Blog

The 2014 seminar is jointly organized by the Center for Global Communication Studies (CGCS) at the University of Pennsylvania’s Annenberg School for Communication, the American Austrian Foundation (AAF), and the Diplomatic Academy of Vienna (DA).  For more information visit the seminar webpage and Facebook Page. Dr. Nishant Shah is the co-founder and Director-Research at the Centre for Internet and Society, Bangalore, India.

Nishant Shah's post was published on April 1st, 2014 | by cgcsblog

---

An imagined and perceived gap between the global and the local informs transnational politics and internet policy. The global views the local as both the site upon which the global can manifest itself as well as the microcosm that supports and strengthens global visions by providing mutations, adaptations and reengineering of the governance practices. The local is encouraged to connect with the global through a series of outward facing practices and policies, thus producing two separate domains of preservation and change.  On the one hand, the local, the organic and the traditional, needs to be preserved and make the transnational and the global the exotic other. On the other hand, the local also needs to be in a state of aspiration, transforming itself to belong to global networks of polity and policy that are deemed as desirable, especially for a development and rights based vision of societies.

While these negotiations and transactions are often fruitful and local, national, and transnational structures and mechanics have been developed to facilitate this flow, this relationship is precarious. There is an implicit recognition that the local and the transnational, dialectically produced, are often opaque categories and empty signifiers. They sustain themselves through unquestioned presumptions of particular attributes that are taken for granted in these interactions. There have been many different metaphors that have been used to understand and explain these complex transfers of knowledge and information, resources and capital, bodies and ideologies. Vectors, Flows, Disjunctures, Intersections are some of the examples. However, with the rise of the digital technologies and vocabularies, especially the internet, the metaphor of the Network with its distributed nodes has become one of the most potent explanations of contemporary politics. This idea of living in networked worlds is so seductive and ‘common-sense,’ that it has become an everyday practice to think of the global as a robust, never-ending, all-inclusive network where the local becomes an important node because it enables both connectivity within but also an expansion of the edges, in order to connect to that which is outside the traffic capacities of the network.

The ‘Network Society’ paradigm is distinct from earlier rubrics of information and open society that have informed existing information and communication policies. In this paradigm we have the opportunity to revisit and remap the ways in which local governments and populations function and how they produce locals who can feed into the transnational and global discourse. The network facilitates some knowledge that is valuable and allows us to map inequity and mal-distribution of resources by offering comparisons between the different nodes. Networks force our attention to the edges, the no-person’s-zone which is porous but still serves as an osmotic filter that often keeps the underprivileged and the unintelligible outside its fold. Networks as metaphors are valuable because they produce a cartographic vision of the world with multiple boundaries and layers, dealing with big data sets to create patterns that might otherwise be invisible. They enable the replication of models that can be further localised and adapted to fit the needs of the context.  Networks make the world legible – we write it through the lens of the network, intelligible – we understand it through the language and vocabulary of the network, and accessible – it allows for knowledge and practices to transfer across geographies and times.

At the same time, networks are a vicious form of organisation because they work through the logic of resource maximisation, efficiency and optimisation, often disallowing voices of dissent that threaten the consensus making mechanisms of the network. Networks have a self-referential relationship with reality because they produce accounts of reality which can easily stand in for the material and the real. They are the new narratives that can operate with existing data sets and produce such rich insights for analysis that we forget to account for that which cannot be captured in the database structures of these data streams. Networks work through a principle of homogeneity and records, thus precluding forms of operation which cannot be easily quantified.

Given this complex nature of networks and the fact that they are emerging as the de facto explanations of not only social and cultural relationships but also economic and political transactions, it might be fruitful to approach the world of policy and politics, the local and the transnational, through the lens of the network. Building a critique of the network while also deploying the network as a way to account for the governmental practices might produce key insights into how the world operates. What does it mean to imagine the world in the image of the internet as a gigantic network? What are the ways in which a networked visualisation of policy and governmental processes can help us analyse and understand contemporary politics? What tools can we develop to expose the limitations of a network paradigm and look at more inclusive and sensitive models for public discourse and participation? How do we document events, people, and drivers of political change that often get overlooked in the networked imagination of transnational politics? These are the kind of questions that the Center for Global Communication Study’s Internet Policy Observatory (IPO) could initiate, building empirical, qualitative and historical research to understand the complex state of policy making and its relationship with enforcement, operationalization and localisation.

Given the scope and scale of these questions, there are a few specific directions that can be followed to ensure that research is focused and concentrated rather than too vague and generalised:

1. Bird’s eye views: The big picture understanding of transnational political and policy networks is still missing from our accounts of contemporary discourse. While global representative networks of multi-stakeholder dialogues have been established, there is not enough understanding of how they generate traffic (information, knowledge, data, people, policies) within the network through the different nodes. Producing an annotated and visual network map that looks at the different structural and organisational endeavours and presences, based on available open public data, bolstered by qualitative interviews would be very useful both as a research resource but also an analytic prototype to understand the complex relationships between the various stakeholders involved in processes of political change.
2. Crisis Mapping: One of the most important things within Network studies is how the network identifies and resolves crises. Crises are the moment when the internal flaws, the structural weaknesses, and the fragile infrastructure become visible. The digital network, like the internet, has specific mechanisms of protecting itself against crises. However, the appearance of a crisis becomes an exciting time to look at the discrepancy between the ambition of the network and its usage. A crisis is generally a symptom that shows the potentials for radical subversion, overthrowing, questioning and the abuse of network designs and visions. Locating ICT related crises with historical and geographical focuses could similarly reveal the discrepancies of the processes of making policy and orchestrating politics.
3. Longitudinal Studies: The network remains strong because it works through a prototype principle. Consequently, no matter how large the network is, it is possible to splice, slice, and separate a small component of the network for deep dive studies. This microcosm offers rich data sets, which can then be applied across the network to yield different results. Further, working with different actors – from individual to the collective, from the informal the institutional – but giving them all equal valency provides a more equal view of the roles, responsibilities, and aspirations of the different actors involved in the processes. This kind of a longitudinal study, working on very small case-studies and then applying them to analyse the larger social and political conditions help in understanding the transnational and global processes in a new way.

These research based inquiries could result in many different outputs based on the key users that they are working with and for. The methods could be hybrid, using existing local and experimental structures, with predefined criteria for rigour and robustness. The research, given its nature, would necessitate working with existing networks and expanding them, thus building strong and sustainable knowledge networks that can be diverted towards intervention through capacity building and pedagogy directed at the different actors identified within these nodes.

---

Dr. Nishant Shah is the co-founder and Director-Research at the Centre for Internet and Society, Bangalore, India. He is an International Tandem Partner at the Centre for Digital Cultures, Leuphana University, Germany and a Knowledge Partner with the Hivos Knowledge Programme, The Netherlands. In these varied roles, he has been committed to producing infrastructure, frameworks and collaborations in the global south to understand and analyse the ways in which emergence and growth of digital technologies have shaped the contemporary social, political and cultural milieu. He is the editor for a series of monographs on ‘Histories of Internet(s) in India’ that looks at the complicated relationship that technologies have with questions of gender, sexuality, body, city, governance, archiving and gaming in a country like India. He is also the principle researcher for a research programme that produced the four-volume anthology ‘Digital AlterNatives With a Cause?’ that examines the ways in which young people’s relationship with digital technologies produces changes in their immediate environments.

Dr. Nishant Shah's column was published in the Indian Express on March 30, 2014.

---

Within the online space, where wonderments often run rife, and conspiracy theories travel at the speed of light, there are many dark recesses where netizens half-jokingly, self-referentially, in a spirit of part-truth, part-exaggeration, often wonder on what the real reason is for the internet to exist.

One suggestion, and probably the most persuasive one, drawing from the Broadway musical Avenue Q, is that the internet was made for porn. Positing a competing argument is a clowder of cat lovers, who insist that the internet was made for cats. Or, at least, it is definitely made of cats.

From the first internet memes like LOL Cats (and then subsequently Grumpy Cat, Ceiling Cat and Hipster Kitty), which had pictures of cats used for strong social, cultural and political commentary, to Caturday — a practice where users on the Web’s largest unmoderated discussion board, 4Chan, post pictures of cats every Saturday — cats are everywhere.

I want to add to this list and suggest that the internet was meant for “shame”. With the explosion of the interactive Web, more people getting access to mobile computing devices, and more websites inviting users to write reviews, leak pictures, expose videos and reveal more personal and private information online, there seems to be no doubt that we live in the age of digital shaming.

The aesthetic, also embedded in peer-to-peer platforms like chatroulete, or snapchat, where people often engage in sexting, is also becoming common in popular media. The ability to spy, to capture private images and videos, and expose the people who violate some imagined moral code has dangerous implications for the future of the Web and our own private lives. And as more of it goes unpunished and gets naturalised in our everyday digital practices, it is time to realise that the titillation it offers through scandal is far outweighed by the growing stress and grief it causes to victims. While there are some values to public shaming that ask for more transparency and accountability, we need to reflect on how it is creating societies of shame.

It sometimes emerges as an attempt to shame governments, private institutions, places of consumption, for compromise of the rights of the users.

Anything, from denial of service and corruption in government offices to bad food and substandard goods in restaurants and malls, is now reported in an attempt to shame the people responsible for it. This kind of “citizen journalism” allows for individual voices and experiences to be heard and documented, and the people in question are forced to be accountable for their jobs.

From fascinating websites like IPaidABribe.com to restaurant review sites like Zomato, we have seen an interesting phenomenon of “naming and shaming” that gives voice to individual discontent and anger. And so commonplace has this become, that most managers of different services and goods track, respond and mitigate the situation, often offering apologies and freebies to make up for that one bad experience.

Most big organisations have Twitter handles that function in a similar way, addressing grievances of users in real time, and helping to deliver better services and products. It is a new era of granular accountability that ensures that individual acts of discrimination, neglect or just disservice get reported and have direct impact on those responsible for it.

On the other end of the spectrum of this call for transparent and accountable structures, is the phenomenon of shaming and cyber bullying that is also increasing, especially with digital natives who spend more time online. On social networking sites, it has become almost passé, for personal and sensitive information to be leaked in order to shame and expose a person’s weaknesses and vulnerabilities. Especially for young teens who might be in a disadvantaged position — for reasons of sexual orientation, location, practices or interests — the shaming through exposing their private information often creates extremely traumatic conditions, even leading people to take their lives.
Shaming takes up particularly dire forms on websites and platforms that are designed to leak this kind of information. Hunter Moore, who has recently earned the title of being the most hated man on the internet, was the founder of a revenge-porn website, which invited male users to reveal sexual and embarrassing pictures of their former girlfriends and even spouses, to reveal them in compromising positions and shame them for being “sluts”.

Moore’s website has been shut down now and he is facing multiple charges of felony in the US, but that one site was just the tip of the iceberg. Slut shaming and trying to humiliate women has become a strong underground practice on the dark web. Hidden by anonymity and the security that the Web can sometimes offer, people betray the trust of their friends and lovers and expose them to be punished by voyeuristic audiences.

---

The article was published in Yojana (April 2014 Issue). Click to download the original here. (PDF, 177 Kb)

---

The role of the US perceived by some as the benevolent dictator or primary steward of the Internet because of history, technology, topology and commerce came under scrutiny again. The I star bodies also known as the technical community - Internet Corporation for Assigned Names and Numbers (ICANN); five Regional Internet Registries (RIRs) ie. African,  American, Asia-Pacific, European and Latin American; two standard setting organisations - World Wide Web Consortium (W3C) & Internet Engineering Task Force (IETF); the Internet Architecture Board (IAB); and Internet Society (ISOC) responded by issuing the Montevideo Statement [1] on the 7th of October. The statement expressed "strong concern over the undermining of the trust and confidence of Internet users globally due to recent revelations of pervasive monitoring and surveillance." It called for  "accelerating the globalization of ICANN and IANA functions..." - did this mean that the I star bodies were finally willing to end the special role that US played in Internet governance? However, that dramatic shift in position was followed with the following qualifier "...towards an environment in which all stakeholders, including all governments, participate on an equal footing." Clearly indicating that for the I star bodies multistakeholderism was non-negotiable.  Two days later President Rousseff after a meeting with Fadi Chehadé, announced on Twitter that Brazil would host "an international summit of governments, industry, civil society and academia." [2] The meeting has now been dubbed Net Mundial and 188 proposals for “principles” or “roadmaps for the further evolution of the Internet governance ecosystem” have been submitted for discussion in São Paulo on the 23rd and 24th of April. The meeting will definitely be an important milestone for multilateral and multi-stakeholder mechanisms in the ecosystem.

It has been more than a decade since this debate between multilateralism and multi-stakeholderism has ignited. Multistakeholderism is a form of governance that seeks to ensure that every stakeholder is guaranteed a seat at the policy formulation table (either in consultative capacity or in decision making capacity depending who you ask). The Tunis Agenda, which was the end result of the 2003-05 WSIS upheld the multistakeholder mode. The 2003–2005 World Summit on the Information Society process was seen by those favouring the status quo at that time as the first attempt by the UN bodies or multilateralism - to takeover the Internet. However, the end result i.e. Tunis Agenda [3] clarified and reaffirmed multi-stakeholderism as the way forward even though multilateral governance mechanisms were also accepted as a valid component of Internet governance. The list of stakeholders included states, the private sector, civil society, intergovernmental organisations, international standards organisations and the “academic and technical communities within those stakeholder groups mentioned” above. The Tunis Agenda also constituted the Internet Governance Forum (IGF) and the process of Enhanced Cooperation.

The IGF was defined in detail with a twelve point mandate including to “identify emerging issues, bring them to the attention of the relevant bodies and the general public, and, where appropriate, make recommendations.” In brief it was to be a learning Forum, a talk shop and a venue for developing soft law not international treaties. Enhanced Cooperation was defined as “to enable governments, on an equal footing, to carry out their roles and responsibilities, in international public policy issues pertaining to the Internet, but not in the day-to-day technical and operational matters, that do not impact on international public policy issues” –  and to this day, efforts are on to define it more clearly.

Seven years later, during the World Conference on Telecommunication in Dubai, the status quoists dubbed it another attempt by the UN to take over the Internet. Even those non-American civil society actors who were uncomfortable with US dominance were willing to settle for the status quo because they were convinced that US court would uphold human rights online more robustly than most other countries. In fact, the US administration had laid a good foundation for the demonization of the UN and other nation states that preferred an international regime. "Internet freedom" was State Department doctrine under the leadership of Hillary Clinton. As per her rhetoric – there were good states, bad states and swing states. The US, UK and some Scandinavian countries were the defenders of freedom. China, Russia and Saudi Arabia were examples of authoritarian states that were balkanizing the Internet. And India, Brazil and Indonesia were examples of swing states – in other words, they could go either way – join the good side or the dark side.

But Internet freedom rhetoric was deeply flawed. The US censorship regime is really no better than China’s. China censors political speech – US censors access to knowledge thanks to the intellectual property (IP) rightsholder lobby that has tremendous influence on the Hill. Statistics of television viewership across channels around the world will tell us how the majority privileges cultural speech over political speech on any average day. The great firewall of China only affects its citizens – netizens from other jurisdictions are not impacted by Chinese censorship. On the other hand, the US acts of censorship are usually near global in impact.

This is because the censorship regime is not predominantly based on blocking or filtering but by placing pressure on identification, technology and financial intermediaries thereby forcing their targets offline. When it comes to surveillance, one could argue that the US is worse than China. Again, as was the case with censorship, China only conducts pervasive blanket surveillance upon its citizens – unlike US surveillance, which not only affects its citizens but targets every single user of the Internet through a multi-layered approach with an accompanying acronym soup of programmes and initiatives that include malware, trojans, software vulnerabilities, back doors in encryption standards, over the top service providers, telcos, ISPs, national backbone infrastructure and submarine fibre optic cables.

Security guru Bruce Schneier tells us that "there is no security without privacy. And liberty requires both security and privacy.” Blanket surveillance therefore undermines the security imperative and compromises functioning markets by make e-commerce, e-banking, intellectual property, personal information and confidential information vulnerable. Building a secure Internet and information society will require ending mass surveillance by states and private actors.

The Opportunity for India

Unlike the America with its straitjacketed IP regime, India believes that access to knowledge is a precondition for freedom of speech and expression. As global intellectual property policy or access to knowledge policy is concerned, India is considered a leader both when it comes to domestic policy and international policy development at the World Intellectual Property Organisation. From the 70s our policy-makers have defended the right to health in the form of access to medicines. More recently, India played a critical role in securing the Marrakesh Treaty for Visually Impaired Persons in June 2013 which introduces a user right [also referred to as an exception, flexibility or limitation] which allows the visually impaired to convert books to accessible formats without paying the copyright-holder if an accessible version has not been made available. The Marrakesh Treaty is disability specific [only for the visually impaired] and works specific [only for copyright]. This is the first instance of India successfully exporting policy best practices. India's exception for the disabled in the Copyright Act unlike the Marrakesh Treaty, however, is both disability-neutral and works-neutral.

Given that the Internet is critical to the successful implementation of the Treaty ie. cross border sharing of works that have been made accessible to disabled persons in one country with the global community, it is perhaps time for India to broaden its influence into the sphere of Internet governance and the governance of information societies more broadly.

Post-Snowden, the so called swing states occupy the higher moral ground. It is time for these states to capitalize on this moment using strong political will. Instead of just being a friendly jurisdiction from the perspective of access to medicine, it is time for India to also be the enabling jurisdiction for access to knowledge more broadly. We could use patent pools and compulsory licensing to provide affordable and innovative digital hardware [especially mobile phones] to the developing world. This would ensure that rights-holders, innovators, manufactures, consumers and government would all benefit from India going beyond being the pharmacy of the world to becoming the electronics store of the world. We could explore flat-fee licensing models like a broadband copyright cess or levy to ensure that users get content [text, images, video, audio, games and software] at affordable rates and rights-holders get some royalty from all Internet users in India. This will go a long way in undermining the copyright enforcement based censorship regime that has been established by the US. When it comes to privacy – we could enact a world-class privacy law and establish an independent, autonomous and proactive privacy commissioner who will keep both private and state actors on a short lease. Then we need a scientific, targeted surveillance regime that is in compliance with human rights principles. This will make India simultaneously an IP and privacy haven and thereby attract huge investment from the private sector, and also earn the goodwill of global civil society and independent media. Given that privacy is a precondition for security, this will also make India very secure from a cyber security perspective. Of course this is a fanciful pipe dream given our current circumstances but is definitely a possible future for us as a nation to pursue.

What is the scope of Internet Governance?

Part of the tension between multi-stakeholderism and multilateralism is that there is no single, universally accepted definition of Internet governance. The conservative definitions of Internet Governance limits it to management of critical Internet resources, including the domain name system, IP addresses and root servers – in other words, the ICANN, IANA functions, regional registries and other I* bodies. This is where US dominance has historically been most explicit. This is also where the multi-stakeholder model has clearly delivered so far and therefore we must be most careful about dismantling existing governance arrangements. There are very broadly four approaches for reducing US dominance here – a) globalization [giving other nation-states a role equal to the US within the existing multi-stakeholder paradigm], b) internationalization [bring ICANN, IANA functions, registries and I* bodies under UN control or oversight], c) eliminating the role for nation states in the IANA functions[4] and d) introducing competitors for names and numbers management. Regardless of the final solution, it is clear that those that control domain names and allocate IP addresses will be able to impact the freedom of speech and expression. The impact on the national security of India is very limited given that there are three root servers [5] within national borders and it would be near impossible for the US to shut down the Internet in India.

For a more expansive definition – The Working Group on Internet Governance report[6] has four categories for public policy issues that are relevant to Internet governance:

“(a) Issues relating to infrastructure and the management of critical Internet resources, including administration of the domain name system and Internet protocol addresses (IP addresses), administration of the root server system, technical standards, peering and interconnection, telecommunications infrastructure, including innovative and convergent technologies, as well as multilingualization. These issues are matters of direct relevance to Internet governance and fall within the ambit of existing organizations with responsibility for these matters;

(b) Issues relating to the use of the Internet, including spam, network security and cybercrime. While these issues are directly related to Internet governance, the nature of global cooperation required is not well defined;

(c)Issues that are relevant to the Internet but have an impact much wider than the Internet and for which existing organizations are responsible, such as intellectual property rights (IPRs) or international trade. ...;

(d) Issues relating to the developmental aspects of Internet governance, in particular capacity-building in developing countries.”

Some of these categories are addressed via state regulation that has cascaded from multilateral bodies that are associated with the United Nations such as the World Intellectual Property Organisation for "intellectual property rights" and the International Telecommunication Union for “telecommunications infrastructure”. Other policy issues such as  "cyber crime" are currently addressed via plurilateral instruments – for example the Budapest Convention on Cybercrime – and bilateral arrangements like Mutual Legal Assistance Treaties. "Spam" is currently being handled through self-regulatory efforts by the private sector such as Messaging, Malware and Mobile Anti-Abuse Working Group.[7] Other areas where there is insufficient international or global cooperation include "peering and interconnection" - the private arrangements that exist are confidential and it is unclear whether the public interest is being adequately protected.

So who really governs the Internet?

So in conclusion, who governs the Internet is not really a useful question. This is because nobody governs the Internet per se. The Internet is a diffuse collection of standards, technologies and actors and dramatically different across layers, geographies and services. Different Internet actors – the government, the private sector, civil society and the technical and academic community are already regulated using a multiplicity of fora and governance regimes – self regulation, coregulation and state regulation. Is more regulation always the right answer? Do we need to choose between multilateralism and multi-stakeholderism? Do we need stable definitions to process? Do we need different version of multi-stakeholderism for different areas of governance for ex. standards vs. names and numbers? Ideally no, no, no and yes. In my view an appropriate global governance system will be decentralized, diverse or plural in nature yet interoperable, will have both multilateral and multistakeholder institutions and mechanisms and will be as interested in deregulation for the public interest as it is in regulation for the public interest.

---

[1]. Montevideo Statement on the Future of Internet Cooperation https://www.icann.org/en/news/announcements/announcement-07oct13-en.htm

[2]. Brazil to host global internet summit in ongoing fight against NSA surveillance http://rt.com/news/brazil-internet-summit-fight-nsa-006/

[3]. Tunis Agenda For The Information Society http://www.itu.int/wsis/docs2/tunis/off/6rev1.html

[4]. Roadmap for globalizing IANA: Four principles and a proposal for reform: a submission to the Global Multistakeholder Meeting on the Future of Internet Governance by Milton Mueller and Brenden Kuerbis March 3rd 2014  See: http://www.internetgovernance.org/wordpress/wp-content/uploads/ICANNreformglobalizingIANAfinal.pdf

[5]. Mumbai (I Root), Delhi (K Root) and Chennai (F Root). See: http://nixi.in/en/component/content/article/36-other-activities-/77-root-servers

[6]. Report of the Working Group on Internet Governance to the President of the Preparatory Committee of the World Summit on the Information Society, Ambassador Janis Karklins, and the WSIS Secretary-General, Mr Yoshio Utsumi. Dated:  14 July 2005 See: http://www.wgig.org/WGIG-Report.html

[7].Messaging, Malware and Mobile Anti-Abuse Working Group website See: http://www.maawg.org/

---

The author is is the Executive Director of the Centre for Internet and Society (CIS), Bangalore. He is also the founder of Mahiti, a 15 year old social enterprise aiming to reduce the cost and complexity of information and communication technology for the voluntary sector by using free software. He is an Ashoka fellow. For three years, he also managed the International Open Source Network, a project of United Nations Development Programme's Asia-Pacific Development Information Programme, serving 42 countries in the Asia-Pacific region.

The Committee on Civil Liberties, Justice and Home Affairs of the European Parliament in its draft report on global surveillance has issued a scathing indictment of the activities of the NSA and its counterparts in other member nations and is a welcome stance taken by an international body that is crucial to the fight against surveillance.

The "European Parliament Draft Report on the US NSA surveillance programme, surveillance bodies in various Member States and their impact on EU citizens’ fundamental rights and on transatlantic cooperation in Justice and Home Affairs" released on the 8^th of January, 2014, comprehensively details and critiques the mass surveillance being undertaken by government agencies in the USA as well as within the EU, from a human rights and privacy perspective. The report examines the extent to which surveillance systems are employed by the USA and EU member-states, and declares these systems in their current avatars to be unlawful and in breach of international obligations and fundamental constitutional rights including "the freedom of expression, of the press, of thought, of conscience, of religion and of association, private life, data protection, as well as the right to an effective remedy, the presumption of innocence and the right to a fair trial and non-discrimination".

Furthermore, the report points to the erosion of trust between the EU and the US as well as amongst member states as an outcome of such secret surveillance, and criticises and calls for a suspension of the data-sharing and transfer agreements like the Terrorist Finance Tracking Program (TFTP), which share personal information about EU citizens with the United States, after examining the inadequacy of the US Safe Harbour Privacy principles in ensuring the security of such information.

After considering the secret and unregulated nature of these programmes, the report points to the need of restricting surveillance systems and criticizes the lack of adequate data protection laws and privacy laws which adhere to basic principles such as necessity, proportionality and legality.. It also questions the underlying motives of these programmes as mere security-tools and points to the possible existence of political and economic motives behind their deployment. Recognizing the pitfalls of surveillance and the terrible potential for misuse, the report "condemns in the strongest possible terms the vast, systemic, blanket collection of the personal data of innocent people, often comprising intimate personal information; emphasises that the systems of mass, indiscriminate surveillance by intelligence services constitute a serious interference with the fundamental rights of citizens; stresses that privacy is not a luxury right, but that it is the foundation stone of a free and democratic society; points out, furthermore, that mass surveillance has potentially severe effects on the freedom of the press, thought and speech, as well as a significant potential for abuse of the information gathered against political adversaries."

Amongst the recommendations in the 51-page report are calls for a prohibition of mass surveillance and bulk data collection, and an overhaul of the existing systems of data-protection across the European Union and in the US to recognize and strengthen the right to privacy of their citizens, as well as the implementation of democratic oversight mechanisms to check security and intelligence agencies. It also calls for a review of data-transfer programmes and ensuring that standards of privacy and other fundamental rights under the European constitution are met. The committee sets out a 7-point plan of action, termed the European Digital Habeus Corpus for Protecting Privacy, including adopting the Data Protection Package, suspending data transfers to the US until a more comprehensive data protection regime is through an Umbrella Agreement, enhancing fundamental freedoms of expression and speech, particularly for whistleblowers, developing a European Strategy for IT independence and developing the EU as a reference player for democratic and neutral governance of the internet.

Though this draft report has no binding legal value as yet, the scathing criticism has assisted in calling to the attention of the global community the complex issues of internet governance and privacy and surveillance, and generated debate and discourse around the need for an overhaul of the current system. The recent decision of the US government to ‘democratize’ the internet by handing control of the DNS root zone to an international body, and thereby relinquishing a large part of its means of controlling the internet, is just one example of the systemic change that this debate is generating.

Recommendations in the Report of the Group of Experts on Privacy that are Incorporated in the 2014 Privacy Bill

Constitutional Right to Privacy

The Report of the Group of Experts on Privacy recommends that any privacy legislation for India specify the constitutional basis of a right to privacy. The 2014 Privacy Bill has done this, locating the Right to Privacy in Article 21 of the Constitution of India.

Nine National Privacy Principles

The Report of the Group of Experts on Privacy recommends that nine National Privacy Principles be adopted and applied to harmonize existing legislation and practices. The 2014 Privacy Bill also adopts nine National Privacy Principles. Though these principles differ slightly from the National Privacy Principles recommended in the Report, they are broadly the same, and importantly will apply to all existing and evolving practices, regulations and legislations of the Government that have or will have an impact on the privacy of any individual. Presently, the 2014 Privacy Bill locates the nine National Privacy Principles in an Annex to the Bill, but also incorporates the principles in more detail in sections relating to personal data.  An analysis of the principles as compared in the Report and the Bill is below:

• Notice: The principle of notice as recommended by the Report of the Group of Experts on Privacy differs from the principle of notice in the 2014 Privacy Bill.  According to the notice principle in the Report, a data controller shall give sample to understand notice of its information practices to all individuals, in clear and concise language, before any personal information is collected from them. Such notices should include: (during collection) What personal information is being collected; Purposes for which personal information is being collected; Uses of collected personal information; Whether or not personal information may be disclosed to third persons;  Security safeguards established by the data controller in relation to the personal information; Processes available to data subjects to access and correct their own personal information;  Contact details of the privacy officers and SRO ombudsmen for filing complaints. (Other Notices) Data breaches must be notified to affected individuals and the commissioner when applicable. Individuals must be notified of any legal access to their personal information after the purposes of the access have been met. Individuals must be notified of changes in the data controller’s privacy policy. Any other information deemed necessary by the appropriate authority in the interest of the privacy of data subjects.
  
  In contrast, the 2014 Privacy Bill requires that all the data controllers provide adequate and appropriate notice of their information practices in a form that is easily understood by all intended recipients. In addition to this principle as listed in an annex, the Bill requires that on initial collection data controllers provide notice of what personal data is being collected and the legitimate purpose for which the personal data is being collected. If the purpose for which the personal data changes, data controllers must provide data subjects with a further notice that would include the use to which the personal data shall be put, whether or not the personal data will be disclosed to at third person and, if so, the identity of such person if the personal data being collected is intended to be transferred outside India  and the reasons for doing so; how such transfer helps in achieving the legitimate purpose; and whether the country to which such data is transferred has suitable legislation to provide for adequate protection and privacy of the data; the security and safeguards established by the data controller in relation to the personal data; the processes available to a data subject to access and correct his personal data; the recourse open to a data subject, if he has any complaints in respect of collection or processing of the personal data and the procedure relating thereto; the name, address and contact particulars of the data controller and all persons who will be processing the personal data on behalf of the data controller. Additionally, if a breach of data takes place data controllers must inform the affected data subject that lost or stolen; accessed or acquired by any person not authorized to do so; damaged, deleted or destroyed; processed, re-identified or disclosed in an unauthorized manner.
  
  Though the 2014 Privacy Bill requires a more comprehensive notice to be issued if the purpose for the use of personal data changes, it does not specify (as recommended by the Group of Experts on Privacy) that notice of changes to a data controller’s privacy policy be issued.

• Choice and Consent: The principle of choice and consent in the 2014 Privacy Bill is similar to the principle in the Report of the Group of Experts on privacy in that it requires that all data subjects be provided with a choice to provide or not to provide personal data and that data subject will have the option of withdrawing consent at any time. Though not a part of the specific principle on ‘choice and consent’ listed in the annex the 2014 Privacy Bill also contains provisions that address mandatory collection of information which require, as recommended by the Report of the Group of Experts, that the information is anonymoized. Furthermore, the 2014 Privacy Bill provides individuals an opt-in or opt-out choice with respect to the provision of personal data.
  
  Different from as recommended in the principle in the Report of the Group of Experts on Privacy, the 2014 Privacy Bill does not specify that in exception cases when it is not possible to provide a service with choice and consent, then choice and consent will not be required.

• Collection Limitation: The principle of collection limitation as recommended in the Report of the Group of Experts on Privacy and the principle of collection limitation in the Annex of the 2014 Privacy Bill are similar in that both require that only data that is necessary to achieve an identified purpose be collected. As recommended in the Report of the Group of Experts on Privacy, the 2014 Privacy Bill also requires that notice be provided prior to collection and content taken.

• Purpose Limitation: Though the principle of Purpose Limitation are similar in the Report of the Group of Experts on Privacy and the 2014 Privacy Bill as they both require personal data to be used only for the purposes for which it was collected and that the data must be destroyed after the purposes have been served, the 2014 Privacy Bill does not specify that information collected by a data controller must be adequate and relevant for the purposes for which they are processed. The 2014 Privacy Bill also incorporates elements from the principle of Purpose Limitation as defined by the Report of the Group of Experts in other parts of the Bill. For example, the 2014 Bill requires that notice be provided to the individual if there is a change in purpose for the use of the personal information, and designates a section on retention of personal data.

• Access and Correction: The principle of Access and Correction in the 2014 Privacy Bill reflects the principle of Access and Correction in the Report of the Group of Experts (though not verbatim). Importantly, the 2014 Privacy Bill incorporates the recommendation from the Report of the Group of Experts on Privacy that prohibits access to personal data if it will affect the privacy rights of another individual.

• Disclosure of Information: The principle of ‘Disclosure of Information’ in the Privacy Bill 2014 is similar to the principle of ‘Disclosure of Information’ as recommended in the Report of the Group of Experts on Privacy (though not verbatim).  As recommended this principle requires that personal data be disclosed to third parties only if informed consent has been taken from the individual and the third party is bound the adhere to all relevant and applicable privacy principles.

• Security: The principle of security in the 2014 Privacy Bill reflects the principle of Security recommended in the Report of the Group of Experts on Privacy and requires that personal data be secured through reasonable security safeguards against unauthorized access, destruction, use, modification, de-anonymization or unauthorized disclosure.

• Openness: The principle of Openness in the 2014 Privacy Protection Bill is similar to the principle of Openness recommended in the Report of the Group of Experts on Privacy in that it requires data controllers to make available to all individuals in an intelligible form, using clear and plain language, the practices, procedures, and policies, and systems that are in place to ensure compliance with the privacy principles. The principle in the 2014 Privacy Bill differs from the recommendation in the Report of the Group of Experts on Privacy in that it does not require data controllers to take necessary steps to implement practices, policies, and procedures in a manner proportional to the scale, scope, and sensitivity to the data they collect.

• Accountability: The principle of Accountability in the 2014 Privacy Bill is similar to the principle of Accountability as recommended in the Report of the Group of Experts as both require that the data controller is accountable for compliance with the national Privacy Principles.

Application to interception and access, video and audio recording, personal identifiers, bodily and genetic material: The Privacy Bill 2014 incorporates the recommendations from the Report of the Group of Experts on Privacy and specifies the way in which the National Privacy Principles will apply to the interception and access of communications, video and audio recording, and personal identifiers. But the 2014 Privacy Bill does not specify the application of the National Privacy Principles to bodily and genetic material (though this information is included in the definition of sensitive personal information).

With respect to the installation and operation of video recording equipment in a public space, the 2014 Privacy Bill requires that video recording equipment may only be used in accordance with a prescribed procedure and for a legitimate purpose that is proportionate to the objective for which it was installed. Furthermore, individuals cannot use video recording equipment for the purpose of identifying an individual, monitoring his personal particulars, or revealing in public his personal information. The provisions in the Bill that speak to storage, processing, retention, security, and disclosure of personal data apply to the installation and use of video recording equipment. As a note the 2014 Privacy Bill carves out an exception for law enforcement and government intelligence agencies in the interest of the sovereignty, integrity, security or the strategic, scientific or economic interest of India.

With respect to the application of the National Privacy Principles to the interception of communications, the 2014 Privacy Bill lays down a regime for the interception of communications and specifies that the principles of notice, choice, consent, access and correction, and openness will apply to the interception of communications when authorised.

With respect to Personal Identifiers, the 2014 Privacy Bill notes that the principles of notice, choice, and consent will not apply to the collection of personal identifiers by the government. Additionally, the government will not be obliged to use any personal identifier only for the limited purpose for which the personal identifier was collected, provided that the use is in conformance with the other National Privacy Principles.

Additional Protection for Sensitive Personal Data

The Report of the Group of Experts on Privacy broadly recommends that sensitive personal data be afforded additional protection and existing definitions of sensitive personal data should be harmonised. The 2014 Privacy Bill incorporates these recommendations by defining sensitive personal data as data relating to physical and mental health including medical history, biometric, bodily or genetic information; criminal convictions;  password, banking credit and financial data; narco analysis or polygraph test data, sexual orientation. The 2014 Privacy Bill also requires authorization from the Data Protection Authority for the collection and processing of sensitive personal data and defines circumstances of when this authorization would not be required including:  collection or processing of such data is authorized by any other law for the time being in force; such data has already been made public as a result of steps taken by the data subject; collection and processing of such data is made in connection with any legal proceedings by an order of the competent court; such data relating to physical or mental health or medical history of an individual is collected and processed by a medical professional, if such collection and processing is necessary for medical care and health of that individual; such data relating to biometrics, bodily or genetic material, physical or mental health, prior criminal convictions or financial credit history is processed by the employer of an individual for the purpose of and in connection with the employment of that individual; such data relating to physical or mental health or medical history is collected an processed by an insurance company, if such processing is necessary for the purpose of and in connection with the insurance policy of that individual; such data relating to criminal conviction, biometrics and genetic is processed and collected by law enforcement agencies; such data regarding credit, banking and financial details of an individual is processed by a specific user under the Credit Information Companies (Regulation) Act, 2005; such data is processed by schools or other education institutions in connection with imparting of education to an individual;  such data is collected or processed by the government Intelligence agencies in the interest of the sovereignty, integrity, security or the strategic, scientific or economic interest of India,  the authority has, by a general or specified order permitted the processing of such data for specific purpose and is limited to the extent of such permission. The 2014 Privacy Bill also prohibits additional transactions from being performed using sensitive personal information unless free consent was obtained for such transaction.

Privacy Officers

The Report of the Group of Experts on Privacy recommends that Privacy Officers be established at the organizational level for overseeing the processing of personal data and compliance with the Act. This recommendation has been incorporated in the 2014 Privacy Bill, which establishes Privacy Officers at the organizational level.

Co-regulatory Framework

The Report of the Group of Experts on Privacy recommends that a system of co-regulation be established, where industry levels self regulatory organizations develop privacy norms, which are in turn approved and enforced by the Privacy Commissioner. The 2014 Privacy Bill puts in place a similar co-regulatory framework where industry level self regulatory organizations can develop norms which will be turned into regulations and enforced by the Data Protection Authority. If a sector does not develop norms, the Data Protection Authority can develop norms for the specific sector.

Recommendations in the Report that are not in the Bill

Scope

The Report of the Group of Experts on Privacy recommends that the scope of any privacy framework extends to all individuals, all data processed in India, and all data originating from India.  The 2014 Privacy Bill differs from these recommendations by extending the right to privacy to all residents of India, while remaining silent on whether or not the scope of the legislation extends to all data processed in India and all data originating in India. Despite this, the 2014 Bill does specify that any organization that processes or deals with data of an Indian resident, but does not have a place of business within India, must establish a ‘representative resident’ in India who will be responsible for compliance with the Act.

Exceptions

The Report of the Group of Experts recommends the following as exceptions to the right to privacy:

1. National security
2. Public order
3. Disclosure in the public interest
4. Prevention, detection, investigation, and prosecution of criminal offenses
5. Protection of the individual and rights and freedoms of others

The Report further clarifies that any exception must be qualified and measured against the principles of proportionality, legality, and necessary in a democratic state.

The Privacy Bill 2014 reflects only the exception of  “protection of the individual rights and freedoms of others”. The exceptions as defined in the 2014 Bill are:

1. Sovereignty, integrity or security of India or
2. Strategic, scientific or economic interest of India; or
3. Preventing incitement to the commission of any offence; or
4. Prevention of public disorder; or
5. The investigation of any crime; or
6. Protection of rights and freedoms others; or
7. Friendly relations with foreign states; or
8. Any other legitimate purpose mentioned in this Act.

Instead of qualifying these exceptions with the principles of proportionality, legality, and necessary in a democratic state – as recommended in the Report of Group of Experts on Privacy, the 2014 Privacy Bill qualifies that any restriction must be adequate and not excessive to the objectives it aims to achieve.

Constitution of Infringement of Privacy

The Report of the Group of Experts on Privacy specifies that the publication of personal data for artistic and journalistic purposes in the public interest, disclosure under the Right to Information Act, 2005, and the use of personal data for household purposes should not constitute an infringement of privacy. In contrast the 2014 Privacy Bill specifies that the processing of personal data by an individual purely for his personal or household use, the disclosure of information under the provisions of the Right to information Act, 2005, and any other action specifically exempted under the Act will not constitute an infringement of privacy.

The Data Protection Authority

The Report of the Group of Experts on Privacy recommends the establishment of Privacy Commissioners (and places emphasis on Privacy Commissioner rather than Data Protection Authority) at the Central and Regional level. The Privacy Commissioner should  be of a rank no lower than a retired Supreme Court Judge at the Central level and a retired High Court Judge at the regional level. The privacy commissioner should have the power to receive and investigate class action complaints and investigative powers of the commissioner should include the power to examine and call for documents, examine witnesses, and take a case to court if necessary. The Commissioner should be able to investigate data controllers on receiving complaints or suo moto, and can order privacy impact assessments. Organizations should not be able to appeal fines levied by the Privacy Commissioner, but individuals can appeal a decision of the Privacy Commissioner to the court. The Commissioner should also have broad oversight with respect to interception/access, audio & video recordings, use of personal identifiers, and the use of bodily or genetic material. The Privacy Commissioner will also have the responsibility of approving codes of conduct developed by the industry level SRO’s.

Differing from the recommendations in the Report of the Group of Experts on Privacy, the 2014 Privacy Bill establishes a Data Protection Authority (as opposed to a Privacy Commissioner) at the Central level. Instead of creating regional Data Protection Authorities, the 2014 Privacy Bill allows for the Central Government to decide where other offices of the Data Protection Authority will be located. Furthermore, the 2014 Privacy Bill does not specify a qualification for the Data Protection Authority and instead establishes a selection committee to choose and appoint a Data Protection Authority. This committee is comprised of a Cabinet Secretary, Secretary to the Department of Personnel and Training, Secretary to the Department of Electronics and Information Technology, and two experts of eminence from relevant fields that will be nominated by the Central Government.

The 2014 Privacy Bill does not specify that fines ordered by the Data Protection Authority will be binding for organizations, but does allow individuals to appeal decisions of the Data Protection Authority to the Appellate Tribunal. Differing from the recommendations in the Report of the Group of Experts on Privacy,  the 2014 Privacy Bill gives the Data Protection Authority the power to call upon any data controller at any time to furnish in writing information or explanation relating to its affairs,  and receive and investigate complaints about alleged violations of privacy of individuals in respect of matters covered under this Act, conduct investigations and issue appropriate orders or directions to the parties concerned. Furthermore, the 2014 Privacy Bill does not specify that the Data Protection Authority will carry out privacy impact assessments, but the Authority can conduct audits of any or all personal data controlled by a data controller, can investigate data breaches, investigate in complaint received, and adjudicate on a dispute arising between data controllers or data subjects and data controllers.  Unlike the recommendations in the Report of the Group of Experts on Privacy, it does not seem that the Data Protection Authority will play an overseeing role with respect to interception, the use of video recording equipment, personal identifiers, and the use of bodily and genetic material.

Tribunal and System of Complaints

Differing from the recommendation in the Report of the Group of Experts on Privacy, which specified that a Tribunal should not be established as under the Information Technology Act as there is the risk that the institutions will not have the capacity to rule on a broad right to privacy, the 2014 Privacy Bill does establish a Tribunal under the Information Technology Act. The Report of the Group of Experts on Privacy also recommended that complaints be taken to the district level, high level, and Supreme Court – whereas the 2014 Privacy Bill allows individuals to appeal decisions from the Tribunal only to a High Court. Similar to the recommendations of the Report of the Group of Experts, the 2014 Privacy Bill has in place Alternative Dispute Resolution mechanisms at the level of the industry self regulatory organization.  The 2014 Privacy Bill also specifies that individuals can seek civil remedies and leaves the issuance of compensation for privacy harm to be from a Court. Unlike the recommendations in the Report of the Group of Experts on Privacy, the 2014 Privacy Bill does not specify that the Data Protection Authority will be able to take a case to the court.

Penalties and Offenses

The Report of the Group of Experts on Privacy did not provide specific recommendations for types of offences and penalties, but did suggest that offenses similar to those spelled out in the UK Data Protection Act and Australian Privacy Act be adopted – namely non-compliance with the privacy principles, unlawful collection, processing, sharing/disclosure, access, and use of personal data, and obstruction of the privacy commissioner. The 2014 Privacy Bill does create offenses for the unlawful collection, processing, sharing/disclosure, access, and use of personal data, but does not create offenses for obstruction of the privacy commissioner or broad non-compliance with the privacy principles.

Conclusion

The Centre for Internet and Society welcomes the similarities between the recommendations in the Report of the Group of Experts on Privacy and the leaked 2014 Privacy Bill, but would recommend that on areas where there are differences, particularly in the scope of the Privacy Bill and the powers and functions of the Data Protection Authority, the 2014 Bill be brought in line with the recommendations from the Report of the Group of Experts on Privacy.

In the upcoming post, we will be comparing the text of the leaked 2014 Privacy Bill to international best practices and standards.

---

References

1. Leaked Privacy Bill: 2014 vs. 2011
2. Report of the Group of Experts on Privacy

Let us take, for the purposes of this post, the following definition:

“The idea that all Internet traffic should be treated equally is known as network neutrality. In other words, no matter who uploads or downloads data, or what kind of data is involved, networks should treat all of those packets in the same manner.”

In other words, put simply, net neutrality in its broadest form requires the extant gatekeepers of the internet – such as, for instance, broadband companies – to accord a form of equal and non-discriminatory treatment to all those who want to access the internet. Examples of possible discrimination – as the quote above illustrates – include, for instance, blocking content or providing differential internet speed (perhaps on the basis of a tiered system of payment for access).

Net neutrality has its proponents and opponents, and I do not have space here to address that dispute. In its broadest and absolutist form, net neutrality is highly controversial (including arguments that existing status quo is not neutral in any genuine sense). I take as given, however, that some form of net neutrality is both an important and a desirable goal. In particular, intentional manipulation of information that is available to internet users – especially for political purposes – is, I assume, an undesirable outcome, as are anti-competitive practices, as well as price-discrimination for the most basic access to the internet (this brief article in the Times of India provides a decent, basic primer on the stakes involved).

An example of net neutrality in practice is the American Federal Communications Commission’s Open Internet Order of 2010, which was the subject of litigation in the recently concluded Verizon v. FCC. The Open Internet order imposed obligations of transparency, no blocking, and no unreasonable discrimination, upon internet service providers. The second and third requirements were vacated by a United States Court of Appeals. The rationale for the Court’s decision was that ISPs could not be equated, in law, to “common carriers”. A common carrier is an entity that offers to transport persons and/or goods in exchange for a fee (for example, shipping companies, or bus companies). A common carrier is licensed to be one, and often, one of the conditions for license is an obligation not to discriminate. That is, the common carrier cannot refuse to carry an individual who is willing and able to pay the requisite fees, in the absence of a compelling reason (for example, if the individual wishes the carrier to transport contraband). Proponents of net neutrality have long called for treating ISPs as common carriers, a proposition – as observed above – was rejected by the Court.

With this background, let us turn to India. In India, internet service providers are both state-owned (BSNL and MTNL), and privately-owned (Airtel, Spectranet, Reliance, Sify etc). Unlike many other countries, however, India has no network-neutrality laws. As this informative article observes:

“The Telecom Regulatory Authority of India (TRAI), in its guidelines for issuing licences for providing Unified Access Service, promotes the principle of non-discrimination but does not enforce it… the Information Technology Act does not provide regulatory provisions relating to Internet access, and does not expressly prohibit an ISP from controlling the Internet to suit their business interests.”

In the absence of either legislation or regulation, there are two options. One, of course, is to invoke the rule of common carriers as a common law rule in court, should an ISP violate the principles of net neutrality. In this post (and the next), however, I would like to analyze net neutrality within a constitutional framework – in particular, within the framework of the constitutional guarantee of freedom of speech and expression.

In order to do so, two questions become important, and I shall address them in turn. First, given that most of the ISPs are privately owned, how does the Constitution even come into the picture? Our fundamental rights are enforceable vertically, that is, between individuals and the State, and not horizontally – that is, between two individuals, or two private parties. Where the Constitution intends to depart from this principle (for instance, Article 15(2)), it specifically and expressly states so. As far as Article 19 and the fundamental freedoms are concerned, however, it is clear that they do not admit of horizontal application.

Yet what, precisely, are we to understand by the term “State”? Consider Article 12:

“In this part, unless the context otherwise requires, the State includes the Government and Parliament of India and the Government and the Legislature of each of the States and all local or other authorities within the territory of India or under the control of the Government of India.”

The key question is what, precisely, falls within the meaning of “other authorities”. The paradigmatic example – and this is something Ambedkar had in mind, as is evidenced by the Constituent Assembly Debates – is the statutory corporation – i.e., a company established under a statute. There are, however, more difficult cases, for instance, public-private partnerships of varying types. For the last fifty years, the Supreme Court has struggled with the issue of defining “other authorities” for the purposes of Part III of the Constitution, with the pendulum swinging wildly at times. In the case of Pradeep Kumar Biswas v. Indian Institute of Chemical Biology, a 2002 judgment by a Constitution bench, the Court settled upon the following definition:

“The question in each case would be whether in the light of the cumulative facts as established, the body is financially, functionally and administratively dominated by or under the control of the Government. Such control must be particular to the body in question and must be pervasive. If this is found then the body is a State within Article 12. On the other hand, when the control is merely regulatory whether under statute or otherwise, it would not serve to make the body a State.”

Very obviously, this dooms the ISP argument. There is no way to argue that ISPs are under the pervasive financial, functional and administrative domination or control of the State. If we step back for a moment, though, the Pradeep Kumar Biswas test seems to be radically under-inclusive. Consider the following hypothetical: tomorrow, the government decides to privatize the nation’s water supply to private company X. Company X is the sole distributor of water in the country. On gaining control, it decides to cut off the water supply to all households populated by members of a certain religion. There seems something deeply wrong in the argument that there is no remedy under discrimination law against the conduct of the company.

The argument could take two forms. One could argue that there is a certain minimum baseline of State functions (ensuring reasonable access to public utilities, overall maintenance of communications, defence and so on). The baseline may vary depending on your personal political philosophy (education? Health? Infrastructure?), but within the baseline, as established, if a private entity performs a State function, it is assimilated to the State. One could also argue, however, that even if Part III isn’t directly applicable, certain functions are of a public nature, and attract public law obligations that are identical in content to fundamental rights obligations under Part III, although their source is not Part III.

To unpack this idea, consider Justice Mohan’s concurring opinion in Unnikrishnan v. State of Andhra Pradesh, a case that involved the constitutionality of high capitation fees charged by private educational institutions. One of the arguments raised against the educational institutions turned upon the applicability of Article 14’s guarantee of equality. The bench avoided the issue of whether Article 14 directly applied to private educational institutions by framing the issue as a question of the constitutionality of the legislation that regulated capitation fees. Justice Mohan, however, observed:

“What is the nature of functions discharged by these institutions? They discharge a public duty. If a student desires to acquire a degree, for example, in medicine, he will have to route through a medical college. These medical colleges are the instruments to attain the qualification. If, therefore, what is discharged by the educational institution, is a public duty that requires… [it to] act fairly. In such a case, it will be subject to Article 14.”

In light of Pradeep Kumar Biswas, it is obviously difficult to hold the direct application of the Constitution to private entities. We can take Justice Mohan, however, to be making a slightly different point: performing what are quintessentially public duties attract certain obligations that circumscribe the otherwise free action of private entities. The nature of the obligation itself depends upon the nature of the public act. Education, it would seem, is an activity that is characterized by open and non-discriminatory access. Consequently, even private educational institutions are required to abide by the norms of fairness articulated by Article 14, even though they may not, as a matter of constitutional law, be held in violation of the Article 14 that is found in the constitutional text. Again, the content of the obligation is the same, but its source (the constitutional text, as opposed to norms of public law) is different.

We have therefore established that in certain cases, it is possible to subject private entities performing public functions to constitutional norms without bringing them under Article 12’s definition of the State, and without the need for an enacted statute, or a set of regulations. In the next post, we shall explore in greater detail what this means, and how it might be relevant to ISPs and net neutrality.

---

Gautam Bhatia — @gautambhatia88 on Twitter — is a graduate of the National Law School of India University (2011), and presently an LLM student at the Yale Law School. He blogs about the Indian Constitution at http://indconlawphil.wordpress.com. Here at CIS, he will be blogging on issues of online freedom of speech and expression.

The article was originally published in GeneWatch (January - April 2014) issue.

---

Why should an organization that focuses on the Internet be invited to such a committee? There are some obvious reasons related to data protection and big data. CIS had previously served on the Justice AP Shah committee that was tasked by the Planning Commission to make recommendations on the draft Privacy Bill in 2012. There are also some less obvious connections, such as academic research into cyborgs wherein the distinction between human and machine/technology is blurred; where an insulin pump makes one realize that the Internet of Things could include the Internet of Body Parts. But for this note I will focus on biometrics - quantifiable data related to individual human characteristics - and their gate-keeping function on the Internet.

The bouquet of biometric options available to technologists is steadily expanding - fingerprint, palm print, face recognition, DNA, iris, retina, scent, typing rhythm, gait, and voice. Biometrics could be used as authentication or identification to ensure security and privacy. However, biometrics are different from other types of authentication and identification factors in three important ways that have implications for human rights in information societies and the Internet.

Firstly, biometrics allow for non-consensual authentication and identification. Newer, more advanced and more expensive biometric technologies usually violate human rights more extensively and intensively than older, more rudimentary and inexpensive biometrics. For example, it is possible to remotely harvest iris information when a person is wide awake without even being aware that their identification or authentication factors have been compromised. It isn't difficult to imagine ways to harvest someone's fingerprints and palm prints without their knowledge, and you cannot prevent a security camera from capturing your gait. You could use specialized software like Tor to surf the World Wide Web anonymously and cover your digital tracks, but it is much harder to leave no trail of DNA material in the real world.

Secondly, biometrics rely on probabilistic matching rather than discrete matching - unlike, for example, a password that you use on a social media platform. In the 2007 draft of India's current Human DNA Profiling Bill, the preamble said "the Deoxyribose Nucleic Acid (DNA) analysis of body substances is a powerful technology that makes it possible to determine whether the source of origin of one body substance is identical to that of another, and further to establish the biological relationship, if any, between two individuals, living or dead, without any doubt." This extract from the bill was quoted in an ongoing court case to use tampered chain of custody for DNA as the means to seek exoneration of the accused. And the scientists on the committee insist that the DNA Data Bank Manager "...shall communicate, for the purposes of the investigation or prosecution in a criminal offence, the following information to a court, tribunal, law enforcement agency ... as to whether the DNA profile received is already contained in the Data Bank" - in other words, a "yes" or "no" answer. This is indeed odd for those who come from the world of Internet policy - especially when one DNA lab worker confidentially shared that after a DNA profile was generated the "standard operating procedure" included checking it against the DNA profile of the lab worker to ensure that there was no contamination during the process of generating the profile. This would not be necessary for older forms of biometrics such as the process of developing a photograph. In other words, chain of custody issues with every generation of biometric technology are getting more and more complex. In the developing world, the disillusioned want to believe that "technology is the solution." The fallibility of technology must determine its evidentiary status.

Finally, biometrics are only machine-scrutable. This means machines and not human beings will determine whether you are guilty or innocent; whether you should get subsidized medicine, grain, or fuel; whether you can connect to the Internet via mobile phone, cybercafe or broadband. DNA evidence is not directly observable by judges and therefore the technology and equipment have to be made increasingly transparent so that ordinary citizens as well as the scientific community can audit their effectiveness. In 2009, the Second District Court of Appeal and Circuit Court in Florida upheld a 2005 ruling requiring CMI Inc, the manufacturer of Intoxilyzer 5000, to release source code, failing which evidence from the breathalyzer would be rendered inadmissible in more than 100 drunk driving cases. If the transparency of machines is important when prosecuting misdemeanors then surely this is something we must advocate for when culpability for serious crimes is determined through DNA evidence and other types of biometric technologies. This could be accomplished by the triad of mandates for free/open source software, open standards and open hardware. This is not necessary for all DNA technology and equipment that is used in the market, but only for a small sub-set of these technologies that impinge on our rights as human beings via law enforcement and the judicial system.

It has been nine years since India started the process of drafting this bill. We hope that the delays will only result in a robust law that upholds human rights, justice and scientific progress.

---

Sunil Abraham is Executive Director of the Centre for Internet and Society, based in Bangalore, India.

This post maps the discussion across the NETmundial submissions and presents six emerging evolution scenarios related to the IANA functions:

1. Separation of IANA from policy/ICANN, control of IANA to a multilateral body
2. Separation of IANA from policy/ICANN, control of IANA to a non-multilateral body
3. No separation of IANA from policy/ICANN, control of IANA to a multilateral body
4. No separation of IANA from policy/ICANN, control of IANA to a non-multilateral body
5. Multiplication of TLD registries and root servers
6. Maintenance of status quo

---

I. Separation of IANA from policy/ICANN, control of IANA to a multilateral body

The proposal under this category demands for the separation of IANA function from technical policy making, and suggests that the IANA function be transferred to an intergovernmental body.

