenges.

This can be done by establishing areas of common interest, supporting capacity building and resource pooling and developing benchmarks for resilience.

There are various reasons for cyber-attacks/data breach incidents – few of them are as follows. In effective vulnerability management, lack of security monitoring, human errors – accidental publishing, hacking, targeted attack, business e-mail compromise, phishing and social engineering attacks, inadequate encryption, on-adherence to strong password policy, state sponsored terrorism/attacks and corporate espionage.

The various cyber-attacks, which have left significant impact on global organisations. Institutions need to be more collaborative on security issues. Banks need to manage the change by redefining their business models to manage various stake holders such as customers, regulator and shareholders.

The involvement of the company’s board is required which should set the tone for enhancing security and determine whether the full board or a committee should have oversight responsibility.

Board of directors are starting to take note, particularly members of the audit committee, who list cyber security among their top concerns. Test effectiveness of existing security devices/ solutions and fine tune. Adopt new technologies such as artificial intelligence and machine learning to identify abnormal behaviour in networks.

Maintain IT system hygiene i.e., effective patching, hardening and baseline. Develop blue/red and purple teams to have balanced check on the vulnerability exploitation, effective threat monitoring and countermeasures. Develop cyber crisis management plan and establish breach response plan.

Qatar Central Bank has brought IT security strategy and technology risk circulars, which will provide directions for the banks to build their strategy while adopting advanced technologies.

It also took the initiative for formation of Banking CIRT (Critical incident response team), which will act as platform for sharing of security incidents and enable quick response for its members. The State of Qatar has brought cyber-crime prevention laws, data privacy law, monitoring bank websites and alert on probable cyber-attacks in the country.

“The GDPR becomes important in the light of all major banks and FIs in Qatar having their branches/offices where they are collecting personal information of EU resident customers and processing/storing such information in Qatar and EU.

The Qatar Data Privacy Law speaks about controls over the data in rest/processing/transmission and role & responsibilities of data processor/controller. “Risk integration is key towards cybersecurity management”.

For more details visit https://cis-india.org/internet-governance/news/gulf-times-february-24-2019-dr-r-seetharaman-risk-integration-is-key-to-better-cybersecurity-management

Rise of the bot: all you need to know about the latest threat online

praskrishna — 2014-01-31T07:16:36Z

In the last week of December, 2013, former union railway minister Pawan Kumar Bansal lodged a police complaint in Chandigarh after witnessing “an unusual rise in his online fan following”. The former minister told the police that his Facebook page had received more than 10,000 likes, within a span of 24 hours. While his allegation that the ‘likes’ were “fabricated” may be true, information technology experts believe a bot was at work.

The article by Danish Raza was published in the Hindustan Times on January 5, 2014. Snehashish Ghosh is quoted.

A bot is a software that mimics human behaviour on the Internet. Bots can be used to create artificial accounts on social media, provide numerous likes on a particular page, send tweets or visit various websites. All this is done without any human involvement.

Bots already constitute a significant percentage of Non Human Traffic (NHT) online, which has, according to some estimates, eclipsed human traffic. Comscore, a US-based Internet technology company noted on its blog that NHT, also known as Artificial Traffic, increased from approximately 6% of the total web traffic in 2011, to 36% in 2012. Last month, a report from Incapsula, a cloud-based security service, which aids the security and performance of websites, stated that more than 60% of web traffic was non-human in 2013. The figure was based on data collected from the 20,000 sites on Incapsula’s network .

Other than bots, NHT on the web includes traffic generated by Internet routers and back end services used by websites to communicate with third parties.

India is not immune to the problem. According to the Symantec Internet Security Threat Report for 2012, there was a 280% increase in bot infections in India between 2011 and 2012. 17% of bot-infected computers, the highest in the world, are in India and 15% of global bot-net spam is generated here. The report also states that 69 Indian cities are prone to bot infections which includes Bhubaneswar, Surat, Cochin, Jaipur, Visakhapatnam, Indore, Kota, Ghaziabad and Mysore.

Bot spotting
How do you spot a bot? When a bot or its friend is at work, the browser directs you to sites other than the ones you intend to visit, you get full-page pop ups and pop unders, and when you quit the browser, it gets relaunched after a few minutes. Chances are your computer is part of a chain of online events which create NHT on the web, the purpose of which may be to attack a site or a server.

Why you should be wary
Malicious traffic, malware, hacking attempts, viruses slow down the Internet and delay legitimate traffic and services. Used to target systems or take down websites, NHT generates fake clicks on advertisements to increase website statistics.

One of the perils of ignoring artificial web traffic is that it gets counted for real impressions for which clients end up paying. For example, a website owner may hire the services of a digital marketing firm to publicise the site. In the guise of increasing page views, the marketing firm can produce a bill for fake impressions, supplementing actual human traffic to the page with bot usage.