Such proposal is listed below:

Sl.No.	Proposal No.	Name of Proposal	Organization	Sector	Region	Link
1	186	The Next Best Stage for the Future of Internet Governance is Democracy	Global Geneva	Civil Society	Geneva, Switzerland	http://content.netmundial.br/contribution/the-next-best-stage-for-the-future-of-internet-governance-is-democracy/305

This proposal by Global Geneva seeks the establishment of an intergovernmental organisation called World Internet Organisation (WIO), under which IANA (which is understood to be essentially technical and concerning safety and security of the Internet would be located. WIO would additionally have a special link/status/contract with IANA to avoid unwanted interference from governments. A 75% majority at WIO would be requested to act/modify/contest an IANA decision, making it difficult for governments to go beyond reasonable and consensual demands. WIO would act in concert with World Internet Forum, under which ICANN would be located, whereby it would make policy decisions regarding gTLDs apart from its other present functions.

II. Separation of IANA from policy/ICANN, control of IANA to a non-multilateral body

There are certain proposals whereby it is proposed that IANA function should be separated from technical policy making, or ICANN, and IANA function, which is perceived to be a purely administrative one in such submissions, should be handed over to some sort of non-multilateral organisation, which take different forms in each proposal.

Most such submissions have emerged from the civil society or the technical community.

The Internet Governance Project submission envisions the creation of a DNS Authority under whose umbrella IANA would function. The DNS Authority would be separate from ICANN. This proposal has been endorsed by the submissions of InternetNZ as well as Article 19 and Best Bits. Avri Doria’s submission, along with the submission of APC, envisions the establishment of an independent IANA, separate from the technical policy function. Such independence is sought to be preceded by a transition period by a body called IANA Stewardship Group which would be constituted mostly by members from the technical community. IANA is sought to be governed via MoUs with all stakeholders, on the same lines as the MoU between ICANN and the IETF, as described in RFC2860, RFC6220. The focus of these MoUs would not be policy but will be on performance and adherence to service level agreements.

These submissions are listed below:

Sl. No.	Proposal No.	Name of Proposal	Organisation	Sector	Region	Link
1	19	Roadmap for Globalising IANA: Four Principles and a Proposal for Reform	Internet Governance Project	Civil Society	North America	http://content.netmundial.br/contribution/roadmap-for-globalizing-iana-four-principles-and-a-proposal-for-reform-a-submission-to-the-global-multistakeholder-meeting-on-the-future-of-internet-governance/96
2	26	Roadmap for the Further Evolution of the Internet Governance Ecosystem- ICANN	Article 19 and Best Bits	Civil Society	Global	http://content.netmundial.br/contribution/roadmap-for-the-further-evolution-of-the-internet-governance-ecosystem-icann/109
3	42	Content Contribution to NetMundial on the Roadmap for the Futher Evolution of the IG Ecosystem regarding the Internationalisation of the IANA Function	InternetNZ	Technical Community	New Zealand	http://content.netmundial.br/contribution/content-contribution-to-netmundial-on-the-roadmap-for-the-futher-evolution-of-the-ig-ecosystem-regarding-the-internationalisation-of-the-iana-function/130
4	60	One Possible Roadmap for IANA Evolution	Avri Doria, Independent Researcher	Other	USA	http://content.netmundial.br/contribution/one-possible-roadmap-for-iana-evolution/153
5	162	APC Proposals for the Further Evolution of the Internet Governance Ecosystem	Association for Progressive Communications (APC)	Civil Society	APC is an international organisation with its executive director's office in South Africa	http://content.netmundial.br/contribution/apc-proposals-for-the-further-evolution-of-the-internet-governance-ecosystem/280

III. No separation of IANA from policy/ICANN, control of IANA to a multilateral body

These submissions propose that the IANA function should come under a multilateral body. However they do not suggest the separation of IANA function from policymaking, or from ICANN; or they are at least silent on this latter issue. 2 such proposals come from the civil society and 2 from the government.

A list of these submissions is provided below:

Sl. No.	Proposal No.	Name of Proposal	Organisation	Sector	Region	Link
1	8	Roadmaps for Further Evolution of Internet Governance	Association for Proper Internet Governance	Civil Society	Switzerland	http://content.netmundial.br/contribution/roadmaps-for-further-evolution-of-internet-governance/65
2	45	Russian Parliament Submission to NET mundial	State Duma of the Russian Federation (Parliament of the Russia)	Government	Russian Federation	http://content.netmundial.br/contribution/themes/133
3	121	Contribution from the Islamic Republic of Iran to the Global Multiskaeholder (sic) Meeting for the Future of the Internet, 23-24 April 2014 Sao Paulo, Brazil	Cyber Space National Center, Iran	Government	Islamic Republic of Iran	http://content.netmundial.br/contribution/contribution-from-the-islamic-republic-of-iran-to-the-global-multiskaeholder-meeting-for-the-future-of-the-internet-23-24-april-2014-sao-paolo-brazil/236
4	125	Towards Reform of Global Internet Governance	The Society for Knowledge Commons	Civil Society	India and Brazil	http://content.netmundial.br/contribution/towards-reform-of-global-internet-governance/240

IV. No separation of IANA from policy/ICANN, control of IANA to a non-multilateral body

These submissions do not consider the issue of separation of IANA function from policymaking, or ICANN, or at least do not state an opinion on the separation of IANA function from ICANN. However, they do suggest that the control of IANA should be held by a non-multilateral body, and not the US Government.

Many of these submissions also suggest that the oversight of ICANN should be done by a non-multilateral body, therefore it makes sense that the IANA function is administered by a non-multilateral body, without its removal from the ICANN umbrella.

A list of such submissions is provided below:

Sl.No.	Proposal No.	Name of Proposal	Organisation	Sector	Region	Link
1	46	Norwegian Contribution to the Sao Paulo Meeting	Norwegian government	Government	Norway, Europe	http://content.netmundial.br/contribution/norwegian-government/137
2	50	Contribution from the GSM Association to the Global Multistakeholder Meeting on the Future of Internet Governance	GSMA	Private Sector	Global	http://content.netmundial.br/contribution/contribution-from-the-gsm-association-to-the-global-multistakeholder-meeting-on-the-future-of-internet-governance/141
3	51	Contribution of Telefonica to NETmundial	Telefonica, S.A.	Private Sector	Spain	http://content.netmundial.br/contribution/contribution-of-telefonica-to-netmundial/143
4	56	ETNO Contribution to NETmundial	ETNO [European Telecommunications Network Operators' Association]	Private Sector	Belgium	http://content.netmundial.br/contribution/etno-contribution-to-netmundial/148
5	61	French Government Submission to NETmundial	French Ministry of Foreign Affairs	Government	France	http://content.netmundial.br/contribution/french-government-submission-to-netmundial/154
6	63	Nominet Submission on Internet Governance Principles and the Roadmap	Nominet	Private Sector	UK	http://content.netmundial.br/contribution/nominet-submission-on-internet-governance-principles-and-the-roadmap/156
7	64	Submission by AHCIET to the Global Multistakeholder Meeting on the Future of Internet Governance. NETmundial	AHCIET	Private Sector	Latin America	http://content.netmundial.br/contribution/submission-by-ahciet-to-the-global-multistakeholder-meeting-on-the-future-of-internet-governance-netmundial/157
8	70	Spanish Government Contribution to the Global Multi-stakeholder Meeting on the Future of Internet Governance	Ministry of Industry, Energy and Tourism, Spain	Government	Spain	http://content.netmundial.br/contribution/multistakeholder-human-rights-stability-gac/165
9	80	Roadmap for the Further Evolution of the Internet Governance Ecosystem	European Commission	Government	Europe	http://content.netmundial.br/contribution/roadmap-for-the-further-evolution-of-the-internet-governance-ecosystem/177
10	94	Roadmap for the Future Development of the Internet Governance Ecosystem	Ministry of Foreign Affairs of Argentina	Government	Argentina	http://content.netmundial.br/contribution/roadmap-for-the-future-development-of-the-internet-governance-ecosystem/196
11	97	Orange Contribution for NETmundial	Orange Group	Private Sector	Deputy to the Chief Regulatory Officer Orange Group	http://content.netmundial.br/contribution/orange/199
12	106	Submission on Internet Governance Principles and Roadmap for the Further Evolution of the Internet Governance Ecosystem	Kuwait Information Technology Society	Civil Society	Kuwait	http://content.netmundial.br/contribution/kuwait-information-technology-society-kits-submission-on-internet-governance-principles-and-roadmap-for-the-further-evolution-of-the-internet-governance-ecosystem/214
13	111	Content Submission by the Federal Government of Mexico	Secretara de Comunicaciones y Transportes, Mexico	Government	Mexico	http://content.netmundial.br/contribution/content-submission-by-the-federal-government-of-mexico/219
14	114	Better Understanding and Co-operation for Internet Governance Principles and Its Roadmap	Japan Internet Service Providers Association	Private Sector	Japan	http://content.netmundial.br/contribution/better-understanding-cooperation-for-internet-governance-principles-its-roadmap/222
15	116	Deutsche Telekom’s Contribution for to the Global Multistakeholder Meeting on the Future of Internet Governance	Deutsche Telekom AG	Private Sector	Germany / Europe	http://content.netmundial.br/contribution/deutsche-telekom-s-contribution-for-to-the-global-multistakeholder-meeting-on-the-future-of-internet-governance/225
16	148	NRO Contribution to NETmundial	NRO (for AFRINIC, APNIC, ARIN, LACNIC, RIPE-NCC)	Technical Community	Mauritius	http://content.netmundial.br/contribution/nro-contribution-to-netmundial/259
17	146	Evolution and Internationalisation of ICANN	CGI.br- Brazilian Internet Steering Committee	Other	Brazil	http://content.netmundial.br/contribution/evolution-and-internationalization-of-icann/263
18	176	Addressing Three Prominent “How To” Questions on the Internet Governance Ecosystem Future	Luis Magalhes, Professor at IST of University of Lisbon, Portugal; Panelist of ICANN’s Strategy Panel on the Role in the Internet Governance System	Academia	Portugal	http://content.netmundial.br/contribution/addressing-three-prominent-how-to-questions-on-the-internet-governance-ecosystem-future/294
19	183	NETmundial Content Submission- endorsed by NIC Mexico	NIC Mexico	Technical Community	Mexico	http://content.netmundial.br/contribution/netmundial-content-submission-endorsed-by-nic-mexico/302

V. Multiplication of TLD registries and Root Servers

These submissions are based on the assumption that reform in the current ICANN/IANA administrative structure is impossible as the US government is unlikely to give up its oversight role over both. Instead, these submissions suggest that multiple TLD registries and root servers should be created as alternatives to today’s IANA/ICANN so that a healthy market competition can be fostered in this area, rather than fostering monopoly of IANA.

A list of such submissions is provided below:

Sl.No.	Proposal No.	Name of Proposal	Organisation	Sector	Region	Link
1	41	Internet Governance: What Next?	EUROLINC	Civil Society	France, Europe	http://content.netmundial.br/contribution/internet-governance-what-next/129
2	175	The Intergovernance of the InterPLUS	INTLNET	Civil Society	France	http://content.netmundial.br/contribution/the-intergovernance-of-the-interplus/293

VI. Maintenance of status quo

These submissions are based on the “if it ain’t broke, don’t fix it” principle, and are of the opinion that there is no need to change the administration of IANA function as it functions efficiently in the current system.

A list of such submissions is provided below:

Sl.No.	Proposal No.	Name of Proposal	Organisation	Sector	Region	Link
1	12	United Kingdom Government Submission	Department For Culture Media and Sport, United Kingdom Government	Government	Government	http://content.netmundial.br/contribution/united-kingdom-government-submission/79
2	133	Perspectives from the Domain Name Association	Domain Name Association	Private Sector	Private Sector	http://content.netmundial.br/contribution/perspectives-from-the-domain-name-association/249

---

Read more on ICANN/IANA: Role and Structural Considerations (PDF Document, 1215 Kb)

This post analyses the contributions of the academic community to draw out broad agreements and divergences concerning Internet governance principles.

I. Introduction

In two days, a large measure of the global Internet community – governments, the private sector, civil society, technical community and academia – gather in São Paulo, Brazil, for the Global Multi-stakeholder Meeting on the Future of Internet Governance. The NETmundial (April 23-24, 2014), touted as the World Cup of Internet governance, is a global conference convened and supported by the Brazilian president, Dilma Rousseff, and organized by the Brazilian Internet Steering Committee (CGI.br) and /1Net, a forum comprising various stakeholders involved and interested in Internet governance. It hopes, importantly, “to establish strategic guidelines related to the use and development of the Internet in the world”. To this end, it sought open-ended Contributions from interested stakeholders on the topics, “Set of Internet governance principles” and “Roadmaps for the further evolution of the Internet governance system”. The agenda for NETmundial may be found here.

To fully utilize the 2 short days available, knowledge of the stakeholder positions, especially their broad agreements and divergences on the two topics, is of immense help. Through a series of posts, I analyse the contributions to NETmundial on the question of Internet governance principles, seeking to dig deep into definitions and interpretations of suggested principles, such as management of Critical Internet Resources (such as the Domain Name System), human rights including freedom of expression and privacy, cyber-security, inclusiveness and participation in Internet governance, etc. In separate posts, I shall analyse contributions of each sector (governments, the private sector, civil society, technical community, academia and ‘Other’) and finally, present an overall analysis of the contributions pitted against the Draft Outcome Document, which is presently under discussion.

II. The Contributions

The NETmundial has received 187 contributions from 46 countries. Sector break-ups are given below:

Sector	Number of Contributions (187)
Academia	20
Governments	28
Private Sector	43
Civil Society	61
Technical Community	16
‘Other’ (such as UNESCO, the European Commission, etc.)	19

A quick look at the contributors indicates that contributions are primarily from North America, Europe, South and East Asia, and South America. No or very few contributions were made from large parts of Africa and South East Asia, Central and West Asia, Eastern Europe and Western South America. We present a graphical representation of contributing countries here.

Of the contributions, stakeholders from various sectors contributed to the two topics listed above in the following manner:

Sector	Set of Internet Governance Principles	Roadmaps for Further Evolution of the Internet Governance System	Combined: Internet Governance Principles & Roadmaps
Academia	7	7	6
Government	7	4	17
Private Sector	11	3	29
Civil Society	25	21	15
Technical Community	8	5	3
‘Other’	7	4	8

Despite the above classification, I focus on all 187 contributions for analysis. This is as some contributions expressly set out principles while others do not. Therefore, eliciting and analyzing principles from stakeholder contributions has involved a certain amount of subjective maneuvering. However, such elicitation has been restricted on the following bases:

1. The contribution is externally categorized as falling under either “Set of Internet governance principles” or “Combined – Internet governance principles & Roadmaps”.
2. Internally, the document places principles under rubrics of ‘Internet governance principles’.
3. Internally, the document makes references to Internet governance principles before setting out (without rubrics) principles.

With this caveat, I go on to discuss the NETmundial contributions from the academic community to Internet governance principles.

Part I: Academia

Of the academic contributions, the main contributors are Africa (Kenya – 1, Sudan – 3), Europe (Germany – 1, Poland – 1, Portugal – 1, Russia – 2, Ukraine – 1), South America (Argentina – 1, Brazil – 3) and the United States (8). No Asian country has made an academic contribution, and as evident from above, academia is geographically severely under-represented. Furthermore, only 4 out of 20 contributions expressly set out Internet governance principles. These four are:

1. Report of the Experts Meeting on Cyberspace Law
2. Proposed Internet Governance Principles
3. Taking Consent Seriously
4. Internet Governance Principles: Securing the Future of the Internet
   

Semantics aside, certain broad, high-level consensus emerges within the academic community. On substantive principles of governance on the Internet, the greatest support is found for freedom of express and access to information, with 6 contributions emphasizing this. Equally important is Internet universality and non-discriminatory (3 contributions), universal access to the Internet (6). Protection of privacy and permissible levels of surveillance come a close second, with 5 contributions referring to these. Cyber-security (5), respect for human rights (4) and support for net neutrality (3) and cultural and linguistic diversity on the Internet (3) also emerge as issues of concern for the academic community. The UNESCO and academics from Sudan emphasize training and education to use the Internet. Inter-operability (2) and a single, unfragmented Internet (2) also find a place in the academic community’s contributions.

With regard to processual principles for Internet governance, inclusiveness and participation are the most important concerns (5). The academic community asks for an open, transparent and multi-stakeholder Internet governance system (4), calling for international cooperation (2) among governments and other stakeholders. Interestingly, one contribution requires that the role of governments in the multi-stakeholder model be limited to “the facilitation of the participation of their domestic stakeholder communities in Internet governance processes”, while a Brazilian contribution advocates a multilateral model.

While no contribution expressly calls for these principles to underscore global Internet governance, the author believes that a high-level consensus may be gleaned in favour of respect for and protection of human rights, especially freedom of expression, access to information, privacy and protection from unwarranted domestic or extraterritorial surveillance. This is further supported by cyber-security concerns. The call for universal access to the Internet, alongside mention of net neutrality, emphasizes inclusiveness and non-discrimination. Processually as well, inclusiveness and participation (including equal participation) of all stakeholders finds the largest support, reflected in the calls for multi-stakeholder models of Internet governance.

No glaring divergences exist with regard to human rights or principles of governance on the Internet. The only major divergence amongst academia is the call for multilateral or multi-stakeholder models of Internet governance. While a majority of the contributions call for multi-stakeholder models, the Brazilian contribution (linked above) calls for “Open, multilateral and democratic governance, carried out with transparency by stimulating collective creativity and the participation of society, Governments and the private sector”, while at the same time supporting a “real multi-stakeholder governance model for the Internet based on the full involvement of all relevant actors and organizations”. Indeed, even this divergence is marked by a common emphasis on open, transparent and inclusive participation in Internet governance.

---

These documents were obtained from the websites of the respective banks, and wherever they were lacking, from the branches of the banks themselves. Attempts were made to obtain any information required for the project that was not available on the website or in the forms from the officers of the respective banks.

The State Banks of India (hereinafter ‘SBI’), Central Bank of India (hereinafter ‘CBI’), ICICI Bank (hereinafter ‘ICICI’), IndusInd Bank (hereinafter ‘IndusInd’) and Standard Chartered Bank (hereinafter ‘SCB’) are the banks chosen for this project. As mentioned, these banks have been chosen to ensure a diverse sample pool. SBI is an Indian public multinational bank, CBI is an Indian public bank and it is not multinational, ICICI is an Indian private and multinational bank, IndusInd is an Indian private bank which isn’t multinational, and SCB is a British bank operating in India.

The forms and other documents of each of the banks have been compared against a template of twenty nine questions created from the nine principles given in Justice A.P. Shah Group of Experts’ Report on Privacy.

The two services provided by these banks that have been analysed are Opening an Account and Taking out a Personal Loan. This comparison has been done keeping in mind the obligations of the banks under the Master Circular and the KYC Norms detailed in it, Code of Conduct, and the Rules under Section 43A of the IT Act. Attempts have been made to clarify the basis of the response as much as possible. An analysis of the obligations of the banks is present below, along with an explanation of the relevance of various parts of the two services that are analysed.

---

Click to download:

1. Banking Policy Guide
2. Banking Practices

Image above: Comparing Absolute Appearance of Fifty Most Frequent Words

Image above: Comparing Relative Appearance of Fifty Most Frequent Words

Created by Sumandro using R. Download the R code. Download the data.

These heatmaps compare the appearance of fifty most frequently appearing words (for all 187 contributions) across the contributions made by different types of organisation. Click on them to see the larger images. Hit *escape* to come back to this page. The first heatmap shows the absolute appearance of the words -- that is the total number of times each word appears in contributions by a type of organisation. The second heatmap shows the relative appearance of the words -- that is the ratio of the word's appearance in contribution by a type of organisation divided by total number of contributions by that type of organisation.

---

The Centre for Internet and Society, Bangalore, India, is a non-profit research organization that works on policy issues relating to freedom of expression, privacy, accessibility for persons with disabilities, access to knowledge and IPR reform, and openness, and engages in academic research on digital natives and digital humanities. The analysis was done by Geetha Hariharan, Jyoti Pandey, and Sumandro Chattapadhyay, with data entry support from Chandrasekhar.

Created by Sumandro using Google Charts. Google Terms of Use and Data Policy. Download the data.

This treemap chart divides up contributions submitted to NETmundial 2014 into their countries of origin, which are also clustered into regional divisions. The size of the rectangles indicate the total number of submissions from the respective region/country. Right click on the regions to see the division of submissions from the countries within that region. Left click to go back. Certain submissions have been contributed by global organisations, such as Internet Society, ICANN and Commonwealth agencies. These submissions have been included in the 'Global' division in the above chart. Also, Russia has been included within Europe, and China has been included within East Asia.

---

The Centre for Internet and Society, Bangalore, India, is a non-profit research organization that works on policy issues relating to freedom of expression, privacy, accessibility for persons with disabilities, access to knowledge and IPR reform, and openness, and engages in academic research on digital natives and digital humanities.

The visualisations are done by Sumandro Chattapadhyay, based on data compilation and analysis by Jyoti Pandey, and with data entry suport from Chandrasekhar.

All code, content and data is co-owned by the author(s) and Centre for Internet and Society, Bangalore, India, and shared under Creative Commons Attribution-ShareAlike 2.5 India license.

Created by Sumandro using Google Charts. Google Terms of Use and Data Policy. Download the data.

This Sankey diagram shows all the countries/regions from where contributions have come in on the left side, and all the various types of organisations on the right side. Use the mouse cursor to hover over a country to see what proportion of the submissions from that country has come from which type of organisation, or hover over an organisation type to see what proportion of submission from such organisations have come in from which countries. The height of the blue bars next to the country/region names and organisation types indicate at the respective proportions among all the contributions. Certain submissions have been contributed by global organisations, such as Internet Society, ICANN and Commonwealth agencies. These submissions have been included in the 'Global' division in the above chart.

---

The Centre for Internet and Society, Bangalore, India, is a non-profit research organization that works on policy issues relating to freedom of expression, privacy, accessibility for persons with disabilities, access to knowledge and IPR reform, and openness, and engages in academic research on digital natives and digital humanities.

The visualisations are done by Sumandro Chattapadhyay, based on data compilation and analysis by Jyoti Pandey, and with data entry suport from Chandrasekhar.

Created by Sumandro using Datamaps.

The map shows (in *green*) all the countries from where no contributions (by any kinds of organisation) have been submitted to NETmundial. Countries appearing in *white* are those from where contributions have been submitted. Organisations that have indicated (in their submitted contribution) that they are either 'global' or 'international' organisations with headquarter in a specific country(ies), or a coalition of several organisations from different countries, have not been considered while making the above map. Such organisations (not considered while making this map) include African ICT/IG Stakeholders, Association for Progressive Communications, Best Bits, Just Net Coalition, OECD, etc. To see the map of all the countries from where the respective governments have not submitted any contributions to NETmundial, click here.

---

The Centre for Internet and Society, Bangalore, India, is a non-profit research organization that works on policy issues relating to freedom of expression, privacy, accessibility for persons with disabilities, access to knowledge and IPR reform, and openness, and engages in academic research on digital natives and digital humanities.

The visualisations are done by Sumandro Chattapadhyay, based on data compilation and analysis by Jyoti Pandey, and with data entry suport from Chandrasekhar.

Built on Bootstrap by Sumandro

All code, content and data is co-owned by the author(s) and Centre for Internet and Society, Bangalore, India, and shared under Creative Commons Attribution-ShareAlike 2.5 India license.

Created by Sumandro using Datamaps.

The map shows (in *green*) all the countries from where no government agency has submitted any contribution to NETmundial. Governments of the countries appearing in *white* have contributed to the NETmundial process. Inter-governmental and international bodies that have submitted contributions to NETmundial -- such as OECD and UNESCO -- have not been considered while creating the above map. To see the map of all the countries from where there have been no contributions (by any kinds of organisation) to NETmundial, click here.

---

The Centre for Internet and Society, Bangalore, India, is a non-profit research organization that works on policy issues relating to freedom of expression, privacy, accessibility for persons with disabilities, access to knowledge and IPR reform, and openness, and engages in academic research on digital natives and digital humanities.

The visualisations are done by Sumandro Chattapadhyay, based on data compilation and analysis by Jyoti Panday, and with data entry support from Chandrasekhar.

Built on Bootstrap by Sumandro.

All code, content and data is co-owned by the author(s) and Centre for Internet and Society, Bangalore, India, and shared under Creative Commons Attribution-ShareAlike 2.5 India license.

---

---

Created by Sumandro using R. Download the R code. Download the data.

These word clouds show the hundred most frequently appearing words in the aggregated contribution text of each type of organisations. The size of the words in these diagrams refer to their frequency of appearance. A larger size refers to higher frequency of appearance. The colour of the words have been differentiated to group the words according to their freuqency of appearance. The color hierarchy is as follows: Green, Pink, Blue, Red. While creating these word clouds, certain common English words (like, 'the' and 'and') and obvious words for the contributions (like, 'internet' and 'governance') have been ommitted. The full list of ommitted words have been documented in the R code used to generate the diagrams.

Built on Bootstrap by Sumandro.

All code, content and data is co-owned by the author(s) and Centre for Internet and Society, Bangalore, India, and shared under Creative Commons Attribution-ShareAlike 2.5 India license.

The issue of how to ensure the legitimacy and accountability of ICANN is a concern which finds voice in many of the proposals. Generally speaking, the issue of representation, and legitimacy of ICANN members is a point which all proposals regarding ICANN accountability consider. The issue of funding also came up in several of the submissions. The Brazilian Internet Steering Committee, Joint Contribution of Civil Society from Latin America, submissions from University of Gezira in Sudan and NIC Mexico, called for increased funding for participation of stakeholders from developing countries in ICANN and other multistakeholder meetings. The Government of Austria expressed concern over dwindling funding of IGF and called for improvement of the same. In this scenario of crunched funds, submissions by Article 19 and BestBits as well as Net Coalition proposed the use of a percentage of ICANN’s gTLD revenues to fund inclusive participation in the multistakeholder process.

Apart from these concerns, submissions to NetMundial '14 also raised a myriad of different issues around the functioning of ICANN. Nevertheless, four broad stands can be gleaned from the issue of accountability of ICANN. These are as follows:

I. Submissions which suggest that oversight over ICANN should end, and ICANN accountability should be internalised.

8 submissions to the NetMundial 2014 were of the opinion that ICANN should become an independent body with no oversight exercised by any other body on it. In other words, these proposals opposed the replacement of current US government oversight on ICANN, by oversight through any other body. In such a case, accountability of ICANN was sought to be ensured through strengthening multistakeholderism and reform within the ICANN structure.

Most of these submissions came from the civil society (4) or the technical community (2); 1 from Panel on Global Internet Cooperation and Governance Mechanisms, which identifies as “other”, and 1 from the Government of France. 3 of these proposals represent a global community, 2 come from North America or USA, 1 from France, 1 from New Zealand and 1 from the Democratic Republic of Congo.

The ICANN model proposed in the submission from Internet Governance Project (IGP), from the North American civil society, found support among other contributors in this category. The proposal was based on the principle that oversight of ICANN must not be internationalised but ended. The rationale behind such proposal was that giving additional stakeholders besides the NTIA a say in IANA function and ICANN oversight will only politicise ICANN and make it a subject of possible geopolitical power struggles by governments, ultimately ignoring the interests of internet users all over the world. While calling for an end to ICANN oversight through any or all government agencies, the proposal also called for the strengthening of multistakeholderism within ICANN. This proposal was explicitly supported by InternetNZ, from the New Zealand technical community, in its proposal, as well as to quite an extent by Article 19 and BestBits, from the global civil society, in their proposal.

IGP’s submission also suggested whittling down of ICANN’s powers in order to separate management of IANA functions from ICANN’s present mandate. This is a point where the submissions in this category diverge. Submissions from IGP with Article 19 and BestBits, Association for Progressive Communications (APC) from the civil society and InternetNZ and Avri Doria, from the technical community, recommended the separation of IANA functions from the ICANN. The French Government submission, on the other hand, did not envisage separation of management IANA function from ICANN, but rather the internalisation of the former within the latter, even as proposing an independent and multistakeholder structure for ICANN with suitable accountability mechanisms for all stakeholders.

The submission from Article 19 and BestBits, in fact, suggested further narrowing of ICANN’s mandate by explicitly including a clause in its bylaws to prevent it from engaging in content regulation or conduct that could violate freedom of expression or privacy on the internet, including technical policy making involving trademarks and intellectual property. Such suggestions were made based on the fear that, if unregulated, ICANN might increasingly make its foray into public policy issues like content regulation, as happened in the .xxx controversy. Consequently, the submission from Article 19 and BestBits also suggested that ICANN’s bylaws include a provision whereby private parties can legally challenge ICANN’s actions on grounds of human rights violations before local courts or arbitration tribunals.

This approval for local dispute resolution when the submission agrees with the suitability of Californian law for ICANN incorporation is, however, likely to cause consternation amongst non-American stakeholders. While the submission is not averse to the idea of ICANN expanding its reach globally through creation of subsidiaries (preferably in western Europe), it also takes a firm stand on ICANN not moving its headquarters out of the US. The advantages of such status quo are seen in stability of current agreements with registrars etc., but the idea of ICANN being ultimately subject to Californian law and its courts is unlikely to go down well with other global stakeholders.

One concern found across board, but more explicitly in submissions of Article 19 and BestBits and Avri Doria was the strengthening of ICANN board by making it more representative and accountable through mechanisms of internal accountability like the ATRT2 Transparency and Accountability Review process. Avri Doria of USA, in her submission suggested, the improvement of accountability mechanisms in ICANN by supplementing the ATRT process with a strong appeals mechanism, as found in IETF, for accountability process and results with powers to remove officers from their roles if they do not fulfil their responsibilities. Strengthening of GAC within ICANN by making it more participatory and representative is another concern which is highlighted.

II. Submissions which suggest that oversight of ICANN should be transferred to a multilateral or intergovernmental body

A second, small category of 4 submissions argued that the oversight function of the ICANN should be transferred from the present unilateral U.S. government (NTIA) oversight, to oversight by all countries. This was suggested to counter the power imbalance exercised by one country over critical internet infrastructure, over others, by sharing oversight of ICANN with all others.

In their details, submissions in this category can be vague. While some of them envisioned transfer of ICANN control by the US Government to an intergovernmental body like the ITU, others do not specify the details of the transfer, but merely mention that ICANN oversight should be multilateral in nature. Submissions from CIPIT, part of the Kenyan academia and The Society for Knowledge Commons, civil society stakeholder covering India and Brazil, mentioned that the oversight of technical policy functions should be “multilateral” in nature, while the submission by the Government of Iran called for restructuring ICANN as an “international” organisation.

The submission by Swiss civil society organisation, Association for Proper Internet Governance, referred to the response by the Syrian representative in ITU to RFC sought by the US Department of Commerce, to bring ICANN in the aegis of ITU by signing of a MoU between the two entities, as far as technical policy decisions (eg. development of policies relating to operation of root servers and those relating to operation and administration of gTLDs and ccTLDs) are concerned. Such a proposal was found necessary in light of the non-binding advisory nature of GAC in ICANN, especially when technical policy decisions by ICANN have public policy implications. In such a scenario, the submission dubs it “strange” to relegate government to a subsidiary role within ICANN and “unusual (to say the least)” for governments to constitute a sub-committee of the board of a private company like ICANN. Consequently, the MoU between ITU and ICANN is sought to make GAC a group within ITU so as to strengthen its legitimacy and accountability.

III. Submissions which suggest that oversight of ICANN should be transferred to another body not intergovernmental in nature.

10 submissions suggested the transfer of ICANN oversight to a non-intergovernmental or multilateral body. 2 of these proposals came from governments and 1 from the Brazilian Internet Steering Committee, which identifies as “other”, 3 from the private sector, 2 from civil society and 1 from technical community and academia each. Most of these proposals come from European stakeholders (5), 1 each from Brazil and Argentina, 1 from India, 1 from Nigeria, and 1 from the global civil society group, Just Net Coalition.

Like the last category, these submissions also expressed their dissatisfaction with the unilateral US Government oversight of ICANN, but suggested replacing it with a non-multilateral body. Details of the composition of such bodies vary. Some called for replacement by a technical body, other envision a wholly newly created multistakeholder body, yet others called for signing of the present ICANN AoC with US Government, by a number of stakeholders, which would not include just governments.

One such submission came from Portuguese academic, Luis Magalhaes, which called for the signature of ICANN AoCs with all the stakeholders in internet governance, thus effectively replacing oversight by NTIA to oversight by all stakeholders. This submission also expressed concern over the incorporation of ICANN under Californian law, and suggests that ICANN should be regulated in an international law framework, though without relinquishing its control to merely governments. Submission by the private sector stakeholder Orange Group also looked to expand the AoC of ICANN to include within it, the “ICANN community and stakeholders including Governments represented through the GAC.”

Private sector stakeholder from the UK, Nominet, similarly, called for wider engagement in the ICANN AoC and ensuring wider engagement for transparency and accountability in the AoC process. It also called to end ambiguity about the legal jurisdiction for ICANN, while including and strengthening ITU and IGF in the internet governance ecosystem. Submission by private player, Data Security Council of India, while endorsing “a multistakeholder model with defined roles of relevant stakeholders” was vaguer about the model it sought for ICANN. But it called for nomination of stakeholders by Governments rather than ICANN selecting them without transparency.

The Austrian Government submission, on the other hand, was more ambiguous. It envisaged the extension of AoCs regarding ICANN and IANA while ensuring “the full participation of all stakeholders, from both developed and developing countries, within their respective roles and responsibilities.” In its submission, the Government of Argentina sought to “promote the internationalisation of ICANN through a deep revision of the current structure,” and ensure “active representation from all regions and all actors in the ICANN structure, including representatives of governments on an equal footing,” especially in the structures of ICANN Board, SSAC and GNSO.

The submission by Brazilian Internet Steering Committee similarly, looked to export oversight to entities outside of ICANN in its submission, as long as such entities are recognised as representative of the international public interest. This was suggested with the rationale to avoid a situation where the same organisation is responsible is responsible for policy making as well as its implementation. The Committee also suggested strengthening of ATRT2 process, as well as reform of GNSO and of ALAC so that the latter can have transparent processes for nomination of members, as well as participate in policy development processes in GNSO, along with increased government participation in GNSO. It was also suggested that the number of ICANN Board seats allocated by NomCom should be reduced in order to increase slots for Board members directly elected by the SOs.

Other submissions offered a more detailed view into the composition of the oversight entity recommended to replace NTIA. The submission by global civil society organisation, Just Net Coalition, for example, proposed the formation of a “Internet Technical and Advisory Board” to discharge ICANN oversight function by replacing the present NTIA oversight role. In addition, this board was recommended to advice on public policy perspectives to various technical standards bodies, and thus act as the link between public policy bodies and these standards bodies. The composition of such a board was recommended to consist of people with specialised technical expertise but also with appropriate political legitimacy, ensured via a democratic process. 10-15 members were envisaged in such a board which could include 1 member from each of the Regional Internet Registries (RIRs). 2-3 members from each of the 5 geographic regions as understood in the UN system to be selected through an appropriate process by the relevant technical standards bodies and/or country domain name bodies of all the countries of the respective region were suggested to be part of the board. It was preferred that these members would come from the top recognised technical academic bodies of each country/region, but the entire constitution of the board was left open to other suggestions in Just Net Coalition’s submission.

The technical community stakeholder, Nigeria Internet Registration Association, on the other hand, offered a rather confused proposal for the formation of a “World Internet Governance Organisation (WIGO),”envisaged as “a global organisation with equal participation of the Government, Private sector, Civil Society, Technical Community in a multi-stakeholder consensus building NET-NATIONS.” But while in the beginning the submission suggests a multistakeholder composition of WIGO, seemingly for oversight of ICANN, later the submission sparks the idea that ICANN itself should be changed to WIGO.

Global Geneva’s submission proposed to transfer ICANN oversight to a body called World Internet Forum, which, while part of the UN system, is envisioned as a multistakeholder venue for citizens globally, where constituencies are not governments. ICANN is allowed to pursue technical policy functions like gTLD management under the supervision of WIF, while not encroaching on public policy matters. IANA function is envisaged to be managed separately from the ICANN.

In many of these submissions, like those of Argentinian Government and Brazilian Internet Steering Committee emphasis was also paid on the strengthening of GAC, while taking into consideration stakeholders other than governments.

IV. Submissions which endorse globalisation and multistakeholder governance of ICANN but are vague about the specifics of such governance model

Lastly, there are submissions which call for the globalisation of ICANN and express their dissatisfaction with the U.S. Government oversight of it, while endorsing multistakeholder governance. However, these submissions are also vague about the details of such ICANN globalisation, and the structures in which it will be held accountable.  4 such submissions emerge from governments (Spain, Norway, Mexico and the European Commission), 6 from the private sector, 2 from the technical community, and 2 from the civil society. Europe leads in this category of proposals with 6 of these proposals emerging from there, 2 from Latin America and Mexico each (4 altogether), 1 from Kuwait, 1 from Japan, 1 from the NRO (identifying itself from Mauritius) and 1 from the global GSM Association of mobile operators.

A list of these submissions is provided below.

Sl.No.	Proposal No.	Name of Proposal	Organisation	Sector	Region	Link
	46	Norwegian Contribution to the Sao Paulo Meeting	Norwegian government	Government	Norway, Europe	http://content.netmundial.br/contribution/norwegian-government/137
	50	Contribution from the GSM Association to the Global Multistakeholder Meeting on the Future of Internet Governance	GSMA	Private Sector	Global	http://content.netmundial.br/contribution/contribution-from-the-gsm-association-to-the-global-multistakeholder-meeting-on-the-future-of-internet-governance/141
	51	Contribution of Telefonica to NETmundial	Telefonica, S.A.	Private Sector	Spain	http://content.netmundial.br/contribution/contribution-of-telefonica-to-netmundial/143
	56	ETNO Contribution to NETmundial	ETNO [European Telecommunications Network Operators' Association]	Private Sector	Belgium	http://content.netmundial.br/contribution/etno-contribution-to-netmundial/148
	64	Submission by AHCIET to the Global Multistakeholder Meeting on the Future of Internet Governance. NETmundial	AHCIET	Private Sector	Latin America	http://content.netmundial.br/contribution/submission-by-ahciet-to-the-global-multistakeholder-meeting-on-the-future-of-internet-governance-netmundial/157
	70	Spanish Government Contribution to the Global Multi-stakeholder Meeting on the Future of Internet Governance	Ministry of Industry, Energy and Tourism, Spain	Government	Spain	http://content.netmundial.br/contribution/multistakeholder-human-rights-stability-gac/165
	80	Roadmap for the Further Evolution of the Internet Governance Ecosystem	European Commission	Government	Europe	http://content.netmundial.br/contribution/roadmap-for-the-further-evolution-of-the-internet-governance-ecosystem/177
10.	106	Submission on Internet Governance Principles and Roadmap for the Further Evolution of the Internet Governance Ecosystem	Kuwait Information Technology Society	Civil Society	Kuwait	http://content.netmundial.br/contribution/kuwait-information-technology-society-kits-submission-on-internet-governance-principles-and-roadmap-for-the-further-evolution-of-the-internet-governance-ecosystem/214
	111	Content Submission by the Federal Government of Mexico	Secretara de Comunicaciones y Transportes, Mexico	Government	Mexico	http://content.netmundial.br/contribution/content-submission-by-the-federal-government-of-mexico/219
10.	114	Better Understanding and Co-operation for Internet Governance Principles and Its Roadmap	Japan Internet Service Providers Association	Private Sector	Japan	http://content.netmundial.br/contribution/better-understanding-cooperation-for-internet-governance-principles-its-roadmap/222
11.	116	Deutsche Telekom’s Contribution for to the Global Multistakeholder Meeting on the Future of Internet Governance	Deutsche Telekom AG	Private Sector	Germany/Europe	http://content.netmundial.br/contribution/deutsche-telekom-s-contribution-for-to-the-global-multistakeholder-meeting-on-the-future-of-internet-governance/225
12.	135	Joint Contributions of Civil Society Organisations from Latin America to NetMundial	Group of individuals and Civil Society Organizations from Latin America	Civil Society	Latin America	http://content.netmundial.br/contribution/joint-contributions-of-civil-society-organizations-from-latin-america-to-netmundial/251
13.	143	NRO Contribution to NETmundial	NRO (for AFRINIC, APNIC, ARIN, LACNIC, RIPE-NCC)	Technical Community	Mauritius	http://content.netmundial.br/contribution/nro-contribution-to-netmundial/259
14.	183	NETmundial Content Submission- endorsed by NIC Mexico	NIC Mexico	Technical Community	Mexico	http://content.netmundial.br/contribution/netmundial-content-submission-endorsed-by-nic-mexico/302

***

A previous version of this post performed preliminary analysis of the NETmundial submissions. It may be found here.

Every evening is capped by a music performance, and the opening act was a stand-out two-hour visual extravaganza by Tom Zé, Tropicalia's most avant-garde exponent. Lula (Luiz Inácio Lula da Silva, the previous President of Brazil) was supposed to join us at 7 p.m. today to discuss Marco Civil da Internet - the Brazilian bill for "civil rights" on the Internet - but was a no show.

No matter: Marco Civil was passed into law by the Senate at about 8 p.m. this evening, and President Dilma Rousseff (who reportedly willed this meeting into being) is expected to sign her assent to it tomorrow morning at the opening of NETmundial, which she is scheduled to attend. (While the global press around Marco Civil is unanimously positive and upbeat, it's worth noting that there is one problematic provision — the issue of data retention — that many folks from Brazilian civil society see as a huge loss).

A host of civil society groups spent the day at Arena NETmundial figuring out how to stage a coordinated, detailed and forceful response to what many saw as watered-down text from the NETmundial organisers. (Several corporate representatives and some academics also saw it as watered-down, but from another direction).

There are several puzzling aspects to the shape NETmundial has assumed. What began as a response to the Snowden leaks — the unprecedented scale of the US government sponsored, NSA-executed surveillance — has become a meeting that strangely doesn't have all that much to say about surveillance, perhaps thanks to the various partners roped in to manage the process. There is little that references the bitter SOPA/PIPA battles of two years ago, and not much in the NETmundial outcome document that addresses the manner in which a sovereign state has outrageously sought to export its national application of copyright onto the global Internet landscape. The civil society meeting produced language to address both these situations.

Perhaps the most confounding aspect of this meeting is the manner in which the word "multistakeholder" is thrown about by people of every political stripe. Seemingly, if there is one thing that most everyone, from governments to businesses to civil society activists at NETmundial agree on, it is that multistakeholderism has an essential place in the future of Internet governance.

That being as it is, I asked a bunch of people what their interpretation of the term was, and many agreed to be recorded. Their answers were surprising, to say the least.

This is what they said:

Q: What does "multi-stakeholder" mean? What is "multi-stakeholderism"?

I think multistakeholderism is a kind of democracy, which means, in the public policy area, other than the critical internet resources, usually only governments make public policy. They sometimes consult with other stakeholders, but it is not usually open or transparent and it is very selective. They only choose the experts they like. I think "multistakeholder" is useful in comparison with an inter-governmental or governmental process.

Byoungil Oh from the Korean Progressive Network Jinbonet

Multistakeholderism is a mechanism to ensure that people who are affected or have the potential to be affected by a policy or a technical decision get to have a say in the decision, in the process, or in coming to a decision, so that their rights — the rights of the affected people — are assured. I think there should be some sort of equity, currently the way multistakeholderism is being carried out is that certain stakeholders carry much higher weight and I think that is something that needs to be addressed.

YoungEum Lee from Korea National Open University (Korea)

If multistakeholderism is a form of institutionalising participatory democracy, then it's good. But public policy decision making is only something that the representatives of people can do. For me, that's sacrosanct. When you're taking in views, in consultation, multistakeholderism works. But public policy decision-making, at a global level, has to be a multilateral process. However, it has to be embedded into a huge amount of public consultations, transparencies, accountabilities, etc., which could be a multistakeholder system.

Parminder Jeet Singh from IT for Change (ITFC) (India)

I hate with a passion the concept of multistakeholderism. For me, how it can make sense is by recognising there are multiple stakeholders. And they’re not fixed. But issues affect different people in different ways and these people need to be involved in decision making processes. It's an approach that can potentially democratise processes by identifying who is affected by those processes and making sure they participate in them. But turning them into an -ism which is undifferentiated, which doesn't recognise conflict, power, voice, and that there are differences, makes it meaningless and also possibly dangerous.

Anriette Esterhuysen from the Association for Progressive Communications (APC) (South Africa)

This multistakeholderism thing I think is bullshit. We now a have a clear picture of technology as a whole being turned against its users, being turned into a tool for oppression, for control. And when you look at the most important struggles of the 20th century, whether women's rights or civil rights or gay rights, it never happened with a total global consensus. This is an illusion. What we need is to affirm that we citizens have the right to decide. We are the only stakeholders here, because we are the co-owners of the Internet as a public good.

Jérémie Zimmermann, co-founder of La Quadrature du Net (France)

Everyone has to participate, and everyone has to decide what is the future of the Internet. I think that we need to improve our networks. There is no real answer here: for me it is very difficult to think of the kind of discussion we will have, but I know that my voice is probably useful for others who are in a similar situation to me.

Pilar Saenz from the Karisma Foundation (Colombia)

Multistakeholderism means that we are going to smash the patriarchy. Ask me what the colour blue means? [Ok: What does the colour blue mean?] The colour blue means we are going to smash the patriarchy.

Jacob Appelbaum, journalist, activist and core member of the TOR Project (USA/Germany)

Ultimately rights are embedded in laws. But when it comes to an international framework, in the current Internet governance model, nothing is based in law, including the domain name system. So the whole structure of international Internet governance is divorced from international law, and that's why, when you talk of a multistakeholder model, what you are really saying is that the market will finally determine what happens. No stakeholder is going to operate against its own interest whether it be governments or corporations. We need an international legal framework, from which the powers - or rights - of Internet governance emerge. Without that you're leaving it to the market. In reality, even today, what we have is a private-sector-led multistakeholder model.

Prabir Purkayastha from Knowledge Commons and the JustNet Coalition (India)

What does multistakeholderism mean? Listen, I'm a brown person from a developing country, and I'm female.

Anonymous

Introduction

A technically borderless Internet, in a world defined by national boundaries, brings many challenges in its wake. The social, ethical and legal standards of all countries are affected by technical standards and procedures, created by a few global players. This disparity in capacity and opportunities to participate and shape Internet policy, fuelled by Edward Snowden's revelations led to the development of the Global Multi-stakeholder Meeting on the Future of Internet Governance or NETmundial. Set against, an urgent need for interdisciplinary knowledge assessment towards establishing global guiding principles with respect to the technological architecture and the legal framework of the Internet–NETmundial is seen as a critical step in moving towards a global policy framework for Internet Governance (IG). As stakeholder groups from across the world come together to discuss future forms of governance, one of the most widely discussed issues will be that of Multistakeholderism (MSism).

Multistakeholderism

The governance structure of the Multistakeholder model is based on the notion, that stakeholders most impacted by decisions should be involved in the process of decision making. The collaborative multistakeholder spirit has been widely adopted within the Internet Governance fora, with proponents spread across regions and communities involved in the running, management and use of the Internet. So far, MSism has worked well in the coordination of technical networking standards and efforts to set norms and best practices in defined areas, in the realm of technical governance of the Internet.  However, the extension  of MSism beyond truly voluntary, decentralized and targeted contexts and expanding its applicability, to other substantive areas of Internet Governance is proving a challenge. Beyond defining how the process of policymaking should be undertaken, MSism does not provide any guidance on substantive policy issues of Internet governance. With the increasing impact of Internet technology on human lives and framed against the complexity of issues such as security, access and privacy, the consensus on MSism is further rendered unattainable.

The need for contextualizing the model aside, as with most policy negotiations certain open concepts and words have also prevented agreement and adoption of MSism as the best way forward for IG. One such open and perhaps, the most contentious issue with respect to the legitimacy of MSism in managing Internet functions is the role of stakeholders. A key element of MSism is that decisions will be made by and including all relevant stakeholders. Stakeholder groups are broadly classified to include governments, technical community and academia, private sector and civil society. With each stakeholder representing diverse and often conflicting interests, creating a consensus process that goes beyond a set of rules and practices promising a seat at the negotiation table and is supportive of broad public interest is a challenging task that needs urgent addressing.

This post aims to add to the discourse on defining the role and scope of stakeholders' decision-making powers, towards a better understanding of the term "in their respective role". Addressing the complexity of functions in managing and running the Internet and the diversity of stakeholders that are affected and hence should be included in decision making, I have limited the scope of my analysis to cover three broad internet management functions:

1. Technical: Issues related to infrastructure and the management of critical Internet resources
2. Policy: Issues relating to the developmental aspects, capacity building, bridging digital divide, human rights
3. Implementation: Issues relating to the use of the Internet including jurisdictional law, legislation spam, network security and cybercrime

While this may be an oversimplification of complex and interconnected layers of management and coordination, in my opinion, broad categorisation of issues is necessary, if not an ideal starting point for the purpose of this analysis. I have considered only the submissions categorised under the theme of Roadmap, seeking commonalities  across stakeholder groups and regions on the role of stakeholders and their participation in the three broad functions of technology, policy and implementation.

Towards a definition of respective roles: Analysis NETmundial submissions on Roadmap

There were a total of 44 submissions specific to Roadmap with civil society (20) contributing more than any other group including academia (7), government (4), technical community (5), private sector (3) and other (5). MSism sees support across most stakeholder groups and many submissions highlight or agree on participation and inclusion in decision making processes.

Regionally, submissions from North (24) were dominated by USA (10) with contributions cutting across academia (4), civil society (2), technical community (2) and other (2). Brazil (5) contributed the most to submissions from South (15), followed by Argentina (3). The submissions were consistent with the gender disparity prevalent in the larger technology community with only 12 females contributing submissions. An overwhelming number of submissions (38), thought that the multistakeholder (MS) model needs further definition or improvements, however, suggestions on how best to achieve this varied widely across stakeholders and regional boundaries. Only 16 submissions referenced or suggested Internet Governance Forum (IGF) in its present capacity or with an expanded policy role as a mechanism of implementing MSism on the Internet.

Many submissions referred to issues related to the management of critical internet resources (CIRs), the role of ICANN and US oversight of IANA functions. A total of 11 submissions referred to or specified governance processes with respect to technical functions and issues related to critical resources with civil society (5) and academia (3) contributing the most. In an area that perhaps has the most direct relevance to their work, the technical community was conspicuous with just two submissions making any concrete recommendations. The European Commission was the only governmental organisation that addressed this issue, recommending an expansion of the role of IGF.  There were no specific recommendations from the private sector.

The suggestions on oversight and decision making mechanism were most conflicted for this category of Internet functions and included:

• setting up a technical advisory group, positioned within a new intergovernmental body World Internet Organization (WIO) framework;
• splitting IANA functions into protocol parameters, that Internet Engineering Task Force (IETF) will be responsible for and IP address-related functions retained by ICANN
• expanding the role of IGF, possibly creating an IGF Secretariat
• expanding the role of Government Advisory Committee (GAC) to mainstream government representatives participation within supporting organisations, in particular the Generic Name Supporting Organisation (GNRO)
• expanding the role of private sector
• expanding the role of ICANN with multistakeholder values
• expanding the role of all stakeholders
• implementing changes that do not necessarily require legislative acts or similar hard law approaches and implementation does not necessitate international treaties or intergovernmental structures
• establishing a new non-profit corporation DNS Authority (DNSA) combining the IANA Functions and the Root Zone Maintainer roles in
• improving transparency and accountability of current bodies managing CIRs

16 submissions referred to issues related to policy development and implementation including developmental aspects, capacity building, bridging digital divide and human rights. All submissions called for a reform or further definition of MSism and included recommendations from civil society (5), academia (4), technical community (2), governments (2), private sector (1) and Other (2). All stakeholder groups across regions, unanimously agreed that all stakeholders within their respective role should have a role in decision making and within public policy functions. There was however, no broad consensus on the best way to achieve this.

Specific recommendations and views captured on who should be involved in policy related decision making and what possible frameworks could be developed included:

• improving existing intergovernmental organizations
• creating Internet Ad Hoc Group
• modularization of ICANN’s functions
• creating a stewardship group IETF, ICANN and the RIRs
• creating an independent IANA as an International NGO with host country agreements  governed by its MOUs-defined by the IANA Stewardship Group prior to the signing of MOUs with IANA Partners
• creating a 'new body' to develop international level public policies in concerned areas; seek appropriate harmonization of national level policies; and facilitate required treaties, conventions and agreements
• responsibility of the definition of these policies rests within the States as an inalienable right
• continuity of bottom-up oversight enables a better view of an organization and thus better accountability as government oversight will destroy multistakeholder character
• evolving global governance norms that separate DNS maintenance from policies on TLDs, as well as public policies that intersect with nations’ rights to make them
• policy makers incrementally develop formal and informal relationships
• dealing with conflict of interest and ensuring pluralism
• full multi-stakeholder framework including possible establishment of Working Groups where all parties concerned are represented

18 submissions referred to issues related to the implementation of standards including issues relating to the use of the Internet including jurisdiction, law, legislation, spam, network security and cybercrime. All submissions called for a reform or further definition of MSism values and included recommendations from civil society (8), academia (3), technical community (3), governments (2), private sector (1) and other (1). Stakeholders from academia (5), civil society (3) and government (1) collectively called for the reform of ICANN guided by multistakeholder values, but did not specify how this reform would be achieved.

Specific recommendations on the improvements of institutional frameworks and arrangements for issues related to implementation of  standards included:

• establishment of double system of arbitrage/settlement placed under World Internet Forum (WIF) scrutiny and under the neutral oversight and arbitrage of the UN general secretariat
• new legal instruments in establishing MS model need to be adopted
• establishment of the Internet Technical Oversight and Advisory Board (ITOAB) replace the US government's current oversight role
• multilateral frameworks with oversight role of governments

In summation,  the classification of Internet functions discussed above, presents a very broad view of complex, dynamic and often, interrelated relationships amongst stakeholder groups. However, even within these very broad categories there are various interpretations of how MSism should evolve.

To come back to the very beginning of this post,  NETmundial is an important step towards a global policy framework for Internet governance. This is the first meeting outside formal processes and it is difficult to know what to expect, partly as the expectations are not clear and range widely across stakeholders. Whatever the outcome,  NETmundial's real contribution to Internet Governance has been sparking anew, the discourse on multistakeholderism and its application on the Internet through the creation of a spontaneous order amongst diverse actors and providing a common platform for divergent views to come together.

NETmundial Day 1

>
>***LIVE SCRIBING BY BREWER & DARRENOUGUE - WWW.QUICKTEXT.COM***
>------
>>> LADIES AND GENTLEMEN, GOOD MORNING. IN SOME MINUTES WE WILL HAVE OUR OPENING SESSION OF OUR GLOBAL MULTISTAKEHOLDER MEETING ON THE FUTURE OF THE INTERNET GOVERNANCE. PLEASE TURN OFF YOUR MOBILE PHONES OR TURN THEM INTO VIBRATING. PLEASE TAKE YOUR SEATS. OR SHUT IT OFF. THANK YOU VERY MUCH.
>------
>------
>>> LADIES AND GENTLEMEN, PLEASE TAKE YOUR SEATS AND PLEASE TURN OFF YOUR MOBILE PHONES OR SET THEM INTO SILENT MODE. IN SOME MINUTES, WE ARE GOING TO START OUR OPENING CEREMONY OF OUR GLOBAL MULTISTAKEHOLDER MEETING ON THE FUTURE GOVERNANCE OF THE INTERNET.
>------
>------
>>> PLEASE TAKE YOUR SEATS AND TURN OFF YOUR MOBILE PHONES OR SET THEM INTO SILENT MODE. IN A FEW MINUTES, WE WILL START OUR OPENING CEREMONY OF THE GLOBAL MULTISTAKEHOLDER MEETING ON THE FUTURE OF INTERNET GOVERNANCE.
>------
>------
>------
>------
>>> LADIES AND GENTLEMEN, IN SOME MINUTES WE WILL START OFF THE OPENING CEREMONY OF THE GLOBAL MULTISTAKEHOLDER MEETING ON THE FUTURE OF INTERNET GOVERNANCE.
>------
>------
>[MUSIC ] >> THIS IS MY INTERNET.
>>> THIS IS MY INTERNET.
>------
>------
>------
>------
>------
>>> LADIES AND GENTLEMEN, THE PRESIDENT OF BRAZIL, HER EXCELLENCY DILMA ROUSSEFF. THE CHAIRMAN OF NETmundial, VIRGILIO ALMEIDA, AND THE MIKE RODENBAUGH OF SAO PAULO, THE COO OF ICANN, FADI CHEHADE, AND THE REPRESENTATIVE OF THE TECHNICAL SECTOR AND CREATOR OF THE WEB, TIM BERNERS-LEE. REPRESENTATIVE OF THE PRIVATE SECRETARY AND VICE PRESIDENT OF GOOGLE, VINT CERF, AND THE REPRESENTATIVE OF THE -- OF CIVIL SOCIETY, COFOUNDER, NNENNA NWAKANMA.
>[APPLAUSE ] >> WE ARE STARTING OFF THIS EFFORT AND WE ARE GOING TO LISTEN TO THE NATIONAL ANTHEM OF BRAZIL.
>[ PLAYING OF NATIONAL ANTHEM. ] [APPLAUSE ] >> WE ARE GOING TO LISTEN TO THE WORDS OF THE MINISTER OF COMMUNICATIONS, PAULO BERNARDO.
>>>PAULO BERNARDO SILVA: GOOD MORNING, HER EXCELLENCY DILMA ROUSSEFF, MEMBERS HERE AND PARTICIPANTS OF THIS MEETING.
>LADIES AND GENTLEMEN, WELCOME TO BRAZIL AND TO NETmundial. WE ARE VERY PROUD AND FEEL VERY RESPONSIBLE FOR RECEIVING YOU IN SAO PAULO.
>ALL OF YOU WHO CARE ABOUT INTERNET IN THE FUTURE HAVE REASONS FOR BEING PLEASED WITH WHAT WE ARE GOING TO DO TODAY.
>THIS MEETING IS THE CONCRETIZATION OF ALL OUR WISHES. WE NEEDED AN ADEQUATE ENVIRONMENT FOR THIS TO BE VOICED. WE BELIEVE THAT NETmundial IS THIS ENVIRONMENT WE NEED. FREE PARTICIPANTIVE AND PLURAL, AS WELL AS THE INTERNET WE BELIEVE IN.
>AND THIS IS SO BECAUSE THE CONCERN THAT GETS US TOGETHER IS GREATER THAN THE CONCERNS OF EACH PARTY. WE ARE DISCUSSING THIS INTERNET AROUND THIS TABLE OR OTHERWISE WE WILL HAVE NO FUTURE FOR THE INTERNET FROM THE VERY FIRST MOMENT, THE DIFFERENT STAKEHOLDERS GOT INVOLVED IN THE ORGANIZATION OF THIS EVENT AND THE PROOF OF THIS ENVIRONMENT IS HERE IN THE GREAT DIVERSITY OF CONTRIBUTIONS RECEIVED.
>WE ALSO HAVE HERE MANY AUTHORITIES AND PARTICIPANTS. WE'D LIKE TO THANK EACH ONE OF YOU AND CONGRATULATE EACH ONE OF YOU FROM DIFFERENT COUNTRIES. WE'RE ALL PROTAGONISTS OF AN HISTORICAL MOMENT AND TODAY WHAT WE HAVE BEFORE US IS A CHALLENGE TO MAKE THE MOST FOR ALL THE DIFFERENT OPINIONS IN FAVOR OF A UNIQUE PATH.
>THIS PATH HAS A VERY STRAIGHT SENSE OF ORIENTATION, A FREE AND UNFRAGMENTED INTERNET. THAT'S THE BEST WE CAN HAVE, THE CAPACITY TO CONNECT, TO MOBILIZE, TO INNOVATE, TO CREATE RICHNESS OF CULTURE OR WHATEVER, AND RESPECT THE LINKS. SO INTERNET BEING RULED BY MORE PEOPLE COULD REACH MORE PEOPLE IN THE WORLD.
>SO I WISH THAT WHEN WE LEAVE SAO PAULO, WE CAN 81BRATE A NEW AND PROMISSORY BEGINNING. THIS IS OUR RESPONSIBILITY HERE, AND THANK YOU VERY MUCH. AND HAVE A GOOD MEETING. THANK YOU.
>[APPLAUSE ] >> NOW, MR. HONKING, SECRETARY-GENERAL OF THE UNITED NATIONS FOR BUSINESS MATTERS WILL DELIVER HIS MESSAGE FROM THE SECRETARY-GENERAL, BAN KI-MOON.
>>>WU HONGBO: YOUR EXCELLENCY, PRESIDENT ROUSSEFF, DISTINGUISHED MINISTERS, EXCELLENCIES, DISTINGUISHED DELEGATES, COLLEAGUES, LADIES AND GENTLEMEN.
>I'M HONORED TO BE HERE WITH YOU FOR THIS IMPORTANT EVENT. IT IS MY GREAT PLEASURE TO DELIVER A MESSAGE ON BEHALF OF THE UNITED NATIONS SECRETARY-GENERAL, MR. BAN KI-MOON.
>HERE I QUOTE: I THANK THE GOVERNMENT OF BRAZIL FOR HOSTING THE NETmundial MEETING, AND I COMMEND THIS GLOBAL MULTISTAKEHOLDER NATURE. ONLY THROUGH INCLUSIVE AND BOTTOM-UP PARTICIPATION WE BE ABLE TO FOSTER AN ACCESSIBLE, OPEN, SECURE, AND TRUSTWORTHY INTERNET.
>THE INTERNET IS TRANSFORMING SOCIETIES IN ALL REGIONS. IT IS THE BACKBONE OF OUR GLOBAL ECONOMY AND AN ESSENTIAL VEHICLE FOR DISSEMINATING INFORMATION AND IDEAS.
>ONE-THIRD OF THE PEOPLE NOW HAVE ACCESS TO THE INTERNET AND THE KNOWLEDGE AND THE TOOLS IT PROVIDES. INCREASING NUMBER OF PEOPLE NOW HAVE A PLATFORM TO VOICE THEIR OPINIONS AND PARTICIPATE IN SOCIETY FROM COMMERCE TO DEMOCRATIC DECISION-MAKING. THAT IS WHY IT IS ESSENTIAL THAT INTERNET GOVERNANCE POLICIES CONTINUE TO FOSTER FREEDOM OF EXPRESSION AND THE FREE FLOW OF INFORMATION.
>THE INTERNET AND THE INFORMATION SOCIETY HOLD TREMENDOUS PROMISE FOR THE POST-2015 DEVELOPMENT AGENDA.
>THE INTERNET CAN STRENGTHEN EFFORTS TO ERADICATE POVERTY, ADDRESS INEQUALITY, AND PROTECT AND RENEW THE PLANET'S RESOURCES.
>BUT REALIZING THE PROMISE MEANS EXPANDING INTERNET ACCESS TO NEARLY 1.3 BILLION PEOPLE WHO CURRENTLY LACK IT.
>MOST ARE IN DEVELOPING COUNTRIES AND THERE ARE SIGNIFICANT GENDER GAPS.
>INTERNET GOVERNANCE MUST, THEREFORE, WORK TO BRIDGE THE DIGITAL DIVIDE THROUGH INCLUSIVE RIGHTS-BASED POLICIES.
>INTERNET GOVERNANCE SHOULD AIM FOR UNIVERSAL ACCESS TO AN INTEROPERABLE, GLOBALLY CONNECTED, AND SAFE ONLINE SPACE.
>TO THIS END, THE PRINCIPLES OF THE WORLD SUMMIT ON THE INFORMATION SOCIETY REMAIN RELEVANT.
>THE UNITED NATIONS INVITES ALL STAKEHOLDERS TO JOIN IN THE ONGOING SUMMIT REVIEW PROCESS.
>CONFIDENCE IN THE INTERNET AND ITS GOVERNANCE IS VITAL. IF IT IS TO BE EFFECTIVELY CONTRIBUTING TO THE SUSTAINABLE DEVELOPMENT.
>IN THIS CONNECTION, I WISH TO INFORM THE MEETING I INTEND TO APPOINT AMBASSADOR JANIS KARKLINS OF LATVIA AS THE CHAIR OF THE MULTISTAKEHOLDER ADVISORY GROUP OF THE INTERNET GOVERNANCE FORUM.
>[APPLAUSE ] >>WU HONGBO: I COUNT ON MR. KARKLINS TO PROMOTE A STRENGTHENED INTERNET GOVERNANCE THROUGH BROADER PARTICIPATION, NOT ONLY BY GOVERNMENTS BUT ALSO THE PRIVATE SECTOR AND CIVIL SOCIETY, INCLUDING THE ACADEMIC AND THE TECHNICAL COMMUNITIES.
>BUILDING CONSENSUS ON THE ROADMAP FOR THE FUTURE OF INTERNET GOVERNANCE IS CRUCIAL. THIS NETmundial IS AN IMPORTANT MILESTONE. I WISH YOU A PRODUCTIVE MEETING. UNQUOTE.
>THANK YOU VERY MUCH ON BEHALF OF UNITED NATIONS DEPARTMENT OF ECONOMIC AND SOCIAL AFFAIRS, UNDESA. I WOULD LIKE TO THANK BRAZIL AND THE BRAZILIAN INTERNET STEERING COMMITTEE FOR NOT ONLY HOSTING THIS IMPORTANT MEETING, BUT ALSO FOR BEING CONSISTENT SUPPORTERS OF INTERNET GOVERNMENT FORUM. THE IGF COMMUNITY LOOKS FORWARD TO RUNNING TO BRAZIL FOR THE SECOND TIME FOR THE 10TH IGF IN 2015.
>THANK YOU VERY MUCH.
>[APPLAUSE ] >> NOW, WE ARE GOING TO LISTEN TO MS. NNENNA NWAKANMA, A REPRESENTATIVE OF CIVIL SOCIETY AND CONTRIBUTOR OF THE OPEN SOURCE FOUNDATION OF AFRICA.
>[APPLAUSE ] >>NNENNA NWAKANMA: OOH-LA-LA. YOUR EXCELLENCIES, COLLEAGUES, PRESENT AND REMOTE LADIES AND GENTLEMEN, (NON-ENGLISH WORD OR PHRASE). MY NAME IS I COME FROM THE INTERNET. I ALSO COME FROM DIVERSE CIVIL SOCIETY TEAMS AND NETWORKS, ONE OF WHICH IS THE TEAM THAT WORKS WITH THE WORLD WIDE WEB FOUNDATION.
>AT THE WEB FOUNDATION, WE ARE ENGAGED IN THE ALLIANCE FOR AFFORDABLE INTERNET. WE'RE ENGAGED IN THE WEB INDEX AND OPEN DATA INITIATIVES. ONE THING I DO FOR A LIVING IS TO ESTABLISH THE OPEN WEB AS A GLOBAL PUBLIC GOOD AND A BASIC RIGHT, ENSURING THAT EVERYONE CAN ACCESS AND USE IT FREELY. THAT'S WHAT I DO.
>I ALSO BELONG TO THE (INDISCERNIBLE) CIVIL SOCIETY PLATFORM, THE INTERNET GOVERNANCE CAUCUS FOR THE PAST 12 YEARS, AND THE AFRICA INTERNET GOVERNANCE FORUM.
>SO FOR ME, NETmundial, IN CONVENING US TO TAKE A CRITICAL LOOK AT THE PRINCIPLES AND ROADMAP FOR THE FUTURE OF THE INTERNET GOVERNANCE AVAILS ME WITH AN OPPORTUNITY TO RAISE THREE KEY ISSUES.
>THE FIRST ISSUE IS ACCESS.
>AS MUCH AS TWO-THIRDS OF THE WORLD'S POPULATION IS NOT YET CONNECTED TO THE INTERNET. THE PENETRATION RATES IN DEVELOPED COUNTRIES AVERAGE AROUND 31%, BUT IN AFRICA WHERE I COME FROM, WE ARE ABOUT 16%.
>IN THE WORLD'S 49 LEAST DEVELOPED COUNTRIES, OVER 90% OF THE POPULATION ARE STILL NOT ONLINE.
>WE HAVE 1 BILLION PEOPLE LIVING WITH DISABILITY, AND 80% OF THESE LIVE IN THE DEVELOPING COUNTRIES. EACH ONE OF THESE DESERVE ACCESS.
>ACCESS TO INFORMATION, ACCESS TO LIBRARIES, ACCESS TO KNOWLEDGE, AND ACCESS TO AFFORDABLE INTERNET.
>MY SECOND ISSUE IS SOCIAL AND ECONOMIC JUSTICE.
>THE INTERNET IS FAST BECOMING THE DOMINANT MEANS OF WEALTH CREATION, SO THE RIGHTS TO DEVELOPMENT, I THINK, SHOULD INCLUDE SOCIAL JUSTICE.
>FOR ME, IT IS NOT ENOUGH TO DO A SUPERFICIAL CAPACITY-BUILDING JUST FOR A FEW PERSONS. I'M LOOKING FOR THE MECHANISM THAT ALLOWS THE HIGHEST NUMBER OF PERSONS TO BE INCLUDED, THE LARGEST NUMBER OF VOICES TO BE HEARD, THE WIDEST EXTENT OF ACCESS TO INNOVATION, AND THE DEEPEST CREATIVITY FOR THE HUMAN MIND TO FLOURISH.
>FOR THIS, I THINK WE NEED TO START CONSIDERING THE INTERNET AS PUBLIC COMMENTS.
>MY THIRD ISSUE IS HUMAN RIGHTS AND FREEDOM.
>NOW I WILL INVITE YOU TO LISTEN THROUGH MY VOICE TO SOMEONE THAT I GREATLY RESPECT.
>THIS PERSON IS A "SHE." SHE WAS SPEAKING AT THE UNITED NATIONS GENERAL ASSEMBLY IN NEW YORK ON THE 25TH OF SEPTEMBER RAFT YEAR. DO YOU WANT TO HEAR WHAT SHE SAID?
>>> YES!
>>>NNENNA NWAKANMA: SHE SAID, "I CANNOT BUT DEFEND IN AN UNCOMPROMISING FASHION THE RIGHT TO PRIVACY OF INDIVIDUALS. IN THE ABSENCE OF THE RIGHT TO PRIVACY, THERE CAN BE NO TRUE FREEDOM OF EXPRESSION AND OPINION AND THERE IS NO EFFECTIVE DEMOCRACY." AND THAT WAS DILMA ROUSSEFF.
>[CHEERS AND APPLAUSE ] >>NNENNA NWAKANMA: OKAY. THANK YOU. RIGHT. LADIES AND GENTLEMEN, IN LOOKING FORWARD TOWARDS THE ROADMAP, I ALSO NEED TO RAISE THREE KEY ISSUES.
>MY FIRST ISSUE IS PARTICIPATION. WHEN WE STARTED, WE KICKED OFF WITH THE BASIC UNDERSTANDING THAT ALL STAKEHOLDERS HAVE A PLACE, A ROLE, A CONTRIBUTION.
>BUT AS WE'VE MOVED FURTHER DOWN THE LINE, THE IDEA OF MULTISTAKEHOLDER ENGAGEMENT IS GETTING MUDDLED AND IT'S LOSING A BIT OF ITS MEANING, SO I WOULD REQUEST THAT WE GO BACK TO THE DRAWING BOARD AND WE REVISIT IT, AND IF IT NEEDS TO UPGRADE, PLEASE LET'S DO THAT.
>BECAUSE WE NEED TO ENGAGE ALL STAKEHOLDERS AT A GLOBAL, REGIONAL, AND NATIONAL LEVELS.
>WE NEED TO ESTABLISH RESPECT AND VALUE FOR ALL CONTRIBUTIONS COMING FROM ALL STAKEHOLDERS, AND WE NEED MEANINGFUL PARTICIPATION FROM INDIVIDUALS COMING FROM DEVELOPING COUNTRIES AND UNDERREPRESENTED GROUPS.
>MY SECOND ISSUE IS RESOURCES.
>HOW DO WE ENSURE THAT RESOURCES ARE MOBILIZED AND MAINTAINED FOR A VIABLE INTERNET GOVERNANCE MECHANISM?
>THE QUESTION IS NOT JUST AT THE GLOBAL LEVEL. IT'S AT CONTINENTAL, REGIONAL, AND EVEN NATIONAL LEVELS.
>WHO'S RESOURCES ARE WE GOING TO COMMIT?
>MY FIRST THOUGHT IS THAT THE INTERNET SHOULD BE ABLE TO PROVIDE RESOURCES FOR ITS OWN GOVERNANCE. MAYBE PART OF THE DOMAIN NAME FEES SHOULD BE REINVESTED IN THIS AREA.
>[APPLAUSE ]
>>>NNENNA NWAKANMA: NOW, MY THIRD ISSUE IS CHANGE.
>NETmundial IS OFFERING US A GREAT OPPORTUNITY FOR CHANGE. CHANGE FROM ONE STAKEHOLDER HIJACKING THE PROCESS TO AN OPEN AND INCLUSIVE PROCESS. CHANGE FROM ONE OFFICIAL ISSUING ORDERS TO COLLABORATION. CHANGE FROM JUST REPORTS TO REAL TRANSPARENCY.
>CHANGE FROM POWER TO ACCOUNTABILITY. CHANGE FROM MONOLOGUES TO DIALOGUES AND DEBATES. CHANGE FROM THE RHETORIC OF CYBER-WAR TO THE NOTION OF INTERNET FOR PEACE. CHANGE FROM CYBER-THREATS TO DIGITAL SOLIDARITY. AND I DO BELIEVE THAT ALL OF THESE PRINCIPLES WILL ALSO GUIDE US IN IANA TRANSITION.
>LADIES AND GENTLEMEN, THERE IS ONE MESSAGE I MUST LEAVE WITH YOU TODAY, IT IS THE MESSAGE OF TRUST.
>WE'RE IN BRAZIL BECAUSE WE TRUST THE PERSON OF DILMA ROUSSEFF. WE ARE HERE BECAUSE WE TRUST THE NETmundial PROCESS. WE TRUST THE MULTISTAKEHOLDER APPROACH OF BRAZIL IN ITS OWN IGF, AND WE HAVE FOLLOWED THE STORY OF MARCO CIVIL AND I WANT TO SEE CONGRATULATIONS TO ALL BRAZILIANS ON THIS.
>[CHEERS AND APPLAUSE ] >>NNENNA NWAKANMA: HANG ON. HANG ON. HANG ON.
>THE TRUST THAT WE HAVE IN BRAZIL IS NEEDED AT ALL LEVELS. BUT THIS TRUST HAS BEEN DESTROYED BY THE COLLECTION, PROCESSING, AND INTERCEPTION OF OUR COMMUNICATIONS.
>[APPLAUSE ] >>NNENNA NWAKANMA: YES. SURVEILLANCE ON INTERNET SECURITY AND OUR TRUST IN ALL PERSONAL BUSINESS AND DIPLOMATIC COMMUNICATIONS. THAT'S WHY WE SAY "NO." THE WEB WE CAN TRUST, THAT IS THE WEB WE WANT. THE WEB THAT CONTRIBUTES TO PEACE, THAT IS THE WEB WE WANT. THE WEB THAT IS OPEN AND INCLUSIVE, THAT IS THE WEB WE WANT. THE WEB OF OPPORTUNITIES AND SOCIAL JUSTICE, THAT IS WHY I AM HERE.
>LADIES AND GENTLEMEN, NETmundial, I THINK, IS THE WORLD CUP OF INTERNET GOVERNANCE. WE NEED A ROBUST STADIUM THAT CAN HOLD US. THAT IS INFRASTRUCTURE. WE NEED TO ENJOY THE GAME. THAT IS PARTICIPATION. WE SHOULD NOT DISCRIMINATE. THAT IS NET NEUTRALITY. EVERYBODY'S FREE TO SUPPORT THEIR TEAM. I SUPPORT (SAYING NAME) OF NIGERIA. THAT IS FREEDOM. I SUPPORT BRAZIL AS LONG AS THEY ARE NOT PLAYING AGAINST AFRICA, ANYWAY.
>[LAUGHTER ] >>NNENNA NWAKANMA: WE NEED TO BE ABLE TO WEAR OUR COSTUMES AS FANS AND THAT IS DIVERSITY. AND MOST IMPORTANTLY, WE NEED TO KNOW THE RULES OF THE GAME AND PLAY BY IT. THAT, FOR ME, IS TRANSPARENCY.
>SO IT'S NOT GOING TO BE ABOUT POWER AND CONTROL FOR GOVERNMENTS. IT'S NOT GOING TO BE JUST INTEREST FOR THE INDUSTRY. IT'S NOT GOING TO BE NAMES AND NUMBERS FOR TECHNICAL COMMUNITY. IT'S NOT GOING TO BE FOR OR AGAINST FOR CIVIL SOCIETY. I THINK THAT WE NEED HUMILITY. THE HUMILITY TO LISTEN TO DIVERSE VOICES IS ESSENTIAL FOR AN AUTHENTIC DIALOGUE. LET US TALK TO EACH OTHER AND NOT AT EACH OTHER. BECAUSE SOMETIMES WE CAN BE SO DROWNED IN OUR OWN VOICES THAT WE DO NOT HEAR THE OTHER STAKEHOLDERS.
>JUST BEFORE I SIT DOWN, LADIES AND GENTLEMEN, TOMORROW IS GIRLS IN ICT DAY, SO I'M GOING TO SPEAK TO LADIES.
>GIRLS, IT IS UP TO US TO SEIZE THE OPPORTUNITY THAT THE INTERNET HAS GIVEN US. LET'S SEIZE IT AND LET'S ROCK THE WORLD! LET US GET WOMEN ONLINE. LET US GET US ONLINE.
>AND THIS, I WANT TO SAY A SPECIAL TRIBUTE TO ALL THE GIRLS IN MY WORLD FOUNDATION TEAM. ALEXANDRA IS HERE, RENAT AVILA, SONIA GEORGE, ANGELA, AND NOT JUST NETmundial BUT GIRLS ACROSS THE WORLD WORK ON THE INTERNET EVERY DAY. DEBORAH BROWN IS IN THE U.S. MARION FRANKLIN IS IN EUROPE. ANNA IS IN INDIA, (SAYING NAME) IS IN LATIN AMERICA HERE, (SAYING NAME) IS IN AFRICA, JOY LID I COT IS IN NEW ZEALAND, AND SALANIETA IS SOMEWHERE IN THE ISLANDS OF FIJI. GREAT WOMEN WHO DO THIS WORK. AND EVEN HERE IN BRAZIL, WE HAVE GREAT LADIES. ONE IS (SAYING NAME) AND THE OTHER IS (SAYING NAME) BUT COME ON, IT'S NOT JUST ABOUT WOMEN. THERE ARE GUYS, MEN, WHO WORK EVERY DAY, WHO PUT IN THE ENERGY, WHO PUT IN THEIR LIFE, WHO PUT IN ALL THEY HAVE, PUT IN THEIR EXPERTISE, SO THAT WE CAN HAVE A GLOBAL, TRUE, OPEN AND RESILIENT. AND TO ALL OF US WHO LOVE THE INTERNET AND TO ALL OF US WHO ARE HERE AND TO SOMEONE CALLED EDWARD, EDWARD SNOWDEN, THANK YOU.
>[CHEERS AND APPLAUSE ]
>>> ---
>>>VINT CERF: PRESIDENT DILMA ROUSSEFF, EXCELLENCIES, DISTINGUISHED GUESTS, LADIES AND GENTLEMEN, IT IS AN HONOR AND A PRIVILEGE TO PARTICIPATE IN NETmundial. THIS DIALOGUE IS TIMELY AND MUCH NEEDED AS THE INTERNET CELEBRATES THE 40th YEAR OF ITS PUBLIC UNVEILING AND THE 31st YEAR OF ITS OPERATION. IN MAY 1974, THE DESIGN OF THE INTERNET WAS PUBLISHED IN THE IE EX-E PUBLICATIONS. ROBERT KAHN AND I FELT STRONGLY THE DESIGN AND THE PROTOCOLS OF THE INTERNET NEEDED TO BE FREELY AND OPENLY AVAILABLE TO ANY INTERESTED PARTIES AND WITHOUT ANY BARRIERS TO ADOPTION AND USE.
>OVER FOUR DECADES BY WORKING TOGETHER AND INCLUDING THE EXPERIENCES GATHERED FROM OTHER GLOBAL NETWORK EXERCISES, AN INFORMAL COALITION HAS BUILT FROM THE BOTTOM UP THE SUCCESSFUL, FREE AND OPEN INTERNET AND THE POPULAR WORLDWIDE WEB. SOME 3 BILLION PEOPLE ARE ALREADY ONLINE WORKING TOGETHER TOWARDS GROWTH IN A POWERFUL ECONOMIC ENGINE AND POSITIVE SOCIAL FORCE.
>THIS INTERNET GOVERNANCE MEETING COMES AT A TIME WHEN THE INTERNET AND ITS USE REFLECTS THE FULL RANGE OF INTERESTS OF A GLOBAL AND INCREASINGLY ONLINE SOCIETY.
>IN ADDITION TO APPRECIATING THE ENORMOUS BENEFITS ALREADY OBTAINED THROUGH THE COOPERATIVE CREATION, DISCOVERING AND SHARING OF INFORMATION ON THE INTERNET, IT IS ALSO APPARENT THAT USERS AND GOVERNMENTS ARE BECOMING CONCERNED ABOUT POTENTIAL HARMS THAT MAY BE ENCOUNTERED IN THIS DIGITAL WORLD.
>A SMALL FRACTION OF THE INTERNET'S USERS DELIBERATELY SEEK TO BENEFIT THEMSELVES AT THE EXPENSE OF OTHERS OR JUST SEEK TO DO DAMAGE THROUGH A KIND OF DIGITAL VANDALISM, AS ALSO HAPPENS OFFLINE.
>MOREOVER, IT IS APPARENT THAT THE RICH SOCIAL NETWORKING APPLICATIONSES THAT ARE RAPIDLY PROLIFERATING ALSO HAVE A POLITICAL POTENTIAL THAT MAY BE ALARMING TO SOME REGIMES.
>GOVERNMENTS UNDERSTANDABLY SEEK WAYS TO DEFEND THE GENERAL PUBLIC AND PRIVATE SECTORS AGAINST HARM, SUCH AS FRAUD, MALWARE, IDENTITY THEFT AND BULLYING. OTHERS VIOLATE HUMAN RIGHTS BY USING THE INTERNET TO CENSOR, MISINFORM, CONDUCT SURVEILLANCE AND RESTRICT SPEECH OR USE IT AS A MEANS TO IDENTIFY AND INCARCERATE THOSE WHO SPEAK TRUTH TO POWER.
>THE OPENNESS OF THE INTERNET HAS BEEN THE KEY TO ITS GROWTH AND VALUE. PERMISSIONLESS INNOVATION IS THE MAIN SPRING OF INTERNET'S ECONOMIC POWER. WE MUST FIND WAYS TO PROTECT THE VALUES THAT THE INTERNET BRINGS, INCLUDING THE RIGHTS OF ITS USERS WHILE ALSO PROTECTING THEM FROM HARM.
>THESE PRINCIPLES, TOGETHER WITH GROWING ACCESS TO THE INTERNET WILL PROVE TO BE OF LASTING VALUE TO THE DEVELOPING WORLD THAT CAN TAKE ADVANTAGE OF THE POSITIVE BENEFITS OF AN EXPANDING INFORMATION ECONOMY.
>OUR WORK IS NOT NEARLY DONE UNTIL THE INTERNET IS ACCESSIBLE TO EVERYONE AND IPv6 IS ACCESSIBLE EVERYWHERE.
>BRAZIL HAS SET A POSITIVE EXAMPLE IN NETmundial. IN A MULTIPARTY INITIATIVE LED BY CONGRESSMAN ALESANDRO MALONE, THE COUNTRY HAS JUST LEGISLATED MARCO CIVIL WHICH OFFERS IMPORTANT SAFEGUARDS TO PROTECT INTERMEDIARY INTERNET PROVIDERS AND PROTECT USER RIGHTS. ITS INTERNET STEERING COMMITTEE, CGI.BR, IS A MODEL OF NATIONAL MULTISTAKEHOLDER GOVERNANCE.
>THIS MEETING, AMONG MANY OTHERS, REPRESENTS AN IMPORTANT OPPORTUNITY TO EXAMINE A MULTISTAKEHOLDER MODEL FOR INTERNET GOVERNANCE BASED ON THE PARTICIPATION OF ALL STAKEHOLDERS, INCLUDING ROLES FOR GOVERNMENT, ACADEMICS, CIVIL SOCIETY, PRIVATE BUSINESSES AND THE TECHNICAL COMMUNITY. THIS CONFERENCE HAS BROUGHT TOGETHER A RICH AND VARIED GROUP OF INTERESTED PARTIES TO EXPLORE PRINCIPLES AND GUIDELINES FOR FUTURE INTERNET GOVERNANCE AS IT REACHES THE OTHER 4 BILLION STILL UNCONNECTED PEOPLE IN THE WORLD.
>THE INTERNET HAS BEEN BUILT ON THE BASIS OF COLLABORATION AMONG A DIVERSE AND CONSTANTLY EVOLVING SET OF INTERESTED PARTIES. AND THIS IS A FOUNDATIONAL IDEA THAT MUST BE PRESERVED. NEW INSTITUTIONS AND OPERATIONAL PLAYERS HAVE BEEN FORMED AT NEED, SUCH AS THE INTERNET ARCHITECTURE BOARD, THE INTERNET ENGINEERING TASK, THE INTERPRET SOCIETY, THE INTERNET CORPORATION FOR ASSIGNED NAMES AND NUMBERS, THE REGIONAL INTERNET REGISTRIES AND THE NUMBER RESOURCE ORGANIZATION, OTHER REGIONAL TLD ORGANIZATIONS SUCH AS CENTR AND LacTLD, THE ROOT SERVER OPERATORS, REGIONAL NETWORK OPERATION GROUPS, THE EMERGENCY RESPONSE TEAMS, INTERNET EXCHANGE POINTS, THE TOP-LEVEL DOMAIN REGISTRIES AND REGISTRARS AND THE NETWORK INFORMATION CENTERS SUCH AS THE BRAZILIAN NIC.
>OUT OF THE WORLD SUMMIT ON THE INFORMATION SOCIETY HAS COME THE ANNUAL INTERNET GOVERNANCE FORUM AND ITS REGIONAL AND NATIONAL ANALOGS. WE CREATE INSTITUTIONS AT NEED.
>AS WE GATHER HERE FOR THE NEXT TWO DAYS, WE HAVE TWO SPECIFIC CHALLENGES TO CONSIDER. THE LARGER ONE IS THE GENERAL DESIGN OF A GLOBAL, MULTISTAKEHOLDER INTERNET GOVERNANCE FRAMEWORK THAT PRESERVES THE FREE AND OPEN INTERNET AND PROVIDES TRANSNATIONAL PROTECTIONS FOR THE RIGHTS OF USERS.
>THE FRAMEWORK HAS TO ENABLE THE EVOLUTION OF THE INTERNET AND BE ABLE TO ADAPT TO IT. THE MORE FOCUSED CHALLENGE IS TO DEVISE A RESPONSE TO THE U.S. INVITATION TO ASSURE THAT WHEN THE U.S. GOVERNMENT AND ITS CONTRACTUAL RELATIONSHIP WITH ICANN, THE MULTISTAKEHOLDER FRAMEWORK FOR ICANN'S MANAGEMENT OF UNIQUE IDENTIFIERS AND PARAMETERS WILL ADHERE TO THE PRINCIPLES THAT HAVE MADE THE INTERNET A REMARKABLE, GLOBAL AND BENEFICIAL INFRASTRUCTURE.
>I BELIEVE THAT THE CHALLENGE BEFORE US, ASSURING ICANN'S ADHERENCE CAN BE ACCOMPLISHED BY REINFORCING ITS ACCOUNTABILITY AND TRANSPARENCY MECHANISMS. THE LARGER CHALLENGE, PROTECTING THE RIGHTS OF USERS WHILE ASSURING THEIR SAFETY WILL REQUIRE LAYERED, LOCAL, NATIONAL AND TRANSNATIONAL ENABLING MECHANISMS. WE CANNOT PRETEND TO KNOW THE SOLUTION TO ALL THE CHALLENGES AND OPPORTUNITIES THAT THE INTERNET POSES. WE CAN, HOWEVER, CREATE STRUCTURES THAT WILL ALLOW MULTISTAKEHOLDER COLLABORATIONS TO DISCOVER AND EVALUATE POSSIBLE ANSWERS.
>AMONG THE MECHANISMS THAT SHOULD BE REINFORCED AND SUPPORTED, I WOULD SINGLE OUT THE INTERNET GOVERNANCE FORUM. IT NEEDS FINANCIAL SUPPORT AND A PROPERLY STAFFED SECRETARIAT. IT HAS ILLUMINATED OUR UNDERSTANDING OF THE PROSPECTS AND PROBLEMS ARISING FROM THE GLOBAL GROWTH OF THE INTERNET.
>MOBILE TECHNOLOGY RAPIDLY DROPPING COSTS FOR INTERNET-ENABLING EQUIPMENT AND COMMUNICATIONS, AND BOUNDLESS DEVELOPMENT OF NEW APPLICATIONS HAVE CREATED A RICH PALATE FROM WHICH TO PAINT A BENEFICIAL DIGITAL FUTURE. THE GLOBAL IGF AND ITS REGIONAL AND NATIONAL COUNTERPARTS CAN BECOME AN EVEN MORE HELPFUL MECHANISM FOR HIGHLIGHTING ISSUES BY TRACKING THEIR SOLUTIONS IN A VARIETY OF FORUMS AND ENABLING THE EMERGENCE OF NEW APPROACHES WHEN THESE SEEM NECESSARY.
>WE WOULD HAVE TO BE A PRETTY SILLY SPECIES NOT TO TAKE ADVANTAGE OF THE GIFT THAT THE TECHNOLOGY HAS GIVEN US. THOSE OF US PARTICIPATING IN THE NETmundial -- WELL, I HAVE A VERY INTERESTING PROBLEM HERE, MY SPEECH ENDS BECAUSE THE REST OF IT WASN'T PRINTED OUT.
>[LAUGHTER ]
>SO I WILL END BY THANKING YOU VERY MUCH FOR THE TIME ON THIS STAGE.
>[APPLAUSE ]
>>>TIM BERNERS-LEE: TECHNOLOGY IS PERFECT THEN.
>45 YEARS AGO VINT CERF AND BOB KAHN PUT TOGETHER THE IDEA OF THE INTERNET, DESIGNED THAT, AND MADE THAT OPEN. 25 YEARS AGO -- A LONG TIME LATER, THE INTERNET WAS RUNNING. THERE WAS REMOTE --- . THERE WAS EMAIL RUNNING OVER THE INTERNET. BUT THERE WERE NO WEB, NO WEB SITES, NO WEB PAGES, NO LINKS. I FELT IT WAS REALLY IMPORTANT THERE SHOULD BE SO I INVENTED THE WEB. AND AS THE WORLDWIDE WEB PROJECT GREW, I NEEDED COLLABORATORS. I INVENTED HTML AND HTTP AND URLS BUT THE DEVELOPMENT OF THOSE HAD TO BE DONE BY A LARGE TECHNICAL COMMUNITY. I WENT TO THE INTERNET ENGINEERING TASK FORCE, I FOUNDED THE WORLDWIDE WEB CONSORTIUM THAT ASSESS THE STANDARDS FOR THE WEB AND ITS MOTTO IS TO LEAD THE WEB TO ITS FULL POTENTIAL.
>SO THE COLLABORATION BETWEEN THESE MULTISTAKEHOLDER GROUPS LIKE IETF AND W3C AND ALL THE PEERS THEY WORK WITH LIKE ECMA, TC39 FOR (SAYING NAME) THAT HAS BEEN REALLY CRUCIAL AND IT REALLY HAS BEEN HOW THIS HAS ALL WORKED.
>I HOPE YOU WILL AGREE THAT PEOPLE WORKING TOGETHER HAVE DONE A REASONABLE JOB AND LOOKING BACK AT THE 25 YEARS OF THE WEB, IT HAS BEEN -- IT HAS BEEN AN INCREDIBLE RIDE AND WE REALIZE NOW THAT RATHER THAN BEING A FUN PROJECT LIKE ALL THESE THINGS STARTED OFF WITH, IT NOW BECOMES SOMETHING WE HAVE TO REGARD AS TO BEING CRUCIAL.
>SOME OF THESE ORGANIZATIONS WHICH BELIEVE IN OPEN STANDARDS IN THIS PARTICULAR SORT OF MULTISTAKEHOLDER OPEN ON THE WEB SORT OF MEANING OF THE WORD, DEVISED THE WORD OPEN STAND. YOU CAN GO TO OPENSTAND.ORG TO EXPRESS THE WAY IT SHOULD BE ABOUT WITH OPEN DISCUSSION WITH THE DOCUMENTS BEING FREELY AVAILABLE ON THE WEB. WITH W3C SPECIFICALLY COMPANIES COMMIT THAT WHEN THEY START AND WORK TOWARDS THESE STANDARDS, THAT WHEN THE STANDARDS COME OUT THAT THEY WILL NOT CHARGE ROYALTIES TO ANYBODY WHO WANTS TO IMPLEMENT IT. SO KEEPING IT ROYALTY FREE HAS ALSO BEEN REALLY IMPORTANT.
>THE WEB GREW AS SOMETHING WHICH DID NOT INVOLVE BORDERS BECAUSE IT GREW ON THE INTERNET AND THE INTERNET, WHEN YOU CONNECT -- WHEN I WROTE A PROGRAM TO CONNECT FROM ONE COMPUTER TO THE OTHER, NEITHER PROGRAM HAD AN AWARENESS, NEEDED TO KNOW OR NECESSARILY FOUND IT EASY TO FIND OUT WHICH COUNTRY THOSE TWO COMPUTERS WERE IN. BUT INTERNET WAS TECHNICALLY -- IS A NATIONLESS THING. SO IN A NON-NATIONAL ENVIRONMENT, THE WEB GROWING UP, IT HAS BEEN A NON-NATIONAL SOCIETY WHICH HAS GROWN UP AROUND IT.
>YES, THERE HAS BEEN -- FORMALLY, THERE HAS BEEN A CONNECTION BETWEEN THE U.S. GOVERNMENT AND THE WAY INTERNET NUMBERS AND NAMES HAVE BEEN ASSIGNED. AND I'M VERY GLAD THAT THE U.S. GOVERNMENT HAS ACCEPTED TO RELEASE THAT OVERSIGHT. I THINK THAT IS VERY OVERDUE AND A VERY IMPORTANT STEP.
>IT IS AN IMPORTANT STEP BECAUSE ICANN SHOULD SERVICE -- IT SERVICES THE GLOBAL PUBLIC INTERNET, AND, THEREFORE, IT SHOULD BE A GLOBAL PUBLIC BODY. SO FOR ME, WHAT DOES THAT MEAN? IT IS EASY TO SAY IN THE PUBLIC INTEREST. FOR ME, FOR ICANN, THAT MEANS THAT DECISIONS THAT IT MAKES ABOUT TOP-LEVEL DOMAINS, ABOUT WHATEVER, ABOUT HOW TO SPEND ITS FUNDING, THEY SHOULD BE MADE BY STEPPING BACK AND THINKING, WELL, NEVERMIND THE PEOPLE WE KNOW INTIMATELY WHO ARE INVOLVED IN THAT DECISION BUT LET'S THINK ABOUT THE PLAN AS A WHOLE. WHAT IS BEST FOR HUMANITY AS A WHOLE? THAT SHOULD GUIDE EVERY DECISION THAT ICANN MAKES.
>OBVIOUSLY, ONE OF THE THINGS THAT ICANN DOES IS IT HAS FUNDS TO SPEND AND SO PARTLY IT CAN FURTHER THE WORLD BY SPENDING THOSE IN A BENEFICIAL WAY SUCH AS SUPPORTING -- WELL, SUPPORTING STANDARDIZATION, SUPPORTING HARDENING WEB TECHNOLOGY, SUPPORTING PIECES OF TECHNOLOGY LIKE THAT, THE INTERNATIONALIZATION OF THE TECHNOLOGY, KEEPING IT SO IT WORKS WITH EVERY CULTURE AND LANGUAGE, ACCESSIBILITY FOR PEOPLE WITH DISABILITIES AND, OF COURSE, CLOSING THE DIGITAL DIVIDE FOR REALLY IMPORTANT AGENDAS WHICH ICANN CAN THINK ABOUT SUPPORTING.
>THE INTERNET HAS THRIVED FROM THE EMPOWERMENT OF CAPABLE AND PUBLIC-SPIRITED PEOPLE. INITIALLY, THEY WERE FROM THE TECHNICAL COMMUNITY AND ACADEMIA BUT MORE RECENTLY THE WHOLE PRIVATE SECTOR, CIVIL SOCIETY AND GOVERNMENTS. WE NEED INTERNET GOVERNMENTS WHICH ALLOWS EACH COMMUNITY TO BRING ITS PARTICULAR STRENGTHS TO THE TABLE BUT ALLOWS NONE OF THEM TO ELEVATE ITS OWN INTEREST ABOVE THE PUBLIC GOOD.
>FIVE YEARS AGO, RELATIVELY RECENTLY IN INTERNET TIME, SOME OF US REALIZE THAT ALL THE TECHNICAL WORK WE WERE DOING WAS WONDERFUL BUT IT WAS EVERY SINGLE THING DID WAS INCREASING THE DIGITAL DIVIDE, INCREASING THE GAP BETWEEN THE POWER OF THE PEOPLE WHO HAD THE WEB AND DID NOT HAVE IT. SO AT THAT POINT, WE STARTED THE WORLDWIDE WEB FOUNDATION ABOUT WHICH YOU ALREADY HEARD SOME TO MAKE SURE THAT THE WEB -- WELL, YES, THAT IT GETS TO, FOR EXAMPLE, THE 60% OF THE PEOPLE WHO IN THE WORLD WHO DON'T HAVE IT AT ALL BUT ALSO FOR THE PEOPLE WHO HAVE IT, THAT IT REALLY IS THE WEB THAT WE WOULD WANT, THE WEB HAS NOW BECOME AN ESSENTIAL PUBLIC UTILITY SO WE HAVE TO REGARD IT AS SUCH.
>MUCH OF OUR TRADITIONAL THINKING ABOUT HUMAN RIGHTS APPLIES DIRECTLY TO EVERYTHING ON THE INTERNET SUCH AS FREE EXPRESSION. BUT NEW THINGS BECOMING IMPORTANT IN THE NETWORK CONTEXT, NET NEUTRALITY MEANS KEEPING THE NET FREE FROM DISCRIMINATION, BE IT COMMERCIAL OR POLITICAL.
>THE INNOVATIVE EXPLOSION WHICH HAPPENED ACROSS THE NET OVER THE LAST 25 YEARS HAS HAPPENED ONLY BECAUSE THAT NET HAS BEEN NEUTRAL. THE SOCIAL GROUND-BREAKING SENSE OF POSSIBILITY THAT WE CAN UNDERSTAND EACH OTHER AND POSSIBLY LIVE IN PEACE RELIES ON AN OPEN NET. OH, AND THANKS TO EVERYBODY WHO HAS EVER HELD UP A BANNER IN ANY FORUM ABOUT PUSHING FOR THE OPEN NET AND PUSHING AGAINST LAWS WHICH RESTRICT THE OPEN NET.
>SO THAT SENSE OF EXCITEMENT WHICH WE ALL HAVE GIVES US ALSO A RESPONSIBILITY THAT WE MUST KEEP THE NET NEUTRAL -- THE NET AS A NEUTRAL PLATFORM IN THE FUTURE.
>FREEDOM OF EXPRESSION IS A CRUCIAL RIGHT BUT IT HAS TO BE COUPLED ON THE NETWORK WITH A COMPLIMENTARY RIGHT TO PRIVACY AS, MADAM PRESIDENT, YOU HAVE POINTED OUT BEFORE AND HAVE ALREADY BEEN QUOTED TODAY.
>SO I WON'T QUOTE YOU AGAIN, BUT I WOULD, YES, AGREE THAT THERE ARE A LOT OF PEOPLE THAT ARE WORRIED ABOUT SURVEILLANCE AND FEEL IT IS PERHAPS THE MOST IMMEDIATE THREAT. IT FEELS THE MOST IMMEDIATE THREAT. AND, OF COURSE, SURVEILLANCE ALL AFFECTS THE INTERNET, IT IS ONE OF THE MORE INSIDIOUS ONES BECAUSE YOU DON'T SEE IT HAPPENING UNLIKE CENSORSHIP.
>IT IS GREAT TO BE BACK IN BRAZIL TODAY, NOT JUST BECAUSE BRAZIL IS A WONDERFUL COUNTRY AND ONE WHICH HAS HAD A REALLY VIBRANT SENSE OF WHAT OPPORTUNITY ON THE NET BUT, OF COURSE, ESPECIALLY TODAY IS A SPECIAL DAY. YESTERDAY WAS A VERY SPECIAL DAY, THE MARCO CIVIL GOING THROUGH IS WONDERFUL. A FANTASTIC EXAMPLE OF HOW GOVERNMENTS COMPARE POSITIVE ROLE IN ADVANCING WEB RIGHTS AND KEEPING THE WEB OPEN. YES, EUROPEANS ALSO CELEBRATE, THE EUROPEAN PARLIAMENT PASSING LEGISLATION PROTECTING USERS ON THE WEB. WELL DONE. SO TWO DATA POINTS THAT SUGGEST WE ARE MAKING PROGRESS. THAT IS GREAT, BUT, BOY, WE HAVE GOT A HUGE WAY THE PRINCIPLES OF HUMAN RIGHTS ON THE NET ARE NEW AND THEY'RE NOT UNIVERSALLY ACCEPTED.
>THE WEB BECOMES EVER MORE EXCITING WITH EVERY ADVANCING TECHNOLOGY LIKE MOBILE WEB AND SO ON, BUT 60% OF THE WEB -- OF THE POPULATION CAN'T USE THE WEB AT ALL.
>AS THE WEB GIVES PEOPLE GREATER AND GREATER POWER, INDIVIDUALLY AND COLLECTIVELY, SO MANY FORCES ARE ABUSING OR THREATEN TO ABUSE THE NET AND ITS CITIZENS. THE WEB THAT WE WILL HAVE IN ANOTHER 25 YEARS' TIME IS, BY NO MEANS, CLEAR. BUT IT IS COMPLETELY UP TO US TO DECIDE WHAT WE WANT TO MAKE THAT WEB, WHAT WE WANT TO MAKE THAT WORLD.
>THAT'S WHY I'M ASKING WEB USERS AROUND THE WORLD, NOT JUST PEOPLE HERE IN THIS CONFERENCE ROOM AND THE OTHER CONFERENCE ROOMS WHERE THIS IS BEING RELAYED, NOT JUST PEOPLE IN THIS CONFERENCE BUT PEOPLE ALL OVER THE WORLD, TO GO AND THINK ABOUT WHAT YOU WANT AND TO FIND SOME SORT OF GLOBAL MAGNA CARTA FOR THE INTERNET. THAT IS WHY --
>[APPLAUSE ] >>TIM BERNERS-LEE: THAT IS WHY I'M ASKING COUNTRIES EVERYWHERE TO FOLLOW BRAZIL'S EXAMPLE AND EUROPE'S EXAMPLE AND DEVELOP POSITIVE LAWS THAT PROTECT AND EXPAND THE RIGHTS OF USERS IN AN OPEN, FREE, AND UNIVERSAL WEB.
>[APPLAUSE ]
>>>TIM BERNERS-LEE: THANK YOU.
>[APPLAUSE ] >> LADIES AND GENTLEMEN, THE PRESIDENT OF THE REPUBLIC HAS APPROVED A LAW THAT GUARANTEES THE RIGHTS AND DUTIES FOR THE USE OF INTERNET IN THE WORLD.
>[CHEERS AND APPLAUSE ] >>H.E. DILMA ROUSSEFF: GOOD MORNING TO ONE AND ALL. I WOULD LIKE TO THANK THOSE WHO SPOKE BEFORE ME FOR PERFECTLY PRONOUNCING "GOOD MORNING" IN PORTUGUESE, (NON-ENGLISH WORD OR PHRASE) AS VOICED BY OUR DEAR REPRESENTATIVE FROM AFRICA, NNENNA NWAKANMA.
>THANK YOU VERY MUCH FOR PERFECTLY PRONOUNCING (NON-ENGLISH WORD OR PHRASE) IN BRAZILIAN PORTUGUESE. GOOD MORNING.
>AND BY GREETING HER, I WOULD LIKE TO EXTEND MY GREETINGS TO ALL WOMEN WHO ARE CURRENTLY ACTIVE ON THE WEB. BOTH THE GIRLS AND THE GUYS WHO ARE EQUALLY ACTIVE ON THE WEB.
>GREETINGS, LIKEWISE, TO THE MAYOR OF SAO PAULO WHO HAS SO KINDLY WELCOMED US, AND ABOVE ALL, I WOULD RECYCLE TO, FIRST OF ALL, GREET TWO MEMBERS OF CONGRESS FROM BRAZIL. NAMELY MR. (SAYING NAME) REPRESENTING THE HOUSE OF REPRESENTATIVES WHO SERVED AS RAPPORTEUR OF THE BILL OF LAW WHICH LED UP TO THE PASSING YESTERDAY OF THE INTERNET CIVIL FRAMEWORK, AS WELL AS REPRESENTATIVE -- RATHER SENATOR (SAYING NAME), AND THROUGH HIM, I WOULD LIKE TO FURTHER EXTEND MY GREETINGS, LIKEWISE, TO THE SENATE RAPPORTEURS WHO WERE ABLE TO PASS THE PIECE OF LAW IN A RECORD TIME, SENATOR (SAYING NAME), SENATOR (SAYING NAME), AND SENATOR (SAYING NAME). THANK YOU.
>AND SO SENATOR (SAYING NAME) AND TO REPRESENTATIVE (SAYING NAME), I WOULD LIKE TO VOICE MY THANKS FOR YOUR EFFORTS IN PASSING THE INTERNET CIVIL FRAMEWORK.
>GREETINGS, LIKEWISE, TO THE SECRETARY-GENERAL OF THE UNITED NATIONS, HONG BO. SPECIAL GREETINGS LIKEWISE TO THE INVENTOR OF THE INTERNET, TIM BERNERS-LEE.
>I WOULD LIKE TO GREET THE VICE PRESIDENT OF GOOGLE, AND A KEY PERSON -- RATHER A KEY PERSON IN THE ESTABLISHMENT OF THE INTERNET, MR. CERF.
>GREETINGS, ONCE AGAIN, TO MR. (SAYING NAME) WHO, ON OCTOBER THE 8TH LAST YEAR, 2013 -- CORRECT, FADI, IF I'M NOT MISTAKEN, WE MET IN BRAZIL YEAH AND ON THAT OCCASION DURING THAT MEETING WITH YOU THE SEMINAL IDEA SURFACED OF ESTABLISHING THIS INTERNET GOVERNANCE SUMMIT MEETING THAT IS REALIZED HERE TODAY, SO THANK YOU VERY MUCH AN ALL OF YOU, INCLUDING CABINET MINISTERS AND FOREIGN DELEGATES ATTENDING THIS SESSION TODAY. ---
>MAY I ALSO USE THE OPPORTUNITY ---
>MAY I ALSO USE THE OPPORTUNITY TO GREET ALL CABINET MINISTERS WHO HAVE BEEN ACTIVELY INVOLVED IN THE PROCESS THAT LED UP TO THE PASSING OF THE INTERNET GOVERNANCE CIVIL FRAMEWORK, AN EFFORT WHICH OF COURSE INVOLVED ALL STAKEHOLDERS AND SOCIETY.
>SPECIAL THANKS TO MINISTER OF FOREIGN AFFAIRS, AMBASSADOR (SAYING NAME), MINISTER OF JUSTICE CARDOZO, ALSO MINISTER OF COMMUNICATIONS, MINISTER OF SCIENCE AND TECHNOLOGY, (SAYING NAME), AND MAY I ALSO GREET AND THANK SENATOR AND MINISTER OF CULTURE (SAYING NAME) AS WELL AS THE BRAZILIAN SECRETARY-GENERAL OF THE PRESIDENT'S OFFICE, (SAYING NAME). GREETINGS LIKEWISE TO ALL ATTENDEES, PARTICULARLY THE MEDIA PROFESSIONALS, JOURNALISTS, PHOTOGRAPHERS, AND CAMERAMEN AND WOMEN.
>MAY I SAY THAT YOU ARE ALL MOST WELCOME TO BRAZIL.
>AS ATTENDEES TO THIS GLOBAL MULTISTAKEHOLDER MEETING ON THE FUTURE OF INTERNET GOVERNANCE, THE SO-CALLED NETmundial AS WE CALL IT IN PORTUGUESE.
>AT THIS POINT IN TIME I WOULD ALSO LIKE TO VOICE MY GREETINGS TO THE ORGANIZERS, I.E., THE INTERNET MANAGEMENT OR MANAGING COMMITTEE AS WELL AS THE 1net COMMITTEE. IT GIVES ME GREAT JOY TO SEE IN THIS PLENARY HALL REPRESENTATIVES OF ALL DIFFERENT SECTORS WHO -- OR WHICH ARE IN ONE WAY INVOLVED IN THE INTERNET GOVERNANCE.
>IN THIS HALL TODAY, WE HAVE CIVIL SOCIETY, ACADEMIA, MEMBERS OF THE TECHNICAL COMMUNITY, BUSINESSES, AND GOVERNMENTS AT LARGE.
>THIS HEALTHY DIVERSITY -- AND I STRESS IT IS A HEALTHY DIVERSITY -- IS ALSO A HALLMARK OF THOSE GROUPS THAT HAVE JOINED US THROUGH THE INTERNET AND THIS MEETING, AND I WOULD LIKE TO USE THE OPPORTUNITY TODAY TO ESTABLISH A DIALOGUE ON THE ISSUES AND THE PURPOSES THAT BRING US TOGETHER IN SAO PAULO TODAY.
>BACK IN MID-2013 WHEN THE REVELATION SURFACED ON THE COMPREHENSIVE MECHANISMS FOR COLLECTIVE MONITORING OF COMMUNICATIONS CAUSED ANGER AND REPUDIATION IN VAST CIRCLES OF PUBLIC OPINION BOTH IN BRAZIL AND IN THE WORLD AT LARGE, IN BRAZIL CITIZENS, COMPANIES, DIPLOMATIC REPRESENTATIONS AND EVEN THE PRESIDENCY OF THE REPUBLIC ITSELF WERE TARGETED, AND THEIR COMMUNICATIONS INTERCEPTED.
>THESE EVENTS ARE NOT ACCEPTABLE. WERE NOT ACCEPTABLE IN THE PAST AND REMAIN UNACCEPTABLE TODAY, IN THAT THEY ARE AN AFFRONTMENT AGAINST THE VERY NATURE OF THE INTERNET AS A DEMOCRATIC, FREE, AND PLURALISTIC PLATFORM.
>THE INTERNET WE WANT IS ONLY POSSIBLE IN A SCENARIO WHERE HUMAN RIGHTS ARE RESPECTED. PARTICULARLY THE RIGHT TO PRIVACY AND TO ONE'S FREEDOM OF EXPRESSION.
>ACCORDINGLY, IN MY ADDRESS TO THE 68TH GENERAL ASSEMBLY OF THE UNITED NATIONS, I PUT FORTH A PROPOSAL TO TACKLE SUCH PRACTICES. I THEN PROPOSED A DISCUSSION ON ESTABLISHING A GLOBAL CIVIL FRAMEWORK FOR INTERNET GOVERNANCE AND USE, AS WELL AS MEASURES TO ENSURE ACTUAL PROTECTION OF DATA THAT TRAVELS THROUGH THE INTERNET.
>ALSO, WORKING TOGETHER WITH GERMAN CHANCELLOR ANGELA MERKEL WE SUBMITTED TO THE UNITED NATIONS A DRAFT RESOLUTION ON THE RIGHT TO PRIVACY IN THE DIGITAL AGE.
>BY CONSENSUS, THE RESOLUTION WAS PASSED AS PROPOSED AND WE ALSO PASSED A CALL FOR STATES TO DISCONTINUE ANY ARBITRARY OR ILLEGAL COLLECTION OF PERSONAL DATA AND TO ENFORCE USERS' RIGHTS TO PRIVACY.
>I SHOULD ACTUALLY STRESS THE FACT THAT THE SAME RIGHTS THAT PEOPLE ARE ENTITLED TO OFFLINE OR IN THE OFFLINE WORLD SHOULD BE LIKEWISE PROTECTED ON THE ONLINE WORLD.
>THIS MEETING TODAY, NETMUNDIAL, PROVIDES FURTHER MOMENTUM TO THAT EFFORT. THIS MEETING ALSO LIVES UP TO A GLOBAL YEARNING AS WE PROPOSE CHANGES IN THE CURRENT STATE OF AFFAIRS AND FOR AN ONGOING CONSISTENT STRENGTHENING OF FREEDOM OF EXPRESSION ON THE INTERNET AS WELL AS EFFORTS TO ULTIMATELY PROTECT BASIC HUMAN RIGHTS, AS IS THE CASE OF ONE'S RIGHT TO PRIVACY. AND WITHOUT THE SHADOW OF A DOUBT, THAT IS ALSO THE CASE OF ONE'S RIGHT TO PROPER TREATMENT OF WEB-BASED DISCUSSIONS IN A RESPECTFUL FASHION, TO ENSURE ITS OPEN, DEMOCRATIC NATURE. WE HAVE ALL TO SAO PAULO, THEREFORE, WITH A SHARED PURPOSE, THE PURPOSE OF ENHANCING AND DEMOCRATIZING INTERNET GOVERNANCE BY MEANS OF CONSENSUS BUILDING. AND I MEAN CONSENSUS AROUND PRINCIPLES, AND ON A ROADMAP TO BE DEVELOPED FOR ITS FUTURE EVOLUTION.
>A POINT I'D LIKE TO MAKE PLAIN AND CLEAR IS THAT THE IDEA HERE IS NOT, OF COURSE, TO REPLACE FOR THE COUNTLESS FORA OUT THERE THAT ALREADY ADDRESS THE TOPIC OR THE MATTER AT HAND TODAY. THE IDEA, RATHER, IS TO LEND A NEW MOMENTUM TO THE ONGOING DISCUSSIONS IN A MUCH NEEDED SENSE OF URGENCY.
>WE, THEREFORE, WORK FROM TWO PREMISES OR KEY ASSUMPTIONS.
>THE FIRST SUCH PREMISE IS THAT WE ALL WANT TO PROTECT THE INTERNET AS A SPACE, AVAILABLE TO ALL, AS A SHARED ASSET, AND AS SUCH, TRULY HERITAGE OF HUMANKIND, MORE THAN SIMPLY A WORK TOOL AND WAY BEYOND ITS WELL-KNOWN CONTRIBUTION FOR ECONOMIC GROWTH, PROVIDED, OF COURSE, THAT IT BE INCREASINGLY INCLUSIVE AND THE FACT IS THAT THE INTERNET HAS ENABLED THE CONSTANT REINVENTION OF THE WAY PEOPLE AND INSTITUTIONS INTERACT, PRODUCE CULTURE, AND ORGANIZE THEMSELVES, EVEN POLITICALLY.
>AN OPEN AND DECENT NETWORK ARCHITECTURE FAVORS GREATER ACCESS TO KNOWLEDGE. IT HELPS MAKE COMMUNICATIONS MORE DEMOCRATIC AND ALSO FOSTERS CONSTANT INNOVATION. THESE BASIC FEATURES ARE THE FEATURES THAT WE WANT AND THAT SHOULD BE PRESERVED UNDER ANY CIRCUMSTANCES, AND IN ANY SCENARIO, IN ORDER TO ULTIMATELY GUARANTEE THE FUTURE OF THE INTERNET AND, THUS, BOOST ITS TRANSFORMATIVE EFFECTS FOR AND IN SOCIETIES.
>THE SECOND PREMISE OR ASSUMPTION IS THE DESIRE WE ALL SHARE TO INCORPORATE AN INCREASINGLY BROADER AUDIENCE INTO THIS PROCESS.
>OUR COMMITMENT TO AN OPEN AND INCLUSIVE DEBATE HAS GUIDED THE EFFORTS TO ORGANIZE THIS MEETING IN SAO PAULO TODAY. ALL DIFFERENT WALKS OF LIFE HAVE TAKEN PART IN ITS PREPARATION AND ARE DULY REPRESENTED IN THIS PLANE HALL TODAY.
>WE ARE TALKING ABOUT THOUSANDS OF PARTICIPANTS FROM ALL OVER THE WORLD WHO ARE JOINED BY VIRTUAL CONNECTIONS IN SEVERAL DIFFERENT POINTS OF THE PLANET.
>THE TOPICS TO BE DISCUSSED HAVE BEEN THE SUBJECT OF BROAD AND PRIOR INTERNATIONAL PUBLIC CONSULTATION AND HAVE RECEIVED INPUTS FROM PLAYERS OR STAKEHOLDERS LOCATED IN SEVERAL DIFFERENT COUNTRIES AND IN DIFFERENT GEOGRAPHIES.
>THESE PROPOSALS IN TURN, OR INPUTS, HAVE SERVED AS THE FOUNDATION TO DEVELOP A DRAFT DOCUMENT, THE DRAFT DOCUMENT TO BE DISCUSSED AND FURTHER ENHANCED HERE IN THE NEXT FEW DAYS.
>I WOULD LIKE TO WELCOME THE WORK CONDUCTED BY THE EXECUTIVE METRIC SECTORAL COMMUNITY AS WELL AS THE HIGH-LEVEL MULTISTAKEHOLDER COMMITTEE FOR THIS JOINT EFFORT.
>THE INTEREST OF BRAZILIANS IN THE INTERNET IS REFLECTED ON THE SUBSTANTIAL PARTICIPATION OF BRAZILIAN NATIONALS IN THE DOMESTIC PUBLIC CAPTION AS FACILITATED BY THE.BR PORTAL. AT THIS TIME, CIVIL SOCIETY IS ORGANIZED IN THIS FORUM, THE SO-CALLED NETmundial ARENA, WHICH IS THE BRAZILIAN LOCUS FOR ACCESS TO TODAY'S SESSIONS.
>MAY I REMIND ALL THE LADIES AND GENTLEMEN AND FRIENDS ATTENDING THIS SESSION THAT BRAZIL ADVOCATES THAT INTERNET GOVERNANCE SHOULD BE MULTISTAKEHOLDER, MULTILATERAL, DEMOCRATIC, AND TRANSPARENT IN NATURE.
>IT IS OUR VIEW THAT THE MULTISTAKEHOLDER MODEL IS THE BEST WAY TO EXERCISE INTERNET GOVERNANCE.
>VERY MUCH IN ACCORDANCE WITH THAT VIEW, OUR LOCAL GOVERNANCE SYSTEM WHICH HAS BEEN IN OPERATION FOR 20 YEARS HAS RELIED ON ACTUAL PARTICIPATION OF REPRESENTATIVES FROM CIVIL SOCIETY, MEMBERS OF ACADEMIA, THE BUSINESS COMMUNITY, AND THE GOVERNMENT AT LARGE AT THE INTERNET GOVERNANCE -- OR AT THE INTERNET MANAGEMENT COMMITTEE.
>FULLY IN LINE WITH WHAT I JUST SAID, I ALSO ATTACH A GREAT DEAL OF IMPORTANCE TO THE MULTILATERAL PERSPECTIVE, ACCORDING TO WHICH GOVERNMENT PARTICIPATION SHOULD OCCUR ON AN EQUAL FOOTING AMONG GOVERNMENTS IN SUCH A WAY AS TO ENSURE THAT NO COUNTRY WILL HAVE OR BEAR GREATER WEIGHT VIS-A-VIS OTHER COUNTRIES.
>[APPLAUSE ] >>H.E. DILMA ROUSSEFF: OUR ADVOCACY OF THE MULTILATERAL MODEL IS THE NATIONAL CONSEQUENCE OF AN ELEMENTARY PRINCIPLE THAT SHOULD GOVERN TODAY'S INTERNATIONAL RELATIONS AS ENSHRINED IN THE BRAZILIAN FEDERAL CONSTITUTION. I'M TALKING ABOUT EQUALITY AMONG STATES.
>WE, THEREFORE, SEE NO OPPOSITION WHATSOEVER BETWEEN MULTI- -- OR THE MULTILATERAL AND THE MULTISTAKEHOLDER NATURE OF THE INTERNET. ACTUALLY, THE OPPOSITE OF THAT WOULD BE A ONE-SIDED UNILATERAL INTERNET WHICH IS UNTENABLE.
>AN INTERNET THAT IS ULTIMATELY SUBJECT TO INTERGOVERNMENTAL ARRANGEMENTS THAT EXCLUDE OTHER SECTORS OF SOCIETY IS NOT DEMOCRATIC.
>MULTISTAKEHOLDER ARRANGEMENTS THAT ARE IN TURN SUBJECT TO OVERSIGHT BY ONE OR FEW STATES ARE NOT ACCEPTABLE EITHER.
>WE TRULY WANT TO MAKE RELATIONS BETWEEN GOVERNMENTS AND SOCIETIES MORE DEMOCRATIC, AS WELL AS THE RELATIONS AMONG GOVERNMENTS. WE WANT MORE, NOT LESS, DEMOCRACY.
>THE TASK OF PROVIDING A GLOBAL DONATION TO THE ORGANIZATIONS THAT ARE CURRENTLY RESPONSIBLE FOR CENTRAL FUNCTIONS OF THE INTERNET IS NOT ONLY NECESSARY, BUT ALSO AN UN-POSTPONABLE TASK.
>THE COMPLEXITY OF THE TRANSITION AT HAND, WHICH ON THE ONE HAND INVOLVES JURISDICTIONAL COMPETENCE, AS WELL AS ACCOUNTABILITY AND AN AGREEMENT WITH MULTIPLE STAKEHOLDERS, DOES NOT, NEVERTHELESS, MAKE IT LESS URGENT A TASK.
>THAT IS WHY I'D LIKE TO AGAIN WELCOME THE RECENTLY VOICED INTENTION OF THE UNITED STATES GOVERNMENT TO REPLACE ITS INSTITUTIONAL LINKAGE WITH THE AUTHORITY FOR -- OR WITH THE INTERNET AUTHORITY FOR NUMBER ASSIGNMENT, IANA, AND THE INTERNET CORPORATION FOR NAMES AND NUMBER ASSIGNMENTS, ICANN, BY A GLOBAL MANAGEMENT OF THESE INSTITUTIONS FROM NOW ONWARDS, A NEW INSTRUMENTAL AND LEGAL ARRANGEMENT OF THE ISDN UNDER THE RESPONSIBILITY OF IANA AND ICANN SHOULD BE BUILT IN SUCH A WAY AS TO INCLUDE BROAD-RANGING INVOLVEMENT OF ALL SECTORS THAT HAVE AN INTEREST IN THE MATTER WAY BEYOND THE TRADITIONAL STAKEHOLDERS OR PLAYERS.
>EACH SECTOR, OF COURSE, PERFORMS DIFFERENT ROLES BASED ON LIKEWISE DIFFERENTIATED RESPONSIBILITIES.
>THE OPERATIONAL MANAGEMENT OF THE INTERNET SHOULD CONTINUE BEING LED BY ITS TECHNICAL COMMUNITY. MAY I, AT THIS POINT, VOICE MY PUBLIC RECOGNITION -- AND THIS IS ON BEHALF OF MY GOVERNMENT -- TO THESE PEOPLE WHO DEVOTE THEIR TIME AND ENERGY ON A DAY-TO-DAY BASIS TO KEEPING THE INTERNET AS AN OPEN, STABLE, AND SECURE PLATFORM, A KEY EFFORT WHICH REMAINS LARGELY INVISIBLE IN THE EYES OF MOST OF US END USERS.
>MATTERS PERTAINING TO SOVEREIGNTY SUCH AS CYBERCRIME, BREACH OF RIGHTS, ECONOMIC ISSUES OR TRANSNATIONAL ECONOMIC ISSUES, AND THREATS OF CYBER-ATTACKS ARE THE PRIMARY RESPONSIBILITY OF STATES.
>THE TASK AT HAND IS, ABOVE ALL, TO ENSURE THAT STATES WILL HAVE AT THEIR AVAIL THE TOOLS THAT WILL ALLOW THEM TO FULFILL THEIR RESPONSIBILITIES BEFORE THEIR CITIZENS, TO INCLUDE THE GUARANTEE OF FUNDAMENTAL RIGHTS. RIGHTS WHICH ARE ENSURED OFFLINE SHOULD BE EQUALLY INSURED ONLINE.
>THESE RIGHTS THRIVE UNDER THE SHELTER AND NOT IN THE ABSENCE OF THE STATE.
>IN ORDER FOR THE GLOBAL INTERNET GOVERNANCE TO BE TRULY DEMOCRATIC, MECHANISMS ARE REQUIRED TO ENABLE GREATER PARTICIPATION OF DEVELOPING COUNTRIES IN ALL DIFFERENT SECTORS.
>THE MATTERS THAT ARE IN THE INTEREST OF THESE COUNTRIES THAT ARE THE HEAVY-DUTY USERS OF THE INTERNET, TOPICS SUCH AS, FOR EXAMPLE, EXPANDING CONNECTIVITY, ACCESSIBILITY, AND THE RESPECT TO DIVERSITY, SHOULD BE CENTRAL ON THE INTERNATIONAL AGENDA.
>IT IS NOT ENOUGH FOR FORA TO BE OPEN FROM A PURELY FORMAL STANDPOINT. WE MUST FURTHER IDENTIFY AND REMOVE THE VISIBLE AND INVISIBLE BARRIERS TO ACTUAL PARTICIPATION OF THE ENTIRE POPULATION OF EVERY COUNTRY OR ELSE WE WOULD BE ULTIMATELY RESTRICTING OR LIMITING THE DEMOCRATIC ROLE AND THE SOCIAL AND CULTURAL REACH OF THE INTERNET.
>THE EFFORT AT HAND FURTHER REQUIRES THAT THE INTERNET GOVERNANCE FORUM BE FURTHER STRENGTHENED AS A DIALOGUE FORUM CAPABLE OF PRODUCING RESULTS AND RECOMMENDATIONS.
>IT ALSO REQUIRES A COMPREHENSIVE, BROAD-RANGING REVIEW OF THE 10 YEARS FOLLOWING THE SUMMIT -- WORLD SUMMIT MEETING OF INFORMATION SOCIETY AS WELL AS A DEEPER DISCUSSION ON ETHICS AND PRIVACY AT THE UNESCO LEVEL.
>GIVEN THE ABOVE, MAY I SAY THAT WE ARE STRONG BELIEVERS THAT THE CYBER-SPACE -- AND I'M SURE THAT BELIEF IS SHARED BY ALL OF US -- THE CYBER-SPACE SHOULD BE THE TERRITORY OF TRUST, HUMAN RIGHTS, CITIZENSHIP, COLLABORATION, AND PEACE.
>TO ACHIEVE THESE OBJECTIVES, WE MUST AGREE ON BASIC PRINCIPLES THAT WILL ULTIMATELY GUIDE INTERNET GOVERNANCE.
>AS REGARDS PRIVACY, THE RESOLUTION PASSED BY THE UNITED NATIONS ORGANIZATION WAS AN IMPORTANT STEP IN THE RIGHT DIRECTION, BUT WE MUST -- BUT WE STILL HAVE MUCH PROGRESS TO MAKE.
>ANY DATA COLLECTION OR TREATMENT SHOULD ONLY BE CARRIED OUT WITH FULL AGREEMENT OF THE PARTIES INVOLVED OR AS LEGALLY PROVIDED FOR.
>HOWEVER, THE DISCUSSION ON PRINCIPLES IS MUCH MORE COMPREHENSIVE. IT SHOULD -- AND I STRESS IT SHOULD -- INCLUDE UNIVERSAL INTERNET ACCESS, WHICH IS ABSOLUTELY KEY FOR THE WEB TO SERVE AS A TOOL FOR HUMAN AND SOCIAL DEVELOPMENT SO AS TO ULTIMATELY HELP BUILD INCLUSIVE, NONDISCRIMINATORY SOCIETIES.
>IT SHOULD ALSO INCLUDE FREEDOM OF EXPRESSION AND NET NEUTRALITY AS AN SINE BRAZIL HAS ITS CONTRIBUTIONS TO MAKE FOLLOWING A BROAD RANGING DISCUSSION, DOMESTIC PROCESS THAT HAS ULTIMATELY LED TO THE PASSING OF THE INTERNET CIVIL FRAMEWORK ACT AS PASSED YESTERDAY BY CONGRESS IN WHICH I HAD THE HONOR OF SANCTIONING JUST A FEW MINUTES AGO. THE LAW -- AND I MAY QUOTE TIM BERNERS-LEE WHO QUOTED THE LAW AS A PRESIDENT TO THE WEB ON THE OCCASION OF THE 20th -- OR 25th ANNIVERSARY AS SUCH THE LAW CLEARLY SHOWS THE FEASIBILITY AND SUCCESS OF OPEN MULTISECTORIAL DISCUSSIONS AS WELL AS THE INNOVATIVE USE OF THE INTERNET AS PART OF ONGOING DISCUSSIONS AS A TOOL AND A INTERACTIVE DISCUSSION PLATFORM.
>I THINK IT IS FAIR TO SAY THAT THE PROCESS THAT LED UP TO THE CIVIL FRAMEWORK ACT CAN BE DESCRIBED AS A VIRTUOUS PROCESS IN THAT OUR CIVIL FRAMEWORK, AS IT CURRENTLY STANDS, HAS BEEN EVEN FURTHER APPRECIATED GIVEN THE PROCESS THAT PRECEDED THE EFFORTS TO ESTABLISH IT AS SUCH.
>MAY I, THEREFORE, CALL TO MIND THAT OUR CIVIL FRAMEWORK ESTABLISHES PRINCIPLES, GUARANTEES AND USER RIGHTS, CLEARLY ASSIGNING DUTIES AND RESPONSIBILITIES OF THE DIFFERENT STAKEHOLDERS AND GOVERNMENT AGENCIES ON AN ONLINE ENVIRONMENT. AND EQUALLY IMPORTANT, IT ENSHRINES NETWORK NEUTRALITY AS A KEY PRINCIPLE, A MAJOR GAIN WHICH WE WERE ABLE TO MATERIALIZE AS A CONSENSUS IN THE PROCESS.
>IT ENSHRINES NETWORK NEUTRALITY BY ESTABLISHING THE TELECOMMUNICATIONS COMPANY SHOULD TREAT ANY DATA PACKAGES ON IN A --- FASHION WITH ACCOUNT TO AGENT, DESTINATION, SERVICE, TERMINAL OR APPLICATION. THE LAW OR FRAMEWORK AS HAS TRULY ENSHRINED NETWORK NEUTRALITY. FURTHERMORE, COMPANIES MAY NOT BLOCK, MONITOR, FILTER OR ANALYZE THE CONTENT OF DATA PACKAGES.
>THE CIVIL FRAMEWORK PROTECTS CITIZENS' PRIVACY IN THE ONLY IN THE RELATION WITH THE GOVERNMENTS BUT ALSO WITH RELATION WITH THE INTERNET COMPANIES. COMMUNICATIONS ARE, BY DEFINITION, NON-VIABLE EXCEPT BY A SPECIFIC COURT ORDER TO THAT EFFECT. THE RECENTLY PASSED LAW FURTHER CONTAINS CLEAR RULES GOVERNING WITHDRAWAL OF CONTENT FROM THE INTERNET. ALWAYS, OF COURSE, WITH A VIEW TO ENSURING THAT THE APPLICABLE COURT ORDERS BE AVAILABLE.
>THE CIVIL NETWORK IS AN EXAMPLE OF THE FACT THAT THE INTERNET DEVELOPMENT CANNOT DO IT WITHOUT A DISCUSSION PROCESS AND THE INVOLVEMENT OF NATIONAL STATES. AS SUCH, IT STANDS AS AN INNOVATIVE BENCHMARK MILESTONES BECAUSE IN ITS DEVELOPMENT PROCESS, WE HEARD THE VOICES OF THE STREETS, THE NETWORKS AND OF DIFFERENT INSTITUTIONS.
>FOR ALL OF THE ABOVE, IT IS OUR FIRM CONVICTION THAT ON A NETWORK, EACH NODE MATTERS. THE LARGE NODES SUCH AS THE MEGA PORTALS TO WHICH A SUBSTANTIAL AMOUNT OF WORLD TRAFFIC CONVERGES AND SMALL NODES ARE EQUALLY IMPORTANT.
>AT THIS TIME, I WOULD LIKE TO BRING TO THE FORE A KEY FUNDAMENTAL ISSUE AND TALK ABOUT THE FACT THAT THIS COUNTRY HAS TAKEN A MAJOR STEP FORWARD AS PART OF THE ONGOING PROCESS WHEREBY WE NOT ONLY INCLUDE BUT ALSO GUARANTEE A STEADY STREAM OF INCOME TO A SUBSTANTIAL SHARE OF THE POPULATION.
>INCOME AND ACCESS ARE EQUALLY IMPORTANT. WE BELIEVE THAT IT IS EQUALLY IMPORTANT TO ENSURE WE HAVE PLACE IN SOCIETY WHERE CITIZENS HAVE THEIR OWN VIEWS AND THEY ARE ABLE TO VOICE THEIR VIEWS FREELY. HENCE, THE INVALUABLE DEGREE OF IMPORTANCE WE ATTACH TO THE INTERNET IN OUR SOCIETY.
>WE ALSO HAVE YET ANOTHER MAJOR ASSET. I'M TALKING ABOUT BRAZIL'S ETHNIC CULTURAL, POLITICAL AND RELIGIOUS DIVERSITY. IT IS OURS TO NOT ONLY RESPECT BUT ALSO PROMOTE AND FOSTER OUR CULTURAL DIVERSITY. WE DO NOT WISH TO IMPOSE BELIEFS, CUSTOMS, VALUES OR POLITICAL VIEWS ON ANYONE.
>MAY I PARTICULARLY HIGHLIGHT THE THOUSANDS OF USERS THAT MULTIPLY ON A DAY-TO-DAY BASIS NOT ONLY HERE BUT IN ALL THE DEVELOPING COUNTRIES IN THE OUTSKIRTS OF LARGE URBAN AREAS AND ALSO IN TRADITIONAL COMMUNITIES OUT THERE. ALL OF THESE NEW USERS ENRICH THE NETWORK WITH NEW ALTERNATIVE IDEAS AND ACCOUNTS OF THE WORLD, NEW WORLD VISIONS. THESE PEOPLE MAKE THE INTERNET A STRONGER AND MORE UNIVERSAL PLATFORM.
>AND IT IS ON THEIR BEHALF AND BECAUSE OF THEM, THAT I WOULD LIKE TO AGAIN VOICE MY THANKS TO ALL OF YOU FOR ATTENDING THIS MEETING IN SAO PAULO. FOR US, THE INTERNET IS A MODERN-DAY PRO EMANCIPATION, PRO TRANSFORMATION TOOL THAT CHANGES SOCIETY. SWEEPING CHANGES ARE INTRODUCED THROUGH THE INTERNET. YOU ARE ALL MOST WELCOME. AND I HOPE YOU WILL ALL COME BACK FOR THE WORLD CUP OF ALL CUPS. IF NOT, MAKE SURE YOU WATCH IT THROUGH THE INTERNET. THANK YOU VERY MUCH AGAIN.
>[APPLAUSE ]
>>> LADIES AND GENTLEMEN, WE THANK YOU FOR THE PRESENCE OF YOU ALL. WE CLOSE NOW THIS CEREMONY.
>
>
>
>