“Unless there is a curb on this practice of malicious NHT, one stands at risk of being duped by marketers, agencies and even clients,” said Chiragh Cherian, director, online PR at Perfect Relations, a brand management firm. Recent studies have estimated bot traffic to be between 4 - 31% of total web traffic in the US, which translates to between $650 million and $4.7 billion in wasted marketing spend. According to Miaozhen Systems, a leading Chinese advertising technology company, NHT caused advertisers in China to lose approximately US$ 1.6 billion between July 2012 and June 2013.

How to combat Non-Human Traffic
Most servers have defence mechanisms to tackle spam and cyber attacks. Websites are also now developing mechanisms such as asking for human authentication which is difficult for a bot to execute. “But even personal computers should be equipped with strong Internet security applications such as anti-virus and anti-spyware to prevent hacking and phishing attempts and to prevent being used as slave machines for distributed cyber attacks,” said Chintu Cherian Abraham, a digital media professional. Figures show that we need to watch out where and how we go online. According to Norton Report, 2013, 61% Indians access their social network accounts from unsecured wi-fi connections, while 42% access bank accounts and 44% shop online using unsecured wi-fi connections.

Social media companies are gradually devising mechanisms to filter bots. “When a page and a fan connect on Facebook, we want to ensure that connection involves a real person interested in hearing from a specific page and engaging with that brand’s content. As such, we have recently increased our automated efforts to remove Likes on Pages that may have been gained by means that violate our terms,” mentions Facebook’s site integrity policy.

Agency-client intervention is necessary to ensure that artificial traffic is not presented as real. “It’s also important to make all agencies, advertisers and clients aware of their responsibility to keep the Internet free from malicious NHT,” said Chiragh Cherian.

Government involvement is also needed to control the problem of malicious bots. “A lot needs to be done from the government’s side to tackle bots which can be used to target the country’s critical infrastructure such as banking websites,” said Jiten Jain, a cyber security analyst, adding, “Last year, I highlighted the flaws in HDFC’s net banking website which have been rectified now. They could have been exploited to block the net-banking service.”

Until we have a robust mechanism to filter out bogus traffic from real, it will be difficult to say whether the social media followers of Bansal and other public figures are human or not.

Know your Bots
Not all bots are used with a negative intent. Some help in research and monitoring.

The Malicious
Bots can be effectively used to impersonate and to hack accounts leading to financial losses and intellectual property theft. “Theft of personal details, username and password to operate one’s bank account is a classic example of how bots can lead to financial losses. It is an organised cyber crime,” explained Commander (Retd) Mukesh Saini, former national information security coordinator, Government of India. In May 2013, cyber criminals broke into the Mumbai-based account of the RPG group and siphoned off `2.4 crore. Three people were arrested in the case.

“The rate at which NHT is increasing is alarming,” says Tinu Cherian Abraham. “Any computer connected to the Internet is vulnerable to such attacks. The user will not get to know about it unless he or she has installed an Internet security application.”

Besides bots, computers also generate other kinds of secondary activities, while the user is surfing the Internet. This activity remains in the background and is never seen by the user, unlike the bot-generated pop ups, observes Comscore. For example, your computer might be being used as a channel to reach a server with the intention of hacking it. And you will never know.

The Good
Not all NHT is bad, though. In fact, good bots such as scrapers can be effectively used to conduct research. “Wikipedia can be scraped to investigate the frequency of edits on a Wikipedia page and track the increase in the number of editors,” explained Snehashish Ghosh, policy associate at the Bangalore-based Centre for Internet & Society.

Good bots are also used by search engines to track content on websites and enhance their search results. Search bots and other good bots formed 31% of total bots, the Incapsula report noted.

The Social
Apart from malicious and good bots, there are social media bots too. “Extensive analysis is done on social media traffic for monitoring, business lead generation, as well as reputation management. This has amounted to a lot of automated or non-human traffic,” said Abraham.

According to Facebook’s filings published in a Forbes report in February 2012, around 83 million of its users are bogus. “It’s a violation of our policies to use a fake name or operate under a false identity, and we encourage people to report any user they suspect of doing this, either through the report links we provide on the site or through the contact forms in our help centre,” a Facebook spokesperson told HT.

Twitter bots have also made its presence felt on the platform. “Twitter has witnessed very interesting bots which have found appreciation from the community for being funny and creative. The microblogging site cracked down on some harmful bots, but still some of the advanced level bots slip through the net,” said Ghosh.

In August 2012, London-based firm Digital Evaluators, which evaluates social media presence of worldwide companies, released an analysis of Twitter followers of the US Presidential Election candidates Barack Obama and Mitt Romney. 21.9% of Barack Obama’s 17.82 million Twitter followers were found to be bogus.