Surveillance was mentioned by a few brave souls. Two peaceful, silent - and rather effective - protests broke out during the opening speeches; one, against the data retention clause in Brazil's otherwise path-breaking and brand-new law for civil rights on the Internet, Marco Civil, and another for honouring US NSA whistleblower Edward Snowden and urging action against surveillance. Sadly for Brazilian civil society, the Marco Civil protestations went unheard, and Rousseff signed the bill into law in full.

There were lots of speeches. Lots. If you missed them, here's a handy visualisation you can use to catch up quickly: just add some prepositions and conjunctions, and you'll have a perfectly anodyne and universally acceptable bureaucrat/politician keynote address.

The afternoon was given over to assimilating previously received comments on the outcome document and adding new ones from people in the room. Much contention, much continuity, lots of hard work, lots of nitpicking (some of it even useful) and lots of ambiguity; after more consultation - the slog goes on until tomorrow afternoon - the outcome document will be laid to rest. Lunch was excellent: there's a reason the Grand Hyatt São Paulo costs as much as it does.

Our quest to plumb the depths of multi-stakeholderism continued: we thank the kind folks who gave us their time and allowed us to record them.

Q: What does "multi-stakeholder" mean? What is "multi-stakeholderism"?

Multi-stakeholderism to me is the ability to engage with every stakeholder and have them in the room, and have them understand that it is not an equal opportunity for all. I also understand that civil society and academia will never be at the same place as business, which has far more resources, or governments, which have the sovereign right to make laws, or even the technical community, which is often missing from the policy dialogue. There are three things which are important to me: (1) Will I be able to make interventions not just in the dialogue but in the decision making process? For me, that is key. (2) Do I have recourse in a process which might be multilateral or inter-governmental - do I have recourse when international treaties are  ratified or signed, because they become binding national laws? and (3) What is it that happens to dissent in a process that is not multi-stakeholder? I think even the ITU (the International Telecommunications Union) has taken cognizance of multi-stakeholderism. So it's not new, but it's also not old or accepted, which is why we contest it. We will never have equal stakeholders. And who gets to represent the stakeholder communities? I don't think power imbalances get resolved, and I think it's a deeply flawed process. It's not perfect. But what worries me is the alternative. So give me a better alternative.
Subi Chaturvedi, Media for Change/ Lady Shriram College  (India)

Simply put, multi means many components, and stakeholders are people who have the stakes. So multi-stakeholder means many people who are informed to take the process forward. The process is still on: it's evolving. The idea is that everyone who has an interest should bring it forward, and the dialogue must be balanced. Proof of concept is important - it's not about taking a dogmatic position but a scientific position. Business is concerned about the justification around return on investment.
Jimson Olufuye, Africa ICT Alliance (Nigeria)

Everyone who has a stake in the use and operation of the Internet should have a stake in the way it is managed. I think we shouldn't be considering this as a power game - it's not winner takes all. Decision making should be as much as possible consensual, where no one has a veto power.
Getachew Engida, Deputy Director-General, UNESCO (France)

It is very simple. I think people are complicating matters. It's not a power game. The Internet is fundamentally a global network of interconnected computers. People have become not only consumers of information but providers of information, so the stakes in the media/ICT world are massive. Unprecedented. Therefore, around major issues confronting the Internet, decision making should be as participatory as possible.
Indrajit Banerjee, Director, UNESCO (France)

---

Additional Links

• Watch Brazilian President Dilma Rousseff's speech at the opening of NETmundial
• Follow Swedish foreign minister Carl Bildt on Twitter

Marco Civil, on which we blogged previously, includes provisions for the protection of privacy and freedom of expression of all users, rules mandating net neutrality, etc. Brazil celebrated the beginning of NETmundial, a momentous first day about which Achal Prabhala blogs, with President Rousseff’s approval of the Marco Civil.

At about the same time, news broke that the US Federal Communications Commission is set to propose new net neutrality rules. In the wake of the Verizon net neutrality decision in January, the proposed new rules will prohibit Internet service providers such as Comcast from slowing down or blocking traffic to certain websites, but permit fast lane traffic for content providers who are willing to pay for it. This fast lane would prioritise traffic from content providers like Netflix and Youtube on commercially reasonable terms, and result in availability of video and other content at higher speeds or quality. An interesting turn-around, as Marco Civil expressly mandates net neutrality for all traffic.

Created by Sumandro using Google Charts. Google Terms of Use and Data Policy. Data compiled by Sumandro and Jyoti. Download the data.

This scatter plot shows the number of times the word *multistakeholder* (including *multi-stakeholder* and *multistakeholderism*) appears across contributions submitted to NETmundial. X axis (horizontal) gives the serial number of contributions and Y axis (vertical) gives the number of times the word appears on a contribution. Click on the types of organisation below the chart to highlight the corresponding organisations on the chart.

The Centre for Internet and Society, Bangalore, India, is a non-profit research organization that works on policy issues relating to freedom of expression, privacy, accessibility for persons with disabilities, access to knowledge and IPR reform, and openness, and engages in academic research on digital natives and digital humanities.

The visualisations are done by Sumandro Chattapadhyay, based on data compilation and analysis by Jyoti Panday, and with data entry suport from Chandrasekhar.

Built on Bootstrap by Sumandro

All code, content and data is co-owned by the author(s) and Centre for Internet and Society, Bangalore, India, and shared under Creative Commons Attribution-ShareAlike 2.5 India license.

For all the talk of an inclusive global meeting, there was exactly one governmental submission from the African continent, and it was from Tunisia; and the overall rate of submissions from Africa and West Asia were generally very low.

The outcome document perfectly reflects the gloss that the "multi-stakeholder" model was designed to achieve: an outcome that is celebrated by businesses (and by all embedded institutions like ICANN) for being harmless, met with relief by governments for not upsetting the status quo, all of it lit up in the holy glow of "consensus" from civil society.

Of course there was no consensus. Civil society groups who organised on Day 0 put up their position: the shocking omission of a strong case for net neutrality, ambiguous language on surveillance, weak defences of free expression and privacy. All valid points. But it's striking that civil society takes such a pliant position towards authority: other than exactly two spirited protests (one against the data retention in Marco Civil, and the other against the NSA's mass surveillance program) there was no confrontation, no provocation, no passionate action that would give civil society the force it needs to win. If we were to compare this to other international struggles, the gay rights battle, or its successor, the AIDS medicines movement, for instance - what a difference there is. People fought to crush with powerful, forceful action. Only after huge victories with public and media sympathy, and only after turning themselves into equals of the corporations and governments they were fighting, did they allow themselves to sit down at the table and negotiate nicely. Internet governance fora are marked by politeness and passivity, and perhaps - however sad - it's no wonder that the least powerful groups in these fora always come away disappointed.

It's also surprising that there is no language in the outcome document that explicitly addresses the censorious threat posed by the global expansion of a sovereign application of copyright, as seen most vividly in the proposed SOPA/PIPA legislation in the United States. The outcome document has language that seems to more or less reflect the civil society proposal, and it's possible that a generous interpretation of the language could mean that it opposes the selective, restrictive and damaging application of what the intellectual property industries want to accomplish on the Internet. But it's puzzling that the language isn't stronger or more explicit, and even more puzzling that civil society doesn't seem to want to fight for such language.

This seems like an appropriate time to end the multi-stakeholder diaries. Hasn't the word been used enough? Here is one last instalment. We thank the kind folks who gave us their time.

Q: What does "multi-stakeholder" mean? What is "multi-stakeholderism"?

A large part of the discourse prior to the NETmundial conference has been centered around the issue of what is the best structural system to regulate a global network – this has commonly been portrayed as a choice between a multistakeholder system – which broadly speaking, aims to place ‘all stakeholders’ on equal footing – against multilateralism – a recognized concept in International law / the Comity of Nation States, where a nation state is recognized as the representative of its citizens, making decisions on their behalf and in their interests.

In our opinion, the issue is not about the dichotomy between multilateralism and multistakeholderism; it is about what functions or issues can legitimately be dealt with through each of the processes in terms of adequately protecting civil liberties and other public interest principles – including the appropriate enforcement of norms. For instance, how do you deal with something like cyber warfare without the consent of states? Similarly, how do we address regulatory issues such as determining (and possibly subsidizing) costs of access, or indeed to protect a right of a country against unilateral disconnection?

.....The crux of the matter rests in deciding which is the best governance ‘basket’ to include a particular issue within – taken from both a substantive and enforcement perspective. The challenge is trying to demarcate issues to ensure that each is dealt with effectively by placing it in an appropriate bucket. (The full post can be accessed here).
Rishab Bailey from the Society for Knowledge Commons (India)

If I would have signed the campaign http://wepromise.eu as a candidate to the European Parliament I would have made it an election promise to defend "the principle of multistakeholderism".

That means that I "support free, open, bottom-up, and multi-stakeholder models of coordinating the Internet resources and standards - names, numbers, addresses etc" and that I "support measures which seek to ensure the capacity of representative civil society to participate in multi-stakeholder forums." Further, I "oppose any attempts by corporate, governmental or intergovernmental agencies to take control of Internet governance."

My very rudimentary personal view is basically that it's a bad idea to institutionalise conflicting competences.
Erik Josefsson, Adviser on Internet policies for the Greens/EFA group in the European Parliament

---

And so it ends.

To sum up the previous post: under Article 12 of the Constitution, fundamental rights can be enforced only against the State, or State-like entities that are under the functional, financial and administrative control of the State. In the context of net neutrality, it is clear that privately-owned ISPs do not meet the exacting standards of Article 12. Nonetheless, we also found that the Indian Supreme Court has held private entities, which do not fall within the contours of Article 12, to an effectively similar standard of obligations under Part III as State organizations in certain cases. Most prominent among these is the case of education: private educational institutions have been required to adhere to standards of equal treatment which are identical in content to Article 14, even though their source lies elsewhere. If, therefore, we are to impose obligations of net neutrality upon private ISPs, a similar argument must be found.

I will suggest that the best hope is by invoking the free speech guarantee of Article 19(1)(a). To understand how an obligation of free speech might operate in this case, let us turn to the case of Marsh v. Alabama, an American Supreme Court case from 1946.

Marsh v. Alabama involved a “company town”. The “town” of Chickasaw was owned by a private company, the Gulf Shipbuilding Corporation. In its structure it resembled a regular township: it had building, streets, a sewage system, and a “business block”, where stores and business places had been rented out to merchants and other service providers. The residents of the “town” used the business block as their shopping center, to get to which they used the company-owned pavement and street. Highway traffic regularly came in through the town, and its facilities were used by wayfarers. As the Court noted:

“In short the town and its shopping district are accessible to and freely used by the public in general and there is nothing to distinguish them from any other town and shopping center except the fact that the title to the property belongs to a private corporation.”

Marsh, who was a Jehovah’s Witness, arrived in Chickasaw with the intention of distributing religious literature on the streets. She was asked to leave the sidewalk, and on declining, she was arrested by the police, and charged under an anti-trespassing statute. She argued that if the statute was applied to her, it would violate her free speech and freedom of religion rights under the American First Amendment. The lower Courts rejected her argument, holding that since the street was owned by a private corporation, she had no constitutional free speech rights, and the situation was analogous to being invited into a person’s  private house. The Supreme Court, however, reversed the lower Courts, and found for Marsh.

Four (connected) strands of reasoning run through the Supreme Court’s (brief) opinion. First, it found that streets, sidewalks and public places have historically been critically important sites for dissemination and reception of news, information and opinions, whether it is through distribution of literature, street-corner oratory, or whatever else. Secondly, it found that private ownership did not carry with it a right to exclusive dominion. Rather, “the owners of privately held bridges, ferries, turnpikes and railroads may not operate them as freely as a farmer does his farm. Since these facilities are built and operated primarily to benefit the public and since their operation is essentially a public function, it is subject to state regulation.” Thirdly, it noted that a large number of Americans throughout the United States lived in company towns, and acted just as other American citizens did, in their duties as residents of a community. It would therefore be perverse to deny them rights enjoyed by those who lived in State-municipality run towns. And fourthly, on balance, it held that the private rights of property-owners was subordinate to the right of the people to “enjoy freedom of press and religion.”

No one factor, then, but a combination of factors underlie the Court’s decision to impose constitutional obligations upon a private party. It mattered that, historically, there have been a number of spaces traditionally dedicated to public speech: parks, squares and streets – whose public character remained unchanged despite the nature of ownership. It mattered that individuals had no feasible exit option – that is, no other place they could go to in order to exercise their free speech rights. And it mattered that free speech occupied a significant enough place in the Constitutional scheme so as to override the exclusionary rights that normally tend to go with private property.

The case of the privately-owned street in the privately-owned town presents a striking analogy when we start thinking seriously about net neutrality. First of all, in the digital age, the traditional sites of public discourse – parks, town squares, streets – have been replaced by their digital equivalents. The lonely orator standing on the soap-box in the street corner now tweets his opinions and instagrams his photographs. The street-pamphleteer of yesteryear now updates his Facebook status to reflect his political opinions. Specialty and general-interest blogs constitute a multiplicity of town-squares where a speaker makes his point, and his hearers gather in the comments section to discuss and debate the issue. While these examples may seem frivolous at first blush, the basic point is a serious one: the role of opinion formation and transmission that once served by open, publicly accessible physical infrastructure, held – in a manner of speaking – in public trust by the government, is now served in the digital world, under the control of private gatekeepers. To that extent, it is a public function, undertaken in public interest, as the Court held in Marsh v. Alabama.

The absence of an exit option is equally important. The internet has become not only a space of exchanging information, but it has become a primary – non-replaceable source – of the same. Like the citizens of Chickasaw lacked a feasible alternative space to exercise their public free speech rights (and we operate on the assumption that it would be unreasonably expensive and disruptive for them to move to a different town), there is now no feasible alternative space to the internet, as it exists today, where the main online spaces are owned by private parties, and access to those spaces is determined by gatekeepers – which are the ISPs.

The analogy is not perfect, of course, but there is a case to be made that in acting as the gatekeepers of the internet, privately-owned ISPs are in a position quite similar to the corporate owners of they public streets Company Town.

In the last post, we saw how it is possible – constitutionally – to impose public obligations upon private parties, although the Court has never made its jurisprudential foundation clear. Here, then, is a thought: public obligations ought to be imposed when the private entity is providing a public function and/or when the private entity is in effectively exclusive control of a public good. There is an argument that ISPs satisfy both conditions. Of course, we need to examine in detail how precisely the rights of free expression are implicated in the ISP context. That is the subject for the next post.

---

Gautam Bhatia — @gautambhatia88 on Twitter — is a graduate of the National Law School of India University (2011), and presently an LLM student at the Yale Law School. He blogs about the Indian Constitution at http://indconlawphil.wordpress.com. Here at CIS, he will be blogging on issues of online freedom of speech and expression.

It is within this realm of the social transaction that there exists an unending conflict between the Right to Privacy of an individual and the overbearing hand of the State as a facilitator of public interest. This right thus acts as a safety valve providing individuals with a sacred space within which their interactions in their personal capacity have no bearing on their conduct in the public sphere. The preservation of this space is incredibly important in order to ensure a willingness of individuals to engage and cooperate with the State in its fulfillment of public welfare measures that would otherwise be deemed as intrusive. It is in this regard that the Right to Privacy, one of the last sustaining rights that an individual holds against a larger State interest, ought to be protected by the law.

There are numerous dimensions to the idea of the Right to Privacy. These include but are not limited to the privacy of person, privacy of communication, personal privacy, transactional privacy, privacy of information and the privacy of personal data.

The Supreme Court of India has come to the rescue of individuals, time and again by construing "Right to Privacy" as an extension of the Fundamental Right to “Protection of Life and Personal liberty” under Article 21 of the Constitution. This has been reflected in the adjudicatory jurisprudence of the Constitutional courts in the country. However, there exists no Constitutional remedy to redress the breach of privacy by a nongovernmental actor, except under tortuous liability. The power and authority of public and private institutions to use an individual’s personal data for larger interests of national security or effectuation of socio-economic policies is still under extensive scrutiny. It is in this regard that we have compiled a number of sectoral legislations, regulating domains ranging from Finance and Telecom to Healthcare, Freedom of Expression, Consumer rights and Procedural codes. The highlighted provisions under each Act pertain to the mechanisms embodied within the legislation for the regulation of privacy within their respective sectors. Through this we aim to determine the threshold for permissible collection of confidential data and regulatory surveillance, provided a sufficient need for the same has been established. The determination of such a threshold is imperative to formulating a consistent and effective regime of privacy protection in India.

---

Click to download the below resources:

Legislations
Master Circulars
Finance and Privacy
Code of Civil Procedure and Code of Criminal Procedure
Freedom of Expression
Identity and Privacy
National Security and Privacy
Consumer Protection
Transparency and Privacy
Healthcare
Telecom

Case Laws
Code of Civil Procedure and Code of Criminal Procedure
Freedom of Expression
Identity and Privacy
National Security and Privacy
Consumer Protection
Transparency and Privacy
Healthcare
Telecom

The article was published in the Hoot on April 15, 2014.

---

Privacy evades definition and for this reason sits uneasily with law. The multiplicity of everyday privacy claims and transgressions by ordinary people, and the diversity of situations in which these occur, confuse any attempt to create a common meaning of privacy to inform law. Instead, privacy is negotiated contextually, and the circumstances that permit a privacy claim in one situation might form the basis for its transgression in another.

It is easy to understand privacy when it is claimed in relation to the body; it is beyond argument that every person has a right to privacy in relation to their bodies, especially intimate areas. It is also accepted that homes and private property secure to their owners a high degree of territorial privacy. But what of privacy from intrusive stares, or even from camera surveillance, when in a public place? Or of biometric privacy to protect against surreptitious fingerprint capturing or DNA collection from the things we touch and the places we visit every day? Or the privacy of a conversation in a restaurant from other patrons? Clearly, there are multiple meanings of privacy that are negotiated by individuals all the time.

Law has, where social custom has demanded, clothed some aspects of human activity with an expectation of privacy. In relation to bodily privacy, this is achieved by both ordinary common law without reference to privacy at all, such as the offences of battery and rape; and, by special criminal law that is premised on an expectation of privacy, such as the discredited offences regarding women’s modesty in sections 354 and 509 of the Indian Penal Code, 1860 (IPC), and the new offences of voyeurism and stalking contained in sections 354C and 354D of the IPC.

The law also privileges communications that are made through telephones, letters, and emails by regulating the manner of their interception in special circumstances. Conditional interception provisions with procedural safeguards – which, for several reasons, are flawed and ineffective – exist to protect the privacy of such communications in section 5(2) of the Indian Telegraph Act, 1885, section 26 of the Indian Post Office Act, 1898, and section 69 of the Information Technology Act, 2000.

Territorial privacy, which is afforded by possession of private property, is ordinarily protected by the broad offence of trespass – in India, these are the offences of criminal trespass, house trespass, and lurking house-trespass contained in sections 441 to 443 of the IPC – and house-breaking, which is akin to the offence of breaking and entering in other jurisdictions, in section 445 of the IPC.

Some measure of protection is provided to biometric information, such as fingerprints and DNA, by limiting their lawful collection by the state: sections 53, 53A, and 54 of the Code of Criminal Procedure, 1973 permit collections of biometric information from arrestees in certain circumstances; this is in addition to a colonial-era collection regime created by the Identification of Prisoners Act, 1920. However, nothing expressly prohibits the police or anybody else from non-consensually developing DNA profiles from human material that is routinely left behind by our bodies, for instance, saliva on restaurant cutlery or hair at the barbershop.

Physical surveillance, by which a person is visually monitored to invade locational privacy, is also inadequately regulated. Besides man-on-woman stalking, which was criminalised only one year ago, no effective measures exist to otherwise protect locational privacy. Indian courts regularly employ their injunctive power but have been loath to issue equitable remedies such as restraining orders to secure privacy. Police surveillance, which is usually covert, is an executive function that is practised with wide latitude under every state police statute and government-issued rules and regulations thereunder with little or no oversight. The risk of misuse of these powers is compounded by the increasingly widespread use of surveillance cameras sans regulation.

Other technologies too compromise privacy: GPS-enabled mobile phones offer precise locational information, presumably consensually; cell-tower tracking, almost always non-consensually, is ordered by Indian police without any procedurally built-in safeguards; radio frequency identification to locate vehicles is sought to be made mandatory; and, satellite-based surveillance is available to intelligence agencies, none of which are registered or regulated unlike in other liberal democracies.

No uniform privacy standard in law

None of these laws applies a uniform privacy standard nor are they measured against a commonly understood meaning of privacy. The lack of a statutory definition is not the issue; the lack of a statute that expresses the legislative will of a democracy to forge a common understanding of privacy to inform all kinds of human activity is the concern. Ironically, the impetus to draft a privacy law has come from abroad. Foreign senders of personal information – credit card data, home addresses, phone numbers, and the like – to India’s information technology and outsourcing industry demand institutionalised protection for their privacy.

Pressure from the European Union, which has the world’s strongest information privacy standards and with which India is currently negotiating a free trade agreement, to enact a data protection regime to address privacy has not gone unanswered. The Indian government – specifically, the Department of Personnel and Training, the same department that administers the Right to Information Act, 2005 – is currently drafting a privacy law to govern data protection and surveillance. At stake is the continued growth of India’s information technology and outsourcing sectors that receive significant amounts of European personal data for processing, which drives national exports and gross domestic product.

An inferred right

For its part, the Supreme Court has examined more than a few privacy claims to find, intermittently and unconvincingly, that there is a constitutional right to privacy, but the contours of this right remain vague. In 1962, the Supreme Court rejected the existence of a privacy right in Kharak Singh’s case which dealt with intrusive physical surveillance by the police.

The court was not unanimous; the majority of judges expressly rejected the notion of locational privacy while declaring that privacy was not a constituent of personal liberty, a lone dissenting judge found the opposite to be true and, furthermore, held that surveillance had a chilling effect on freedom. In 1975, in the Gobind case that presented substantially similar facts, the Supreme Court leaned towards, but held short of, recognising a right to privacy. It did find that privacy flowed from personal autonomy, which bears the influence of American jurisprudence, but subjected it to the interests of government; the latter prevailed.

However, in the PUCL case of 1997 that challenged inadequately regulated wiretaps, the Supreme Court declared that phone conversations were protected by a fundamental right to privacy that flowed from Article 21 of the Indian Constitution. To intrude upon this right, the court said, a law was necessary that is just, fair, and reasonable. If this principle were to be extended beyond communications privacy to, say, identity cards, the Aadhar project, which is being implemented without the sanction of an Act of Parliament, would be judicially stopped.

But what does “law” mean? Is it only the law of our Constitution and courts? What of the law that governed Indian societies before European colonisation brought the word ‘privacy’ to our legal system? Classical Hindu law – distinct from colonial and post-independence Hindu law – also recognises and enforces expectations of privacy in different contexts. It recognised the sanctity of the home and family, the autonomy of the community, and prescribed penalties for those who breached these norms. So, too, does Islamic law: all schools of Islamic jurisprudence – ‘fiqh’ – recognise privacy as an enforceable right.

Different words and concepts are used to secure this right, and these words have meanings and connotations of their own. But, the hermeneutics of privacy notwithstanding, this belies the common view that privacy is not an Indian value. Privacy may or may not be a cultural norm, but it has existed in India and South Asia in different forms for millennia.

---

Bhairav Acharya is a constitutional lawyer practising in the Supreme Court of India. He advises the Centre for Internet & Society, Bangalore, on privacy law and other constitutional issues.

The source of pressure for strict legal regulations addressing data protection are both the growing recognition of the importance of privacy rights, as well as the risk of falling behind on international standards on data protection, which would hamper the potential of developing countries as destinations for outsourcing industries which depend largely on processing of information.[1] The Protection of Personal Information Act enacted by South Africa is an example of a policy which enables a comprehensive framework for data security and privacy and is a model for other developing nations which are weighing the costs and benefits of establishing a secure data protection regime.

The South African law traces the right to protection of personal information back to Section 14 of the South African Constitution, which provides for a right against the unlawful collection, retention, dissemination and use of personal information. The law establishes strict restrictions and regulations on the processing of personal information, which includes information including relating to race, gender, sexual orientation, medical information, biometric information and personal opinion. The processing of personal information under the Act must comply with 8 principles, namely - accountability, lawful purpose for processing and processing limitation, purpose specification, information quality, openness and notice of collection, openness, reasonable security safeguards and subject participation, in line with the international standards for fair information practices.[2] The Act also recognizes ‘special personal information’, including religious or political beliefs, race, sexual orientation and trade union membership, as well as any personal information of children below the age of 18, which require stricter safeguards for processing,. Similar to the draft Indian legislation on privacy, the Act contemplates an independent regulatory mechanism, the information regulator, which would have all the necessary powers to effectively monitor compliance under the Act, including the power for punishing offences under the Act.

The Protection of Personal Information Act contains 115 Sections and is meant to be an exhaustive and heavily detailed policy to bring South Africa’s laws in line with EU and international regulations on data protection.[3] Though such progressive policies should be a model for policy changes in other developing nations, one aspect in which the law fails is to address increasing privacy concerns arising from widespread government-enabled surveillance and data retention. The POPI excludes from its application the processing of information related to national security, terrorist related activities and public safety, combating of money laundering, investigation of proof of offences, the prosecution of offenders, execution of sentences or other security measures, subject to adequate safeguards being established by the legislature for protection of personal information. Unfortunately, the ambiguous wording of the exclusions, especially in determining “adequate safeguards”, leaves its interpretation and application open for governments to engage in mass surveillance in the name of public security. Over the past few years, governments have taken to using technology and information, particularly through mass surveillance, to collect comprehensive information on their citizens and violate their liberties and privacy. In India, particularly with programs like the Central Monitoring System being implemented, any policy which purportedly aims at the protection of privacy must not only seek bare minimal compliances with the current international standards for data protection, but should also address the mass, unrestricted surveillance and data retention which is taking place in the name of public security.

Developing nations like South Africa and India face significant challenges in ensuring individual privacy, particularly the lack of sufficient legal safeguards for the protection of privacy. The right to privacy is often dismissed as an elitist or western concept, which does not have value in the context of developing nations, without engaging with the realities and the nuances of the right. Further, the costs of expensive technical safeguards means private and public bodies are required to spend significant resources in maintaining data security and these factors often outweigh privacy considerations in policy debates. The South African Act, hence, serves both as an important model for legislation and as an indication that the right to privacy is valuable to recognize in developing countries as well.

---

[1]. Article 25 of the European Union Directive on the Protection of Individuals with regard to the Processing of Personal Data and on the Free Movement of such data (Directive 95/46/EC) prohibits the transfer of data to non-member states which do not comply with adequate data protection norms.

[2]. http://oecdprivacy.org/

[3]. Link to Act: www.gov.za/documents/download.php?f=204368

The blog entry was originally published in DML Central on April 17, 2014 and mirrored in Hybrid Publishing Lab on May 13, 2014.

---

Are we an ensemble of actors? A cluster of friends? A conference of scholars? A committee of decision makers? An array of perspectives? A group of associates? A play-list of voices? I do not pose these  questions rhetorically, though I do enjoy rhetoric. I want to look at this inability to name collectives and the confusions and ambiguity it produces as central to our conversations around digital thinking. In particular, I want to look at the notion of the network. Because, I am sure, that if we were to go for the most neutralised digital term to characterise this collection that we all weave in and out of, it would have to be the network. We are a network.[1]

But, what does it mean to say that we are a network? The network is a very strange thing. Especially within the realms of the Internet, which, in itself, purports to be a giant network, the network is self-explanatory, self-referential and completely denuded of meaning. A network is benign, and like the digital, that foregrounds the network aesthetic, the network is inscrutable. You cannot really touch a network or name it. You cannot shape it or define it. You can produce momentary snapshots of it, but you can never contain it or limit it. The network cannot be held or materially felt.

And yet, the network touches us. We live within networked societies. We engage in networking – network as a verb. We are a network – network as a noun. We belong to networks – network as a collective. In all these poetic mechanisms of network, there is perhaps the core of what we want to talk about today – the tension between the local and the global and the way in which we will understand the Internet and then the frameworks of governance and policy that surround it.

Let me begin with a genuine question. What predates the network? Because the network is a very new word. The first etymological trace of the network is in 1887, where it was used as a verb, within broadcast and communications models, to talk about an outreach. As in ‘to cover with a network.’ The idea of a network as a noun is older where in the 1550s, the idea of ‘net-like arrangements of threads, wires, etc.’ was first identified as a network. In the second half of the industrial 19th Century, the term network was used for understanding an extended, complex, interlocking system. The idea of network as a set of connected people emerged in the latter half of the 20thCentury. I am pointing at these references to remind us that the ubiquitous presence of the network, as a practice, as a collective, and as a metaphor that seeks to explain the rest of the world around us, is a relatively new phenomenon. And we need to be aware of the fact, that the network, especially as it is understood in computing and digital technologies, is a particular model through which objects, individuals and the transactions between them are imagined.

For anybody who looks at the network itself – especially the digital network that we have accepted as the basis on which everything from social relationships on Facebook to global financial arcs are defined – we know that the network is in a state of crisis.

Networks of crises: The Bangalore North East Exodus

Let me illustrate the multiple ways in which the relationship between networks and crisis has been imagined through a particular story. In August 2012, I woke up one morning to realise that I was living in a city of crisis. Bangalore, which is one of my homes, where the largest preoccupations to date have been about bad roads, stray dogs, and occasionally, the lack of a nightlife, was suddenly a space that people wanted to flee and occupy simultaneously.

Through the technology mediated gossip mill that produced rumours faster than the speed of a digital click, imagination of terror, danger, and material harm found currency. The city suddenly witnessed thousands of people running away from it, heading back to their imagined homelands. It was called the North East exodus, where, following an ethnic-religious clash between two traditionally hostile communities in Assam, there were rumours that the large North East Indian community in Bangalore was going to be attacked by certain Muslim factions at the end of Ramadan.
The media spectacle of the exodus around questions of religion, ethnicity, regionalism and belonging only emphasised the fact that there is a new way of connectedness that we live in – the network society that no longer can be controlled, contained or corrected by official authorities and their voices. Despite a barrage of messages from law enforcement and security authorities, on email, on large screens on the roads, and on our cell phones, there was a growing anxiety and a spiralling information explosion that was producing an imaginary situation of precariousness and bodily harm. For me, this event, was one of the first signalling how to imagine the network society in a crisis, especially when it came to Bangalore, which is supposed to represent the Silicon dreams of an India that is shining brightly. While there is much to be unpacked about the political motivations and the ecologies of fear that our migrant lives in global cities are enshrined in, I want to specifically focus on what the emergence of this network society means.

There is an imagination, especially in cities like Bangalore, of digital technologies as necessarily plugging in larger networks of global information consumption. The idea that technology plugs us into the transnational circuits is so huge that it only tunes us toward an idea of connectedness that is always outward looking, expanding the scope of nation, community and body.

However, the ways in which information was circulating during this phenomenon reminds us that digital networks are also embedded in local practices of living and survival. Most of the time, these networks are so natural and such an integral part of our crucial mechanics of urban life that they appear as habits, without any presence or visibility. In times of crises – perceived or otherwise – these networks make themselves visible, to show that they are also inward looking. But in this production of hyper-visible spectacles, the network works incessantly to make itself invisible.

Which is why, in the case of the North East exodus, the steps leading to the resolution of the crisis, constructed and fuelled by networks is interesting. As government and civil society efforts to control the rumours and panic reached an all-time high and people continued to flee the city, the government eventually went in to regulate the technology itself. There were expert panel discussions about whether the digital technologies are to be blamed for this rumour mill. There was a ban on mass-messaging and there was a cap on the number of messages which could be sent on a day by each mobile phone subscriber. The Information and Broadcast Ministry along with the Information Technologies cell, started monitoring and punishing people for false and inflammatory information.

Network as Crisis: The unexpected visibility of a network

What, then, was the nature of the crisis in this situation? It is a question worth exploring. We would imagine that this crisis was a crisis about the nationwide building of mega-cities filled with immigrant bodies that are not allowed their differences because they all have to be cosmopolitan and mobile bodies. The crisis could have been read as one of neo-liberal flatness in imagining the nation and its fragments, that hides the inherent and historical sites of conflict under the seductive rhetoric of economic development. And yet, when we look at the operationalization of the resolutions, it looked as if the crisis was the appearance and the visibility of the hitherto hidden local networks of information and communication.

In her analysis of networks, Brown University’s Wendy Chun posits that this is why networks are an opaque metaphor. If the function of metaphor is to explain, through familiarity, objects which are new to us, the network as an explanatory paradigm presents a new conundrum. While the network presumes and exteriority that it seeks to present, while the network allows for a subjective interiority of the actor and its decisions, while the network grants visibility and form to the everyday logic of organisation, what the network actually seeks to explain is itself. Or, in less evocative terms, the network is not only the framework through which we analyse, but it is also the object of analyses. Once the network has been deployed as a paradigm through which to understand a crisis, once the network has made itself visible, all our efforts are driven at explaining and strengthening, and almost like digital mothers, comfort the network back into its peaceful existence as infrastructure. We develop better tools to regulate the network. We define new parameters to mine the data more effectively. We develop policies to govern and govern through the network with greater transparency and ease.

Thus, in the case of the North East exodus, instead of addressing the larger issues of conservative parochialism, an increasing backlash by right-wing governments and a growing hostility that emerges from these cities that nobody possesses and nobody belongs to, the efforts were directed at blaming technology as the site where the problem is located and the network as the object that needs to be controlled. What emerged was a series of corrective mechanisms and a set of redundant regulations that controlled the number of text messages that people were able to send per day or policing the Internet for spreading rumours. The entire focus was on information management, as if the reason for the mass exodus of people from the NE Indian states and the sense of fragility that the city had been immersed in, was all due to the pervasive and ubiquitous information gadgets and their ability to proliferate in p2p (peer-to-peer) environments outside of the government’s control. This lack of exteriority to the network is something that very few critical voices have pointed out.

Duncan Watts, the father of network computing, working through the logic of nodes, traffic and edges, has suggested there is a great problem in the ways in which we understand the process of network making. I am paraphrasing his complex mathematical text that explains the production of physical networks – what he calls the small worlds – and pointing out his strong critique about how the social scientists engage with networks. In the social sciences’ imagination of networks, there is a messy exteriority – fuzzy, complex and often not reducible to patterns or basic principles. The network is a distilling of the messy exteriority, a representation of the complex interplay between different objects and actors, and a visual mapping of things as they are. Which is to say, we imagine there is a material reality and the network is a tool by which this reality, or at least parts of this reality, are mapped and represented to us in patterns which can help us understand the true nature of this reality.

Drawing from practices of network modelling and building, Watts proved, that we have the equation wrong. The network is not a representation of reality but the ontology of reality. The network is not about trying to make sense of an exteriority. Instead, the network is an abstract and ideological map that constructs the reality in a particular way. In other words, the network precedes the real, and because of its ability to produce objective, empiricist and reductive principles (constantly filtering out that which is not important to the logic or the logistics of the network design), it then gives us a reality that is produced through the network principles. To make it clear, the network representation is not the derivative of the real but the blue-print of the real. And the real as we access it, through these networked tools, is not the raw and messy real but one that is constructed and shaped by the network in those ways. The network, then, needs to be understood, examined and critiqued, not as something that represents the natural, but something that shapes our understanding of the natural itself.

In the case of the Bangalore North East Exodus, the network and its visibility created a problem for us – and the problem was, that the network, which is supposed to be infrastructure, and hence, by nature invisible, had suddenly become visible. We needed to make sure that it was shamed, blamed, named and tamed so that we can go back to our everyday practices of regulation, governance and policy.

The Intersectional Network

What I want to emphasise, then, is that this binary of local versus the global, or local working in tandem with global, or the quaintly hybridised glocal are not very generative in thinking of policy and politics around the Internet. What we need is to recognise what gets hidden in this debate. What becomes visible when it is not supposed to? What remains invisible beyond all our efforts? And how do we develop a framework that actually moves beyond these binary modes of thinking, where the resolution is either to collapse them or to pretend that they do not exist in the first place? Working with frameworks like the network makes us aware of the ways in which these ideas of the global and the local are constructed and continue to remain the focus of our conversations, making invisible the real questions at hand.

Hence, we need to think of networks, not as spaces of intersection, but in need of intersections. The networks, because of their predatory, expanding nature, and the constant interaction with the edges, often appear as dynamic and inclusive. We need to now think of the networks as in need of intersections – or of intersectional networks. Developing intersections, of temporality, of geography and of contexts are great. But, we need to move one step beyond – and look at the couplings of aspiration, inspiration, autonomy, control, desire, belonging and precariousness that often mark the new digital subjects. And our policies, politics and regulations will have to be tailored to not only stop the person abandoning her life and running to a place of safety, not only stop the rumours within the Information and communication networks, not only create stop-gap measures of curbing the flows of gossip, but to actually account for the human conditions of life and living.

---

[1]. This post has grown from conversations across three different locations. The first draft of this talk was presented at the Habits of Living Conference, organised by the Centre for Internet & Society and Brown University, in Bangalore. A version of this talk found great inputs from the University of California Humanities Research Institute in Irvine, where I found great ways of sharpening the focus. The responses at the Milton Wolf Seminar at the America Austria Foundation, Austria, to this story, helped in making it more concrete to the challenges that the “network” throws to our digital modes of thinking. I am very glad to be able to put the talk into writing this time, and look forward to more responses.

---

The op-ed was published in the Hindu on May 2, 2014.

---

On May 5, the Supreme Court will hear Kamlesh Vaswani’s infamous anti-pornography petition again. The petition makes some rather outrageous claims. Watching pornography ‘puts the country’s security in danger’ and it is ‘worse than Hitler, worse than AIDS, cancer or any other epidemic,’ it says. This petition has been pending before the Court since February 2013, and seeks a new law that will ensure that pornography is exhaustively curbed.

Disintegrating into binaries

The petition assumes that pornography causes violence against women and children. The trouble with such a claim is that the debate disintegrates into binaries; the two positions being that pornography causes violence or that it does not. The fact remains that the causal link between violence against women and pornography is yet to be proven convincingly and remains the subject of much debate. Additionally, since the term pornography refers to a whole range of explicit content, including homosexual adult pornography, it cannot be argued that all pornography objectifies women or glamorises violent treatment of them.

Allowing even for the petitioner’s legitimate concern about violence against women, it is interesting to note that of all the remedies available, he seeks the one which is authoritarian but may not have any impact at all. Mr. Vaswani could have, instead, encouraged the state to do more toward its international obligations under the Convention on the Elimination of Discrimination against Women (CEDAW). CEDAW’s General Recommendation No. 19 is about violence against women and recommends steps to be taken to reduce violence against women. These include encouraging research on the extent, causes and effects of violence, and adopting preventive measures, such as public information and education programmes, to change attitudes concerning the roles and status of men and women.

Child pornography

Although different countries disagree about the necessity of banning adult pornography, there is general international consensus about the need to remove child pornography from the Internet. Children may be harmed in the making of pornography, and would at the very minimum have their privacy violated to an unacceptable degree. Being minors, they are not in a position to consent to the act. Each act of circulation and viewing adds to the harmful nature of child pornography. Therefore, an argument can certainly be made for the comprehensive removal of this kind of content.

Indian policy makers have been alive to this issue. The Information Technology Act (IT Act) contains a separate provision for material depicting children explicitly or obscenely, stating that those who circulate such content will be penalised. The IT Act also criminalises watching child pornography (whereas watching regular pornography is not a crime in India).

Intermediaries are obligated to take down child pornography once they have been made aware that they are hosting it. Organisations or individuals can proactively identify and report child pornography online. Other countries have tried, with reasonable success, systems using hotlines, verification of reports and co-operation of internet service providers to take down child pornography. However, these systems have also sometimes resulted in the removal of other legitimate content.

Filtering speech on the Internet

Child pornography can be blocked or removed using the IT Act, which permits the government to send lists of URLs of illegal content to internet service providers, requiring them to remove this content. Even private parties can send notices to online intermediaries informing them of illegal content and thereby making them legally accountable for such content if they do not remove it. However, none of this will be able to ensure the disappearance of child pornography from the Internet in India.

Technological solutions like filtering software that screens or blocks access to online content, whether at the state, service provider or user level, can at best make child pornography inaccessible to most people. People who are more skilled than amateurs will be able to circumvent technological barriers since these are barriers only until better technology enables circumvention.

Additionally, attempts at technological filtering usually even affect speech that is not targeted by the filtering mechanism. Therefore, any system for filtering or blocking content from the Internet needs to build in safeguards to ensure that processes designed to remove child pornography do not end up being used to remove political speech or speeches that are constitutionally protected.

In the Vaswani case, the government has correctly explained to the Supreme Court that any greater attempt to monitor pornography is not technologically feasible. It has pointed out that human monitoring of content will delay transmission of data substantially, will slow down the Internet, and will also be ineffective, since the illegal content can easily be moved to other servers in other countries.

Making intermediaries liable for the content they host will undo the safe harbour protection granted to them by the IT Act. Without it, intermediaries like Facebook will actually have to monitor all the content they host, and the resources required for such monitoring will reduce the content that makes its way online. This would seriously impact the extensiveness and diversity of content available on the Internet in India. Additionally, when demands are made for the removal of legitimate content, profit-making internet companies will be disinclined to risk litigation much in the same way as Penguin was reluctant to defend Wendy Doniger’s book.

If the Supreme Court makes the mistake of creating a positive obligation to monitor Internet content for intermediaries, it will effectively kill the Internet in India.

(Chinmayi Arun is research director, Centre for Communication Governance, National Law University, Delhi, and fellow, Centre for Internet and Society, Bangalore)

The ruling is expected to have considerable impact on reputation and privacy related takedown requests as under the decision, data subjects may approach the operator directly seeking removal of links to web pages containing personal data. Currently, users prove whether data needs to be kept online—the new rules reverse the burden of proof, placing an obligation on companies, rather than users for content regulation.

A win for privacy?

The ECJ ruling addresses Mario Costeja González complaint filed in 2010, against Google Spain and Google Inc., requesting that personal data relating to him appearing in search results be protected and that data which was no longer relevant be removed. Referring to the Directive 95/46/EC of the European Parliament, the court said, that Google and other search engine operators should be considered 'controllers' of personal data. Following the decision, Google will be required to consider takedown requests of personal data, regardless of the fact that processing of such data is carried out without distinction in respect of information other than the personal data.

The decision—which cannot be appealed—raises important of questions of how this ruling will be applied in practice and its impact on the information available online in countries outside the European Union.  The decree forces search engine operators such as Google, Yahoo and Microsoft's Bing to make judgement calls on the fairness of the information published through their services that reach over 500  million people across the twenty eight nation bloc of EU.

ECJ rules that search engines 'as a general rule,' should place the right to privacy above the right to information by the public. Under the verdict, links to irrelevant and out of date data need to be erased upon request, placing search engines in the role of controllers of information—beyond the role of being an arbitrator that linked to data that already existed in the public domain. The verdict is directed at highlighting the power of search engines to retrieve controversial information while limiting their capacity to do so in the future.

The ruling calls for maintaining a balance in addressing the legitimate interest of internet users in accessing personal information and upholding the data subject’s fundamental rights, but does not directly address either issues. The court also recognised, that the data subject's rights override the interest of internet users, however, with exceptions pertaining to nature of information, its sensitivity for the data subject's private life and the role of the data subject in public life. Acknowledging that data belongs to the individual and is not the right of the company, European Commissioner Viviane Reding, hailed the verdict, "a clear victory for the protection of personal data of Europeans".

The Court stated that if data is deemed irrelevant at the time of the case, even if it has been lawfully processed initially, it must be removed and that the data subject has the right to approach the operator directly for the removal of such content. The liability issue is further complicated by the fact, that search engines such as Google do not publish the content rather they point to information that already exists in the public domain—raising questions of the degree of liability on account of third party content displayed on their services.

The ECJ ruling is based on the case originally filed against Google, Spain and it is important to note that, González argued that searching for his name linked to two pages originally published in 1998, on the website of the Spanish newspaper La Vanguardia. The Spanish Data Protection Agency did not require La Vanguardia to take down the pages, however, it did order Google to remove links to them. Google appealed this decision, following which the National  High Court of Spain sought advice from the European court. The definition of Google as the controller of information, raises important questions related to the distinction between liability of publishers and the liability of processors of information such as search engines.

The 'right to be forgotten'

The decision also brings to the fore, the ongoing debate and fragmented opinions within the EU, on the right of the individual to be forgotten. The 'right to be forgotten' has evolved from the European Commission's wide-ranging plans of an overhaul of the commission's 1995 Data Protection Directive. The plans for the law included allowing people to request removal of personal data with an obligation of compliance for service providers, unless there were 'legitimate' reasons to do otherwise. Technology firms rallying around issues of freedom of expression and censorship, have expressed concerns about the reach of the bill. Privacy-rights activist and European officials have upheld the notion of the right to be forgotten, highlighting the right of the individual to protect their honour and reputation.

These issues have been controversial amidst EU member states with the UK's Ministry of Justice claiming the law 'raises unrealistic and unfair expectations' and  has sought to opt-out of the privacy laws. The Advocate General of the European Court Niilo Jääskinen's opinion, that the individual's right to seek removal of content should not be upheld if the information was published legally, contradicts the verdict of the ECJ ruling. The European Court of Justice's move is surprising for many and as Richard Cumbley, information-management and data protection partner at the law firm Linklaters puts it, “Given that the E.U. has spent two years debating this right as part of the reform of E.U. privacy legislation, it is ironic that the E.C.J. has found it already exists in such a striking manner."

The economic implications of enforcing a liability regime where search engine operators censor legal content in their results aside, the decision might also have a chilling effect on freedom of expression and access to information. Google called the decision “a disappointing ruling for search engines and online publishers in general,” and that the company would take time to analyze the implications. While the implications of the decision are yet to be determined, it is important to bear in mind that while decisions like these are public, the refinements that Google and other search engines will have to make to its technology and the judgement calls on the fairness of the information available online are not public.

The ECJ press release is available here and the actual judgement is available here.

In the modern State, effective exercise of free speech rights is increasingly dependent upon an infrastructure that includes newspapers, television and the internet. Access to a significant part of this infrastructure is determined by money. Consequently, if what we value about free speech is the ability to communicate one’s message to a non-trivial audience, financial resources influence both who can speak and, consequently, what is spoken. The nature of the public discourse – what information and what ideas circulate in the public sphere – is contingent upon a distribution of resources that is arguably unjust and certainly unequal.

There are two opposing theories about how we should understand the right to free speech in this context. Call the first one of these the libertarian conception of free speech. The libertarian conception takes as given the existing distribution of income and resources, and consequently, the unequal speaking power that that engenders. It prohibits any intervention designed to remedy the situation. The most famous summary of this vision was provided by the American Supreme Court, when it first struck down campaign finance regulations, in Buckley v. Valeo: “the concept that government may restrict the speech of some [in] order to enhance the relative voice of others is wholly foreign to the First Amendment.” This theory is part of the broader libertarian worldview, which would restrict government’s role in a polity to enforcing property and criminal law, and views any government-imposed restriction on what people can do within the existing structure of these laws as presumptively wrong.

We can tentatively label the second theory as the social-democratic theory of free speech. This theory focuses not so much on the individual speaker’s right not to be restricted in using their resources to speak as much as they want, but upon the collective interest in maintaining a public discourse that is open, inclusive and home to a multiplicity of diverse and antagonistic ideas and viewpoints. Often, in order to achieve this goal, governments regulate access to the infrastructure of speech so as to ensure that participation is not entirely skewed by inequality in resources. When this is done, it is often justified in the name of democracy: a functioning democracy, it is argued, requires a thriving public sphere that is not closed off to some or most persons.

Surprisingly, one of the most powerful judicial statements for this vision also comes from the United States. In Red Lion v. FCC, while upholding the “fairness doctrine”, which required broadcasting stations to cover “both sides” of a political issue, and provide a right of reply in case of personal attacks, the Supreme Court noted:

“[Free speech requires] preserv[ing] an uninhibited marketplace of ideas in which truth will ultimately prevail, rather than to countenance monopolization of that market, whether it be by the Government itself or a private licensee… it is the right of the public to receive suitable access to social, political, esthetic, moral, and other ideas and experiences which is crucial here.”

What of India? In the early days of the Supreme Court, it adopted something akin to the libertarian theory of free speech. In Sakal Papers v. Union of India, for example, it struck down certain newspaper regulations that the government was defending on grounds of opening up the market and allowing smaller players to compete, holding that Article 19(1)(a) – in language similar to what Buckley v. Valeo would hold, more than fifteen years later – did not permit the government to infringe the free speech rights of some in order to allow others to speak. The Court continued with this approach in its next major newspaper regulation case, Bennett Coleman v. Union of India, but this time, it had to contend with a strong dissent from Justice Mathew. After noting that “it is no use having a right to express your idea, unless you have got a medium for expressing it”, Justice Mathew went on to hold:

“What is, therefore, required is an interpretation of Article 19(1)(a) which focuses on the idea that restraining the hand of the government is quite useless in assuring free speech, if a restraint on access is effectively secured by private groups. A Constitutional prohibition against governmental restriction on the expression is effective only if the Constitution ensures an adequate opportunity for discussion… Any scheme of distribution of newsprint which would make the freedom of speech a reality by making it possible the dissemination of ideas as news with as many different facets and colours as possible would not violate the fundamental right of the freedom of speech of the petitioners. In other words, a scheme for distribution of a commodity like newsprint which will subserve the purpose of free flow of ideas to the market from as many different sources as possible would be a step to advance and enrich that freedom. If the scheme of distribution is calculated to prevent even an oligopoly ruling the market and thus check the tendency to monopoly in the market, that will not be open to any objection on the ground that the scheme involves a regulation of the press which would amount to an abridgment of the freedom of speech.”

In Justice Mathew’s view, therefore, freedom of speech is not only the speaker’s right (the libertarian view), but a complex balancing act between the listeners’ right to be exposed to a wide range of material, as well as the collective, societal right to have an open and inclusive public discourse, which can only be achieved by preventing the monopolization of the instruments, infrastructure and access-points of speech.

Over the years, the Court has moved away from the majority opinions in Sakal Papers and Bennett Coleman, and steadily come around to Justice Mathew’s view. This is particularly evident from two cases in the 1990s: in Union of India v. The Motion Picture Association, the Court upheld various provisions of the Cinematograph Act that imposed certain forms of compelled speech on moviemakers while exhibiting their movies, on the ground that “to earmark a small portion of time of this entertainment medium for the purpose of showing scientific, educational or documentary films, or for showing news films has to be looked at in this context of promoting dissemination of ideas, information and knowledge to the masses so that there may be an informed debate and decision making on public issues. Clearly, the impugned provisions are designed to further free speech and expression and not to curtail it.”

LIC v. Manubhai D. Shah is even more on point. In that case, the Court upheld a right of reply in an in-house magazine, “because fairness demanded that both view points were placed before the readers, however limited be their number, to enable them to draw their own conclusions and unreasonable because there was no logic or proper justification for refusing publication… the respondent’s fundamental right of speech and expression clearly entitled him to insist that his views on the subject should reach those who read the magazine so that they have a complete picture before them and not a one sided or distorted one…” This goes even further than Justice Mathew’s dissent in Bennett Coleman, and the opinion of the Court in Motion Picture Association, in holding that not merely is it permitted to structure the public sphere in an equal and inclusive manner, but that it is a requirement of Article 19(1)(a).

We can now bring the threads of the separate arguments in the three posts together. In the first post, we found that public law and constitutional obligations can be imposed upon private parties when they discharge public functions. In the second post, it was argued that the internet has replaced the park, the street and the public square as the quintessential forum for the circulation of speech. ISPs, in their role as gatekeepers, now play the role that government once did in controlling and keeping open these avenues of expression. Consequently, they can be subjected to public law free speech obligations. And lastly, we discussed how the constitutional conception of free speech in India, that the Court has gradually evolved over many years, is a social-democratic one, that requires the keeping open of a free and inclusive public sphere. And if there is one thing that fast-lanes over the internet threaten, it is certainly a free and inclusive (digital) public sphere. A combination of these arguments provides us with an arguable case for imposing obligations of net neutrality upon ISPs, even in the absence of a statutory or regulatory obligations, grounded within the constitutional guarantee of the freedom of speech and expression.

For the previous post, please see: http://cis-india.org/internet-governance/blog/-neutrality-free-speech-and-the-indian-constitution-part-2.

_____________________________________________________________________________________________________

Gautam Bhatia — @gautambhatia88 on Twitter — is a graduate of the National Law School of India University (2011), and presently an LLM student at the Yale Law School. He blogs about the Indian Constitution at http://indconlawphil.wordpress.com. Here at CIS, he will be blogging on issues of online freedom of speech and expression.

---

The article was published in the Hindu Businessline on May 10, 2014.

---

One word to describe NetMundial: Disappointing! Why? Because despite the promise, human rights on the Internet are still insufficiently protected. Snowden’s revelations starting last June threw the global Internet governance processes into crisis.

Things came to a head in October, when Brazil’s President Dilma Rousseff, horrified to learn that she was under NSA surveillance for economic reasons, called for the organisation of a global conference called NetMundial to accelerate Internet governance reform.

The NetMundial was held in São Paulo on April 23-24 this year. The result was a statement described as “the non-binding outcome of a bottom-up, open, and participatory process involving … governments, private sector, civil society, technical community, and academia from around the world.” In other words — it is international soft law with no enforcement mechanisms.

The statement emerges from “broad consensus”, meaning governments such as India, Cuba and Russia and civil society representatives expressed deep dissatisfaction at the closing plenary. Unlike an international binding law, only time will tell whether each member of the different stakeholder groups will regulate itself.

Again, not easy, because the outcome document does not specifically prescribe what each stakeholder can or cannot do — it only says what internet governance (IG) should or should not be. And finally, there’s no global consensus yet on the scope of IG. The substantive consensus was disappointing in four important ways:

Mass surveillance : Civil society was hoping that the statement would make mass surveillance illegal. After all, global violation of the right to privacy by the US was the raison d'être of the conference.

Instead, the statement legitimised “mass surveillance, interception and collection” as long as it was done in compliance with international human rights law. This was clearly the most disastrous outcome.

Access to knowledge: The conference was not supposed to expand intellectual property rights (IPR) or enforcement of these rights. After all, a multilateral forum, WIPO, was meant to address these concerns. But in the days before the conference the rights-holders lobby went into overdrive and civil society was caught unprepared.

The end result — “freedom of information and access to information” or right to information in India was qualified “with rights of authors and creators”. The right to information laws across the world, including in India, contains almost a dozen exemptions, including IPR. The only thing to be grateful for is that this limitation did not find its way into the language for freedom of expression.

Intermediary liability: The language that limits liability for intermediaries basically provides for a private censorship regime without judicial oversight, and without explicit language protecting the rights to freedom of expression and privacy. Even though the private sector chants Hillary Clinton's Internet freedom mantra — they only care for their own bottomlines.

Net neutrality: Even though there was little global consensus, some optimistic sections of civil society were hoping that domestic best practice on network neutrality in Brazil’s Internet Bill of Right — also known as Marco Civil, that was signed into law during the inaugural ceremony of NetMundial — would make it to the statement. Unfortunately, this did not happen.

For almost a decade since the debate between the multi-stakeholder and multilateral model started, the multi-stakeholder model had produced absolutely nothing outside ICANN (Internet Corporation for Assigned Names and Numbers, a non-profit body), its technical fraternity and the standard-setting bodies.

The multi-stakeholder model is governance with the participation (and consent — depending on who you ask) of those stakeholders who are governed. In contrast, in the multilateral system, participation is limited to nation-states.

Civil society divisions

The inability of multi-stakeholderism to deliver also resulted in the fragmentation of global civil society regulars at Internet Governance Forums.

But in the run-up to NetMundial more divisions began to appear. If we ignore nuances — we could divide them into three groups. One, the ‘outsiders’ who are best exemplified by Jérémie Zimmermann of the La Quadrature du Net. Jérémie ran an online campaign, organised a protest during the conference and did everything he could to prevent NetMundial from being sanctified by civil society consensus.

Two, the ‘process geeks’ — for these individuals and organisations process was more important than principles. Most of them were as deeply invested in the multi-stakeholder model as ICANN and the US government and some who have been riding the ICANN gravy train for years.

Even worse, some were suspected of being astroturfers bootstrapped by the private sector and the technical community. None of them were willing to rock the boat. For the ‘process geeks’, seeing politicians and bureaucrats queue up like civil society to speak at the mike was the crowning achievement.

Three, the ‘principles geeks’ perhaps best exemplified by the Just Net Coalition who privileged principles over process. Divisions were also beginning to sharpen within the private sector. For example, Neville Roy Singham, CEO of Thoughtworks, agreed more with civil society than he did with other members of the private sector in his interventions.

In short, the ‘outsiders’ couldn't care less about the outcome and will do everything to discredit it, the ‘process geeks’ stood in ovation when the outcome document was read at the closing plenary and the ‘principles geeks’ returned devastated.

For the multi-stakeholder model to survive it must advance democratic values, not undermine them.

This will only happen if there is greater transparency and accountability. Individuals, organisations and consortia that participate in Internet governance processes need to disclose lists of donors including those that sponsor travel to these meetings.

Media reports across India are focusing on the new government and its Cabinet portfolios. In the midst of the celebration of and grief over the regime change, we found many reports indicating that civil society is wary of the new government’s stance towards Internet freedoms.

Andhra Pradesh:

Andhra MLA and All India Majlis-e-Ittihad ul-Muslimin member Akbaruddin Owaisi has been summoned to appear before a Kurla magistrate’s court on grounds of alleged hate speech and intention to harm harmony of Hinduism and Islam. Complainant Gulam Hussain Khan saw an online video of a December 2012 speech by Owaisi and filed a private complaint with the court. “I am prima facie satisfied that it disclosed an offence punishable under Section(s) 153A and 295A of the Indian Penal Code,” the Metropolitan Magistrate said.

Goa:

A Goa Sessions Judge has dismissed shipbuilding diploma engineer Devu Chodankar’s application for anticipatory bail. On the basis of an April 26 complaint by CII state president Atul Pai Kane, Goa cybercrime cell registered a case against Chodankar for allegedly posting matter on a Facebook group with the intention of promoting enmity between religious groups in view of the 2014 general elections. The Judge noted, inter alia, that Sections 153A and 295A of the Indian Penal Code were attracted, and that it is necessary to find out whether, on the Internet, “there is any other material which could be considered as offensive or could create hatred among different classes of citizens of India”.

Karnataka:

Syed Waqas, an MBA student from Bhatkal pursuing an internship in Bangalore, was picked up for questioning along with four of his friends after Belgaum social activist Jayant Tinaikar filed a complaint. The cause of the complaint was a MMS, allegedly derogatory to Prime Minister Narendra Modi. After interrogation, the Khanapur (Belgaum) police let Waqas off on the ground that Waqas was not the originator of the MMS, and that Mr. Tinaikar had provided an incorrect mobile phone number.

In another part of the country, Digvijaya Singh is vocal about Indian police’s zealous policing of anti-Modi comments, while they were all but visible when former Prime Minister Dr. Manmohan Singh was the target of abusive remarks.

Kerala:

The Anti-Piracy Cell of Kerala Police plans to target those uploading pornographic content on to the Internet and its sale through memory cards. A circular to this effect has been issued to all police stations in the state, and civil society cooperation is requested.

In other news, Ernakulam MLA Hibi Eden inaugurated “Hibi on Call”, a public outreach programme that allows constituents to reach the MLA directly. A call on 1860 425 1199 registers complaints.

Maharashtra:

Mumbai police are investigating pizza delivery by an unmanned drone, which they consider a security threat.

Tamil Nadu:

Small and home-run businesses in Chennai are flourishing with the help of Whatsapp and Facebook: Mohammed Gani helps his customers match bangles with Whatsapp images, Ayeesha Riaz and Bhargavii Mani send cakes and portraits to Facebook-initiated customers. Even doctors spread information and awareness using Facebook. In Madurai, you can buy groceries online, too.

Opinion:

Chethan Kumar fears that Indian cyberspace is strangling freedom of expression through the continued use of the ‘infamous’ Section 66A of the Information Technology Act, 2000 (as amended in 2008). Sunil Garodia expresses similar concerns, noting a number of arrests made under Section 66A.

However, Ankan Bose has a different take; he believes there is a thin but clear line between freedom of expression and a ‘freedom to threaten’, and believes Devu Chodankar and Syed Waqar may have crossed that line. For more on Section 66A, please redirect here.

While Nikhil Pahwa is cautious of the new government’s stance towards Internet freedoms, given the (as yet) mixed signals of its ministers, Shaili Chopra ruminates on the new government’s potential dive into a “digital mutiny and communications revolution” and wonders about Modi’s social media management strategy. For Kashmir Times reader Hardev Singh, even Kejriwal’s arrest for allegedly defaming Nitin Gadkari will lead to a chilling effect on freedom of expression.

Elsewhere, the Hindustan Times is intent on letting Prime Minister Narendra Modi know that his citizens demand their freedom of speech and expression. Civil society and media all over India express their concerns for their freedom of expression in light of the new government.

The article was published in the Hoot on May 20, 2014.

---

In October 2010, the Department of Personnel and Training ("DOPT") of the Ministry of Personnel, Public Grievances and Pensions released an ‘Approach Paper’ towards drafting a privacy law for India. The Approach Paper claims to be prepared by a leading Indian corporate law firm that, to the best of my knowledge, has almost no experience of criminal procedure or constitutional law. The Approach Paper resulted in the drafting of a Right to Privacy Bill, 2011 ("DOPT Bill") which, although it has suffered several leaks, has neither been published for public feedback nor sent to the Cabinet for political clearance prior to introduction in Parliament.

Approach Paper and DOPT Bill

The first article in this two-part series broadly examined the many legal facets of privacy. Notions of privacy have long informed law in common law countries and have been statutorily codified to protect bodily privacy, territorial or spatial privacy, locational privacy, and so on. These fields continue to evolve and advance; for instance, the legal imperative to protect intimate body privacy from violation has now expanded to include biometric information, and the protection given to the content of personal communications that developed over the course of the twentieth century is now expanding to encompass metadata and other ‘information about information’.

The Approach Paper suffers from several serious flaws, the largest of which is its conflation of commercial data protection and privacy. It ignores the diversity of privacy law and jurisprudence in the common law, instead concerning itself wholly with commercial data protection. This creates a false equivalency, albeit not one that cannot be rectified by re-naming the endeavour to describe commercial data protection only.

However, there are other errors. The paper claims that no right of action exists for privacy breaches between citizens inter se. This is false, the civil wrongs of nuisance, interference with enjoyment, invasion of privacy, and other similar torts and actionable claims operate to redress privacy violations. In fact, in the case of Ratan Tata v. Union of India that is currently being heard by the Supreme Court of India, at least two parties are arguing that privacy is already adequately protected by civil law. Further, the criminal offences of nuisance and defamation, amongst others, and the recently introduced crimes of stalking and voyeurism, all create rights of action for privacy violations. These measures are incomplete, – this is not contested, the premise of these articles is the need for better privacy protection law – but denying their existence is not useful.

The shortcomings of the Approach Paper are reflected in the draft legislation it resulted in. A major concern with the DOPT Bill is its amateur treatment of surveillance and interception of communications. This is inevitable for the Approach Paper does not consider this area at all although there is sustained and critical global and national attention to the issues that attend surveillance and communications privacy. For an effort to propose privacy law, this lapse is quite astonishing. The Approach Paper does not even examine if Parliament is competent to regulate surveillance, although the DOPT Bill wades into this contested turf.

Constitutionality of Interceptions

In a federal country, laws are weighed by the competence of their legislatures and struck down for overstepping their bounds. In India, the powers to legislate arise from entries that are contained in three lists in Schedule VII of the Constitution. The power to legislate in respect of intercepting communications traditionally emanates from Entry 31 of the Union List, which vests the Union – that is, Parliament and the Central Government – with the power to regulate “Posts and telegraphs; telephones, wireless, broadcasting and other like forms of communication” to the exclusion of the States. Hence, the Indian Telegraph Act, 1885, and the Indian Post Office Act, 1898, both Union laws, contain interception provisions. However, after holding the field for more than a century, the Supreme Court overturned this scheme in Bharat Shah’s case in 2008.

The case challenged the telephone interception provisions of the Maharashtra Control of Organised Crime Act, 1999 ("MCOCA"), a State law that appeared to transgress into legislative territory reserved for the Union. The Supreme Court held that Maharashtra’s interception provisions were valid and arose from powers granted to the States – that is, State Assemblies and State Governments – by Entries 1 and 2 of the State List, which deal with “public order” and “police” respectively. This cleared the way for several States to frame their own communications interception regimes in addition to Parliament’s existing laws. The question of what happens when the two regimes clash has not been answered yet. India’s federal scheme anticipates competing inconsistencies between Union and State laws, but only when these laws derive from the Concurrent List which shares legislative power. In such an event, the ‘doctrine of repugnancy’ privileges the Union law and strikes down the State law to the extent of the inconsistency.

In competitions between Union and State laws that do not arise from the Concurrent List but instead from the mutually exclusive Union and State Lists, the ‘doctrine of pith and substance’ tests the core substance of the law and traces it to one the two Lists. Hence, in a conflict, a Union law the substance of which was traceable to an entry in the State List would be struck down, and vice versa.

However, the doctrine permits incidental interferences that are not substantive. For example, as in a landmark 1946 case, a State law validly regulating moneylenders may incidentally deal with promissory notes, a Union field, since the interference is not substantive. Since surveillance is a police activity, and since “police” is a State subject, care must be taken by a Union surveillance law to remain on the pale of constitutionality by only incidentally affecting police procedure. Conversely, State surveillance laws were required to stay clear of the Union’s exclusive interception power until Bharat Shah’s case dissolved this distinction without answering the many questions it threw up.

Since the creation of the Republic, India’s federal scheme was premised on the notion that the Union and State Lists were exclusive of each other. Conceptually, the Union and the States could not have competing laws on the same subject. But Bharat Shah did just that; it located the interception power in both the Lists and did not enunciate a new doctrine to resolve their (inevitable) future conflict. This both disturbs Indian constitutional law and goes to the heart of surveillance and privacy law.

Three Principles of Interception

Apart from the important questions regarding legislative competence and constitutionality, the DOPT Bill proposed weak, ill-informed, and poorly drafted provisions to regulate surveillance and interceptions. It serves no purpose to further scrutinise the 2011 DOPT Bill. Instead, at this point, it may be constructive to set out the broad contours of a good interceptions regulation regime. Some clarity on the concepts: intercepting communications means capturing the content and metadata of oral and written communications, including letters, couriers, telephone calls, facsimiles, SMSs, internet telephony, wireless broadcasts, emails, and so on. It does not include activities such visual capturing of images, location tracking or physical surveillance; these are separate aspects of surveillance, of which interception of communications is a part.

Firstly, all interceptions of communications must be properly sanctioned. In India, under Rule 419A of the Indian Telegraph Rules, 1951, the Home Secretary – an unelected career bureaucrat, or a junior officer deputised by the Home Secretary – with even lesser accountability, authorises interceptions. In certain circumstances, even senior police officers can authorise interceptions. Copies of the interception orders are supposed to be sent to a Review Committee, consisting of three more unelected bureaucrats, for bi-monthly review. No public information exists, despite exhaustive searching, regarding the authorisers and numbers of interception orders and the appropriateness of the interceptions.

The Indian system derives from outdated United Kingdom law that also enables executive authorities to order interceptions. But, the UK has constantly revisited and revised its interception regime; its present avatar is governed by the Regulation of Investigatory Powers Act, 2000 ("RIPA") which creates a significant oversight mechanism headed by an independent commissioner, who monitors interceptions and whose reports are tabled in Parliament, and quasi-judicially scrutinised by a tribunal comprised of judges and senior independent lawyers, which hears public complaints, cancels interceptions, and awards monetary compensation. Put together, even though the current UK interceptions system is executively sanctioned, it is balanced by independent and transparent quasi-judicial authorities.

In the United States, all interceptions are judicially sanctioned because American constitutional philosophy – the separation of powers doctrine – requires state action to be checked and balanced. Hence, ordinary interceptions of criminals’ communications as also extraordinary interceptions of perceived national security threats are authorised only by judges, who are ex hypothesi independent, although, as the PRISM affairs teaches us, independence can be subverted. In comparison, India’s interception regime is incompatible with its democracy and must be overhauled to establish independent and transparent authorities to properly sanction interceptions.

Secondly, no interceptions should be sanctioned but upon ‘probable cause’. Simply described, probable cause is the standard that convinces a reasonable person of the existence of criminality necessary to warrant interception. Probable case is an American doctrine that flows from the US Constitution’s Fourth Amendment that protects the rights of people to be secure in places in which they have a reasonable expectation of privacy. There is no equivalent standard in UK law, except perhaps the common law test of reasonability that attaches to all government action that abridges individual freedoms. If a coherent ‘reasonable suspicion’ test could be coalesced from the common law, I think it would fall short of the strictness that the probable cause doctrine imposes on the executive. Therefore, the probable cause requirement is stronger than ordinary constraint of reasonability but weaker than the standard of reasonable doubt beyond which courts may convict. In this spectrum of acceptable standards, India’s current law in section 5(2) of the Indian Telegraph Act, 1885 is the weakest for it permits interceptions merely “on the occurrence of any public emergency or in the interest of public safety”, which determination is left to the “satisfaction” of a bureaucrat. And, under Rule 419A(2) of the Telegraph Rules, the only imposition on the bureaucrat when exercising this satisfaction is that the order “contain reasons” for the interception.

Thirdly, all interceptions should be warranted. This point refers not to the necessity or otherwise of the interception, but to the framework within which it should be conducted. Warrants should clearly specify the name and clear identity of the person whose communications are sought to be intercepted. The target person’s identity should be linked to the specific means of communication upon which the suspected criminal conversations take place. Therefore, if the warrant lists one person’s name but another person’s telephone number – which, because of the general ineptness of many police forces, is not uncommon – the warrant should be rejected and the interception cancelled. And, by extension, the specific telephone number, or email account, should be specified. A warrant against a person called Rahul Kumar, for instance, cannot be executed against all Rahul Kumars in the vicinity, nor also against all the telephones that the one specific Rahul Kumar uses, but only against the one specific telephone number that is used by the one specific Rahul Kumar. Warrants should also specify the duration of the interception, the officer responsible for its conduct and thereby liable for its abuse, and other safeguards. Some of these concerns were addressed in 2007 when the Telegraph Rules were amended, but not all.

A law that fails to substantially meet the standards of these principles is liable, perhaps in the not too distant future, to be read down or struck down by India’s higher judiciary. But, besides the threat of judicial review, a democratic polity must protect the freedoms and diversity of its citizens by holding itself to the highest standards of the rule of law, where the law is just.

Media focus on the new government and its ministries and portfolios has been extensive, and to my knowledge, few newspapers or online sources have reported violations of freedom of speech. However, on his first day in office, the new I&B Minister, Prakash Javadekar, acknowledged the importance of press freedom, avowing that it was the “essence of democracy”. He has assured that the new government will not interfere with press freedom.

Assam:

A FICCI discussion in Guwahati, attended among others by Microsoft and Pricewaterhouse Coopers, focused on the role of information technology in governance.

Goa:

Following the furore over allegedly inflammatory, ‘hate-mongering’ Facebook posts by shipping engineer Devu Chodankar, a group of Goan netizens formed a ‘watchdog forum’ to police “inappropriate and communally inflammatory content” on social media. Diana Pinto feels, however, that some ‘compassion and humanism’ ought to have prompted only a stern warning in Devu Chodankar’s case, and not a FIR.

Karnataka:

Syed Waqar was released by Belgaum police after questioning revealed he was a recipient of the anti-Modi MMS. The police are still tracing the original sender.

Madhya Pradesh:

The cases of Shaheen Dhada and Rinu Srinivasan, and recently of Syed Waqar and Devu Chodankar have left Indore netizens overly cautious about “posting anything recklessly on social media”. Some feel it is a blow to democracy.

Maharashtra:

In Navi Mumbai, the Karjat police seized several computers, hard disks and blank CDs from the premises of the Chandraprabha Charitable Trust in connection with an investigation into sexual abuse of children at the Trust’s school-shelter. The police seek to verify whether the accused recorded any obscene videos of child sexual abuse.

In Mumbai, even as filmmakers, filmgoers, artistes and LGBT people celebrated the Kashish Mumbai International Queer Film Festival, all remained apprehensive of the new government’s social conservatism, and were aware that the films portrayed acts now illegal in India.

Manipur:

At the inauguration of the 42nd All Manipur Shumang Leela Festival, V.K. Duggal, State Governor and Chairman of the Manipur State Kala Akademi, warned that the art form was under threat in the digital age, as Manipuri films are replacing it in popularity.

Rajasthan:

Following the lead of the Lok Sabha, the Rajasthan state assembly has adopted a digital conference and voting system to make the proceedings in the House more efficient and transparent.

Seemandhra:

Seemandhra Chief Minister designate N. Chandrababu Naidu promised a repeat of his hi-tech city miracle ‘Cyberabad’ in Seemandhra.

West Bengal:

West Bengal government has hired PSU Urban Mass Transit Company Limited to study, install and operationalize Intelligent Transport System in public transport in Kolkata. GPS will guide passengers about real-time bus routes and availability. While private telecom operators have offered free services to the transport department, there are no reports of an end-date or estimated expenditure on the project.

News and Opinion:

Over a week ago, Avantika Banerjee wrote a speculative post on the new government’s stance towards Internet policy. At Fair Observer, Gurpreet Mahajan laments that community politics in India has made a lark of banning books.

India’s Computer Emergency Response Team (CERT-In) has detected high-level virus activity in Microsoft’s Internet Explorer 8, and recommends upgrading to Explorer 11.

Of the projected 400 million users that Twitter will have by 2018, India and Indonesia are expected to outdo the United Kingdom in user base. India saw nearly 60% growth in user base this year, and Twitter played a major role in Elections 2014. India will have over 18.1 million users by 2018.

Elsewhere in the world:

Placing a bet on the ‘Internet of Everything’, Cisco CEO John Chambers predicted a “brutal consolidation” of the IT industry in the next five years. A new MarketsandMarkets report suggests that the value of the ‘Internet of Things’ may reach US $1423.09 billion by 2020 at an estimated CAGR of 4.08% from 2014 to 2020.

China’s Xinhua News Agency announced its month-long campaign to fight “infiltration from hostile forces at home and abroad” through instant messaging. Message providers WeChat, Momo, Mi Talk and Yixin have expressed their willingness to cooperate in targeting those engaging in fraud, or in spreading ‘rumours’, violence, terrorism or pornography. In March this year, WeChat deleted at least 40 accounts with political, economic and legal content.

Thailand’s military junta interrupted national television broadcast to deny any role in an alleged Facebook-block. The site went down briefly and caused alarm among netizens.

Snowden continues to assure that he is not a Russian spy, and has no relationship with the Russian government.

For example, the ubiquitous smartphone, above and beyond a communication device, is a device which can maintain a complete record of the communications data, photos, videos and documents, and a multitude of other deeply personal information, like application data which includes location tracking, or financial data of the user. As computers and phones increasingly allow us to keep massive amounts of personal information accessible at the touch of a button or screen (a standard smartphone can hold anything between 500 MB to 64 GB of data), the increasing reliance on computers as information-silos also exponentially increases the harms associated with the loss of control over such devices and the information they contain. This vulnerability is especially visceral in the backdrop of law enforcement and the use of coercive state  power to maintain security, juxtaposed with the individual’s right to secure their privacy.

American Law - The Fourth Amendment Protection against Unreasonable Search and Seizure

The right to conduct a search and seizure of persons or places is an essential part of investigation and the criminal justice system. The societal interest in maintaining security is an overwhelming consideration which gives the state a restricted mandate to do all things necessary to keep law and order, which includes acquiring all possible information for investigation of criminal activities, a restriction which is based on recognizing the perils of state-endorsed coercion and its implication on individual liberty. Digitally stored information, which is increasingly becoming a major site of investigative information, is thus essential in modern day investigation techniques. Further, specific crimes which have emerged out of the changing scenario, namely, crimes related to the internet, require investigation almost exclusively at the level of digital evidence. The role of courts and policy makers, then, is to balance the state’s mandate to procure information with the citizens’ right to protect it.

The scope of this mandate is what is currently being considered before the Supreme Court of the United States, which begun hearing arguments in the cases Riley v. California,[1] and United States v Wurie,[2]on the 29^th of April, 2014. At issue is the question of whether the police should be allowed to search the cell phones of individuals upon arrest, without obtaining a specific warrant for such search. The cases concern instances where the accused was arrested on account of a minor infraction and a warrantless search was conducted, which included the search of cell phones in their possession. The information revealed in the phones ultimately led to the evidence of further crimes and the conviction of the accused of graver crimes. The appeal is for a suppression of the evidence so obtained, on grounds that the search violates the Fourth Amendment of the American Constitution. Although there have been a plethora of conflicting decisions by various lower courts (including the judgements in Wurie and Riley),[3] the Federal Supreme Court will be for the first time deciding upon the issue of whether cell phone searches should require a higher burden under the Fourth Amendment.

At the core of the issue are considerations of individual privacy and the right to limit the state’s interference in private matters. The fourth amendment in the Constitution of the United States expressly grants protection against unreasonable searches and seizure,[4]however, without a clear definition of what is unreasonable, it has been left to the courts to interpret situations in which the right to non-interference would trump the interests of obtaining information in every case, leading to vast and varied jurisprudence on the issue. The jurisprudence stems from the wide fourth amendment protection against unreasonable government interference, where the rule is generally that any warrantless search is unreasonable, unless covered by certain exceptions. The standard for the protection under the Fourth Amendment is a subjective standard, which is determined as per the state of the bind of the individual, rather than any objective qualifiers such as physical location; and extends to all situations where individuals have a reasonable expectation of privacy, i.e., situations where individuals can legitimately expect privacy, which is a subjective test, not purely dependent upon the physical space being searched.[5]

Therefore, the requirement of reasonableness is generally only fulfilled when a search is conducted subsequent to obtaining a warrant from a neutral magistrate, by demonstrating probable cause to believe that evidence of any unlawful activity would be found upon such search. A warrant is, therefore, an important limitation on the search powers of the police. Further, the protection excludes roving or general searches and requires particularity of the items to be searched. The restriction derives its power from the exclusionary rule, which bars evidence obtained through unreasonable search or seizure, obtained directly or through additional warrants based upon such evidence, from being used in subsequent prosecutions. However, there have evolved several exceptions to the general rule, which includes cases where the search takes place upon the lawful arrest of an accused, a practice which is justified by the possibility of hidden weapons upon the accused or of destruction of important evidence.[6]

The appeal, if successful, would provide an exception to the rule that any search upon lawful arrest is always reasonable, by creating a caveat for the search of computer devices like smartphones. If the court does so, it would be an important recognition of the fact that evolving technologies have transmuted the concept of privacy to beyond physical space, and legal rules and standards that applied to privacy even twenty years ago, are now anachronistic in an age where individuals can record their entire lives on an iPhone. Searching a person nowadays would not only lead to the recovery of calling cards or cigarettes, but phones and computers which can be the digital record of a person’s life, something which could not have been contemplated when the laws were drafted. Cell phone and computer searches are the equivalent of searches of thousands of documents, photos and personal records, and the expectation of privacy in such cases is much higher than in regular searches. Courts have already recognized that cell phones and laptop computers are objects in which the user may have a reasonable expectation of privacy by making them analogous to a “closed container” which the police cannot search and hence coming under the protection of the Fourth Amendment.[7]

On the other hand, cell phones and computers also hold data which could be instrumental in investigating criminal activity, and with technologies like remote wipes of computer data available, such data is always at the risk of destruction if delay is occurred upon the investigation. As per the oral arguments, being heard now, the Court seems to be carving out a specific principle applicable to new technologies. The Court is likely to introduce subtleties specific to the technology involved – for example, it may seek to develop different principles for smartphones (at issue in Riley) and the more basic kind of cell-phones (at issue in Wurie), or it may recognize that only certain kinds of information may be accessed,[8]or may even evolve a rule that would allow seizure, but not a search, of the cell phone before a search warrant can be obtained.[9] Recognizing that transformational technology needs to be reflected in technology-specific legal principles is an important step in maintaining a synchronisation between law and technology and the additional recognition of a higher threshold adopted for digital evidence and privacy would go a long way in securing digital privacy in the future.

Search and Seizure in India

Indian jurisprudence on privacy is a wide departure from that in the USA. Though it is difficult to strictly compartmentalize the many facets of the right to privacy, there is no express or implicit mention of such a right in the Indian Constitution. Although courts have also recognized the importance of procedural safeguards in protecting against unreasonable governmental interference, the recognition of the intrinsic right to privacy as non-interference, which may be different from the instrumental rights that criminal procedure seeks to protect (such as misuse of police power), is sorely lacking. The general law providing for the state’s power of search and seizure of evidence is found in the Code of Criminal Procedure, 1973.

Section 93 provides for the general procedure of search. Section 93 allows for a magistrate to issue a warrant for the search of any “document or thing”, including a warrant for general search of an area, where it believes it is required for the purpose of investigation. The particularity of the search warrant is not a requirement under S. 93(2), and hence a warrant may be for general or roving search of a place. Section 100, which further provides for the search of a closed place, includes certain safeguards such as the presence of witnesses and the requirement of a warrant before a police officer may be allowed ingress into the closed place. However, under S. 165 and S. 51 of the code, the requirements of a search warrant are exempted. S. 165 dispenses with the warrant requirement and provides for an officer in charge of a police station, or any other officer duly authorized by him, to conduct the search of any place as long as he has reasonable grounds to believe that such search would be for the purpose of an investigation and a belief that a search warrant cannot be obtained without undue delay. Further, the officer conducting such search must as far as possible note down the reasons for such belief in writing prior to conducting the search. Section 51 provides another express exception to the requirement of search warrants, by allowing the search of a person arrested lawfully provided that the arrested person may not or cannot be admitted to bail, and requires any such seized items to be written in a search memo. As long as these conditions are fulfilled, the police has an unqualified authority to search a person upon arrest. Therefore, where the arrestee can be admitted to bail as per the warrant, or, in cases of warrantless arrest, as per the law, the search and seizure of such person may not be regular, and the evidence so collected would be subject to greater scrutiny by the court. However, besides these minimal protections, there is no additional procedural protection of individual privacy, and the search powers of the police are extremely wide and discretionary. In fact, there is a specific absence of the exclusionary rule as a protection as well, which means that, unlike under the Fourth Amendment, the non-compliance with the procedural requirements of search would not by itself vitiate the proceedings or suppress the evidence so found, but would only amount to an irregularity which must be simply another factor considered in evaluating the evidence.[10]

The extent of the imputation of the Fourth Amendment protection against unreasonable governmental interference in the Indian constitution is also uncertain. A direct imputation of the Fourth Amendment into the Indian Constitution has been disregarded by the Supreme Court.[11]Though the allusions to the Fourth Amendment have mostly been invoked on facts where unreasonable intrusions into the homes of persons were challenged, the indirect imputation of the right to privacy into the right under Article 21 of the Constitution, invoking the right to privacy as a right to non-interference and a right to live with dignity, would suggest that the considerations for privacy under the Constitution are not merely objective, or physical, but depend on the subjective facts of the situation, i.e. its effect on the right to live with dignity (analogous to the reasonable expectation of privacy test laid down in Katz).[12] Further, the court has specifically struck down provisions for search and seizure which confer particularly wide and discretionary powers on the executive without judicial scrutiny, holding that searches must be subject to the doctrine of proportionality, and that a provision probable cause to effect any search.[13] The Fourth Amendment protection against unreasonable interference in private matters by the state is a useful standard to assess privacy, since it imputes a concept of privacy as an intrinsic right as well as an instrumental one, i.e. privacy as non-interference is a good in itself, notwithstanding the rights it helps achieve, like the freedom of movement or speech.

Regarding digital privacy in particular, Indian law and policy has failed to stand up to the challenges that new technologies pose to privacy and has in fact been regressive, by engaging in surveillance of communications and by allowing governmental access to digital records of online communications (including emails, website logs, etc.) without judicial scrutiny and accountability.[14] In an age of transformative technology and of privacy being placed at a much greater risk, laws which were once deemed reasonable are now completely inadequate in guaranteeing freedom and liberty as encapsulated by the right to privacy. The disparity is even more pronounced in cases of investigation of cyber-crimes which rely almost exclusively on digital evidence, such as those substantively enumerated under the Information Technology Act, but investigated under the general procedure laid down in the Code of Criminal Procedure, which is already mentioned. The procedures for investigation of cyber-crimes and the search and seizure of digital evidence require special consideration and must be brought in line with changing norms. Although S.69 and 69B lay down provisions for investigation of certain crimes,[15] which requires search upon an order by competent authority, i.e. the Secretary to the Department of IT in the Government of India, the powers of search and seizure are also present in several other rules, such as rule 3(9) of the Information Technology (Due diligence observed by intermediaries guidelines) Rules, 2011 which allows access to information from intermediaries by a simple written order by any agency or person who are lawfully authorised for investigative, protective, cyber security or intelligence activity; or under rule 6 of the draft Reasonable Security Practices Rules, 2011 framed under Section 43A of the Information Technology Act, where any government agency may, for the prevention, detection, investigation, prosecution, and punishment of offences, obtain any personal data from an intermediate “body corporate” which stores such data. The rules framed for investigation of digital evidence, therefore, do not inspire much confidence where safeguarding privacy is concerned. In the absence of specific guidelines or amendments to the procedures of search and seizure of digital evidence, the inadequacies of applying archaic standards leads to unreasonable intrusions of individual privacy and liberties – an incongruity which requires remedy by the courts and legislature of the country.

---

[1]. http://www.supremecourt.gov/oral_arguments/argument_transcripts/13-132_h315.pdf

[2]. http://www.supremecourt.gov/oral_arguments/argument_transcripts/13-212_86qd.pdf

[3]. In Wurie, the motion to supress was allowed, while in Riley it was denied. Also see US v Jacob Finley, US v Abel Flores-Lopez where the motion to suppress was denied.

[4]. The Fourth Amendment to the Constitution of the United States of America: "The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

[5]. Katz v United States, 389 U.S. 347, 352 (1967).

[6]. Stephen Saltzer, American Criminal Procedure

[7]. United States v Chan, 830 F. Supp. 531,534 (N.D. Cal. 1993).

[8]. A factor considered in US v Abel Flores-Lopez, where the court held that the search of call history in a cell phone did not constitute a sufficient infringement of privacy to require the burden of a warrant.

[9]. The decision in Smallwood v. Florida, No. SC11-1130, before the Florida Supreme Court, made such a distinction.

[10]. State Of Maharashtra v. Natwarlal Damodardas Soni, AIR 1980 SC 593; Radhakrishnan v State of UP, 1963 Supp. 1 S.C.R. 408

[11]. M.P. Sharma v Satish Chandra, AIR 1954 SC 300

[12]. Kharak Singh v State of UP, (1964) 1 SCR 332; Gobind v State of Madhya Pradesh, 1975 AIR 1378

[13]. District Registrar and Collector v. Canara Bank, AIR 2005 SC 186, which related to S.73 of the Andhra Pradesh Stamps Act which allowed ‘any person’ to enter into ‘any premises’ for the purpose of conducting a search.

[14]. S. 69 and 69B of the Information Technology (Amendment) Act, 2008.

[15]. Procedures and Safeguards for Monitoring and collecting traffic data or information rules 2009, available at http://cis-india.org/internet-governance/resources/it-procedure-and-safeguard-for-monitoring-and-collecting-traffic-data-or-information-rules-2009

In the immediate aftermath of the elections, free speech issues have come to the fore again. In Goa, a Facebook user was summoned for a post warning a second holocaust if Modi was elected to power. In Karnataka, a MBA student was likewise arrested for circulating an MMS that showed Modi’s face morphed onto a corpse, with the slogan “Abki baar antim sanskaar”. These arrests have reopened the debate about the constitutional validity of Section 66A of the IT Act, which is the legal provision governing online speech in India. Section 66A criminalises, among other things, the sending of information that is “grossly offensive or menacing in character” or causes “annoyance or inconvenience”. The two instances cited above raise – not for the first time – the concern that when it comes to implementation, Section 66A is unworkable to the point of being unconstitutional.

Like all legal provisions, Section 66A must comply with the fundamental rights chapter of the Indian Constitution. Article 19(1)(a) guarantees the freedom of speech and expression, and Article 19(2) permits reasonable restrictions in the interests of – inter alia – “public order, decency or morality”. Presumably, the only way in which Section 66A can be justified is by showing that it falls within the category of “public order” or of “morality”. The precedent of the Supreme Court, however, has interpreted Article 19(2) in far narrower terms than the ones that Section 66A uses. The Court has held that “public order” may only be invoked if there is a direct and immediate relation between the offending speech and a public order disturbance – such as, for instance, a speaker making an incendiary speech to an excited mob, advocating imminent violence (the Court has colloquially stated the requirement to be a “spark in a powder keg”). Similarly, while the Court has never precisely defined what “morality” – for the purposes of Article 19(2) – means, the term has been invoked where (arguably) pornographic materials are concerned – and never simply because speech has “offended” or “menaced” someone. Indeed, the rhetoric of the Court has consistently rejected the proposition that the government can prohibit individuals from offending one another.

This raises two constitutional problems with Section 66A: the problems of overbreadth and vagueness. Both doctrines have been developed to their fullest in American free speech law, but the underlying principles are universal.

A statute is overbroad when it potentially includes within its prohibitions both speech that it is entitled to prohibit, and speech that it is not. In Gooding v. Wilson, a Georgia statute criminalized the use of “opprobrious words or abusive language”. In defending the statute, the State of Georgia argued that its Courts had read it narrowly, limiting its application to “fighting words” – i.e., words that by their very nature tended to incite an imminent breach of the peace, something that was indisputably within the power of the State to prohibit. The Supreme Court rejected the argument and invalidated the statute. It found that the words “opprobrious” and “abusive” had greater reach than “fighting words”. Thus, since the statute left “wide open the standard of responsibility, so that it [was] easily susceptible to improper application”, the Court struck it down.