The Big Brother
Ghosh said that the increase in NHT related to the Internet of things, the concept which enables communication between two or more devices, results in privacy issues. “Take a situation where your mobile device is constantly tracking your location for the purpose of switching on the air conditioner at your home before you reach. Such applications produce huge amounts of personal data and there is no clarity whether this data is being stored,” he said.

“As the new networks link data from products, company assets, or the operating environment, they will generate better information and analysis, which can enhance decision making significantly. Some organisations are starting to deploy these applications in targeted areas, while more radical and demanding uses are still in the conceptual or experimental stages,” noted a McKinsey & Company report on Internet of things.

For more details visit https://cis-india.org/news/hindustan-times-january-5-2014-danish-raza-rise-of-the-bot

RightsCon Toronto 2018

Admin — 2018-06-07T14:31:20Z

RightsCon is organizing the 2018 edition of the event at Beanfield Centre at Exhibition Place, Toronto in Canada. A session on Pervasive Technologies project titled "Cheap and chipper: IP in India’s affordable smartphones" is scheduled on May 17, 5.15 p.m. to 6.15 p.m. in the International Trade and the Commons track. (Room #203B, Beanfield Centre).

We present the findings of the Centre for Internet and Society’s "Pervasive Technologies" research project that concluded last year. The project was an endeavour to study how Internet-enabled mobile phones sold for USD 100 or less interact with India's intellectual property laws. These low-cost technologies that lie in a grey zone of IP laws have been instrumental in bringing access to the Internet and, in turn, access to knowledge and information to people. The project undertook a study of the mobile device landscape in India while developing legal strategies to ensure that consumers continue to have access to inexpensive devices; that manufacturers, software developers and content creators operating in the budget device segment are not snuffed out by litigation; and that the rights of IP holders are not infringed upon.

Each researcher will elucidate on her findings in the areas of patents and copyright pertaining to the hardware, software and media content and the interaction of these findings with public policy.

Maggie Huang, Amba Kak, Rohini Lakshané, Vidushi Marda and Anubha Sinha are among the speakers at the event. For more info click here

Amber Sinha remotely participated in a private meeting on 'Strategizing Civil Society Roles in the Artificial Intelligence Debate'.
Anubha Sinha, Maggie Huang, Rohini Lakshané and Vidushi Marda presented their findings from the Pervasive Technologies project in a panel titled "Cheap and Chipper: IP in India's Affordable Smartphones". Prof Michael Geist moderated the session. Anubha Sinha and Vidushi Marda participated remotely.
Elonnai Hickok participated in these sessions: IDRC cyber policy meeting; GNI board meeting; GNI learning session on MLATs; FOC-AN meeting; GNI session on Intermediary Liability.

For more details visit https://cis-india.org/a2k/news/rightscon-toronto-2018

RightsCon Silicon Valley 2016

praskrishna — 2016-04-06T15:10:21Z

RightsCon is the world’s leading event convened around the issues of the internet and human rights. The annual conference convenes business leaders, visionaries, technologists, legal experts, civil society members, activists, and government representatives from across the globe on issues at the intersection of tech and human rights. The event was organized by RightsCon.

Program

This year, we had three days ofprogrammingplus a day of satellite events (Day Zero satellite events + three full days of main programming), tackling some of today’s most challenging business and policy issues: freedom of expression, online harassment and countering violent extremism, privacy and digital security, encryption, network discrimination and connectivity, human rights, trade and business, transparency reporting, digital inclusion, internet governance, and much more. Click here to see our program schedule.

With 250+ sessions and over 1,000 registered participants, RightsCon 2016 provided unparalleled opportunities to engage with leading speakers and organizations, both in sessions and through private meetings and discussions. It was also home to an array of parties, movie screenings, and social events throughout the week to help participants meet others in the space.

Elonnai Hickok participated in the following panels and meetings at RightsCon held at Mission Bay Conference Center in San Francisco, California from March 30 to April 1, 2016:

1. Beyond CSR: Promoting Strong Human Rights Performance - Centre for Law and Democracy
2. Ranking ICT Companies on Digital Rights; A How to Guide - Ranking Digital Rights
3. Who is an Intermediary? Harmonizing Definitions? - CIS
4. Manila Principles: One Year Later - CIS and EFF
5. Cross Border Data Requests - American University Washington College of Law, University of Kentucky College of Law.
6. Closed door meeting for Ranking Digital Rights
7. GNI meeting on Mutual Legal Assistance

More info on the RightsCon website

For more details visit https://cis-india.org/internet-governance/news/rightscon-silicon-valley-2016