A statute is vague when persons of “ordinary intelligence… have no reasonable opportunity to know what is prohibited.” In Grayned v. Rockford, the American Supreme Court noted that “a vague law impermissibly delegates basic policy matters to policemen, judges, and juries for resolution on an ad hoc and subjective basis, with the attendant dangers of arbitrary and discriminatory application.” There are, therefore, a number of problems with vague laws: one of the fundamental purposes of law is to allow citizens to plan their affairs with a degree of certainty. Vagueness in legislation prevents that. And equally importantly, vague laws leave a wide scope of implementing power with non-elected bodies, such as the police – leading to the fear of arbitrary application.

While overbreadth and vagueness are problems that affect legislation across the board, they assume a particular urgency when it comes to free speech. This is because, as the American Supreme Court has recognized on a number of occasions, speech regulating statutes must be scrutinized with specific care because of the chilling effect: when speech is penalized, people will – out of fear and caution – exercise self-censorship, and the political discourse will be impoverished. If we accept – as the Indian Courts have – that a primary reason for guaranteeing free expression rights is their indispensability to democracy, then the danger of self-censorship is one that we should be particularly solicitous of. Hence, when speech-regulating statutes do proscribe expression, they must be clear and narrowly drawn, in order to avoid the chilling effect. As the American Supreme Court euphemistically framed it, “free speech needs breathing space to survive.” Overbroad and vague speech-restricting statutes are particularly pernicious in denying it that breathing space.

There seems to be little doubt that Section 66A is both overbroad and vague. However ill-judged a holocaust comparison or a morphed corpse-image may be, neither of them are like sparks in a powder keg, which will lead to an immediate breach in public order – or “immoral” in the way of explicit pornography. We can therefore see, clearly, that the implementation of the law leaves almost unbounded scope to officials such as the police, provides room for unconstitutional interpretations, and is so vaguely framed that it is almost impossible to know, in advance, what actions fall within the rule, and which ones are not covered by it. If there is such a thing as over-breadth and vagueness par excellence, then Section 66A is surely it!

At various times in its history, the Supreme Court has acknowledged the problems of overbreadth, vagueness and the chilling effect, but never directly incorporated them into Indian law. As we have seen, each of these elements is connected to the other: over-broad and vague speech-regulating statutes are problematic because of the chilling effect. Since Section 66A is presently being challenged before the Supreme Court, there is a great opportunity for the Court both to get rid of this unconstitutional law, as well as strengthen the foundations of our free speech jurisprudence.

Good afternoon. My name is Pranesh Prakash, and I'm with the Yale Information Society Project and the Centre for Internet and Society.

I am extremely concerned about the accountability of ICANN to the global community. Due to various decisions made by the US government relating to ICANN's birth, ICANN has had a troubled history with legitimacy. While it has managed to gain and retain the confidence of the technical community, it still lacks political legitimacy due to its history. The NTIA's decision has presented us an opportunity to correct this.

However, ICANN can't hope to do so without going beyond the current ICANN community, which while nominally being 'multistakeholder' and open to all, grossly under-represents those parts of the world that aren't North America and Western Europe.

Of the 1010 ICANN-accredited registrars, 624 are from the United States, and 7 from the 54 countries of Africa. In a session yesterday, a large number of the policies that favour entrenched incumbents from richer countries were discussed. But without adequate representation from poorer countries, and adequate representation from the rest of the world's Internet population, there is no hope of changing these policies.

This is true not just of the business sector, but of all the 'stakeholders' that are part of global Internet policymaking, whether they follow the ICANN multistakeholder model or another. A look at the boardmembers of the Internet Architecture Board, for instance, would reveal how skewed the technical community can be, whether in terms of geographic or gender diversity.

Without greater diversity within the global Internet policymaking communities, there is no hope of equity, respect for human rights -- civil, political, cultural, social and economic --, and democratic funtioning, no matter how 'open' the processes seem to be, and no hope of ICANN accountability either.

Delhi NCR:

Following a legal notice from Dina Nath Batra, publisher Orient BlackSwan “set aside… for the present” Communalism and Sexual Violence: Ahmedabad Since 1969 by Dr. Megha Kumar, citing the need for a “comprehensive assessment”. Dr. Kumar’s book is part of the ‘Critical Thinking on South Asia’ series, and studies communal and sexual violence in the 1969, 1985 and 2002 riots of Ahmedabad. Orient BlackSwan insists this is a pre-release assessment, while Dr. Kumar contests that her book went to print in March 2014 after extensive editing and peer review. Dina Nath Batra’s civil suit led Penguin India to withdraw Wendy Doniger’s The Hindus: An Alternative History earlier this year.

The Delhi Police’s Facebook page aimed at reaching out to Delhi residents hailing from the North East proved to be popular.

Goa:

Shipbuilding engineer Devu Chodankar’s ordeal continued. Chodankar, in a statement to the cyber crime cell of the Goa police, clarified that his allegedly inflammatory statements were directed against the induction of the Sri Ram Sene’s Pramod Muthalik into the BJP. Chodankar’s laptop, hard-disk and mobile Internet dongle were seized.

Jammu & Kashmir:

Chief Minister Omar Abdullah announced the withdrawal of a four-year-old SMS ban in the state. The ban was instituted in 2010 following widespread protests, and while it was lifted for post-paid subscribers six months later, pre-paid connections were banned from SMSes until now.

Maharashtra:

In a move to contain public protests over ‘objectionable posts’ about Chhatrapati Shivaji, Dr. B.R. Ambedkar and the late Bal Thackeray (comments upon whose death led to the arrests of Shaheen Dhada and Renu Srinivasan under Section 66A), Maharashtra police will take action against even those who “like” such posts. ‘Likers’ may be charged under the Information Technology Act and the Criminal Procedure Code, say Nanded police.

A young Muslim man was murdered in Pune, apparently connected to the online publication of ‘derogatory’ pictures of Chhatrapati Shivaji and Bal Thackarey. Members of Hindu extremists groups celebrated his murder, it seems. Pune’s BJP MP, Anil Shirole, said, “some repercussions are natural”. Members of the Hindu Rashtra Sena were held for the murder, but it seems that the photographs were uploaded from foreign IP addresses. Across Maharashtra, 187 riotingcases have been registered against a total of 710 persons, allegedly in connection with the offensive Facebook posts.

On a lighter note, Bollywood hopes for a positive relationship with the new government on matters such as film censorship, tax breaks and piracy.

News & Opinion:

Shocking the world, Vodafone reported the existence of secret, direct-access wires that enable government surveillance on citizens. India is among 29 governments that sought access to its networks, says Vodafone.

I&B Minister Prakash Javadekar expressed his satisfaction with media industry self-regulation, and stated that while cross-media ownership is a matter for debate, it is the legality of transactions such as the Reliance-Network18 acquisition that is important.

Nikhil Pahwa of Medianama wrote of a ‘right to be forgotten’ request they received from a user in light of the recent European Court of Justice ruling. The right raises a legal dilemma in India, LiveMint reports. Medianama also comments on Maharashtra police’s decision to take action against Facebook ‘likes’, noting that at the very least, a like and a comment do not amount to the same thing.

The Hindu was scorching in its editorial on the Pune murder, warning that the new BJP government stands to lose public confidence if it does not clearly demonstrate its opposition to religious violence. The Times of India agrees.

Sanjay Hegde wrote of Section 66A of the Information Technology Act, 2000 (as amended in 2008) as a medium-focused criminalization of speech. dnaEdit also published its criticism of Section 66A.

Ajit Ranade of the Mumbai Mirror comments on India as a ‘republic of hurt sentiments’, criminalizing exercises of free speech from defamation, hate speech, sedition and Section 66A. But in this hurt and screaming republic, dissent is crucial and must stay alive.

A cyber security expert is of the opinion that the police find it difficult to block webpages with derogatory content, as servers are located outside India. But data localization will not help India, writes Jayshree Bajoria.

Dharma Adhikari tries to analyze the combined impact of converging media ownership, corporate patronage of politicians and elections, and recent practices of forced and self-censorship and criminalization of speech.

Elsewhere in the world:

In Pakistan, Facebook has been criticized for blocking pages of a Pakistani rock band and several political groups, primarily left-wing. Across the continent in Europe, Google is suffering from a popularity dip.

The National Council for Peace and Order, the military government in Thailand, has taken over not only the government,but also controls the media. The military cancelled its meetings with Google and Facebook. Thai protesters staged a quiet dissent. The Asian Human Rights Commission condemned the coup. For an excellent take on the coup and its dangers, please redirect here. For a round-up of editorials and op-eds on the coup, redirect here.

China has cracked down on Google, affecting Gmail, Translate and Calendar. It is speculated that the move is connected to the 25^th anniversary of the Tiananmen Square protests and government reprisal. At the same time, a Tibetan filmmaker who was jailed for six years for his film, Leaving Fear Behind, has been released by Chinese authorities. Leaving Fear Behind features a series of interviews with Tibetans of the Qinghai province in the run-up to the controversial Beijing Olympics in 2008.

Japan looks set to criminalize possession of child pornography. According to reports, the proposed law does not extend to comics or animations or digital simulations.

Egypt’s police is looking to build a social media monitoring system to track expressions of dissent, including “profanity, immorality, insults and calls for strikes and protests”.

Human rights activists asked Facebook to deny its services to the election campaign of Syrian President Bashar al-Assad, ahead of elections on June 3.

Call for inputs:

The Law Commission of India seeks comments from stakeholders and citizens on media law. The consultation paper may be found here. The final date for submission is June 19, 2014.

____________________________________________________________________________________________________________

For feedback and comments, Geetha Hariharan is available by email at [email protected] or on Twitter, where her handle is @covertlight.

On May 31, the Times of India reported some observations of a two-judge bench of the Supreme Court on its contempt powers. The Court noted that the power to punish for contempt was necessary to “secure public respect and confidence in the judicial process”, and also went on to add – rather absurdly – to lay down the requirements, in terms of timing, tone and tenor, of a truly “contrite” apology. This opinion, however, provides us with a good opportunity to examine one of the most under-theorised aspects of Indian free speech law: the contempt power.

Indeed, the contempt power finds express mention in the Constitution. Article 19(2) permits the government to impose reasonable restrictions upon the freedom of speech and expression “… in relation to contempt of court.” The legislation governing contempt powers is the 1971 Contempt of Courts Act. Contempt as a civil offence involves willful disobedience of a court order. Contempt as a criminal offence, on the other hand, involves either an act or expression (spoken, written or otherwise visible) that does one of three things: scandalises, or tends to scandalize, or lowers, or tends to lower, the authority of any court; prejudices or interferes (or tends to interfere) with judicial proceedings; or otherwise obstructs, or tends to obstruct, the administration of justice. As we can see, contempt can – broadly – take two forms: first, obstructing the proceedings of the Court by acts such as disobeying an order, holding up a hearing through absence or physical/verbal disturbance etc. This is straightforward enough. More problematically, however, contempt also covers instances of what we may call “pure speech”: words or other forms of expression about the Court that are punished for no other reason but their content. In particular, “scandalising the Court” seems to be particularly vague and formless in its scope and ambit.

“Scandalising the court” is a common law term. The locus classicus is the 1900 case of R v. Gray, which – in language that the Contempt of Courts Act has largely adopted – defined it as “any act done or writing published calculated to bring a Court or a judge of the Court into contempt, or to lower his authority.” The basic idea is that if abusive invective against the Court is permitted, then people will lose respect for the judiciary, and justice will be compromised.

It is obvious that this argument is flawed in many respects, and we shall analyse the Supreme Court’s problematic understanding of its contempt powers in the next post. First, however, it is instructive to examine the fate of contempt powers in the United States – which, like India, constitutionally guarantees the freedom of speech – and in England, whose model India has consciously followed.

America’s highly speech-protective Courts have taken a dim view of contempt powers. Three cases stand out. Bridges v. California involved a contempt of court accusation against a labour leader for calling a Court decision “outrageous”, and threatening a strike if it was upheld. Reversing his prior conviction, the Supreme Court noted that “public interest is much more likely to be kindled by a controversial event of the day than by a generalization, however penetrating, of the historian or scientist.” Given the strong public interest, the burden of justifying restrictions upon this speech was particularly high. The Court identified two possible justifications: respect for the judiciary, and the orderly administration of justice. On the first, it observed that “an enforced silence, however limited, solely in the name of preserving the dignity of the bench would probably engender resentment, suspicion, and contempt much more than it would enhance respect.” On the second, it held that since striking itself was entirely legal, it was no argument that the threat of a strike would illegally intimidate a judge and subvert the course of justice. Throughout the case, the Court stressed that unfettered speech on matters of public interest was of paramount value, and could only be curtailed if there was a “clear and present danger” that the substantially evil consequences would result out of allowing it.

Similarly, in Garrison v. Lousiana, an attorney accused certain judges of inefficiency and laziness. Reversing his conviction, the Supreme Court took note of “the paramount public interest in a free flow of information to the people concerning public officials, their servants…. few personal attributes are more germane to fitness for office than dishonesty, malfeasance, or improper motivation, even though these characteristics may also affect the official's private character.” Consequently, it held that only those statements could be punished that the author either knew were false, or were made with reckless disregard for the truth. And lastly, in Landmark Communications v. Virginia, the Court held that “the operations of the courts and the judicial conduct of judges are matters of utmost public concern”, and endorsed Justice Frankfurter’s prior statement, that “speech cannot be punished when the purpose is simply "to protect the court as a mystical entity or the judges as individuals or as anointed priests set apart from the community and spared the criticism to which in a democracy other public servants are exposed.”

What stands out here is the American Courts’ rejection of the ideas that preserving the authority of judges by suppressing certain forms of speech is an end in itself, and that the Courts must be insulated to some greater degree than other officials of government. Consequently, it must be shown that the impugned expression presents a clear and present danger to the administration of justice, before it can be punished.

Now to England. The last successful prosecution of the offence was in 1931. In 2012, the Law Commission published a paper on contempt powers, in which it expressly recommended abolishing the offence of “scandalising the Court”; its recommendations were accepted, and the offence was abolished in 2013. Admittedly, the offence remains on the statute books in many commonwealth nations, although two months ago – in April 2014 – the Privy Council gave it a highly circumscribed interpretation while adjudicating a case on appeal from Mauritius: there must, it held, be a “real risk of undermining public confidence in the administration of justice” (something akin to clear and present danger?), and the Prosecution must demonstrate that the accused either intended to do so, or acted in reckless disregard of whether or not he was doing so.

What is particularly interesting is the Law Commission’s reasoning in its recommendations. Tracing the history of the offence back to 18^th century England, it noted that the original justification was to maintain a “haze of glory” around the Courts, and it was crucial that the Courts not only be universally impartial, but also perceived to be so. Consequently, the Law Commission observed that “this language suggests that “to be impartial” and “to be universally thought so” are two independent requirements, implying that the purpose of the offence is not confined to preventing the public from getting the wrong idea about the judges, and that where there are shortcomings, it is equally important to prevent the public from getting the right idea.” Obviously, this was highly problematic.

The Law Commission also noted the adverse impact of the law on free speech: the well-known chilling effect, whereby people would self-censor even justified criticism. This was exacerbated by the vagueness of the offence, which left unclear the intent requirement, and the status of defences based on truth and public interest. The Law Commission was concerned, as well, about the inherently self-serving nature of the offence, which give judges the power to sit in judgment over speech and expression that was directly critical of them. Lastly, the Law Commission noted that the basic point of contempt powers was similar to that of seditious libel: to ensure the good reputation of the State (or, in the case of scandalising, the judges) by controlling what could be said about them. With the abolition of seditious libel, the raison d’être of scandalising the Court was also – now – weakened.

We see, therefore, that the United States has rejected sweeping contempt powers as unconstitutional. England, which created the offence that India incorporated into its law, stopped prosecuting people for it in 1931, and formally abolished it last year. And even when its hands have been bound by the law that it is bound the enforce, the Privy Council has interpreted the offence in as narrow a manner as possible, in order to remain solicitous of free speech concerns. Unfortunately, as we shall see in the next essay, all these developments have utterly passed our Courts by.

---

Gautam Bhatia — @gautambhatia88 on Twitter — is a graduate of the National Law School of India University (2011), and presently an LLM student at the Yale Law School. He blogs about the Indian Constitution at http://indconlawphil.wordpress.com. Here at CIS, he blogs on issues of online freedom of speech and expression.

Further, quasi-judicial bodies do not have the same procedural restrictions as proper courts, which makes the adjudication of disputes easier. The Information Technology Act of India, which regulates several important aspects of electronic information, including the regulation of private electronic transactions as well as detailing civil and criminal offences relating to computers and electronic information, contemplates a specialised dispute resolution mechanism for disputes relating to the offences detailed under the Act. The Act provides for the establishment of quasi-judicial bodies, namely adjudicating officers under S.46, to hear disputes arising out of Chapter IX of the Act, namely, offences of a civil nature under S.43, 43A, 44 and 45 of the Act, as well as criminal offences described under Chapter XI of the Act. The adjudicating officer has the power to both award compensation as damages in a civil remedy, as well as impose penalties for the contravention of the Act,[1] and therefore has powers of both civil and criminal courts. The first appellate body provided in the Act, i.e. the authority that any party not satisfied by the decision of the adjudicating officer can appeal to, is the Cyber Appellate Tribunal, consisting of a Chairperson and any other members so prescribed by the Central Government.[2] The second appeal, if a party is aggrieved by the decision of the Cyber Appellate Tribunal, may be filed before the High Court having jurisdiction, within 60 days from the date of communication of the order.[3]

Functioning of the Offices of the State Adjudicating Officers and the Cyber Appellate Tribunal

The office of the adjudicating officer is established under S.46 of the IT Act, which provides that the person appointed to such a post must be a government officer of a rank not below that of a Director or an equivalent rank, and must have experience both in the field of Information Technology as well as legal or judicial experience.[4] In most cases, the appointed adjudicating officer is the Principle Secretary to the Department of Information Technology in the state.[5] The decisions of these adjudicating officers determine the scope and meaning of several provisions of the IT Act, and are instrumental in the development of the law in this field and filling a lacuna regarding the interpretation of these important provisions, particularly in areas such as data protection and privacy.[6] However, despite the large number of cyber-crime cases being registered across the country,[7] there is a lack of available judgements on the adjudication of disputes under Sections 43, 43A, 44 and 45 of the Act. Of all the states, only the websites of the Departments of Information Technology in Maharashtra,[8], Tamil Nadu[9], New Delhi[10], and Haryana[11] have reported judgements or orders of the Adjudicating Officers.  The adjudicating officer in Maharasthra, Rajesh Aggarwal, has done a particularly commendable job, having disposed of 51 cases under the IT Act, with 20 cases still pending.

The first Cyber Appellate Tribunal set up by the Central Government is located at New Delhi. Although a second branch of the Tribunal was to be set up in Bangalore, no efforts seem to have been made in this regard.[12] Further, the position of the Chairperson of the Appellate Tribunal, has been left vacant since 2011, after the appointed Chairperson attained the age of superannuation and retired. Although judicial and technical members have been appointed at various points, the tribunal cannot hold hearings without a chairperson. A total of 17 judgements have been passed by the Cyber Appellate Tribunal prior to the retirement of the chairperson, while the backlog of cases is continuously growing.[13] Despite a writ petition being filed before the Karnataka High Court and the secretary of the Department of IT coming on record to state that the Chairperson would be appointed within 6 months (of September 2013), no action seems to have been taken in this regard, and the lacunae in the judicial mechanism under the IT Act continues. The proper functioning of adjudicating officers and the Cyber Appellate Tribunal is particularly necessary for the functioning of a just judicial system in light of the provisions of the Act (namely, Section 61) which bar the jurisdiction of ordinary civil courts in claims below the amount of Rs. 5 Crores, where the adjudicating officer or the CAT is empowered.[14]

Analysis of Cases Filed under Section 43A

Section 43A of the Information Technology Act was inserted by the 2008 Amendment, and is the principle provision governing protection of information held by intermediaries under the Act. Section 43A provides that “body corporates” handling “sensitive personal data” must implement reasonable security practices for the protection of this information. If it is negligent in providing or maintaining such reasonable security practices, the body corporate is to be held liable and must pay compensation for the loss occurred.[15] Rule 3 of the Draft Reasonable Security Practices Rules, defines sensitive personal data as including – passwords, user details as provided at the time of registration or thereafter, information related to financial information such as Bank account/ credit card /debit card /other payment instrument details of the users, physiological and mental health conditions, medical records and history, biometric information, information received by body corporate for processing, stored or processed under lawful contract or otherwise and call data records.[16]

All the decisions of appointed adjudicators are available for an analysis of Section 43A are from the adjudicating officer in Maharashtra, Mr. Rajesh Tandon, who despite having no judicial experience, has very cogent analysis and knowledge of legal issues involved in the cases, which is commendable for a quasi-judicial officer.

One class of cases, constituting a major chunk of the claims, is where the complainant is claiming against a bank for the fraudulent transfer of funds from the claimants account to another account. In most of these cases, the adjudicating officer examined the compliance of the bank with “Know Your Customer” norms and guidelines framed by the Reserve Bank of India for prevention of banking fraud and, where such compliance was found to be lacking and information which allowed the bank accounts of the complainant was allowed to be accessed by fraudsters, the presumption is that the bank was negligent in the handling of “sensitive personal information”,[17] by failing to provide for reasonable security practices and consequently was liable for compensation under S.43A, notwithstanding that the complainant also contributed to compromising certain personal information by responding to phishing mails,[18] or divulging information to other third parties.[19] These instances clearly fall within the scope of Section 43A, which protects “information related to financial information such as Bank account/ credit card /debit card /other payment instrument details of the users” as sensitive personal data from negligent handling by body corporates. The decisions of the adjudicating officer must be applauded for placing a higher duty of care on banks to protect informational privacy of its customers, given that they are in a position where they ought to be well equipped to deal with intimate financial information and holding them accountable for lack of proper mechanisms to counter bank fraud using stolen information, which reflects in the compensation which the banks have been liable to pay, not only as indemnification for losses, but also punitive damages.[20]

In Nirmalkumar Bhagerwal v IDBI Bank and Meenal Bhagerwal, the sensitive financial information of the complainant, namely, the bank statement, had been accessed by the complainants wife. In holding the bank to be liable for divulging the same, and that access to personal information by a spouse is also covered under S.43A, the officer seems to have imputed the loss of privacy on account of such negligence as ‘wrongful loss’ which deserves compensation. One anomalous decision of the officer was where the operator of an ATM was held liable for fraudulent credit card transactions in that Machine, due to “reasonable security practices” such as security personnel or CCTV footage, and therefore causing the loss of “sensitive personal data”. However, it is difficult to see how ATM operators can be held liable for failing to protect sensitive information from being divulged, when the case is simply of a person fraudulently using a credit card.

Another class of cases, generally linked with the above cases, is complaints against cell phone providers for divulging information through falsely procured Sim Cards. In such instances, the officer has held that by negligently allowing the issuance of duplicate sim cards, the phone company has led to the access of sensitive personal data and thus caused wrongful loss to the complainant. This interpretation of Section 43A is somewhat confusing. The officer seems to have interpreted the provisions of Section 43A to include carriers of the information which was originally sent through the computer resource of the banking companies. In this way, they are imputed the status of “handlers” of sensitive personal information, and their communications infrastructure through which the information is sent is the “computer resource” which it operates for the purpose of the Act. Therefore, through their negligence, they are abetting the offence under 43A.[21]

For example, in the case of Sanjay Govind Dhandhe v ICICI and Vodafone, the officer remarked that –“A SIM card is a veritable key to person’s sensitive financial and personal information. Realizing this, there are clear guidelines issued by the DOT regarding the issuance of SIM cards. The IT Act also intends to ensure that electronic personal and sensitive data is kept secured and reasonable measures are used to maintain its confidentiality and integrity. It is extremely crucial that Telecom companies actively follow strict security procedures while issuing SIM cards, especially in wake of the fact that mobiles are being increasingly used to undertake financial transactions. In many a case brought before me, financial frauds have been committed by fraudsters using the registered mobile numbers of the banks’ account holders.” Therefore, intermediaries such as telecom companies, which peripherally handle the data, are also liable under the same standards for ensuring its privacy. The adjudicating officer has also held telephone companies liable for itemized phone bills as Call Data Records negligently divulged by them, which again clearly falls under the scope of the Reasonable Security Practices Rules.[22]

Note:

"Credentek v Insolutions (http://it.maharashtra.gov.in/Site/Upload/ACT/DIT_Adjudication_Credentek_Vs_Insolutions-28012014.pdf) . This case holds that banks and the National Payments Corporation of India were liable under S. 43A for divulging information relating to transactions by their customers to a software company which provides services to these banks using the data, without first making them sign non-disclosure agreements. The NCPI was fined a nominal amount of Rs. 10,000."

---

[1]. Section 46, Information Technology Act, 2000.

[2]. Section 48 and 49 of the Information Technology Act, 2000 (Amended as of 2008).

[3]. Section 62, IT Act. However, The High Court may extend this period if there was sufficient cause for the delay.

[4]. S. 46(3), Information Technology Act, “No person shall be appointed as an adjudicating officer unless he possesses such experience in the field of Information Technology and Legal or Judicial experience as may be prescribed by the Central Government.”

[5]. From whatever data is available, the adjudicating officers in the states of Maharashtra, New Delhi, Haryana, Tamil Nadu and Karnataka are all secretaries to the respective state departments relating to IT.

[6]. See http://cis-india.org/internet-governance/blog/analysis-of-cases-filed-under-sec-48-it-act-for-adjudication-maharashtra; Also see the decision of the Karnataka adjudicating officer which held that body corporates are not persons under S.43 of the IT Act, and thus cannot be liable for compensation or even criminal action for offences under that Section, available at http://www.naavi.org/cl_editorial_13/adjudication_gpl_mnv.pdf.

[7]. Maharashtra Leads in War Against Cyber Crime, The Times of India, available at http://timesofindia.indiatimes.com/city/mumbai/Maharashtra-leads-in-war-against-cyber-crime/articleshow/30579310.cms. (18^th February, 2014).

[8]. https://it.maharashtra.gov.in/1089/IT-Act-Judgements

[9]. http://www.tn.gov.in/documents/atoz/J

[10]. http://www.delhi.gov.in/wps/wcm/connect/DoIT_IT/doit_it/it+home/orders+of+adjudicating+officer

[11]. http://haryanait.gov.in/cyber.htm

[12]. Bangalore Likely to host southern chapter of Cyber Appellate Tribunal, The Hinduk http://www.thehindu.com/news/national/karnataka/bangalore-is-likely-to-host-southern-chapter-of-cyber-appellate-tribunal/article3381091.ece (2^nd May, 2013).

[13]. http://catindia.gov.in/Judgement.aspx

[14]. Section 61 of the IT Act – ‘No court shall have jurisdiction to entertain any suit or proceeding in respect of any matter which an adjudicating officer appointed under this Act or the Cyber Appellate Tribunal constituted under this Act is empowered by or under this Act to determine and no injunction shall be granted by any court or other authority in respect of any action taken or to be taken in pursuance of any power conferred by or under this Act. Provided that the court may exercise jurisdiction in cases where the claim for injury or damage suffered by any person exceeds the maximum amount which can be awarded under this Chapter.’

[15]. Section 43A, Information Technology Act, 2000 – ‘Compensation for failure to protect data (Inserted vide ITAA 2006) Where a body corporate, possessing, dealing or handling any sensitive personal data or information in a computer resource which it owns, controls or operates, is negligent in implementing and maintaining reasonable security practices and procedures and thereby causes wrongful loss or wrongful gain to any person, such body corporate shall be liable to pay damages by way of compensation, to the person so affected. (Change vide ITAA 2008)

Explanation: For the purposes of this section (i) "body corporate" means any company and includes a firm, sole proprietorship or other association of individuals engaged in commercial or professional activities (ii) "reasonable security practices and procedures" means security practices and procedures designed to protect such information from unauthorized access, damage, use, modification, disclosure or impairment, as may be specified in an agreement between the parties or as may be specified in any law for the time being in force and in the absence of such agreement or any law, such reasonable security practices and procedures, as may be prescribed by the Central Government in consultation with such professional bodies or associations as it may deem fit. (iii) "sensitive personal data or information" means such personal information as may be prescribed by the Central Government in consultation with such professional bodies or associations as it may deem fit.

[16]. Draft Reasonable Security Practices Rules under Section 43A of the IT Act, available at http://www.huntonfiles.com/files/webupload/PrivacyLaw_Reasonable_Security_Practices_Sensitive_Personal_Information.pdf.

[17]. Ravindra Gunale v Bank of Maharashtra, http://it.maharashtra.gov.in/Site/Upload/ACT/DIT_Adjudication_RavindraGunale_Vs_BoM&Vodafone_20022013.PDF. Ram Techno Pack v State Bank of India, http://it.maharashtra.gov.in/Site/Upload/ACT/DIT_Adjudication_RamTechno_Vs_SBI-22022013.pdf.

Srinivas Signs v IDBI, http://it.maharashtra.gov.in/Site/Upload/ACT/DIT_Adjudication_SreenivasSigns_Vs_IDBI-18022014.PDF.

Raju Dada Raut v ICICI Bank, http://it.maharashtra.gov.in/Site/Upload/ACT/DIT_Adjudication_RajuDadaRaut_Vs_ICICIBank-13022013.pdf

Pravin Parkhi v SBI Cards, http://it.maharashtra.gov.in/Site/Upload/ACT/DIT_Adjudication_PravinParkhi_Vs_SBICardsPayment-30122013.PDF.

[18]. Sourabh Jain v ICICI, http://it.maharashtra.gov.in/Site/Upload/ACT/DIT_Adjudication_SourabhJain_Vs_ICICI&Idea-22022013.PDF.

[19]. Poona Automobiles v Punjab National Bank, https://it.maharashtra.gov.in/Site/Upload/ACT/DIT_Adjudication_PoonaAuto_Vs_PNB-22022013.PDF

[20]. Amit Patwardhan v Bank of Baroda, http://it.maharashtra.gov.in/Site/Upload/ACT/DIT_Adjudicaton_AmitPatwardhan_Vs_BankOfBaroda-30122013.PDF.

[21]. Ravindra Gunale v Bank of Maharashtra, http://it.maharashtra.gov.in/Site/Upload/ACT/DIT_Adjudication_RavindraGunale_Vs_BoM&Vodafone_20022013; Raju Dada Raut v ICICI Bank, http://it.maharashtra.gov.in/Site/Upload/ACT/DIT_Adjudication_RajuDadaRaut_Vs_ICICIBank-13022013.pdf.

[22]. Rohit Maheshwari v Vodafone, http://it.maharashtra.gov.in/Site/Upload/ACT/DIT_Adjudication_RohitMaheshwari_Vs_Vodafone&ors-04022014.PDF.

Introduction:

On March 14, 2014, the US National Telecommunications and Information Administration announced its intent to transition key Internet domain name functions to the global multi-stakeholder Internet governance community. ICANN was tasked with the development of a proposal for transition of IANA stewardship, for which ICANN subsequently called for public comments. At NETmundial, ICANN President and CEO Fadi Chehadé acknowledged that the IANA stewardship transition and improved ICANN accountability were inter-related issues, and announced the impending launch of a process to strengthen and enhance ICANN accountability in the absence of US government oversight. The subsequent call for public comments on “Enhancing ICANN Accountability” may be found here.

Suggestions for improved accountability:

In the event, Centre for Internet and Society (“CIS”) wishes to limit its suggestions for improved ICANN accountability to matters of reactive or responsive transparency on the part of ICANN to the global multi-stakeholder community. We propose the creation and implementation of a robust “freedom or right to information” process from ICANN, accompanied by an independent review mechanism.

Article III of ICANN Bye-laws note that “ICANN and its constituent bodies shall operate to the maximum extent feasible in an open and transparent manner and consistent with procedures designed to ensure fairness”. As part of this, Article III(2) note that ICANN shall make publicly available information on, inter alia, ICANN’s budget, annual audit, financial contributors and the amount of their contributions, as well as information on accountability mechanisms and the outcome of specific requests and complaints regarding the same. Such accountability mechanisms include reconsideration (Article IV(2)), independent review of Board actions (Article IV(3)), periodic reviews (Article IV(4)) and the Ombudsman (Article V).

Further, ICANN’s Documentary Information Disclosure Policy (“DIDP”) sets forth a process by which members of the public may request information “not already publicly available”. ICANN may respond (either affirmatively or in denial) to such requests within 30 days. Appeals to denials under the DIDP are available under the reconsideration or independent review procedures, to the extent applicable.

While ICANN has historically been prompt in its response to DIDP Requests, CIS is of the view that absent the commitments in the AoC following IANA stewardship transition, it would be desirable to amend and strengthen Response and Appeal procedures for DIDP and other, broader disclosures. Our concerns stem from the fact that, first, the substantive scope of appeal under the DIDP, on the basis of documents requested, is unclear (say, contracts or financial documents regarding payments to Registries or Registrars, or a detailed, granular break-up of ICANN’s revenue and expenditures); and second, that grievances with decisions of the Board Governance Committee or the Independent Review Panel cannot be appealed.

Therefore, CIS proposes a mechanism based on “right to information” best practices, which results in transparent and accountable governance at governmental levels.

First, we propose that designated members of ICANN staff shoulder responsibility to respond to information requests. The identity of such members (information officers, say) ought to be made public, including in the response document.

Second, an independent, third party body should be constituted to sit in appeal over information officers’ decisions to provide or decline to provide information. Such body may be composed of nominated members from the global multi-stakeholder community, with adequate stakeholder-, regional- and gender-representation. However, such members should not have held prior positions in ICANN or its related organizations. During the appointed term of the body, the terms and conditions of service ought to remain beyond the purview of ICANN, similar to globally accepted principles of an independent judiciary. For instance, the Constitution of India forbids any disadvantageous alteration of privileges and allowances of judges of the Supreme Court and High Courts during tenure.

Third, and importantly, punitive measures ought to follow unreasonable, unexplained or illegitimate denials of requests by ICANN information officers. In order to ensure compliance, penalties should be made continuing (a certain prescribed fine for each day of information-denial) on concerned officers. Such punitive measures are accepted, for instance, in Section 20 of India’s Right to Information Act, 2005, where the review body may impose continuing penalties on any defaulting officer.

Finally, exceptions to disclosure should be finite and time-bound. Any and all information exempted from disclosure should be clearly set out (and not merely as categories of exempted information). Further, all exempted information should be made public after a prescribed period of time (say, 1 year), after which any member of the public may request for the same if it continues to be unavailable.

CIS hopes that ICANN shall deliver on its promise to ensure and enhance its accountability and transparency to the global multi-stakeholder community. To that end, we hope our suggestions may be positively considered.

Comment repository:

All comments received by ICANN during the comment period (May 6, 2014 to June 6, 2014) may be found at this link.

Towards the end of the last post, we saw how the Law Commission traced the genealogy of the “scandalising the Court” offence, inasmuch as it sought to protect the “standing of the judiciary”, to that of seditious libel. The basic idea is the same: if people are allowed to criticise state institutions in derogatory terms, then they can influence their fellow-citizens who, in turn, will lose respect for those institutions. Consequently, the authority of those institutions will be diminished, and they will be unable to effectively perform their functions. Hence, we prevent that eventuality by prohibiting certain forms of speech when it concerns the functioning of the government (seditious libel) or the Courts (scandalising the Court). This, of course, often ties the judges into knots, in determining the exact boundary between strident – but legitimate – criticism, and sedition/scandalising the Court.

Seditious libel, of course, went out in the United States with the repeal of the Sedition Act in 1800, and was abolished in the England in 2009. Notoriously, it still remains on the statute books in India, in the form of S. 124A of the Indian Penal Code. An examination of the Supreme Court’s sedition jurisprudence would, therefore, be apposite. Section 124A makes it an offence to bring or attempt to bring into hatred or contempt, or excite or attempt to excite, disaffection, towards the government. The locus classicus is Kedar Nath Singh v. Union of India. I have analysed the case in detail elsewhere, but briefly, Kedar Nath Singh limited the scope of 124A to incitement to violence, or fostering public disorder, within the clear terms of Article 19(2). In other words, prosecution for sedition, if it was to succeed, would have to satisfy the Court’s public order jurisprudence under Article 19(2). The public order test itself – as we discussed previously on this blog, in a post about Section 66A – was set out in highly circumscribed terms in Ram Manohar Lohia’s Case, which essentially required a direct and imminent degree of proximity between the speech or expression, and the breach of public order (in that case, the Court refused to sustain the conviction of a speaker who expressly encouraged an audience to break the law). Subsequently, in S. Rangarajan v. P. Jagjivan Ram, the Court noted that the relation ought to be like that of a “spark in a powder keg” – something akin to inciting an enraged mob to immediate violence. Something that the Court has clearly rejected is the argument that it is permissible to criminalise speech and expression simply because its content might lower the authority of the government in the eyes of the public, which, in turn, could foster a disrespect for law and the State, and lead to breaches of public order.

Unfortunately, however, when it comes to contempt and scandalising, the Court has adopted exactly the chain of reasoning that it has rejected in the public order cases. As early as 1953, in Aswini Kumar Ghose v. Arabinda Bose, the Court observed that “it is obvious that if an impression is created in the minds of the public that the Judges in the highest Court in the land act on extraneous considerations in deciding cases, the confidence of the whole community in the administration of justice is bound to be undermined and no greater mischief than that can possibly be imagined.”

Subsequently, in D.C. Saxena v. CJI, the Court held that “Any criticism about judicial system or the judges which hampers the administration of justice or which erodes the faith in the objective approach of the judges and brings administration of justice to ridicule must be prevented. The contempt of court proceedings arise out of that attempt. Judgments can be criticised. Motives to the judges need not be attributed. It brings the administration of justice into disrepute. Faith in the administration of justice is one of the pillars on which democratic institution functions and sustains.” Notice the chain of causation the Court is working with here: it holds faith in the administration of justice as a necessary pre-requisite to the administration of justice, and prohibits criticism that would cause other people to lose their faith in the judiciary. This is exactly akin to a situation in which I make an argument advocating Marxist theory, and I am punished because some people, on reading my article, might start to hold the government in contempt, and attempt to overthrow it by violent means. Not only is it absurd, it is also entirely disrespectful of individual autonomy: it is based on the assumption that the person legally and morally responsibly for a criminal act is not the actor, but the person who convinced the actor through words and arguments, to break the law – as though individuals are incapable of weighing up competing arguments and coming to decisions of their own accord. Later on, in the same case, the Court holds that scandalising includes “all acts which bring the court into disrepute or disrespect or which offend its dignity or its majesty or challenge its authority.” As we have seen before, however, disrepute or disrespect of an institution cannot in itself be a ground for punishment, unless there is something more. That something more is actual disruption of justice, which is presumably caused by people who have lost their confidence in the judiciary, but in eliding disrepute/disrespect with obstruction of justice, the Court entirely fails to consider the individual agency involved in crossing that bridge, the agency that is not that of the original speaker. This is why, again, in its sedition cases, the Court has gone out of its way to actually require a proximate relation between “disaffection” and public order breaches, in order to save the section from unconstitutionality. Its contempt jurisprudence, on the other hand, shows no such regard. It is perhaps telling that the Court, one paragraph on, adopts the “blaze of glory” formulation that was used in an 18^th century, pre-democratic English case.

Indeed, the Court draws an express analogy with sedition, holding that “malicious or slanderous publication inculcates in the mind of the people a general disaffection and dissatisfaction on the judicial determination and indisposes in their mind to obey them.” Even worse, it then takes away even the basic protection of mens rea, holding that all that matters is the effect of the impugned words, regardless of the intention/recklessness with which they were uttered. The absence of mens rea, along with the absence of any meaningful proximity requirement, makes for a very dangerous cocktail – an offence that can cover virtually any activity that the Court believes has a “tendency” to certain outcomes: “Therefore, a tendency to scandalise the court or tendency to lower the authority of the court or tendency to interfere with or tendency to obstruct the administration of justice in any manner or tendency to challenge the authority or majesty of justice, would be a criminal contempt. The offending act apart, any tendency if it may lead to or tends to lower the authority of the court is a criminal contempt. Any conduct of the contemnor which has the tendency or produces a tendency to bring the judge or court into contempt or tends to lower the authority of the court would also be contempt of the court.”

The assumption implicit in these judgments – that the people need to be protected from certain forms of speech, because they are incompetent at making up their own minds, in a reasonable manner, about it – was made express in Arundhati Roy’s Case, in 2002. After making observations about how confidence in the Courts could not be allowed to be “tarnished” at any cost, the Court noted that “the respondent has tried to cast an injury to the public by creating an impression in the mind of the people of this backward country regarding the integrity, ability and fairness of the institution of judiciary”, observed that the purpose of the offence was to protect the (presumably backward) public by maintaining its confidence in the judiciary, which had been enacted keeping in mind “the ground realities and prevalent socio-economic system in India, the vast majority of whose people are poor, ignorant, uneducated, easily liable to be misled. But who acknowledly (sic) have the tremendous faith in the dispensers of Justice.” So easy, indeed, to mislead, that there was no need for any evidence to demonstrate it: “the well-known proposition of law is that it punishes the archer as soon as the arrow is shot no matter if it misses to hit the target. The respondent is proved to have shot the arrow, intended to damage the institution of the judiciary and thereby weaken the faith of the public in general and if such an attempt is not prevented, disastrous consequences are likely to follow resulting in the destruction of rule of law, the expected norm of any civilised society.”

The American legal scholar, Vince Blasi, has outlined a “pathological perspective” of free speech. According to him, heightened protection of speech – even to the extent of protecting worthless speech – is important, because when the government passes laws to regulate speech that is hostile towards it, it will, in all likelihood, over-regulate purely out of self-interest, sometimes even unconsciously so. This is why, if the Courts err, they ought to err on the side of speech-protection, because it is quite likely that the government has over-estimated public order and other threats that stem out of hostile speech towards government itself. The pathological perspective is equally – if not more – applicable in the realm of contempt of Court, because here the Court is given charge of regulating speech hostile towards itself. Keenly aware of the perils of speech suppression that lie in such situations, we have seen that the United States and England have abolished the offence, and the Privy Council has interpreted it extremely narrowly.

The Indian Supreme Court, however, has gone in precisely the opposite direction. It has used the Contempt of Court statute to create a strict-liability criminal offence, with boundlessly manipulable categories, which is both overbroad and vague, entirely inconsistent with the Court’s own free speech jurisprudence, and at odds with free speech in a liberal democracy.

---

Gautam Bhatia — @gautambhatia88 on Twitter — is a graduate of the National Law School of India University (2011), and presently an LLM student at the Yale Law School. He blogs about the Indian Constitution at http://indconlawphil.wordpress.com. Here at CIS, he blogs on issues of online freedom of speech and expression.

Facebook removes content largely on the basis of requests either by the government or by other users. The Help section of Facebook deals with warnings and blocking of content. It says that Facebook only removes content that violates Community Guidelines and not everything that has been reported.

I conducted an experiment to primarily look at Facebook’s process of content removal and also to analyse what kind of content they actually remove.

1. I put up a status which contained personal information of a person on my Friend List (the information was false). I then asked several people (including the person about whom the status was made) to report the status — that of  being harassed  or for violation of  privacy rights. Seven people reported the status. Within half an hour of the reports being made, I received the following notification:
   "Someone reported your post for containing harassment and 1 other reason."
   
   The notification also contained the option to delete my post and said that Facebook would look into whether it violated their Community Guidelines.
   
   A day later, all those who had reported the status received notifications stating the following:
   
   "We reviewed the post you reported for harassment and found it doesn't violate our Community Standards."
   
   I received a similar notification as well.
2. I, along with around thirteen others, reported a Facebook page which contained pictures of my friend and a few other women with lewd captions in various regional languages. We reported the group for harassment and bullying and also for humiliating someone we knew. The report was made on 24 March, 2014. On 30 April, 2014, I received a notification stating the following:
   
   "We reviewed the page you reported for harassment and found it doesn't violate our Community Standards.
   
   Note: If you have an issue with something on the Page, make sure you report the content (e.g. a photo), not the entire Page. That way, your report will be more accurately reviewed."
   
   I then reported each picture on the page for harassment and received a series of notifications on 5 May, 2014 which stated the following:
   
   "We reviewed the photo you reported for harassment and found it doesn't violate our Community Standards."

These incidents are in stark contrast with repeated attempts by Facebook to remove content which it finds objectionable. In 2013, a homosexual man’s picture protesting against the Supreme Court judgment in December was taken down. In 2012, Facebook removed artwork by a French artist which featured a nude woman.  In the same year, Facebook removed photographs of a child who was born with defect and banned the mother from accessing Facebook completely. Facebook also removed a picture of a breast cancer survivor who posted a picture of a tattoo that she had following her mastectomy. Following this, however, Facebook issued an apology and stated that mastectomy photographs are not in violation of their Content Guidelines. Even in the sphere of political discourse and dissent, Facebook has cowered under government pressure and removed pages and content, as evidenced by the ban on the progressive Pakistani band Laal’s Facebook page and other anti-Taliban pages. Following much social media outrage, Facebook soon revoked this ban. These are just a few examples of how harmless content has been taken down by Facebook, in a biased exercise of its powers.

After incidents of content removal have been made public through news reports and complaints, Facebook often apologises for removing content and issues statements that the removal was an “error.” In some cases, they edit their policies to address specific kinds of content after a takedown (like the reversal of the breastfeeding ban).

On the other hand, however, Facebook is notorious for refusing to take down content that is actually objectionable, partially evidenced by my own experiences listed above. There have been complaints about Facebook’s refusal to remove misogynistic content which glorifies rape and domestic violence through a series of violent images and jokes. One such page was removed finally, not because of the content but because the administrators had used fake profiles. When asked, a spokesperson said that censorship “was not the solution to bad online behaviour or offensive beliefs.” While this may be true, the question that needs answering is why Facebook decides to draw these lines only when it comes to certain kinds of ‘objectionable’ content and not others.

All of these examples represent a certain kind of arbitrariness on the part of Facebook’s censorship policies. It seems that Facebook is far more concerned with removing content that will cause supposed public or governmental outrage or defy some internal morality code, rather than protecting the rights of those who may be harmed due to such content, as their Statement of Policies so clearly spells out.

There are many aspects of the review and takedown process that are hazy, like who exactly reviews the content that is reported and what standards they are made to employ. In 2012, it was revealed that Facebook outsourced its content reviews to oDesk and provided the reviewers with a 17-page manual which listed what kind of content was appropriate and what was not. A bare reading of the leaked document gives one a sense of Facebook’s aversion to sex and nudity and its neglect of other harm-inducing content like harassment through misuse of content that is posted and what is categorised as hate speech.

In the process of monitoring the acceptability of content, Facebook takes upon itself the role of a private censor with absolutely no accountability or transparency in its working. A Reporting Guide was published to increase transparency in its content review procedures. The Guide reveals that Facebook provides for an option where the reportee can appeal the decision to remove content in “some cases.” However, the lack of clarity on what these cases are or what the appeal process is frustrates the existence of this provision as it can be misused. Additionally, Facebook reserves the right to remove content with or without notice depending upon the severity of the violation. There is no mention of how severe is severe enough to warrant uninformed content removal. In most of the above cases, the user was not notified that their content was found offensive and would be liable for takedown. Although Facebook publishes a transparency report, it only contains a record of takedowns following government requests and not those by private users of Facebook. The unbridled nature of the power that Facebook has over our personal content, despite clearly stating that all content posted is the user’s alone, threatens the freedom of expression on the site. A proper implementation of the policies that Facebook claims to employ is required along with a systematic record of the procedure that is used to remove content that is in consonance with natural justice.

Karnataka:

A Hindu rightwing group demanded the arrest of a prominent activist, who during a speech on the much-debated Anti-superstition Bill, made comments that are allegedly blasphemous.

Kerala:

On June 10, the principal and six students of Government Polytechnic at Kunnamkulam, Thrissur, were arrested for publishing a photograph of Prime Minister Narendra Modi alongside photographs of Hitler, Osana bin Laden and Ajmal Kasab, under the rubric ‘negative faces’. An FIR was registered against them for various offences under the Indian Penal Code including defamation (Section 500), printing or engraving matter known to be defamatory (Section 501), intentional insult with intent to provoke breach of peace (Section 504), and concealing design to commit offence (Section 120) read with Section 34 (acts done by several persons in furtherance of common intention). The principal was later released on bail.

In a similarly unsettling incident, on June 14, 2014, a case was registered against the principal and 11 students of Sree Krishna College, Guruvayur, for using “objectionable and unsavoury” language in a crossword in relation to PM Narendra Modi, Rahul Gandhi, Shashi Tharoor, etc. Those arrested were later released on bail.

Maharashtra:

Facebook posts involving objectionable images of Dr. B.R. Ambedkar led to arson and vandalism in Pune. Police have sought details of the originating IP address from Facebook.

A Pune-based entrepreneur has set up a Facebook group to block ‘offensive’ posts against religious leaders. The Social Peace Force will use Facebook’s ‘Report Spam’ option to take-down of ‘offensive’ material.

Deputy Chief Minister Ajit Pawar suggested a ban on social media in India, and retracted his statement post-haste.

Punjab:

A bailable warrant was issued against singer Kailash Kher for failing to appear in court in relation to a case. The singer is alleged to have hurt religious sentiments of the Hindu community in a song, and a case registered under Sections 295A and 298, Indian Penal Code.

Uttar Pradesh:

The presence of a photograph on Facebook, in which an accused in a murder case is found posing with an illegal firearm, resulted in a case being registered against him under the IT Act.

News & Opinion:

Authors, civil society activists and other concerned citizens issued a joint statement questioning Prime Minister Modi’s silence over arrests and attacks on exercise of free speech and dissent. Signatories include Aruna Roy, Romila Thapar, Baba Adhav, Vivan Sundaram, Mrinal Pande, Jean Dreze, Jayati Ghosh, Anand Pathwardhan and Mallika Sarabhai.

In response to Mumbai police’s decision to take action against those who ‘like’ objectionable or offensive content on Facebook, experts say the freedom to ‘like’ or ‘share’ posts or tweets is fundamental to freedom of expression. India’s defamation laws for print and the Internet need harmonization, moreover.

While supporting freedom of expression, Minister for Information and Broadcasting Prakash Javadekar cautioned the press and all users of social media that the press and social media should be used responsibly for unity and peace. The Minister has also spoken out in favour of free publication, in light of recent legal action against academic work and other books.

Infosys, India’s leading IT company, served defamation notices on the Economic Times, the Times of India and the Financial Express, for “loss and reputation and goodwill due to circulation of defamatory articles”. Removal of articles and an unconditional apology were sought, and Infosys claimed damages amounting to Rs. 2000 crore. On a related note, Dr. Ashok Prasad argues that criminal defamation is a violation of freedom of speech.

Drawing on examples from the last 3 years, Ritika Katyal analyses India’s increasing violence and legal action against dissent and hurt sentiment, and concludes that Prime Minister Narendra Modi has both the responsibility and ability to “rein in Hindu hardliners”.

Discretionary powers resting with the police under the vaguely and broadly drafted Section 66A, Information Technology Act, are dangerous and unconstitutional, say experts.

Providing an alternative view, the Hindustan Times comments that the police ought to “pull up their socks” and understand the social media in order to effectively police objectionable and offensive content on the Internet.

Keeping Track:

Indconlawphil’s Free Speech Watch keeps track of violations of freedom of expression in India.

This post is a surface-level overview of national IG bodies, and is intended to inform introductory thoughts on national IG mechanisms.

A Short Introduction

The previous decade has seen a proliferation of regional, sub-regional and national initiatives for Internet governance (IG). Built primarily on the multi-stakeholder model, these initiatives aim at creating dialogue on issues of regional, local or municipal importance. In Asia, Bangladesh has instituted a national IGF, the Bangladesh IGF, with the stated objective of creating a national multi-stakeholder forum that is specialized in Internet governance issues, and to facilitate informed dialogue on IG policy issues among stakeholders. India, too, is currently in the process of instituting such a forum. At this juncture, it is useful to consider the rationale and modalities of national IG bodies.

The Internet has long been considered a sphere of non-governmental, multi-stakeholder, decentralized, bottom-up governance space. The Declaration of Independence of Cyberspace, John Perry Barlow’s defiant articulation of the Internet’s freedom from governmental control, is a classic instance of this. The Internet is a “vast ocean”, we claimed; “no one owns it”.[1] Even today, members of the technical community insist that everyone ought to “let techies do their job”: a plea, if you will, of the complexity of cyber-walls and –borders (or of their lack).

But as Prof. Milton Mueller argues in Ruling the Root, the Internet has always been a contentious resource: battles over its governance (or specifically, the governance of the DNS root, both the root-zone file and the root servers) have leapt from the naïveté of the Declaration of Independence to a private-sector-led, contract-based exploitation of Internet resources. The creation of ICANN was a crucial step in this direction, following arbitrary policy choices by Verizon and entities managing the naming and numbering resources of the Internet.

The mushrooming of parallel tracks of Internet governance is further evidence of the malleability of the space. As of today, various institutions – inter-governmental and multi-stakeholder – extend their claims of governance. ICANN, the World Summit of Information Society, the World Conference on International Telecommunications, the Internet Governance Forum and the Working Group on Enhanced Cooperation under the ECOSOC Committee for Science, Technology and Development are a few prominent tracks. As of today, the WSIS process has absorbed various UN special bodies (the ITU, UNESCO, UNCTAD, UNDP are but a few), with the UNESCO instituting a separate study on Internet-related issues. A proposal for a multilateral Committee on Internet-Related Policies remains stillborn.

Amongst these, the Internet Governance Forum (IGF) remains a strong contender for a truly multi-stakeholder process facilitating dialogue on IG. The IGF was set up following the recommendation of the Working Group of Internet Governance (WGIG), constituted after the Geneva phase of the WSIS.

Rationale: Why Have National IG bodies?

The issue of national multi-stakeholder cooperation/collaboration in IG is not new; it has been alive since the early 2000s. The Tunis Agenda, in paragraph 80, encourages the “development of multi-stakeholder processes at the national, regional and international levels to discuss and collaborate on the expansion and diffusion of the Internet as a means to support development efforts to achieve internationally agreed development goals and objectives, including the Millennium Development Goals” (emphasis supplied).

In its June 2005 Report, the Working Group on Internet Governance (WGIG) emphasizes that “global Internet governance can only be effective if there is coherence with regional, subregional and national-level policies”. Towards this end it recommends that “coordination be established among all stakeholders at the national level and a multi-stakeholder national Internet governance steering committee or similar body be set up” (emphasis supplied). The IGF, whose creation the WGIG recommended, has since been commended for its impact on the proliferation of national IGFs.

The rationale, then, was that multi-stakeholder steering committees at the national level would help to create a cohesive body to coordinate positions on Internet governance. In Reforming Internet Governance, WGIG member Waudo Siganga writes of the Internet Steering Committee of Brazil as a model, highlighting lessons that states (especially developing countries) may learn from CGI.br.

The Brazilian Internet Steering Committee (CGI.br) was set up in 1995 and is responsible, inter alia, for the management of the .br domain, distribution of Internet addresses and administration of metropolitan Internet exchange points. CERT.br ensures network security and extends support to network administrators. Siganga writes that CGI.br is a “well-structured multistakeholder entity, having representation from government and democratically chosen representatives of the business sector, scientific and technological community and an Internet expert”.

Why is CGI.br a model for other states? First, CGI.br exemplifies how countries can structure in an effective manner, a body that is involved in creating awareness about IG issues at the national level. Moreover, the multi-stakeholder nature of CGI.br shows how participation can be harnessed effectively to build capacity across domestic players. This also reflects the multi-stakeholder aspects of Internet governance at the global level, clarifying and implementing the WSIS standards (for instance). Especially in developing countries, where awareness and coordination for Internet governance is lacking at the national level, national IG committees can bridge the gap between awareness and participation. Such awareness can translate into local solutions for local issues, as well as contributing to an informed, cohesive stance at the global level.

Stakeholders: Populating a national IG body

A national IG body – be in steering committee, IGF or other forum – should ideally involve all relevant stakeholders. As noted before, since inception, the Internet has not been subject to exclusive governmental regulation. The World Summit on Information Society recognized this, but negotiations amongst stakeholders resulted in the delegation of roles and responsibilities: the controversial and much-debated paragraph 35 of the Tunis Agenda reads:

1. Policy authority for Internet-related public policy issues is the sovereign right of States. They have rights and responsibilities for international Internet-related public policy issues.
2. The private sector has had, and should continue to have, an important role in the development of the Internet, both in the technical and economic fields.
3. Civil society has also played an important role on Internet matters, especially at community level, and should continue to play such a role.
4. Intergovernmental organizations have had, and should continue to have, a facilitating role in the coordination of Internet-related public policy issues.
5. International organizations have also had and should continue to have an important role in the development of Internet-related technical standards and relevant policies.

This position remains endorsed by the WSIS process; the recent WSIS+10 High Level Event endorsed by acclamation the WSIS+10 Vision for WSIS Beyond 2015, which “respect mandates given by Tunis Agenda and respect for the multi-stakeholder principles”. In addition to government, the private sector and civil society, the technical community is identified as a distinct stakeholder group. Academia has also found a voice, as demonstrated by stakeholder-representation at NETmundial 2014.

A study of the Internet Society (ISOC) on Assessing National Internet Governance Arrangements, authored by David Souter, maps IG stakeholders at the global, regional and national levels. At the global level, primary stakeholders include ICANN (not-for-profit, private sector corporation involved in governance and technical coordination of the DNS), the IETF, IAB and W3C (technical standards), governments and civil society organizations, all of which participate with different levels of involvements at the IGF, ICANN, ITU, etc.

At the national/municipal level, the list of stakeholders is as comprehensive. Governmental stakeholders include: (1) relevant Ministries (in India, these are the Ministry of Information and Broadcasting, and the Ministry of Communications and Information Technology – the Department of Electronics and Information Technology under the MCIT is particularly relevant), and (2) regulators, statutory and independent (the Telecom Regulatory Authority of India, for example). At the national level, these typically seek inputs from other stakeholders while making recommendations to governments, which then enact laws or make policy. In India, for instance, the TRAI conducts consultations prior to making recommendations to the government.

Within the private sector, there may be companies (1) on the supply-side, such as infrastructure networks, telecommunications service companies, Internet Service Providers, search engines, social networks, cybercafés, etc., and (2) on the demand-side, online businesses, advertising/media, financial service providers, etc. who use the Internet. There may also be national registries managing ccTLDs, such as the Registro.br or the National Internet Exchange of India (NIXI). There may also the press and news corporations representing both corporate and public interest under specific circumstances (media ownership and freedom of expression, for distinct examples).

Civil society organisations, including consumer organisations, think-tanks and grassroots organisations, participate at various levels of policy-making in the formal institutional structure, and are crucial in representing users and public interest. The complexity of stakeholders may be seen from Souter’s report, and this enumeration is but a superficial view of the national stakeholder-population.

Processes: Creating effective national IG bodies

National IG bodies – be they steering committees, IGFs, consultative/working groups or other forums – may be limited by formal institutional governmental settings. While limited by the responsibility-gradient in paragraph 35 of the Tunis Agenda, an effective national IG body requires robust multi-stakeholder participation, as Souter notes, in technical governance, infrastructure and public policy issues. Its effectiveness also lies in governmental acquiescence of its expertise and recommendations; in short, in the translation of the IG body’s decisions into policy.

How do these stakeholders interact at the national level? In addition to the Brazilian example (CGI.br), an ISOC study by Souter and Monica Kerretts-Makau, Internet Governance in Kenya: An Assessment, provides a detailed answer. At the technical level, the registry KENIC manages the .ke domain, while the Kenya Computer Incident Response Team Coordination Centre coordinates national responses to incidents and collaborates internationally on cyber-security issues. A specific IPv6 Force to promote Kenya’s transition to IPv6 was also created.

At the infrastructural level, both the government and the private sector play important roles. Directly, ministries and government departments consult with infrastructure providers in creating policy. In India, for instance, the TRAI conducts multi-stakeholder consultations on issues such as telecom tariffs, colocation tariffs for submarine cable stations and mobile towers, etc. The government may also take a lead in creating infrastructure, such as the national optic fibre networks in India and Kenya, as also creating investment opportunities such as liberalizing FDI. At the public policy level, there may exist consultations initiated by government bodies (such as the TRAI or the Law Commission), in which other stakeholders participate.

As one can see, government-initiated consultations by ministries, regulators, law commissions or specially constituted committees. Several countries have also set up national IGFs, which typically involve all major stakeholders in voluntary participation, and form a discussion forum for existing and emerging IG issues. National IGFs have been considered particularly useful to create awareness within the country, and may best address IG issues at the domestic policy level. However, Prof. Mueller writes that what is necessary is a “reliable mechanism reliable mechanisms for consistently feeding the preferences expressed in these forums to actual global policy-making institutions like ICANN, RIRs, WIPO, and WTO which impact distributional outcomes”.

---

[1] M. Mueller, Ruling the Root: Internet Governance and the Taming of Cyberspace 57 (2002).

Domain names and the DNS are used in virtually every aspect of the Internet, and without the DNS, the Internet as we know it, would not exist. The DNS root zone has economic value and  ICANN's contract with Verisign delineates the selling of domain names via only ICANN accredited registrars. By the indirect virtue of its control of the root, ICANN has the power and capacity to influence the decisions of entities involved in the management and operations of the DNS, including registrars.

Too far, too many?

We acknowledge some of the efforts for improvements, in particular with reference to barriers to participation in DNS-related business in regions such as Africa and the Middle East, including the creation of a fellowship program, and increased availability of translated materials. However, despite these efforts, the gaps in the distribution of the DNS registrars and registries across the world has become an issue of heightened concern.

This is particularly true, in light of the distribution of registrars and given that, of the 1124 ICANN-accredited registrars, North America has a total of 765 registrars. US and Canada together, have more than double the number of registrars than the rest of the world taken collectively. To put things further into perspective, of the total number of registrars 725 are from the United States alone, and 7 from the 54 countries of Africa.

A barrier to ICANN's capacity building initiatives has been the lack of trust, given the general view that, ICANN focuses on policies that favour entrenched incumbents from richer countries. Without adequate representation from poorer countries, and adequate representation from the rest of the world's Internet population, there is no hope of changing these policies or establishing trust. The entire region of Latin America and the Caribbean, comprising of a population of 542.4 million internet users[1] in 2012, has only 22 registrars spread across a total of 10 countries. In Europe, covering a population of 518.5 million internet users[2], are 158 registrars and 94 of those are spread across Germany, UK, France, Spain and Netherlands. The figures paint the most dismal picture with respect to South Asia, in particular India, where just 16 registrars cater to the population of internet users that is expected to reach 243 million by June 2014[3].

While we welcome ICANN's research and outreach initiatives with regard to the DNS ecosystem in underserved regions, without the crucial first step of clarifying the metrics that constitute an underserved region, these efforts might not bear their intended impact. ICANN cannot hope to identify strategies towards bridging the gaps that exist in the DNS  ecosystem, without going beyond the current ICANN community, which, while nominally being 'multistakeholder' and open to all, grossly under-represents those parts of the world that aren't North America and Western Europe.

The lack of registries in the developing world is another significant issue that needs to be highlighted and addressed. The top 5 gTLD registries are in the USA and it is important that users and the community feels that the fees being collected are equivalent compensation for the services they provide. As registries operate in captive markets that is allocated by ICANN, we invite ICANN to improve its financial accountability, by enabling its stakeholders to assess the finances collected on these registrations.

Multistakeholderism—community and consensus

As an organization that holds itself a champion of the bottom-up policy development process, and, as a private corporation fulfilling a public interest function, ICANN, is in a unique position to establish new norms of managing common resources. In theory and under ICANN’s extensive governance rules, the board is a legislative body that is only supposed to approve the consensus decisions of the community and the staff wield executive control. However in reality, both board and the staff have been criticised for decisions that are not backed by the community.

The formal negotiations between ICANN and Registrar Stakeholder Group Negotiating Team (Registrar NT) over the new Registrar Accreditation Agreement (RAA), is an example of processes that have a multistakeholder approach but fail on values of deliberation and pluralistic decision making.[4] ICANN staff insisted on including a "proposed Revocation (or "blow up") Clause that would have given them the ability to unilaterally terminate all registrar accreditations" and another proposal seeking to provide ICANN Board ability to unilaterally amend the RAA (identical to proposal inserted in the gTLD registry agreement - a clause met with strong opposition not only from the Registry Stakeholder Group but from the broader ICANN community).

Both proposals undermine the multistakeholder approach of the ICANN governance framework, as they seek more authority for the Board, rather than the community or protections for registrars and more importantly, registrants. The proposed amendments to the RAA were not issues raised by Law Enforcement, GAC or the GNSO but by the ICANN staff and received considerable pushback from the Registrar Stakeholder Group Negotiating Team (Registrar NT). The bottom-up policy making process at ICANN has also been questioned with reference to the ruling on vertical integration between registries and registrars, where the community could not even approach consensus.[5] Concerns have also been raised about the extent of the power granted to special advisory bodies handpicked by the ICANN president, the inadequacy of existing accountability mechanisms for providing a meaningful and external check on Board decisions and the lack of representation of underserved regions on these special bodies. ICANN must evolve its accountability mechanisms, to go beyond the opportunity to provide comments on proposed policy, and extend to a role for stakeholders in decision making, which is presently a privilege reserved for staff rather than bottom-up consensus.

ICANN was created as a consensus based organisation that would enable the Internet, its stakeholders and beneficiaries to move forward in the most streamlined, cohesive manner.[6] Through its management of the DNS, ICANN is undertaking public governance duties, and it is crucial that it upholds the democratic values entrenched in the multistakeholder framework. Bottom up policy making extends beyond passive participation and has an impact on the direction of the policy. Presently, while anyone can comment on policy issues, only a few have a say in which comments are integrated towards outcomes and action. We would like to stress not just improving and introducing checks and balances within the ICANN ecosystem, but also, integrating accountability and transparency practices at all levels of decision making.

Bridging the gap

We welcome the Africa Strategy working group and the public community process that was initiated by ICANN towards building domain name business industry in Africa, and, we are sure there will be lessons that will applicable to many other underserved regions. In the context of this report CIS, wants to examine the existing criteria of the accreditation process. As ICANN's role evolves and its revenues grow across the DNS and the larger Internet landscape, it is important in our view, that ICANN review and evolve it's processes for accreditation and see if they are as relevant today, as they were when launched.

The relationship between ICANN and every accredited registrar is governed by the individual RAA, which set out the obligations of both parties, and, we recommend simplifying and improving them. The RAA language is complex, technical and not relevant to all regions and presently, there are no online forms for the accreditation process. While ICANN's language will be English, the present framing has an American bias—we recommend—creating an online application process and simplifying the language keeping it contextual to the region. It would also be helpful, if ICANN invested in introducing some amount of standardization across forms, this would reduce the barrier of time and effort it takes to go through complex legal documents and contribute to the growth of DNS business.

The existing accreditation process for registrars requires applicants to procure US$70,000 or more for the ICANN accreditation to become effective. The applicants are also required to obtain and maintain for the length of accreditation process, a commercial general liability insurance with a policy limit of US$500,000 or more. The working capital and the insurance are quite high and create a barrier to entrance of underserved regions in the DNS ecosystem.

With lack of appropriate mechanisms registrars resort to using US companies for insurance, creating more foreign currency pressures on themselves. The commercial general liability insurance requirement for the registrars is not limited to their functioning as a registrar perhaps not the most appropriate option. ICANN should, and must, increase efforts towards helping registrars find suitable insurance providers and scaling down the working capital. Solutions may lie in exploring variable fee structures adjusted against profits, and derived after considering factors such as cost of managing domain names and sub-domain names, expansion needs, ICANN obligations and services, financial capacities of LDCs and financial help pledged to disadvantaged groups or countries.

Presently, the start-up capital required is too high for developing countries, and this is reflected in the number of registries in these areas. Any efforts to improve the DNS ecosystem in underserved regions, must tackle this by scaling down the capital in proportion to the requirements of the region.

Another potential issue that ICANN should consider, is that users getting sub-domain names from local registrars located in their own country, are usually taxed on the transaction, however, online registration through US registrars spares users from paying taxes in their country.[7] This could create a reverse incentive for registering domain sub-names online from US registrars. ICANN should push forward on efforts to ensure that registrars are sustainable by providing incentives for registering in underserved regions and help towards maintain critical mass of the registrants. The Business Constituency (BC)—the voice of commercial Internet users within ICANN, could play a role in this and ICANN should endeavour to either, expand the BC function or create a separate constituency for the representation of  underserved regions.

---

[1] Internet Users and Population stats 2012. http://www.internetworldstats.com/stats2.htm

[2] Internet Users and Population stats 2012. http://www.internetworldstats.com/stats4.htm

[3] Times of India IAMAI Report. http://timesofindia.indiatimes.com/tech/tech-news/India-to-have-243-million-internet-users-by-June-2014-IAMAI/articleshow/29563698.cms

[4] Mar/07/2013 - Registrar Stakeholder Group Negotiating Team (Registrar NT) Statement Regarding ICANN RAA Negotiations.http://www.icannregistrars.org/calendar/announcements.php

[5] Kevin Murphy, Who runs the internet? An ICANN 49 primer. http://domainincite.com/16177-who-runs-the-internet-an-icann-49-primer

[6] Stephen Ryan, Governing Cyberspace: ICANN, a Controversial Internet Standards Body http://www.fed-soc.org/publications/detail/governing-cyberspace-icann-a-controversial-internet-standards-body

[7] Open Root-Financing LDCs in the WSIS process. See: http://www.open-root.eu/about-open-root/news/financing-ldcs-in-the-wsis-process

The Law Enforcement Disclosure Report, a section of a larger annual Sustainability Report began by asserting that Vodafone "customers have a right to privacy which is enshrined in international human rights law and standards and enacted through national laws."

However, the report continues, Vodafone is incapable of fully protecting its customers right to privacy, because it is bound by the laws in the various countries in which it operates. "If we do not comply with a lawful demand for assistance, governments can remove our license to operate, preventing us from providing services to our customers," The report goes into detail about the laws in each of the 29 nations where the company operates.

Vodafone’s report is one of the first published by a multinational service provider. Compiling such a report was especially difficult, according to the report, for a few reasons. Because no comparable report had been published before, Vodafone had to figure out for themselves, the “complex task” of what information they could legally publish in each country. This difficulty was compounded by the fact that Vodafone operates physical infrastructure and thus sets up a business in each of the countries where it provides services. This means that Vodafone is subject to the laws and operating licenses of each nation where it operates, unlike as a search engine such as Google, which can provide services across international borders but still be subject to United States law – where it is incorporated.

The report is an important step forward for consumer privacy. First, the Report shows that the company is aware of the conflict of interest between government authorities and its customers, and the pivotal position that the company can play in honoring the privacy of its users by providing information regarding the same in all cases where it legally can. Additionally, providing the user insight into challenges that the company faces when addressing and responding to law enforcement requests, the Report provides a brief overview of the legal qualifications that must be met in each country to access customer data. Also, Vodafone’s report has encouraged other telecom companies to disclose similar information to the public. For instance, Deutsche Telekom AG, a large European and American telecommunications company, said Vodafone’s report had led it consider releasing a report of it’s own.

Direct Government Access

The report revealed that six countries had constructed secret wires or “pipes” which allowed them access to customers’ private data. This means that the governments of these six countries have immediate access to Vodafone’s network without any due process, oversight, or accountability for these opaque practices. Essentially, the report reveals, in order to operate in one of these jurisdictions, a communications company must ensure  that authorities have, real time and direct access to all personal customer data at any time, without any specific justification. The report does not name these six nations for legal reasons.

"These pipes exist, the direct access model exists,” Vodafone's group privacy officer, Stephen Deadman, told the Guardian. “We are making a call to end direct access as a means of government agencies obtaining people's communication data. Without an official warrant, there is no external visibility. If we receive a demand we can push back against the agency. The fact that a government has to issue a piece of paper is an important constraint on how powers are used."

Data Organization

Vodafone’s Report lists the aggregate number of content requests they received in each country where it operates, and groups these requests into two major categories. The first is Lawful Interceptions, which is when the government directly listens in or reads the content of a communication. In the past, this type of action has been called wiretapping, but now includes reading the content of text messages, emails, and other communications.

The second data point Vodafone provides for each country is the number of Communications Data requests they receive from each country. These are requests for the metadata associated with customer communications, such as the numbers they have been texting and the time stamps on all of their texts and calls.

It is worth noting that all of the numbers Vodafone reports are warrant statistics rather than target statistics. Vodafone, according to the report, has chosen to include the number of times a government sent a request to Vodafone to "intrude into the private affairs of its citizens, not the extent to which those warranted activities then range across an ever-expanding multiplicity of devices, accounts and apps."

Data Construction

However, in many cases, laws in the various companies in which Vodafone operates prohibit Vodafone from publishing all or part of the aforementioned data. In fact, this is the rule rather than the exception. The majority of countries, including India, prohibit Vodafone from releasing the number of data requests they receive. Other countries publish the numbers themselves, so Vodafone has chosen not to reprint their statistics either. This is because Vodafone wants to encourage governments to take responsibility for informing their citizens of the statistics themselves.

The report also makes note of the process Vodafone went through to determine the legality of publishing these statistics. It was not always straightforward. For example, in Germany, when Vodafone’s legal team went to examine the legislation governing whether or not they could publish statistics on government data requests, they concluded that the laws were unclear, and asked German authorities for advice on how to proceed. They were informed that publishing any such statistics would be illegal, so they did not include any German numbers in their report. However, since that time, other local carriers have released similar statistics, and thus the situation remains unresolved.

Other companies have also recently released reports. Twitter, a microblogging website, Facebook, a social networking website, and Google a search engine with social network capabilities have all released comparable reports, but their reports differ from Vodafone’s in a number of ways. While Twitter, Google, and Facebook all specified the percent of requests granted, Vodafone released no similar statistics. However, Vodafone prepared discussions of the various legal constraints that each country imposed on telecom companies, giving readers an understanding of what was required in each country for authorities to access their data, a component that was left out of other recent reports. Once again, Vodafone’s report differed from those of Google Facebook and Twitter because while Vodafone opens businesses in each of the countries where it operates and is subject to their laws, Google, Facebook, and Twitter are all Internet companies and so are only governed by United States law.

Google disclosed that it received 27,427 requests over a six-month period ending in December, 2013, and also noted that the number of requests has increased consistently each six-month period since data began being compiled in 2009, when fewer than half as many requests were being made. On the other hand Google said that the percentage of requests it complied with (64% over the most recent period) had declined significantly since 2010, when it complied with 76% of requests.

Google went into less detail when explaining the process non-American authorities had to go through to access data, but did note that a Mutual Legal Assistance Treaty was the primary way governments outside of the United States could force the release of user data. Such a treaty is an agreement between the United States and another government to help each other with legal proceedings. However, the report indicated that Google might disclose user information in situations when they were not legally compelled to, and did not go into detail about how or when it did that. Thus, given the difficulty of obtaining a Mutual Legal Assistance Treaty in addition to local warrants or subpoenas, it seems likely that Google complies with many more non-American data requests than it was legally forced to.

Facebook has only released two such reports so far, for the two six month periods in 2013, but they too indicated an increasing number of requests, from roughly 26,000 to 28,147. Facebook plans to continue issuing reports every six months.

Twitter has also seen an increase of 22% in government requests between this and the previous reporting period, six months ago. Twitter attributes this increase in requests to an increase in users internationally, and it does seem that the website has a similarly growing user base, according to charts released by Twitter. It is worth noting that while large nations such as the United States and India are responsible for the majority of government requests, smaller nations such as Bulgaria and Ecuador also order telecom and Internet companies to turn over data.

Vodaphone’s Statistics

Though Vodafone’s report didn’t print statistics for the majority of the countries the report covered, looking at the few numbers they did publish can shed some light on the behavior of governments in countries where publishing such statistics is illegal.  For the countries where Vodafone does release data, the numbers of government requests for Vodafone data were much higher than for Google data. For instance, Italy requested Vodafone data 605,601 times, while requesting Google data only 896 times. This suggests that other countries such as India could be looking at many more customers’ data through telecom companies like Vodafone than Internet companies like Google.

Vodafone stressed that they were not the only telecom company that was being forced to share customers’ data, sometimes without warrants. In fact, such access was the norm in countries where authorities demanded it.

India and the Reports

India is one of the most proliferate requesters of data, second only to the United States in number of requests for data from Facebook and fourth after the United States, France and Germany in number of requests for data from Google. In the most recent six-month period, India requested data from Google 2,513 times, Facebook 3,598 times, and Twitter 19 times. The percentage of requests granted varies widely from country. For example, while Facebook complies with 79% of United States authorities’ requests, it only grants 50% of India’s requests. Google responds to 83% of US requests but only 66% of India’s.

Facebook also provides data on the number of content restrictions each country requests. A content restriction request is where an authority asks Facebook to take down a particular status, photo, video, or other web content and no longer display it on their site. India, with 4,765 requests, is the country that most often asks Facebook to remove content.

While Vodafone’s report publishes no statistics on Indian data requests, because such disclosure would be illegal, it does discuss the legal considerations they are faced with. In India, the report explains, several laws govern Internet communications. The Information Technology Act (ITA) of 2000 is the parent legislation governing information technology in India. The ITA allows certain members of Indian national or state governments order an interception of a phone call or other communication in real time, for a number of reasons. According to the report, an interception can be ordered “if the official in question believes that it is necessary to do so in the: (a) interest of sovereignty and integrity of India; (b) the security of the State; (c) friendly relations with foreign states; (d) public order; or (e) the prevention of incitement of offences.” In short, it is fairly easy for a high-ranking official to order a wiretapping in India.

The report goes on to detail Indian authorities’ abilities to request other customer data beyond a lawful interception. The Code of Criminal Procedure allows a court or police officer to ask Vodafone and other telecom companies to produce “any document or other thing” that the officer believes is necessary for any investigation. The ITA extends this ability to any information stored in any computer, and requires service providers to extend their full assistance to the government. Thus, it is not only legally simple to order a wiretapping in India; it is also very easy for authorities to obtain customer web or communication data at any time.

It is clear that Indian laws governing communication have very little protections in place for consumer privacy. However, many in India hope to change this reality. The Group of Experts chaired by Justice AP Shah, the Department of Personnel and Training, along with other concerned groups have been working towards the  drafting of a privacy legislation for India. According to the Report of the Group of Experts on Privacy, the legislation would fix the 50 or so privacy laws in India that are outdated and unable to protect citizen’s privacy when they use modern technology.

On the other hand, the Indian government is moving forward with a number of plans to further infringe the privacy of civilians. For example, the Central Monitoring System, a clandestine electronic surveillance program, gives India’s security agencies and income tax officials direct access to communications data in the country. The program began in 2007 and was announced publicly in 2009 to little fanfare and muted public debate. The system became operational in 2013.

Conclusion

Vodafone’s report indicates that it is concerned about protecting its customer’s privacy, and Vodafone’s disclosure report is an important step forward for consumer web and communication privacy. The report stresses that company practice and government policy need to come together to protect citizen’s privacy and –businesses cannot do it alone. However, the report reveals what companies can do to effect privacy reform. By challenging authorities abilities to access customer data, as well as publishing information about these powers, they bring the issue to the government’s attention and open it up to public debate. Through Vodafone’s report, the public can see why their governments are making surveillance decisions. Yet, in India, there is still little adoption of transparent business practices such as these. Perhaps if more companies were transparent about the level of government surveillance their customers were being subjected to, their practices and policies for responding to requests from law enforcement, and the laws and regulations that they are subject to - the public would press the government for stronger privacy safeguards and protections.

The 26th session of the United Nations Human Rights Council (UNHRC) is currently ongoing (June 10-27, 2014). On June 19, 2014, 63 civil society groups joined together to urge the United Nations Human Rights Council to protect human rights online and address global challenged to their realization. Centre for Internet & Society joined in support of the statement ("the Civil Society Statement"), which was delivered by Article 19 on behalf of the 63 groups.

In its consensus resolution A/HRC/20/8 (2012), the UNHRC affirmed that the "same rights that people have offline must also be protected online, in particular freedom of expression, which is applicable regardless of frontiers and through any media of one’s choice". India, a current member of the UNHRC, stood in support of resolution 20/8. The protection of human rights online was also a matter of popular agreement at NETmundial 2014, which similarly emphasised the importance of protecting human rights online in accordance with international human rights obligations. Moreover, the WSIS+10 High Level Event, organised by the ITU in collaboration with other UN entities, emphasized the criticality of expanding access to ICTs across the globe, including infrastructure, affordability and reach.

The Civil Society Statement at HRC26 highlights the importance of retaining the Internet as a global resource - a democratic, free and pluralistic platform. However, the recent record of freedom of expression and privacy online have resulted in a deficit of trust and free, democratic participation. Turkey, Malaysia, Thailand, Egypt and Pakistan have blocked web-pages and social media content, while Edward Snowden's revelations have heightened awareness of human rights violations on the Internet.

At a time when governance of the Internet and its institutions is evolving, a human rights centred perspective is crucial. Openness and transparency - both in the governance of Internet institutions and rights online - are crucial to continuing growth of the Internet as a global, democratic and free resource, where freedom of expression, privacy and other rights are respected regardless of location or nationality. In particular, the Civil Society Statement calls attention to principles of necessity and proportionality to regulate targeted interception and collection of personal data.

The UNHRC, comprising 47 member states, is called upon to address these global challenges. Guided by resolutions A/HRC/20/8 and A/RES/68/167, the WSIS+10 High Level Event Outcome Documents (especially operative paragraphs 2, 8 and 11 of the Vision Document) and the forthcoming report of the UN High Commissioner for Human Rights regarding privacy in the digital age, the UNHRC as well as other states may gather the opportunity and intention to put forth a strong case for human rights online in our post-2015 development-centred world.

Civil Society Statement:

The full oral statement can be accessed here.

In the previous post, we discussed Vincent Blasi’s pathological perspective on free speech. The argument forms part of a broader conception that Blasi calls the “checking value of the First Amendment”. Blasi argues that the most important role of free speech is to “check” government abuses and reveal to the public information that government wants to keep secret from them. Naturally, in this model – which is a specific application of the democracy-centred theory of free speech – the press and the media become the most important organs of a system of free expression.

In addition to the checking value of free speech, there is another consideration that is now acknowledged by Courts in most jurisdictions, including our Supreme Court. When we speak about the “right” to free speech, we do not just mean – as might seem at first glance – the right of speakers to speak unhindered. We also mean the rights of listeners and hearers to receive information. A classic example is the Indian Supreme Court’s opinion in LIC v. Manubhai D. Shah, which used Article 19(1)(a) to vest a right-of-reply in a person who had been criticised in a newspaper editorial, on the ground of providing a balanced account to readers. Furthermore, instruments like the ICCPR and the ECHR make this clear in the text of the free speech right as well. For instance, Article 19 of the ICCPR states that “everyone shall have the right to freedom of expression; this right shall include freedom to seek, receive and impart information and ideas of all kinds.”

In addition to the individual right to receive information and ideas, free speech need not be understood exclusively in the language of a right at all. Free speech also serves as a public good – that is to say, a society with a thriving system of free expression is, all things considered, better off than a society without it. The unique value that free speech serves, as a public good, is in creating an atmosphere of accountability and openness that goes to the heart of the constitutive ideals of modern liberal democracies. As Justice Hugo Black noted, a good system of free speech “rests on the assumption that the widest possible dissemination of information from diverse and antagonistic sources is essential to the welfare of the public.” Unsurprisingly, he went on to add immediately after, that “a free press is a condition of a free society.”

If free speech is about the right to receive information, and about the public good of a society in which information circulates freely and widely, then the vehicles of information occupy a central position in any theory or doctrine about the scope of the constitutional right. In our societies, the press is perhaps the most important of those vehicles.

Establishing the crucial role of the free press in free speech theory is important to understand a crucial issue that has largely gone unaddressed in Indian constitutional and statutory law: that of source-protection laws for journalists. A source-protection law exempts journalists from having to compulsorily reveal their sources when ordered to do so by government or by courts. Such exemptions form part of ordinary Indian statutory law: under the Indian Evidence Act, for example, communications between spouses are “privileged” – that is, inadmissible as evidence in Court.

The question came up before the US Supreme Court in Branzburg v. Hayes. In a 5-4 split, the majority ruled against an unqualified reporters’ privilege, that could be invoked in all circumstances. However, all the justices understood the importance of the issue. Justice White, writing for the majority, held that government must  “convincingly show a substantial relation between the information sought and a subject of overriding and compelling state interest.” Justice Powell’s concurring opinion emphasised that the balance must be struck on a case-to-case basis. Since Branzburg, there has been no federal legislation dealing with source protection. A number of states have, however, passed “shield laws”, albeit with broad national security exceptions.

Perhaps the reason for the American Supreme Court’s reticence lies in its reluctance – notwithstanding Justice Black’s ringing oratory – to place journalists on any kind of special pedestal above the rest of the public. The European Court of Human Rights, however, has felt no such compunctions. In Goodwin v. UK, the ECHR made it clear that the press serves a crucial function as a “public watchdog” (a consistent theme in the ECHR’s jurisprudence). Compelled disclosure of sources would definitely have a chilling effect on the functioning of the press, since sources would be hesitant to speak – and journalists would be reluctant to jeopardise their sources – if it was easy to get a court order requiring disclosure. Consequently, the ECHR – which is normally hesitant to intervene in domestic matters, and accords a wide margin of appreciation to states, found the UK to be in violation of the Convention. Journalists could only be compelled to reveal their sources if there was an “overriding requirement in the public interest.”

Where both the United States and Europe have recognised the importance of source-protection, and the simple fact that some degree of source protection is essential if the press is to perform its checking – or watchdog – function effectively, Indian jurisprudence on the issue is negligible. The Law Commission has twice proposed some manner of a shield law, but no concrete action has been taken upon its recommendations.

In the absence of any law, Article 19(1)(a) could play a direct role in the matter. As argued at the beginning of this post, the Supreme Court has accepted the democracy-based justification for free speech, as well as the individual right to receive information. Both these arguments necessarily make the role of the press crucial, and the role of the press is dependant on maintaining the confidentiality of sources. Thus, there ought to be an Article 19(1)(a) right that journalists can invoke against compelled disclosure. If this is so, then any disclosure can only be required through law; and the law, in turn, must be a reasonable restriction in the interests of public order, which – in turn, has normally been given a narrow interpretation by the Supreme Court in cases such as Ram Manohar Lohia.

It is unclear, however, whether the Courts will be sympathetic. As this article points out, while the Supreme Court has yet to rule on this issue, various High Courts have ordered disclosure, seemingly without much concern for the free speech implications. One thing is evident though: either a strong shield law, or a definitive Supreme Court ruling, is required to fill the current vacuum that exists.

The World Summit on Information Society (WSIS) +10 High Level Event (HLE) was hosted at the ITU Headquarters in Geneva, from June 9-13, 2014. The HLE aimed to review the implementation and progress made on information and communication technology (ICT) across the globe, in light of WSIS outcomes (Geneva 2003 and Tunis 2005). Organised in three parallel tracks, the HLE sought to take stock of progress in ICTs in the last decade (High Level track), initiate High Level Dialogues to formulate the post-2015 development agenda, as well as host thematic workshops for participants (Forum track).

The High Level Track:

Opening Ceremony, WSIS+10 High Level Event (Source)

The High Level track opened officially on June 10, 2014, and culminated with the endorsement by acclamation (as is ITU tradition) of two Outcome Documents. These were: (1) WSIS+10 Statement on the Implementation of WSIS Outcomes, taking stock of ICT developments since the WSIS summits, (2) WSIS+10 Vision for WSIS Beyond 2015, aiming to develop a vision for the post-2015 global information society. These documents were the result of the WSIS+10 Multi-stakeholder Preparatory Platform (MPP), which involved WSIS stakeholders (governments, private sector, civil society, international organizations and relevant regional organizations).

The MPP met in six phases, convened as an open, inclusive consultation among WSIS stakeholders. It was not without its misadventures. While ITU Secretary General Dr. Hamadoun I. Touré consistently lauded the multi-stakeholder process, and Ambassador Janis Karklins urged all parties, especially governments, to “let the UN General Assembly know that the multi-stakeholder model works for Internet governance at all levels”, participants in the process shared stories of discomfort, disagreement and discord amongst stakeholders on various IG issues, not least human rights on the Internet, surveillance and privacy, and multi-stakeholderism. Richard Hill of the Association for Proper Internet Governance (APIG) and the Just Net Coalition writes that like NETmundial, the MPP was rich in a diversity of views and knowledge exchange, but stakeholders failed to reach consensus on crucial issues. Indeed, Prof. Vlamidir Minkin, Chairman of the MPP, expressed his dismay at the lack of consensus over action line C9. A compromise was agreed upon in relation to C9 later.

Some members of civil society expressed their satisfaction with the extensive references to human rights and rights-centred development in the Outcome Documents. While governmental opposition was seen as frustrating, they felt that the MPP had sought and achieved a common understanding, a sentiment echoed by the ITU Secretary General. Indeed, even Iran, a state that had expressed major reservations during the MPP and felt itself unable to agree with the text, agreed that the MPP had worked hard to draft a document beneficial to all.

Concerns around the MPP did not affect the review of ICT developments over the last decade. High Level Panels with Ministers of ICT from states such as Uganda, Bangladesh, Sweden, Nigeria, Saudi Arabia and others, heads of the UN Development Programme, UNCTAD, Food and Agriculture Organisation, UN-WOMEN and others spoke at length of rapid advances in ICTs. The focus was largely on ICT access and affordability in developing states. John E. Davies of Intel repeatedly drew attention to innovative uses of ICTs in Africa and Asia, which have helped bridge divides of affordability, gender, education and capacity-building. Public-private partnerships were the best solution, he said, to affordability and access. At a ceremony evaluating implementation of WSIS action-lines, the Centre for Development of Advanced Computing (C-DAC), India, won an award for its e-health application MOTHER.

The Outcome Documents themselves shall be analysed in a separate post. But in sum, the dialogue around Internet governance at the HLE centred around the success of the MPP. Most participants on panels and in the audience felt this was a crucial achievement within the realm of the UN, where the Tunis Summit had delineated strict roles for stakeholders in paragraph 35 of the Tunis Agenda. Indeed, there was palpable relief in Conference Room 1 at the CICG, Geneva, when on June 11, Dr. Touré announced that the Outcome Documents would be adopted without a vote, in keeping with ITU tradition, even if consensus was achieved by compromise.

The High Level Dialogues:

Prof. Vladimir Minkin delivers a statement. (Source)

The High Level Dialogues on developing a post-2015 Development Agenda, based on WSIS action lines, were active on June 12. Introducing the Dialogue, Dr. Touré lamented the Millennium Development Goals as a “lost opportunity”, emphasizing the need to alert the UN General Assembly and its committees as to the importance of ICTs for development.

As on previous panels, there was intense focus on access, affordability and reach in developing countries, with Rwanda and Bangladesh expounding upon their successes in implementing ICT innovations domestically. The world is more connected than it was in 2005, and the ITU in 2014 is no longer what it was in 2003, said speakers. But we lack data on ICT deployment across the globe, said Minister Knutssen of Sweden, recalling the gathering to the need to engage all stakeholders in this task. Speakers on multiple panels, including the Rwandan Minister for CIT, Marilyn Cade of ICANN and Petra Lantz of the UNDP, emphasized the need for ‘smart engagement’ and capacity-building for ICT development and deployment.

A crucial session on cybersecurity saw Dr. Touré envision a global peace treaty accommodating multiple stakeholders. On the panel were Minister Omobola Johnson of Nigeria, Prof. Udo Helmbrecht of the European Union Agency for Network and Information Security (ENISA), Prof. A.A. Wahab of Cybersecurity Malaysia and Simon Muller of Facebook. The focus was primarily on building laws and regulations for secure communication and business, while child protection was equally considered.

The lack of laws/regulations for cybersecurity (child pornography and jurisdictional issues, for instance), or other legal protections (privacy, data protection, freedom of speech) in rapidly connecting developing states was noted. But the question of cross-border surveillance and wanton violations of privacy went unaddressed except for the customary, unavoidable mention. This was expected. Debates in Internet governance have, in the past year, been silently and invisibly driven by the Snowden revelations. So too, at WSIS+10 Cybersecurity, speakers emphasized open data, information exchange, data ownership and control (the right to be forgotten), but did not openly address surveillance. Indeed, Simon Muller of Facebook called upon governments to publish their own transparency reports: A laudable suggestion, even accounting for Facebook’s own undetailed and truncated reports.

In a nutshell, the post-2015 Development Agenda dialogues repeatedly emphasized the importance of ICTs in global connectivity, and their impact on GDP growth and socio-cultural change and progress. The focus was on taking this message to the UN General Assembly, engaging all stakeholders and creating an achievable set of action lines post-2015.

The Forum Track:

Participants at the UNESCO session on its Comprehensive Study on Internet-related Issues (Source)

The HLE was organized as an extended version of the WSIS Forum, which hosts thematic workshops and networking opportunities, much like any other conference. Running in parallel sessions over 5 days, the WSIS Forum hosted sessions by the ITU, UNESCO, UNDP, ICANN, ISOC, APIG, etc., on issues as diverse as the WSIS Action Lines, the future of Internet governance, the successes and failures of WCIT-2012, UNESCO’s Comprehensive Study on Internet-related Issues, spam and a taxonomy of Internet governance.

Detailed explanation of each session I attended is beyond the scope of this report, so I will limit myself to the interesting issues raised.

At ICANN’s session on its own future (June 9), Ms. Marilyn Cade emphasized the importance of national and regional IGFs for both issue-awareness and capacity-building. Mr. Nigel Hickson spoke of engagement at multiple Internet governance fora: “Internet governance is not shaped by individual events”. In light of criticism of ICANN’s apparent monopoly over IANA stewardship transition, this has been ICANN’s continual response (often repeated at the HLE itself). Also widely discussed was the role of stakeholders in Internet governance, given the delineation of roles and responsibilities in the Tunis Agenda, and governments’ preference for policy-monopoly (At WSIS+10, Indian Ambassador Dilip Sinha seemed wistful that multilateralism is a “distant dream”).

This discussion bore greater fruit in a session on Internet governance ‘taxonomy’. The session saw Mr. George Sadowsky, Dr. Jovan Kurbalija, Mr. William Drake and Mr. Eliot Lear (there is surprisingly no official profile-page on Mr. Lear) expound on dense structures of Internet governance, involving multiple methods of classification of Internet infrastructure, CIRs, public policy issues, etc. across a spectrum of ‘baskets’ – socio-cultural, economic, legal, technical. Such studies, though each attempting clarity in Internet governance studies, indicate that the closer you get to IG, the more diverse and interconnected the eco-system gets. David Souter’s diagrams almost capture the flux of dynamic debate in this area (please see pages 9 and 22 of this ISOC study).

There were, for most part, insightful interventions from session participants. Mr. Sadowsky questioned the effectiveness of the Tunis Agenda delineation of stakeholder-roles, while Mr. Lear pleaded that techies be let to do their jobs without interference. Ms. Anja Kovacs raised pertinent concerns about including voiceless minorities in a ‘rough consensus’ model. Across sessions, questions of mass surveillance, privacy and data ownership rose from participants. The protection of human rights on the Internet – especially freedom of expression and privacy – made continual appearance, across issues like spam (Question 22-1/1 of ITU-D Study Group 1) and cybersecurity.

Conclusion:

The HLE was widely attended by participants across WSIS stakeholder-groups. At the event, a great many relevant questions such as the future of ICTs, inclusions in the post-2015 Development Agenda, the value of muti-stakeholder models, and human rights such as free speech and privacy were raised across the board. Not only were these raised, but cognizance was taken of them by Ministers, members of the ITU and other collaborative UN bodies, private sector entities such as ICANN, technical community such as the ISOC and IETF, as well as (obviously) civil society.

Substantively, the HLE did not address mass surveillance and privacy, nor of expanding roles of WSIS stakeholders and beyond. Processually, the MPP failed to reach consensus on several issues comfortably, and a compromise had to be brokered.

But perhaps a big change at the HLE was the positive attitude to multi-stakeholder models from many quarters, not least the ITU Secretary General Dr. Hamadoun Touré. His repeated calls for acceptance of multi-stakeholderism left many members of civil society surprised and tentatively pleased. Going forward, it will be interesting to track the ITU and the rest of UN’s (and of course, member states’) stances on multi-stakeholderism at the ITU Plenipot, the WSIS+10 Review and the UN General Assembly session, at the least.

NTIA Announcement and ICANN-convened Processes:

On 14 March 2014, the National Telecommunications and Information Administration (NTIA) of the US Government announced “its intent to transition key Internet domain name functions to the global multistakeholder community”. These key Internet domain name functions refer to the Internet Assigned Numbers Authority (IANA) functions. For this purpose, the NTIA asked the Internet Corporation for Assigned Names and Numbers (ICANN) to “convene global stakeholders to develop a proposal to transition the current role played by NTIA in the coordination of the Internet’s domain name system (DNS)”. This was welcome news for the global Internet community, which has been criticising unilateral US Government oversight of Critical Internet Resources for many years now. NTIA further announced that IANA transition proposal must have broad community support and should address the following four principles:

• Support and enhance the multistakeholder model;
• Maintain the security, stability, and resiliency of the Internet DNS;
• Meet the needs and expectation of the global customers and partners of the IANA services; and
• Maintain the openness of the Internet.

Subsequently, during ICANN49 in Singapore (March 23-27, 2014), ICANN held flurried discussions to gather initial community feedback from participants to come up with a Draft Proposal of the Principles, Mechanisms and Process to Develop a Proposal to Transition NTIA’s Stewardship of the IANA Functions on 8 April 2014, which was open to public comments until 8 May 2014, which was further extended to 31 May 2014. Responses by various stakeholders were collected in this very short period and some of them were incorporated into a Revised Proposal issued by ICANN on 6th June 2014. ICANN also unilaterally issued a Scoping Document defining the scope of the process for developing the proposal and also specifying what was not part of the scope. This Scoping Document came under severe criticism by various commentators, but was not amended.

ICANN also initiated a separate but parallel process to discuss enhancement of its accountability on 6 May 2014. This was launched upon widespread distress over the fact that ICANN had excluded its role as operator of IANA functions from the Scoping Document, as well as over questions of accountability raised by the community at ICANN49 in Singapore. In the absence of ICANN’s contractual relationship with NTIA to operate the IANA functions, it remains unclear how ICANN will stay accountable upon the transition. The accountability process looks to address the same through the ICANN community. The issue of ICANN accountability is then envisioned to be coordination within ICANN itself through an ICANN Accountability Working Group comprised of community members and a few subject matter experts.

What are the IANA Functions?

Internet Assigned Numbers Authority, or IANA functions consist of three separate tasks:

1. Maintaining a central repository for protocol name and number registries used in many Internet protocols.
2. Co-ordinating the allocation of Internet Protocol (IP) and Autonomous System (AS) numbers to the Regional Internet Registries, who then distribute IP and AS numbers to ISPs and others within their geographic regions.
3. Processing root zone change requests for Top Level Domains (TLDs) and making the Root Zone WHOIS database consisting of publicly available information for all TLD registry operators.

The first two of the abovementioned functions are operated by ICANN in consonance with policy developed at the Internet Engineering Task Force (IETF) and Address Supporting Organisation (ASO) respectively, both of which exist under the ICANN umbrella.

The performance of last of these functions is distributed between ICANN and Verisign. NTIA has a Cooperative Agreement with Verisign to perform the related root zone management functions. The related root zone management functions are the management of the root zone “zone signing key” (ZSK), as well as implementation of changes to and distribution of the DNS authoritative root zone file, which is the authoritative registry containing the lists of names and addresses for all top level domains.

Currently, the US Government oversees this entire set of operations by contracting with ICANN as well as Verisign to execute the IANA functions. Though the US Government does not interfere generally in operations of either ICANN or Verisign in their role as operators of IANA functions, it cannot be denied that it exercises oversight on both the operators of IANA functions, through these contracts.

Import of the NTIA Announcement:

The NTIA announcement of 14th March intends to initiate the withdrawal of such oversight of IANA functions by the NTIA in order to move towards global multistakeholder governance. NTIA has asked ICANN to initiate a process to decide upon what such global multistakeholder governance of IANA functions may look like. The following diagram presents the current governance structure of IANA functions and the areas that the NTIA announcement seeks to change:

The IANA Oversight Mechanism (Source)

What does the NTIA Announcement NOT DO?

The NTIA announcement DOES NOT frame a model for governance of IANA functions once it withdraws its oversight role.  NTIA has asked ICANN to convene a process, which would figure the details of IANA transition and propose an administrative structure for IANA functions once the NTIA withdraws its oversight role. But what this new administrative structure would look like has not itself been addressed in the NTIA announcement. As per the NTIA announcement, the new administrative structure is yet to be decided by a global multistakeholder community in accordance with the four principles outlined by the NTIA through a process, which ICANN shall convene.

The NTIA announcement DOES NOT limit discussions and participation in IANA transition process to within the ICANN community. NTIA has asked ICANN to convene “global stakeholders to develop a proposal to transition” IANA functions. This means all global stakeholders participation, including that of Governments and Civil Society is sought for the IANA transition process. ICANN has been asked “to work collaboratively with the directly affected parties, including the Internet Engineering Task Force (IETF), the Internet Architecture Board (IAB), the Internet Society (ISOC), the Regional Internet Registries (RIRs), top level domain name operators, VeriSign, and other interested global stakeholders”, in the NTIA announcement. This however does not signify that discussions and participation in development of proposal for IANA transition needs to be limited to the ICANN community or the technical community.  In fact, ICANN has itself said that the list of events provided as “Timeline of Events” in its Draft Proposal of 8 April 2014 for engagement in development of a proposal for IANA transition is non-exhaustive. This means proposal for IANA transition can be developed by different stakeholders, including governments and civil society in different fora appropriate to their working, including at the IGF and WSIS+10.

The NTIA announcement DOES NOT mean devolution of IANA functions administration upon ICANN. NTIA chooses ICANN and Verisign to operate the IANA functions. If NTIA withdraws from its role, the question whether ICANN or Verisign should operate the IANA functions at all becomes an open one, and should be subject to deliberation. By merely asking ICANN to convene the process, the NTIA announcement in no way assigns any administration of IANA functions to ICANN. It must be remembered that the NTIA announcement says that key Internet domain name functions shall transition to the global multistakeholder community, and not the ICANN community.

The NTIA announcement DOES NOT prevent the possibility of removal of ICANN from its role as operator of IANA functions. While ICANN has tried to frame the Scoping Document in a language to prevent any discussions on its role as operator of IANA functions, the question whether ICANN should continue in its operator role remains an open one. There are at least 12 submissions made in response to ICANN’s Draft Proposal by varied stakeholders, which in fact, call for the separation of ICANN’s role as policy maker (through IETF, ASO, gNSO, ccNSO), and ICANN’s role as the operator of IANA functions.  Such calls for separation come from private sector, civil society, as well as the technical community, among others. Such separation was also endorsed in the final NETmundial outcome document (paragraph 27). Governments have, in general, expressed no opinion on such separation in response to ICANN’s Draft Proposal. It is however urged that governments express their opinion in favour of such separation to prevent consolidation of both policy making and implementation within ICANN, which would lead to increased potential situations for the ICANN Board to abuse its powers.

---

Smarika Kumar is a graduate of the National Law Institute University, Bhopal, and a member of the Alternative Law Forum, a collective of lawyers aiming to integrate alternative lawyering with critical research, alternative dispute resolution, pedagogic interventions and sustained legal interventions in social issues. Her areas of interest include interdisciplinary research on the Internet, issues affecting indigenous peoples, eminent domain, traditional knowledge and pedagogy.

Short Introduction:

In March 2014, the National Telecommunications and Information Administration (NTIA) announced its intention to transition key Internet domain name functions to the global multi-stakeholder community. Currently, the NTIA oversees coordination and implementation of IANA functions through contractual arrangements with ICANN and Verisign, Inc.

The NTIA will not accept a government-led or inter-governmental organization to steward IANA functions. It requires the IANA transition proposal to have broad community support, and to be in line with the following principles: (1) support and enhance the multi-stakeholder model; (2) maintain the security, stability, and resiliency of the Internet DNS; (3) meet the needs and expectation of the global customers & partners of IANA services; (4) maintain the openness of the Internet.

ICANN was charged with developing a proposal for IANA transition. It initiated a call for public input in April 2014. Lamentably, the scoping document for the transition did not include questions of ICANN’s own accountability and interests in IANA stewardship, including whether it should continue to coordinate the IANA functions. Public Input received in May 2014 revolved around the composition of a Coordination Group, which would oversee IANA transition. Now, ICANN will hold an open session on June 26, 2014 at ICANN-50 to gather community feedback on issues relating to IANA transition, including composition of the Coordination Group.

CIS Policy Brief:

CIS' Brief on IANA Transition Fundamentals explains the process further, and throws light on the Indian government's views. To read the brief, please go here.

Suggestions for Process Design

As convenor of the IANA stewardship transition, ICANN has sought public comments on issues relating to the transition process. We suggest certain principles for open, inclusive and transparent process-design:

Short Introduction:

In March 2014, the US government through National Telecommunications and Information Administration (NTIA) announced its intention to transition key Internet domain name functions (IANA) to the global multi-stakeholder community. The NTIA announcement states that it will not accept a government-led or intergovernmental organization solution to replace its own oversight of IANA functions. The Internet Corporation for Assigned Names and Numbers (ICANN) was charged with developing a Proposal for the transition.

At ICANN-49 in Singapore (March 2014), ICANN rapidly gathered inputs from its community to develop a draft proposal for IANA transition. It then issued a call for public input on the Draft Proposal in April 2014. Some responses were incorporated to create a Revised Proposal, published on June 6, 2014.

Responses had called for transparent composition of an IANA transition Coordination Group, a group comprising representatives of ICANN’s Advisory Committees and Supporting Organizations, as well as Internet governance organizations such as the IAB, IETF and ISOC. Also, ICANN was asked to have a neutral, facilitative role in IANA transition. This is because, as the current IANA functions operator, it has a vested interest in the transition. Tellingly, ICANN’s scoping document for IANA transition did not include questions of its own role as IANA functions operator.

ICANN is currently deliberating the process to develop a Proposal for IANA transition. At ICANN-50, ICANN will hold a governmental high-level meeting and a public discussion on IANA transition, where comments and concerns can be voiced. In addition, discussion in other Internet governance fora is encouraged.

CIS Policy Brief:

Introduction:

On 14 March 2014, the NTIA of the US Government announced its intention to transition key internet domain name functions to the global multistakeholder community. These key internet domain name functions comprise functions executed by Internet Assigned Numbers Authority (IANA), which is currently contracted to ICANN by the US government. The US Government delineated that the IANA transition proposal must have broad community support and should address the following four principles:

1. Support and enhance the multistakeholder model;
2. Maintain the security, stability, and resiliency of the Internet DNS;
3. Meet the needs and expectation of the global customers and partners of the IANA services; and
4. Maintain the openness of the Internet.

Additionally, the US Government asked ICANN to convene a multistakeholder process to develop the transition plan for IANA. In April 2014, ICANN issued a Scoping Document for this process which outlined the scope of the process, as well as, what ICANN thinks, should not be a part of the process. In the spirit of ensuring broad community consensus, ICANN issued a Call for Public Input on the Draft Proposal of the Principles, Mechanisms and Process to Develop a Proposal to Transition NTIA’s Stewardship of IANA Functions on 8 April 2014, upon which the Government of India made its submission.

ICANN is currently deliberating the process for the development of a proposal for transition of IANA functions from the US Government to the global multistakeholder community, a step which would have implications for internet users all over the world, including India. The outcome of this process will be a proposal for IANA transition. The Scoping Document and process for development of the proposal are extremely limited and exclusionary, hurried, and works in ways which could potentially further ICANN’s own interests instead of global public interests. Accordingly, the Government of India is recommended take a stand on the following key points concerning the suggested process.

Submissions by the Government of India thus far, have however, failed to comment on the process being initiated by ICANN to develop a proposal for IANA transition. While the actual outcome of the process in form of a proposal for transition is an important issue for deliberation, we hold that it is of immediate importance that the Government of India, along with all governments of the world, pay particular attention to the way ICANN is conducting the process itself to develop the IANA transition proposal. The scrutiny of this process is of immense significance in order to ensure that democratic and representative principles sought by the GoI in internet governance are being upheld within the process of developing the IANA transition proposal. How the governance of the IANA functions will be structured will be an outcome of this process. Therefore if one expects a democratic, representative and transparent governance of IANA functions as the outcome, it is absolutely essential to ensure that the process itself is democratic, representative and transparent.

Issues and Recommendations:

Ensuring adequate representation and democracy of all stakeholders in the process for developing the proposal for IANA transition is essential to ensuring representative and democratic outcomes. Accordingly, one must take note of the following issues and recommendations concerning the process.

Open, inclusive deliberation by global stakeholders must define the Scope of the Process for developing proposal for IANA transition:

The current Scoping Document was issued by ICANN to outline the scope of the process by which the proposal for IANA transition would be deliberated. The Scoping Document was framed unilaterally by ICANN, without involvement of the global stakeholder community, and excluding all governments of the world including USA. Although this concern was voiced by a number of submissions to the Public Call by ICANN on the Draft Proposal, such concern was not reflected in ICANN’s Revised Proposal of 6 June 2014. It merely states that the Scoping Document outlines the “focus of this process.” Such a statement is not enough because the focus as well as the scope of the process needs to be decided in a democratic, unrepresentative and transparent manner by the global stakeholder community, including all governments.

This unilateral approach to outline which aspects of IANA transition should be allowed for discussion, and which aspects should not, itself defeats the multistakeholder principle which ICANN and the US government claim the process is based on. Additionally, global community consensus which the US Govt. hopes for the outcome of such process, cannot be conceivable when the scope of such process is decided in a unilateral and undemocratic manner. Accordingly, the current Scoping Document should be treated only as a draft, and should be made open to public comment and discussion by the global stakeholder community in order that the scope of the process reflects concerns of global stakeholders, and not just of the ICANN or the US Government.

Accountability of ICANN must be linked to IANA Transition within Scope of the Process:

ICANN Accountability must not run merely as a parallel process, since ICANN accountability has direct impact on IANA transition. The current Scoping Document states, “NTIA exercises no operational role in the performance of the IANA functions. Therefore, ICANN’s role as the operator of the IANA functions is not the focus of the transition: it is paramount to maintain the security, stability, and resiliency of the DNS, and uninterrupted service to the affected parties.” However this rationale to exclude ICANN’s role as operator of IANA from the scope of the process is not sound because NTIA does choose to appoint ICANN as the operator of IANA functions, thereby playing a vicarious operational role in the performance of IANA functions.

The explicit exclusion of ICANN’s role as operator of IANA functions from the scope of the process works to serve ICANN’s own interests by preventing discussions on those alternate models where ICANN does not play the operator role. Basically, this presumes that in absence of NTIA stewardship ICANN will control the IANA functions. Such presumption raises disturbing questions regarding ICANN’s accountability as the IANA functions operator. If discussions on ICANN’s role as operator of IANA functions is to be excluded from the process of developing the proposal for IANA transition, it also implies exclusion of discussions regarding ICANN’s accountability as operator of these functions.

Although ICANN announced a process to enhance its accountability on 6 May 2014, this was designed as a separate, parallel process and de-linked from the IANA transition process. As shown, ICANN’s accountability, its role as convenor of IANA transition process, and its role as current and/or potential future operator of IANA functions are intrinsically linked, and must not be discussed in separate, but parallel process. It is recommended that ICANN accountability in the absence of NTIA stewardship, and ICANN’s role as the operator of IANA functions must be included within the Scoping Document as part of the scope of the IANA transition process. This is to ensure that no kind of IANA transition is executed without ensuring ICANN’s accountability as and if as the operator of IANA functions so that democracy and transparency is brought to the governance of IANA functions.

Misuse or appearance of misuse of its convenor role by ICANN to influence outcome of the Process must not be allowed:

ICANN has been designated the convenor role by the US Govt. on basis of its unique position as the current IANA functions contractor and the global co-ordinator for the DNS. However it is this unique position itself which creates a potential for abuse of the process by ICANN. As the current contractor of IANA functions, ICANN has an interest in the outcome of the process being conducive to ICANN. In other words, ICANN prima facie is an interested party in the IANA transition process, which may tend to steer the process towards an outcome favourable to itself. ICANN has already been attempting to set the scope of the process to develop the proposal for IANA transition unilaterally, thus abusing its position as convenor. ICANN has also been trying to separate the discussions on IANA transition and its own accountability by running them as parallel processes, as well as attempting to prevent questions on ICANN’s role as operator of IANA functions by excluding it from the Scoping Document. Such instances provide a strong rationale for defining the limitations of the role of ICANN as convenor.

Although ICANN’s Revised Proposal of 6 June 2014 stating that ICANN will have a neutral role, and the Secretariat will be independent of ICANN staff is welcome, additional safeguards need to be put in place to avoid conflicts of interest or appearance of conflicts of interest. The Revised Proposal itself was unilaterally issued, whereby ICANN incorporated some of the comments made on its Proposed Draft, in the revised Draft, but excluded some others without providing rationale for the same. For instance, comments regarding inclusion of ICANN’s role as the operator of IANA functions within the Scoping Document, were ignored by ICANN in its Revised Proposal.

It is accordingly suggested that ICANN should limit its role to merely facilitating discussions and not extend it to reviewing or commenting on emerging proposals from the process. ICANN should further not compile comments on drafts to create a revised draft at any stage of the process. Additionally, ICANN staff must not be allowed to be a part of any group or committee which facilitates or co-ordinates the discussion regarding IANA transition.

Components of Diversity Principle should be clearly enunciated in the Draft Proposal:

The Diversity Principle was included by ICANN in the Revised Proposal of 6 June 2014 subsequent to submissions by various stakeholders who raised concerns regarding developing world participation, representation and lack of multilingualism in the process. This is laudable. However, past experience with ICANN processes has shown that many representatives from developing countries as well as from stakeholder communities outside of the ICANN community are unable to productively involve themselves in such processes because of lack of multilingualism or unfamiliarity with its way of functioning. This often results in undemocratic, unrepresentative and non-transparent decision-making in such processes.

In such a scenario, merely mentioning diversity as a principle is not adequate to ensure abundant participation by developing countries and non-ICANN community stakeholders in the process. Concrete mechanisms need to be devised to include adequate and fair geographical, gender, multilingual and developing countries’ participation and representation on all levels so that the process is not relegated merely to domination by North American or European entities. Accordingly, all the discussions in the process should be translated into multiple native languages of participants in situ, so that everyone participating in the process can understand what is going on. Adequate time must be given for the discussion issues to be translated and circulated widely amongst all stakeholders of the world, before a decision is taken or a proposal is framed. To concretise its diversity principle, ICANN should also set aside funds and develop a programme with community support for capacity building for stakeholders in developing nations to ensure their fruitful involvement in the process.

The Co-ordination Group must be made representative of the global multistakeholder community:

Currently, the Co-ordination Group includes representatives from ALAC, ASO, ccNSO, GNSO, gTLD registries, GAC, ICC/BASIS, IAB, IETF, ISOC, NRO, RSSAC and SSAC. Most of these representatives belong to the ICANN community, and is not representative of the global multistakeholder community including governments. This is not representative of even a multistakeholder model which the US Govt. has announced for the transition; nor in the multistakeholder participation spirit of NETmundial.

It is recommended that the Co-ordination Group then must be made democratic and representative to include larger global stakeholder community, including Governments, Civil Society, and Academia, with suitably diverse representation across geography, gender and developing nations. Adequate number of seats on the Committee must be granted to each stakeholder so that they can each co-ordinate discussions within their own communities and ensure wider and more inclusive participation.

Framing of the Proposal must allow adequate time:

All stakeholder communities must be permitted adequate time to discuss and develop consensus. Different stakeholder communities have different processes of engagement within their communities, and may take longer to reach a consensus than others. If democracy and inclusiveness are to be respected, then each stakeholder must be allowed enough time to reach a consensus within its own community, unlike the short time given to comment on the Draft Proposal. The process must not be rushed to benefit a few.

---

Smarika Kumar is a graduate of the National Law Institute University, Bhopal, and a member of the Alternative Law Forum, a collective of lawyers aiming to integrate alternative lawyering with critical research, alternative dispute resolution, pedagogic interventions and sustained legal interventions in social issues. Her areas of interest include interdisciplinary research on the Internet, issues affecting indigenous peoples, eminent domain, traditional knowledge and pedagogy.

A quick and non-exhaustive perusal of this week’s content shows that many people are worried about the state of India’s free speech following police action on account of posts derogatory to or critical of the Prime Minister. Lawyers, journalists, former civil servants and other experts have joined in expressing this worry.

While a crackdown on freedom of expression would indeed be catastrophic and possibly unconstitutional, fears are so far based on police action in only 4 recent cases: Syed Waqar in Karnataka, Devu Chodankar in Goa and two cases in Kerala where college students and principals were arrested for derogatory references to Modi. Violence in Pune, such as the murder of a young Muslim man on his way home from prayer, or the creation of a Social Peace Force of citizens to police offensive Facebook content, are all related, but perhaps ought to be more carefully and deeply explored.

Kerala:

In the Assembly, State Home Minister Ramesh Chennithala said that the State government did not approve of the registration of cases against students on grounds of anti-Modi publications. The Minister denunciation of political opponents through cartoons and write-ups was common practice in Kerala, and “booking the authors for this was not the state government’s policy”.

Maharashtra:

Nearly 20,000 people have joined the Social Peace Force, a Facebook group that aims to police offensive content on the social networking site. The group owner’s stated aim is to target religious posts that may provoke riots, not political ones. Subjective determinations of what qualifies as ‘offensive content’ remain a troubling issue.

Tamil Nadu:

In Chennai, 101 people, including filmmakers, writers, civil servants and activists, have signed a petition requesting Chief Minister J. Jayalalithaa to permit safe screening of the Indo-Sri Lankan film “With You, Without You”. The petition comes after theatres cancelled shows of the film following threatening calls from some Tamil groups.

Telangana:

The K. Chandrasekhar Rao government has blocked two Telugu news channels for airing content that was “derogatory, highly objectionable and in bad taste”.

The Telagana government’s decision to block news channels has its supporters. Padmaja Shaw considers the mainstream Andhra media contemptuous and disrespectful of “all things Telangana”, while Madabushi Sridhar concludes that Telugu channel TV9’s coverage violates the dignity of the legislature.

West Bengal:

Seemingly anti-Modi arrests have led to worry among citizens about speaking freely on the Internet. Section 66A poses a particular threat.

News & Opinion:

The Department of Telecom is preparing a draft of the National Telecom Policy, in which it plans to treat broadband Internet as a basic right. The Policy, which will include deliberations on affordable broadband access for end users, will be finalised in 100 days.

While addressing a CII CEO’s Roundtable on Media and Industry, Information and Broadcasting Minister Prakash Javadekar promised a transparent and stable policy regime, operating on a time-bound basis. He promised that efforts would be streamlined to ensure speedy and transparent clearances.

A perceived increase in police action against anti-Modi publications or statements has many people worried. But the Prime Minister himself was once a fierce proponent of dissent; in protest against the then-UPA government’s blocking of webpages, Modi changed his display pic to black.

Medianama wonders whether the Mumbai police’s Cyber Lab and helpline to monitor offensive content on the Internet is actually a good idea.

G. Sampath wonders why critics of the Prime Minister Narendra Modi can’t voluntarily refrain from exercising their freedom of speech, and allow India to be an all-agreeable development haven. Readers may find his sarcasm subtle and hard to catch.

Experts in India mull over whether Section 79 of the Information Technology Act, 2000, carries a loophole enabling users to exercise a ‘right to be forgotten’. Some say Section 79 does not prohibit user requests to be forgotten, while others find it unsettling to provide private intermediaries such powers of censorship.

Some parts of the world:

Sri Lanka has banned public meetings or rallies intended to promote religious hatred.

In Pakistan, Twitter has restored accounts and tweets that were taken down last month on allegations of being blasphemous or ‘unethical’.

In Myanmar, an anti-hate speech network has been proposed throughout the country to raise awareness and opposition to hate speech and violence.

Previously on this blog, we have discussed one of the under-analysed aspects of Article 19(2) – contempt of court. In the last post, we discussed the checking – or “watchdog” – function of the press. There is yet another under-analysed part of 19(2) that we now turn to – one which directly implicates the press, in its role as public watchdog. This is the issue of defamation.

Unlike contempt of court – which was a last-minute insertion by Ambedkar, before the second reading of the draft Constitution in the Assembly – defamation was present in the restrictions clause since the Fundamental Rights Sub-Committee’s first draft, in 1947. Originally, it accompanied libel and slander, before the other two were dropped for the simpler “reasonable restrictions… in the interests of… defamation.” Unlike the other restrictions, which provoked substantial controversy, defamation did not provoke extended scrutiny by the Constituent Assembly.

In hindsight, that was a lapse. In recent years, defamation lawsuits have emerged as a powerful weapon against the press, used primarily by individuals and corporations in positions of power and authority, and invariably as a means of silencing criticism. For example, Hamish MacDonald’s The Polyester Prince, a book about the Ambanis, was unavailable in Indian bookshops, because of threats of defamation lawsuits. In January, Bloomsbury withdrew The Descent of Air India, which was highly critical of ex-Aviation Minister Praful Patel, after the latter filed a defamation lawsuit. Around the same time, Sahara initiated a 200 crore lawsuit against Tamal Bandyopadhayay, a journalist with The Mint, for his forthcoming book, Sahara: The Untold Story. Sahara even managed to get a stay order from a Calcutta High Court judge, who cited one paragraph from the book, and ruled that “Prima facie, the materials do seem to show the plaintiffs in poor light.” The issue has since been settled out of Court. Yet there is no guarantee that Bandyopadhyay would have won on merits, even with the absurd amount claimed as damages, given that a Pune Court awarded damages of Rs. 100 crores to former Justice P.B. Sawant against the Times Group, for a fifteen-second clip by a TV channel that accidentally showed his photograph next to the name of a judge who was an accused in a scam. What utterly takes the cake, though, is Infosys serving legal notices to three journalistic outlets recently, asking for damages worth Rs. 200 crore for “loss of reputation and goodwill due to circulation of defamatory articles.”

Something is very wrong here. The plaintiffs are invariably politicians or massive corporate houses, and the defendants are invariably journalists or newspapers. The subject is always critical reporting. The damages claimed (and occasionally, awarded) are astronomical – enough to cripple or destroy any business – and the actual harm is speculative. A combination of these factors, combined with a broken judicial system in which trials take an eternity to progress, leading to the prospect of a lawsuit hanging perpetually over one’s head, and financial ruin just around the corner, clearly has the potential to create a highly effective chilling effect upon newspapers, when it come to critical speech on matters of public interest.

One of the reasons that this happens, of course, is that extant defamation law allows it to happen. Under defamation law, as long as a statement is published, is defamatory (that is, tending to lower the reputation of the plaintiff in the minds of reasonable people) and refers to the plaintiff, a prima facie case of defamation is made out. The burden then shifts to the defendant to argue a justification, such as truth, or fair comment, or privileged communication. Notice that defamation, in this form, is a strict liability offence: that is, the publisher cannot save himself even if he has taken due care in researching and writing his story. Even an inadvertent factual error can result in liability. Furthermore, there are many things that straddle a very uncomfortable barrier between “fact” and “opinion” (“opinions” are generally not punishable for defamation): for example, if I call you “corrupt”, have I made a statement of fact, or one of opinion? Much of reporting – especially political reporting – falls within this slipstream.

The legal standard of defamation, therefore, puts almost all the burden upon the publisher, a burden that will often be impossible to discharge – as well as potentially penalising the smallest error. Given the difficulty in fact-checking just about everything, as well as the time pressures under which journalists operate, this is an unrealistic standard. What makes things even worse, however, is that there is no cap on damages, and that the plaintiff need not even demonstrate actual harm in making his claims. Judges have the discretion to award punitive damages, which are meant to serve both as an example and as a deterrent. When Infosys claims 2000 crores, therefore, it need not show that there has been a tangible drop in its sales, or that it has lost an important and lucrative contract – let alone showing that the loss was caused by the defamatory statement. All it needs to do is make abstract claims about loss of goodwill and reputation, which are inherently difficult to verify either way, and it stands a fair chance of winning.

A combination of onerous legal standards and crippling amounts in damages makes the defamation regime a very difficult one for journalists to operate freely in. We have discussed before the crucial role that journalists play in a system of free speech whose underlying foundation is the maintenance of democracy: a free press is essential to maintaining a check upon the actions of government and other powerful players, by subjecting them to scrutiny and critique, and ensuring that the public is aware of important facts that government might be keen to conceal. In chilling journalistic speech, therefore, defamation laws strike at the heart of Article 19(1)(a). When considering what the appropriate standards ought to be, a Court therefore must consider the simple fact that if defamation – as it stands today – is compromising the core of 19(1)(a) itself, then it is certainly not a “reasonable restriction” under 19(2) (some degree of proportionality is an important requirement for 19(2) reasonableness, as the Court has held many times).

This is not, however, a situation unique to India. In Singapore, for instance, “[political] leaders have won hundreds of thousands of dollars in damages in defamation cases against critics and foreign publications, which they have said are necessary to protect their reputations from unfounded attacks” – the defamation lawsuit, indeed, was reportedly a legal strategy used by Lee Kuan Yew against political opponents.

Particularly in the United States, the European Union and South Africa, however, this problem has been recognised, and acted upon. In the next post, we shall examine some of the legal techniques used in those jurisdictions, to counter the chilling effect that strict defamation laws can have on the press.

We discussed the use of civil defamation laws as weapons to stifle a free and critical press. One of the most notorious of such instances also birthed one of the most famous free speech cases in history: New York Times v. Sullivan. This was at the peak of the civil rights movement in the American South, which was accompanied by widespread violence and repression of protesters and civil rights activists. A full-page advertisement was taken out in the New York Times, titled Heed Their Rising Voices, which detailed some particularly reprehensible acts by the police in Montgomery, Alabama. It also contained some factual errors. For example, the advertisement mentioned that Martin Luther King Jr. had been arrested seven times, whereas he had only been arrested four times. It also stated that the Montgomery police had padlocked students into the university dining hall, in order to starve them into submission. That had not actually happened. On this basis, Sullivan, the Montgomery police commissioner, sued for libel. The Alabama courts awarded 500,000 dollars in damages. Because five other people in a situation similar to Sullivan were also suing, the total amount at stake was three million dollars – enough to potentially boycott the New York Times, and certainly enough to stop it from publishing about the civil rights movement.

In his book about the Sullivan case, Make No Law, Anthony Lewis notes that the stakes in the case were frighteningly high. The civil rights movement depended, for its success, upon stirring public opinion in the North. The press was just the vehicle to do it, reporting as it did on excessive police brutality against students and peaceful protesters, practices of racism and apartheid, and so on. Sullivan was a legal strategy to silence the press, and its weapon of choice was defamation law.

In a 9 – 0 decision, the Supreme Court found for the New York Times, and changed the face of free speech law (and, according to Lewis, saved the civil rights movement). Writing for the majority, Justice Brennan made the crucial point that in order to survive, free speech needed “breathing space” – that is, the space to make errors. Under defamation law, as it stood, “the pall of fear and timidity imposed upon those who would give voice to public criticism [is] an atmosphere in which the First Amendment freedoms cannot survive.” And under the burden of proving truth, “would-be critics of official conduct may be deterred from voicing their criticism, even though it is believed to be true and even though it is, in fact, true, because of doubt whether it can be proved in court or fear of the expense of having to do so. They tend to make only statements which "steer far wider of the unlawful zone." For these reasons, Justice Brennan laid down an “actual malice” test for defamation – that is, insofar as the statement in question concerned the conduct of a public official, it was actionable for defamation only if the publisher either knew it was false, or published it with “reckless disregard” for its veracity. After New York Times, this standard has expanded, and the press has never lost a defamation case.

There are some who argue that in its zeal to protect the press against defamation lawsuits by the powerful, the Sullivan court swung the opposite way. In granting the press a near-unqualified immunity to say whatever it wanted, it subordinated the legitimate interests of people to their reputation and their dignity to an intolerable degree, and ushered in a regime of media unaccountability. This is evidently what the South African courts felt. In Khulamo v. Holomisa, Justice O’Regan accepted that the common law of defamation would have to be altered so as to reflect the new South African Constitution’s guarantees of the freedom of speech. Much like Justice Brennan, she noted that “the media are important agents in ensuring that government is open, responsive and accountable to the people as the founding values of our Constitution require”, as well as the chilling effect in requiring journalists to prove the truth of everything they said. Nonetheless, she was not willing to go as far as the American Supreme Court did. Instead, she cited a previous decision by the Supreme Court of Appeals, and incorporated a “resonableness standard” into defamation law. That is, “if a publisher cannot establish the truth, or finds it disproportionately expensive or difficult to do so, the publisher may show that in all the circumstances the publication was reasonable.  In determining whether publication was reasonable, a court will have regard to the individual’s interest in protecting his or her reputation in the context of the constitutional commitment to human dignity.  It will also have regard to the individual’s interest in privacy.  In that regard, there can be no doubt that persons in public office have a diminished right to privacy, though of course their right to dignity persists.  It will also have regard to the crucial role played by the press in fostering a transparent and open democracy.  The defence of reasonable publication avoids therefore a winner-takes-all result and establishes a proper balance between freedom of expression and the value of human dignity.  Moreover, the defence of reasonable publication will encourage editors and journalists to act with due care and respect for the individual interest in human dignity prior to publishing defamatory material, without precluding them from publishing such material when it is reasonable to do so.”

The South African Constitutional Court thus adopts a middle path between the two opposite zero-sum games that are traditional defamation law, and American first amendment law. A similar effort was made in the United Kingdom – the birthplace of the common law of defamation – with the passage of the 2013 Defamation Act. Under English law, the plaintiff must now show that there is likely to be “serious harm” to his reputation, and there is also public interest exception.

While South Africa and the UK try to tackle the problem at the level of standards for defamation, the ECHR has taken another, equally interesting tack: by limiting the quantum of damages. In Tolstoy Milolasky v. United Kingdom, it found a 1.5 million pound damage award “disproportionately large”, and held that there was a violation of the ECHR’s free speech guarantee that could not be justified as necessary in a democratic society.

Thus, constitutional courts the world over have noticed the adverse impact traditional defamation law has on free speech and a free press. They have devised a multiplicity of ways to deal with this, some more speech-protective than others: from America’s absolutist standards, to South Africa’s “reasonableness” and the UK’s “public interest” exceptions, to the ECHR’s limitation of damages. It is about time that the Indian Courts took this issue seriously: there is no dearth of international guidance.

---

Gautam Bhatia — @gautambhatia88 on Twitter — is a graduate of the National Law School of India University (2011), and has just received an LLM from the Yale Law School. He blogs about the Indian Constitution at http://indconlawphil.wordpress.com. Here at CIS, he blogs on issues of online freedom of speech and expression.

The Centre for Internet and Society, India and Centre for Internet and Society, Stanford Law School, USA, will be organising a workshop to analyse the role of intermediary platforms in relation to freedom of expression, freedom of information and freedom of association at the Internet Governance Forum 2014. The aim of the workshop is to highlight the increasing importance of digital rights and broad legal protections of stakeholders in an increasingly knowledge-based economy. The workshop will discuss public policy issues associated with Internet intermediaries, in particular their roles, legal responsibilities and related liability limitations in context of the evolving nature and role of intermediaries in the Internet ecosystem. distinct

Online Intermediaries: Setting the context

The Internet has facilitated unprecedented access to information and amplified avenues for expression and engagement by removing the limits of geographic boundaries and enabling diverse sources of information and online communities to coexist. Against the backdrop of a broadening base of users, the role of intermediaries that enable economic, social and political interactions between users in a global networked communication is ubiquitous. Intermediaries are essential to the functioning of the Internet as many producers  and consumers of content on the internet rely on the action of some third party–the so called intermediary. Such intermediation ranges from the mere provision of connectivity, to more advanced services such as providing online storage spaces for data, acting as platforms for storage and sharing of user generated content (UGC), or platforms that provides links to other internet content.

Online intermediaries enhance economic activity by reducing costs, inducing competition by lowering the barriers for participation in the knowledge economy and fuelling innovation through their contribution to the wider ICT sector as well as through their key role in operating and maintaining Internet infrastructure to meet the network capacity demands of new applications and of an expanding base of users.

Intermediary platforms also provide social benefits, by empowering users and improving  choice through social and participative networks, or web services that enable creativity and collaboration amongst individuals. By enabling platforms for self-expression and cooperation, intermediaries also play a critical role in establishing digital trust, protection of human rights such as freedom of speech and expression, privacy and upholding fundamental values such as freedom and democracy.

However, the economic and social benefits of online intermediaries are conditional to a framework for protection of intermediaries against legal liability for the communication and distribution of content which they enable.

Intermediary Liability

Over the last decade, right holders, service providers and Internet users have been locked in a  debate on the potential liability of online intermediaries. The debate has raised global concerns on issues such as, the extent to which Internet intermediaries should be held responsible for content produced by third parties using their Internet infrastructure and how the resultant liability would affect online innovation and the free flow of knowledge in the information economy?

Given the impact of their services on communications, intermediaries find themselves as either directly liable for their actions, or indirectly (or “secondarily”) liable for the actions of their users. Requiring intermediaries to monitor the legality of the online content poses an insurmountable task. Even if monitoring the legality of content by intermediaries against all applicable legislations were possible, the costs of doing so would be prohibitively high. Therefore, placing liability on intermediaries can deter their willingness and ability to provide services, hindering the development of the internet itself.

Economics of intermediaries are dependent on scale and evaluating the legality of an individual post exceeds the profit from hosting the speech, and in the absence of judicial oversight can lead to a private censorship regime. Intermediaries that are liable for content or face legal exposure, have powerful incentives, to police content and limit user activity to protect themselves.  The result is curtailing of legitimate expression especially where obligations related to and definition of illegal content is vague. Content policing mandates impose significant compliance costs limiting the innovation and competiveness of such platforms.

More importantly, placing liability on intermediaries has a chilling effect on freedom of expression online. Gate keeping obligations by service providers threaten democratic participation and expression of views online, limiting the potential of individuals and restricting freedoms. Imposing liability can also indirectly lead to the death of anonymity and pseudonymity, pervasive surveillance of users' activities, extensive collection of users' data and ultimately would undermine the digital trust between stakeholders.

Thus effectively, imposing liability for intermediaries creates a chilling effect on Internet activity and speech, create new barriers to innovation and stifles the Internet's potential to promote broader economic and social gains.  To avoid these issues, legislators have defined 'safe harbours', limiting the liability of intermediaries under specific circumstances.

Online intermediaries do not have direct control of what information is or information are exchanged via their platform and might not be aware of illegal content per se. A key framework for online intermediaries, such limited liability regimes provide exceptions for third party intermediaries from liability rules to address this asymmetry of information that exists between content producers and intermediaries.

However, it is important to note, that significant differences exist concerning the subjects of these limitations, their scope of provisions and procedures and modes of operation. The 'notice and takedown' procedures are at the heart of the safe harbour model and can be subdivided into two approaches:

a. Vertical approach where liability regime applies to specific types of content exemplified in the US Digital Copyright Millennium Act

b. Horizontal approach based on the E-Commerce Directive (ECD) where different levels of immunity are granted depending on the type of activity at issue

Current framework

Globally, three broad but distinct models of liability for intermediaries have emerged within the Internet ecosystem:

1. Strict liability model under which intermediaries are liable for third party content used in countries such as China and Thailand

2. Safe harbour model granting intermediaries immunity, provided their compliance on certain requirements

3. Broad immunity model that grants intermediaries broad or conditional immunity from liability for third party content and exempts them from any general requirement to monitor content.

While the models described above can provide useful guidance for the drafting or the improvement of the current legislation, they are limited in their scope and application as they fail to account for the different roles and functions of intermediaries. Legislators and courts are facing increasing difficulties, in interpreting these regulations and adapting them to a new economic and technical landscape that involves unprecedented levels user generated content and new kinds of and online intermediaries.

The nature and role of intermediaries change considerably across jurisdictions, and in relation to the social, economic and technical contexts. In addition to the dynamic nature of intermediaries the different categories of Internet intermediaries‘ are frequently not clear-cut, with actors often playing more than one intermediation role. Several of these intermediaries offer a variety of products and services and may have number of roles, and conversely,  several of these intermediaries perform the same function. For example , blogs, video services and social media platforms are considered to be 'hosts'. Search engine providers have been treated as 'hosts' and 'technical providers'.

This limitations of existing models in recognising that different types of intermediaries perform different functions or roles  and therefore should have different liability, poses an interesting area for research and global deliberation. Establishing classification of intermediaries, will also help analyse existing patterns of influence in relation to content for example when the removal of content by upstream intermediaries results in undue over-blocking.

Distinguishing intermediaries on the basis of their roles and functions in the Internet ecosystem is  critical to ensuring a balanced system of liability and addressing concerns for freedom of expression. Rather than the highly abstracted view of intermediaries as providing a single unified service of connecting third parties, the definition of intermediaries must expand to include the specific role and function they have in relation  to users'  rights.  A successful intermediary liability regime must balance the needs of producers, consumers, affected parties and law enforcement, address the risk of abuses for political or commercial purposes, safeguard human rights and contribute to the evolution of uniform principles and safeguards.

Towards an evidence based intermediary liability policy framework

This workshop aims to bring together leading representatives from a broad spectrum of stakeholder groups to discuss liability related issues and ways to enhance Internet users’ trust.

Questions to address at the panel include:

1. What are the varying definitions of intermediaries across jurisdictions?

2. What are the specific roles and functions that allow for classification of intermediaries?

3. How can we ensure the legal framework keeps pace with technological advances and the changing roles of intermediaries?

4. What are the gaps in existing models in balancing innovation, economic growth and human rights?

5. What could be the respective role of law and industry self-regulation in enhancing trust?

6. How can we enhance multi-stakeholder cooperation in this space?

Confirmed Panel:

Technical Community: Malcolm Hutty: Internet Service Providers Association (ISPA)
Civil Society: Gabrielle Guillemin: Article19
Academic: Nicolo Zingales: Assistant Professor of Law at Tilburg University
Intergovernmental: Rebecca Mackinnon: Consent of the Networked, UNESCO project
Civil Society: Anriette Esterhuysen: Association for Progressive Communication (APC)
Civil Society: Francisco Vera: Advocacy Director: Derechos Digitale
Private Sector: Titi Akinsanmi: Policy and Government Relations Manager, Google Sub-Saharan Africa
Legal: Martin Husovec: MaxPlanck Institute

Moderator(s): Giancarlo Frosio, Centre for Internet and Society (CIS) and Jeremy Malcolm, Electronic Frontier Foundation

Remote Moderator: Anubha Sinha, New Delhi

The Internet Corporation for Assigned Names and Numbers (“ICANN”) is a non-profit corporation incorporated in the state of California and vested with the responsibility of managing the DNS root, generic and country-code Top Level Domain name system, allocation of IP addresses and assignment of protocol identifiers. As an internationally organized corporation with its own multi-stakeholder community of Advisory Groups and Supporting Organisations, ICANN is a large and intricately woven governance structure. Necessarily, ICANN undertakes through its Bye-laws that “in performing its functions ICANN shall remain accountable to the Internet community through mechanisms that enhance ICANN’s effectiveness”. While many of its documents, such as its Annual Reports, financial statements and minutes of Board meetings, are public, ICANN has instituted the Documentary Information Disclosure Policy (“DIDP”), which like the RTI in India, is a mechanism through which public is granted access to documents with ICANN which are not otherwise available publicly. It is this policy – the DIDP – that I propose to study.

In a series of blogposts, I propose to introduce the DIDP to unfamiliar ears, and to analyse it against certain freedom of information best practices. Further, I will analyse ICANN’s responsiveness to DIDP requests to test the effectiveness of the policy. However, before I undertake such analysis, it is first good to know what the DIDP is, and how it is crucial to ICANN’s present and future accountability.

What is the DIDP?

One of the core values of the organization as enshrined under Article I Section 4.10 of the Bye-laws note that “in performing its functions ICANN shall remain accountable to the Internet community through mechanisms that enhance ICANN’s effectiveness”. Further, Article III of the ICANN Bye-laws, which sets out the transparency standard required to be maintained by the organization in the preliminary, states - “ICANN and its constituent bodies shall operate to the maximum extent feasible in an open and transparent manner and consistent with procedures designed to ensure fairness”.

Accordingly, ICANN is under an obligation to maintain a publicly accessible website with information relating to its Board meetings, pending policy matters, agendas, budget, annual audit report and other related matters. It is also required to maintain on its website, information about the availability of accountability mechanisms, including reconsideration, independent review, and Ombudsman activities, as well as information about the outcome of specific requests and complaints invoking these mechanisms.

Pursuant to Article III of the ICANN Bye-laws for Transparency, ICANN also adopted the DIDP for disclosure of publicly unavailable documents and publish them over the Internet. This becomes essential in order to safeguard the effectiveness of its international multi-stakeholder operating model and its accountability towards the Internet community. Thereby, upon request made by members of the public, ICANN undertakes to furnish documents that are in possession, custody or control of ICANN and which are not otherwise publicly available, provided it does not fall under any of the defined conditions for non-disclosure. Such information can be requested via an email to [email protected].

Procedure

• Upon the receipt of a DIDP request, it is reviewed by the ICANN staff.
• Relevant documents are identified and interview of the appropriate staff members is conducted.
• The documents so identified are then assessed whether they come under the ambit of the conditions for non-disclosure.
  • Yes - A review is conducted as to whether, under the particular circumstances, the public interest in disclosing the documentary information outweighs the harm that may be caused by such disclosure.
  • Documents which are considered as responsive and appropriate for public disclosure are posted on the ICANN website.
  • In case of request of documents whose publication is appropriate but premature at the time of response then the same is indicated in the response and upon publication thereafter, is notified to the requester.

Time Period and Publication

The response to the DIDP request is prepared by the staff and is made available to the requestor within a period of 30 days of receipt of request via email. The Request and the Response is also posted on the DIDP page http://www.icann.org/en/about/transparency in accordance with the posting guidelines set forth at http://www.icann.org/en/about/transparency/didp.

Conditions for Non-Disclosure

There are certain circumstances under which ICANN may refuse to provide the documents requested by the public. The conditions so identified by ICANN have been categorized under 12 heads and includes internal information, third-party contracts, non-disclosure agreements, drafts of all reports, documents, etc., confidential business information, trade secrets, information protected under attorney-client privilege or any other such privilege,  information which relates to the security and stability of the internet, etc.

Moreover, ICANN may refuse to provide information which is not designated under the specified conditions for non-disclosure if in its opinion the harm in disclosing the information outweighs the public interest in disclosing the information. Further, requests for information already available publicly and to create or compile summaries of any documented information may be declined by ICANN.

Grievance Redressal Mechanism

In certain circumstances the requestor might be aggrieved by the response received and so he has a right to appeal any decision of denial of information by ICANN through the Reconsideration Request procedure or the Independent Review procedure established under Section 2 and 3 of Article IV of the ICANN Bye-laws respectively. The application for review is made to the Board which has designated a Board Governance Committee for such reconsideration. The Independent Review is done by an independent third-party of Board actions, which are allegedly inconsistent with the Articles of Incorporation or Bye-laws of ICANN.

Why does the DIDP matter?

The breadth of ICANN’s work and its intimate relationship to the continued functioning of the Internet must be appreciated before our analysis of the DIDP can be of help. ICANN manages registration and operations of generic and country-code Top Level Domains (TLD) in the world. This is a TLD:

(Source: here)

Operation of many gTLDs, such as .com, .biz or .info, is under contract with ICANN and an entity to which such operation is delegated. For instance, Verisign operates the .com Registry. Any organization that wishes to allow others to register new domain names under a gTLD (sub-domains such as ‘benefithealth’ in the above example) must apply to ICANN to be an ICANN-accredited Registrar. GoDaddy, for instance, is one such ICANN-accredited Registrar. Someone like you or me, who wants to  get our own website – say, vinayak.com – buys from GoDaddy, which has a contract with ICANN under which it pays periodic sums for registration and renewal of individual domain names. When I buy from an ICANN-accredited Registrar, the Registrar informs the Registry Operator (say, Verisign), who then adds the new domain name (vinayak.com) to its registry list, and then it can be accessed on the Internet.

ICANN’s reach doesn’t stop here, technically. To add a new gTLD, an entity has to apply to ICANN, after which the gTLD has to be added to the root file of the Internet. The root file, which has the list of all TLDs (or all ‘legitimate’ TLDs, some would say), is amended by Verisign under its tripartite contract with the US Government and ICANN, after which Verisign updates the file in its ‘A’ root server. The other 12 root servers use the same root file as the Verisign root server. Effectively, this means that only ICANN-approved TLDs (and all sub-domains such as ‘benefithealth’ or ‘vinayak’) are available across the Internet, on a global scale. Or at least, ICANN-approved TLDs have the most and widest reach. ICANN similarly manages country-code TLDs, such as .in for India, .pk for Pakistan or .uk for the United Kingdom.

All of this leads us to wonder whether the extent of ICANN’s voluntary and reactive transparency is sufficient for an organization of such scale and impact on the Internet, perhaps as much impact as the governments do. In the next post, I will analyse the DIDP’s conditions for non-disclosure of information with certain freedom of information best practices.

---

Vinayak Mithal is a final year student at the Rajiv Gandhi National University of Law, Punjab. His interests lie in Internet governance and other aspects of tech law, which he hopes to explore during his internship at CIS and beyond. He may be reached at [email protected].

Introduction

The Ministry of Communications and Information Technology on the 10th of February, 2012 released a notification [1] in the Official Gazette outlining the Preferential Market Access [2] Policy for Domestically Manufactured Electronic Goods 2012. The Policy is applicable to procurement of telecom products by Government Ministries/Departments and to such electronics that had been deemed to having security concerns, thus making the policy applicable to private bodies in the latter half. The Notification reasoned that preferential access was to be given to domestically manufactured electronic goods predominantly for security reasons. Each Ministry or Department was to notify the products that had security implications, with reasons, after which the notified agencies would be required to procure the same from domestic manufacturers. This policy was also meant to be applicable to even procurement of electronic goods by Government Ministries/Agencies for Governmental purposes except Defence. Each Ministry would be required to notify its own percentage of such procurement, though it could not be less than 30%, and also had to specify the Value Addition that had to be made to a particular product to qualify it as a domestically manufactured product, with the policy again specifying the minimum standards. The policy was also meant for procurement of electronic hardware as a service from Managed Service Providers (MSPs).

The procurement was to be done as according to the policies of the each procuring agency. The tender was to be apportioned according to the procurement percentage notified and the preference part was to be allotted to the domestic manufacturer at the lowest bid price. If there were no bidders who were domestic manufacturers or if the tender was not severable, then it was to be awarded to the Foreign Manufacturer and the percentage adjusted as against other electronic procurement for that period.

Telecom equipment that qualifies as domestically manufactured telecom products for preferential market access include: encryption and UTM platforms, Core/Edge/Enterprise routers, Managed leased line network equipment, Ethernet Switches, IP based Soft Switches, Media gateways, Wireless/Wireline PABXs, CPE, 2G/3G Modems, Leased-line Modems, Set Top Boxes, SDH/Carrier Ethernet/Packet Optical Transport Eqiupments, DWDN systems, GPON equipments, Digital Cross connects, small size 2G/3G GSM based Base Station Systems, LTE based broadband wireless access systems, Wi-Fi based broadband wireless access systems, microwave radio systems, software defined radio cognitive radio systems, repeaters, IBS, and distributed antenna system, satellite based systems, copper access systems, network management systems, security and surveillance communication systems (video and sensors based), optical fiber cable.

The Policy also mentioned the creation of a self-certification system to declare domestic value addition to the vendor. The checks would be done by the laboratories accredited by the Department of Information Technology. The policy was to be in force for a period of 10 years and any dispute concerning the nature of product was to be referred to the Department of Information Technology.

International and Domestic Response to the Policy

There was a large scale opposition, usually from international sectors, towards the mooting of this policy. Besides business houses, even organizations like those of the United States Trades Representatives criticized the policy as being harmful to the global market and in violation of the World Trade Organization Guidelines.[3] Criticism also poured in from domestic bodies in terms of recommendations towards modification of the policy largely on three grounds: (i) the high domestic value addition requirement and the method of calculation of the same, (ii) the lack of a link between manufacturing and security and (iii) application of the policy to the private sector.

The Cellular Operations Association of India (COAI) in a letter dated March 15, 2012 to the Secretary of the Department Technology and Chairman of the Telecom Commission expressed its views on the telecom manufacturing in the country.[4]The COAI stated that such a development had to be done realistically and holistically so that the whole eco-system was developed as a comprehensive whole. In that regard it also forwarded a study that had been commissioned by COAI and conducted by M/s. Booz and Company titled “Telecom Manufacturing Policy – Developing an Actionable Roadmap”. The report was a comprehensive study of the telecom industry and outlined the challenges and opportunities that lay on its development trajectory. It also talked about Government involvement in the development process. The Report while citing the market share of Indian Telecom Industry which would be around 3% [5] of the Global Market highlighted the fact that no country could be self-sufficient in technology. It further talked about the development of local clusters in order to cut costs and encourage manufacturing, while ensuring that the PMA Policy was consistent with the WTO Guidelines. It further recommended opening up of foreign investments and making capital available to ensure growth of innovation. Finally it highlighted the lack of a connection between manufacturing and security and instead stressed upon proper certification, checks and development of a comprehensive CIIP framework across all sensitive networks for security purposes.

In a further letter to the Joint Secretary of the Department of Information and Technology dated April 25, 2012 the COAI expressed some reservations concerning the draft guidelines that had been published along with the notification.[6] While stressing upon the fact that a higher value addition would be impossible with the lack of basic manufacturing capabilities for the development of technological units, it also highlighted the need to redefine Bill of Materials which had been left ambiguous and subject to exploitation. It further highlighted the fact that allowing every Ministry to make its own specifications would lead to inconsistent definitions and an administrative challenge and hence such matters should be handled by a Central Body. Furthermore it opined that the calculation of BOMs and the Value Additions should be done using the concept of substantial transformation as has been given in the Booz Study. Furthermore, while discouraging the use of disincentives, it stated that one individual Ministry should be in charge of specifying such incentives to avoid confusion and for the sake of ease of business.

In another letter to a Member of the Department of Telecommunications dated July 12, 2012 the COAI stressed upon the futility of having high value additions as the same was impossible under the present scenario.[7] There was a lack of manufacturing sector which had to be comprehensively developed backed by fiscal incentives and comprehensive policies. In spite of that, it stressed that no country could become self-reliant and that such policies, like the PMA, were reminiscent of the “license and permit raj” era. It further said that such policies should be consistent with WTO Guidelines and should not give undue preference to domestic manufacturers to the detriment of other manufacturers. Countering the security aspect, it said that the same had been addressed by the DoT License Amendment of May 31, 2011 whereby all equipments on the network would have to comply with the “Safe to Connect” standard, and stressed upon the lack of any link between manufacturing and security. Furthermore for calculation of Value Addition it suggested an alternative to the method proposed by the Government as the same would lead to disclosures of sensitive commercial information which were contained in the BOMs. The COAI said that the three stages as laid out in the Substantial Transformation (as mentioned in the Booz Study) should be used for calculating the VA. It made several proposals to develop the telecom manufacturing industry in India including provision of fiscal incentives, development of telecom clusters and comprehensive policies which led to harmonization with laws and creation of SEZs among other such benefits.

In October 2012 the Government released a draft notification notifying products due to security consideration in furtherance of the PMA Policy.[8] The document outlined the minimum PMA and VA specification for a range of products. It also stated several security reasons for pursuing such a policy and stated that India had to be completely self-reliant for its active telecom products. It also contained data on the predicted growth of the telecom market in India. The COAI thereafter released a document commenting upon the draft notification of the Government.[9]

Besides highlighting the fact that the COAI still had not received a response to its former comments, it again stressed upon the lack of a link between security and manufacturing. It reiterated its point on the impossibility of a complete self-reliance on any nation’s part, and stressed upon the need of involving other stakeholders in the promulgation of such policies. It also made changes to the notified list of equipments, reclassifying it according to technology and only listing equipments which had volumes. Furthermore it also suggested changes towards the calculation of value addition to include materials sourced from local suppliers, in-house assemblage to be considered local material and the calculation to be done for complete order and not for each item in the order. It further recommended a study be conducted and the industry be involved while predicting demands as such were dated and needed revision. The Government thereafter released a revised notification[10] on October 5, 2012 but it did not contain much of the commented changes that the COAI had proposed.

Thereafter in April 2013, the DeitY released draft guidelines[11] for providing preference to domestically manufactured electronic products in Government Procurement in further of the second part of the PMA Policy. The guidelines besides containing definitions to several terms such as BOM also prescribed a minimum of 20% domestic procurement while leaving the specifications onto individual Ministries. It recommended the establishment of a technical committee by the concerned Ministry or Department that would recommend value addition to products. It followed a BOM based calculation of Value Addition while leaving the matter of certification to be dealt by DeitY certified laboratories that are notified for such purposes by the concerned Ministry/Department. DeitY was the nodal ministry for monitoring the implementation of the policy while particular monitoring was left to each Ministry or Department concerned. Among the annexures were indicative lists of generic and telecom products and a format for Self Certification regarding Domestic Value Addition in an Electronic Product.

The COAI thereafter released a revised draft containing its own comments on April 15, 2013.[12] The COAI pointed out faults in the definition of BOM. It highlighted the difficulty in splitting R&D according to countries, and also stressed upon the impractical usage of BOM in calculation of value addition as the same was confidential business information. As it had already suggested earlier, it reiterated the usage of the Substantial Transformation process for the calculation of Value Addition. While removing the lists of equipments mentioned, it further pointed out that the disqualification in the format for self-certification would be a very harsh disincentive and would result in driving away manufacturers. It suggested that there should be incentives for compliance instead.

The COAI along with the Association of Unified Telecom Service Providers of India sent a letter dated January 24, 2013 to the Secretary, DoT containing their inputs on Draft List of Security Sensitive Telecom Products for Preferential Market Access (PMA).[13] It again stressed upon the fact that security and manufacturing were not related and that the security aspect had been dealt by the “Safe to Connect” requirement mandated by the DoT License Amendment. It talked of the impossibility of arriving at VA figures until the same is defined to internationally accepted norms. Further it opined that if the Government had security concerns it should consider VA at a network level in the configurations as would be deployed in the network or its segments rather at element or subsystem levels as the latter would leave too many calculations open and the procurement entities will find it very difficult to ensure if they meet the PMA requirement or not. It further stressed upon the need to comply with WTO Guidelines while stressing upon the need to pay heed to certification standards than pursue the unavailable link between manufacturing and security through a PMA Policy. Finally it suggested a grouping of telecom products for the policy based on technology rather than individual products.

Pursuant to a Round Table Conference Organized by the Department of Information and Technology, AUSPI and COAI sent another letter dated April 15, 2013 to the Secretary, Department of Information and Technology.[14] It reiterated several points that both the AUSPI and COAI had been suggesting to the Government on the Telecom Manufacturing Policy. It cited the examples of other manufacturing nations to reiterate the fact that no country could be completely self-reliant in manufacturing electronics and such positions would only lead to creation of an environment that would not be conducive to global business. It further stressed upon the need to change the manner of calculation of VA while highlighting the fact that every Department should notify its list of products having security implications and the list of telecom equipment should be deleted from the draft guidelines being issued by DeitY to ensure better implementation.

A major change came in on July 8, 2013 when the Prime Minister’s Office made a press release withdrawing the PMA policy for review and withholding all the notifications that had been issued in that regard.[15] It said that  he revised proposal will incorporate a detailed provision for project / product / sector specific security standards, alternative modes of security certification, and a roadmap for buildup of domestic testing capacity. It further noted that the revised proposal on PMA in the private sector for security related products will not have domestic manufacturing requirements, percentage based or otherwise and that the revised proposal will incorporate a mechanism for a centralised clearing house mechanism for all notifications under the PMA Policy.

The COAI thereafter on November 7, 2013 sent a letter to the DoT containing feedback on the list of items slated for Government procurement.[16] It noted that there were 23 products on which PMA was applicable. It pointed out that there were no local manufacturers for many of the products notified. It also asked the Government to take steps to ensure that fiscal incentives were given to encourage manufacturing sector which was beset by several costs such as landing costs which acted as impediments to its development. It stressed upon the tiered development of the industry needed to ensure that a holistic and comprehensive growth is attained which would result in manufacturing of local products. It requested that the Government "focus on right enablers (incentives, ecosystem, infrastructure, taxation) as the outcome materializes once all of these converge."

The COAI sent a further letter dated November 13, 2013 to the DoT concerning the investment required in the telecom manufacturing industry.[17] It noted the projected required investment of 152bn USD in the telecom sector and that the Government had projected that 92% of the investment would have to come from the Private Sector. COAI, while stressing upon the need of the Government and the Private Industry to work in tandem with each other, suggested that the Government devise methods to attract investments in the telecom sectors from international telecom players and that the Telecom Equipment Manufacturing Council meet to review and revise methods for attracting such investments.

Pursuant to the PMO directive, DeitY released a revised PMA Policy on the 23rd of December, 2014.[18] While there have been a few major changes, not all of recommendations by various bodies have been adhered to.[19] The major changes in the revised policy included the exemption of the private sector from the policy and the removal of PMA Policy to equipments notified for security reasons. The manner of calculation of the domestic value addition has not been changed though there has been a reduction in the percentage of value addition needed to qualify a product as domestic product. Another addition has been of a two-tiered implementation mechanism for the Policy. Tier-I includes a National Planning and Monitoring Council for Electronic Products which would design a 10-year roadmap for the implementation of the policy including notification of the products and subsequent procurement. Under Tier-II, the Ministries and Departments will be issuing notifications specifying products and the technical qualifications of the same, after approval by the Council. The former notifications under the 2012 Policy, including the notification of 23 telecom products by Department of Telecom,[20] are still valid until revised further.[21]

---

[1]. No. 8(78)/2010-IPHW. Available at http://www.dot.gov.in/sites/default/files/5-10-12.PDF (accessed 03 June, 2014).

[2]. Preferential Market Access

[3]. See The PMA Debate, DataQuest at http://www.dqindia.com/dataquest/feature/191001/the-pma-debate/page/1 (accessed June 2014).

[4]. The letter is available at http://www.coai.com/Uploads/MediaTypes/Documents/letter-to-dit-on-pma-notification.pdf (accessed  June, 2014).

[5]. Around $17bn.

[6]. The letter is available at http://www.coai.com/Uploads/MediaTypes/Documents/letter-to-dit-on-pma-notification.pdf (accessed  June, 2014).

[7]. The letter is available at http://www.coai.com/Uploads/MediaTypes/Documents/coai-to-dot-on-enhancing-domestic-manufacturing-of-telecom-equipment-bas.pdf (accessed  June, 2014).

[8]. The notification no. 18-07/2010-IP can be found at http://www.coai.com/Uploads/MediaTypes/Documents/DoT-draft-notification-on-Policy-for-preference-to-domestically-manufactured-telecom-products-in-procurement-October-2012.pdf  (accessed  June, 2014).

[9]. The commented COAI draft can be found at http://www.coai.com/Uploads/MediaTypes/Documents/Annexure-1-Comments-on-draft-notification-by-DoT.pdf (accessed  June, 2014).

[10]. Available at http://www.coai.com/Uploads/MediaTypes/Documents/dots-notification-on-telecom-equipment-oct-5,-2012.pdf (accessed June, 2014).

[11]. The draft guidelines can be found at http://www.coai.com/Uploads/MediaTypes/Documents/pma_draft-govt-procurement-guidelines-april-2013.pdf (accessed June, 2014).

[12]. The COAI commented draft can be found at http://www.coai.com/Uploads/MediaTypes/Documents/pma-draft-security-guidelines-15-april-2013.pdf (accessed June, 2014).

[13]. The letter can be found at http://www.coai.com/Uploads/MediaTypes/Documents/jac-007-to-dot-on-Januarys-list-of-telecom-products-final.pdf (accessed June, 2014).

[14]. The letter can be found at http://www.coai.com/Uploads/MediaTypes/Documents/jac-to-moc-on-pma.pdf (accessed June, 2014).

[15]. The press release can be found at http://www.coai.com/Uploads/MediaTypes/Documents/pmo-on-pma.pdfhttp://www.coai.com/Uploads/MediaTypes/Documents/pmo-on-pma.pdf (accessed June, 2014).

[16]. The letter can be found at http://www.coai.com/Uploads/MediaTypes/Documents/COAI-letter-to-DoT-on-Feedback-on-List-of-Items-for-Govt-Procurement.pdf (accessed June, 2014).

[17]. The letter can be found at http://www.coai.com/Uploads/MediaTypes/Documents/COAI-letter-to-DoT-on-Investments-Required-(TEMC)-Nov%2013-2013.pdf (accessed June, 2014).

[18]. The Notification No. 33(3)/2013-IPHW can be found at http://deity.gov.in/sites/upload_files/dit/files/Notification_Preference_DMEPs_Govt_%20Proc_23_12_2013.pdf (accessed June, 2014).

[19]. For more information, see http://electronicsb2b.com/policy-corner/revised-preferential-market-access-policy/# (accessed June, 2014).

[20]. The notification has been mentioned and discussed above.

[21]. A list of notifications dealing with electronic products except telecom products can be found on the website of DeitY at http://deity.gov.in/esdm/pma (accessed June, 2014).

Sl. No.	Country	Legislation	Model
1.	Australia	Telecommunications (Interceptions and Access) Act, 1979 Governs interception of communications Relevant provisions: S. 3, 7, 6A, 34, 46 Surveillance Devices Act, 2004 Establishes procedure for obtaining warrants and for use of surveillance devices Relevant Provisions: S.13, 14	Authorisation for surveillance is granted in the form of a warrant from a Judge or a nominated member of the Administrative Appeals Tribunal The warrant issuing authority must be satisfied that information obtained through interception shall assist in the investigation of a serious crime The Acts provide a list of prescribed offences for which interception of communication may be authorized The Acts also specify certain federal and state law enforcement agencies that may undertake surveillance
2.	Brazil	Federal Law No. 9,296, 1996: Regulates wiretapping	Authorisation for interception is granted on a Judge’s order for a period of 15 days at a time Interception is only allowed for investigations into serious offences like drug smuggling, corruption murder and kidnapping
3.	Canada	Criminal Code, 1985 Governs general rules of criminal procedure including search and seizure protocols Relevant Provision: §§ 184.2, 184.4	Grants power to intercept communication by obtaining authorisation from a provincial court judge or a judge of the superior court Before granting his authorisation, the judge must be satisfied that either the originator of the communication or the recipient thereof  has given his/her consent to the interception Under exceptional circumstances, however, a police officer owing to the exigency of the situation may intercept communication without prior authorisation
4.	France	Loi d'orientation et de programmation pour la performance de la sécurité intérieure (LOPPSI 2), 2011: Authorises use of video surveillance and interception of communications Relevant Provisions: Article 36 Loi de Programmation Militaire (LPM), 2013: Authorises surveillance for protection of national security and prevention of terrorism	Interception of communication under LOPPSI 2 requires previous authorization from an investigating Judge after consultation with the Public Prosecutor Such authorization is granted for a period of 4 months which is further extendable by another 4 months Interception of communication under LPM does not require prior sanction from an investigating judge and is instead provided by the Prime Minister’s office Information that can be intercepted under LPM includes not only metadata but also content and geolocation services
5.	Germany	Gesetz zur Beschränkung des Brief-, Post und Fernmeldegeheimnisses (G10 Act), 2001 Imposes restrictions on the right to privacy and authorizes surveillance for protecting freedom and democratic order, preventing terrorism and illegal drug trade Relevant Provisions: §3 The German Code of Criminal Procedure (StPO), 2002 Lays down search and seizure protocol and authorizes interception of telecommunications for criminal prosecutions Relevant Provisions: §§ 97, 100a	Authorises warrantless surveillance by specific German agencies like the Bundesnachrichtendienst (Federal Intelligence Service) Lays down procedure that must be followed while undertaking surveillance and intercepting communications Authorises sharing of intercepted intelligence for criminal prosecutions Mandates ex post notification to persons whose privacy has been violated but no judicial remedies are available to such persons The Code of Criminal Procedure authorises interception of communication of a person suspected of being involved in a serious offence only on the order of a court upon application by the public prosecution office
6.	Pakistan	Pakistan Telecommunications Reorganisation Act, 1996: Controls the flow of false and fabricated information and protects national security Relevant Provisions: § 54 Investigation for Fair Trial Act, 2013: Regulates the powers of law enforcement and intelligence agencies regarding covert surveillance and interception of communications Relevant Provisions:  §§ 6,7, 8, 9	Authorisation for interception is provided by the federal government. No formal legal structure to monitor surveillance exists Interception can be authorized in the interest of national security and on the apprehension of any offence Requests for filtering and blocking of content are routed through the Inter-Ministerial Committee for the Evaluation of Websites, a confidential regulatory body Under the Fair Trial Act, interception can only be authorised on application to the Fedral Minister for Interior who shall then permit the application to be placed before a High Court Judge The warrant shall be issued by a judge only on his satisfaction that interception will aid in the collection of evidence and that a reasonable threat of the commission of a scheduled offence exists
7.	South Africa	The Regulation of Interception of Communications and Provision of Communication-related Information Act, 2002 Regulates and authorizes monitoring and interception of telecommunications services Relevant Provisions: §§ 16, 22	Warrant for intercepting communications and installing surveillance devices is granted by a designated judge The warrant is issued on satisfaction of the judge that the investigation relates to a serious offence or that the information gathering is vital to public health or safety, national security or compelling national economic interests
8.	United Kingdom	Regulation of Investigatory Powers Act, 2000: Authorises interception of communications and surveillance Relevant Provisions: §§ 5, 6, 65	Authorisation for interception is granted in the form of a warrant by the Secretary of State or in certain special cases by a ‘senior officer’ Communications can be intercepted only it is necessary to do so in the interest of national security or for the purpose of preventing and detecting serious crimes Complaints of alleged illegal surveillance are heard by the Investigatory Powers Tribunal
9.	United States	Electronic Communications Privacy Act, 1986 (Title III, Omnibus Crime Control and Safe Streets Act) Governs authorisation for wiretapping and interception Relevant Provisions: §18	Authorisation for interception can be granted by a  district court or federal appeals court on application by a law enforcement officer duly signed by the attorney general Application mandates obtaining the information through a service provider before invading upon individual’s privacy

On 1st July, 2014 the Federal Trade Commission (FTC) filed a complaint against T-Mobile USA,[1] accusing the service provider of 'cramming' customers bills, with millions of dollars of unauthorized charges. Recently, another service provider, received flak from regulators and users worldwide, after it published a paper, 'Experimental evidence of massive-scale emotional contagion through social networks'.[2] The paper described Facebook's experiment on more than 600,000 users, to determine whether manipulating user-generated content, would affect the emotions of its users.

In both incidents the terms that should ensure the protection of their user's legal rights, were used to gain consent for actions on behalf of the service providers, that were not anticipated at the time of agreeing to the terms and conditions (T&Cs) by the consumer. More precisely, both cases point to the underlying issue of how users are bound by T&Cs, and in a mediated online landscape—highlight, the need to pay attention to the regulations that govern the online engagement of users.

I have read and agree to the terms

In his statement, Chief Executive Officer, John Legere might have referred to T-Mobile as "the most pro-consumer company in the industry",[3] however the FTC investigation revelations, that many customers never authorized the charges, suggest otherwise.  The FTC investigation also found that, T-Mobile received 35-40 per cent of the amount charged for subscriptions, that were made largely through innocuous services, that customers had been signed up to, without their knowledge or consent. Last month news broke, that just under 700,000 users 'unknowingly' participated in the Facebook study, and while the legality and ethics of the experiment are being debated, what is clear is that Facebook violated consumer rights by not providing the choice to opt in or out, or even the knowledge of such social or psychological experiments to its users.

Both incidents boil down to the sensitive question of consent. While binding agreements around the world work on the condition of consent, how do we define it and what are the implications of agreeing to the terms?

Terms of Service: Conditions are subject to change

A legal necessity, the existing terms of service (TOS)—as they are also known—as an acceptance mechanism are deeply broken. The policies of online service providers are often, too long, and with no shorter or multilingual versions, require substantial effort on part of the user to go through in detail. A 2008 Carnegie Mellon study estimated it would take an average user 244 hours every year to go through the policies they agree to online.[4] Based on the study, Atlantic's Alexis C. Madrigal derived that reading all of the privacy policies an average Internet user encounters in a year, would take 76 working days.[5]

The costs of time are multiplied by the fact that terms of services change with technology, making it very hard for a user to keep track of all of the changes over time. Moreover, many services providers do not even commit to the obligation of notifying the users of any changes in the TOS. Microsoft, Skype, Amazon, YouTube are examples of some of the service providers that have not committed to any obligations of notification of changes and often, there are no mechanisms in place to ensure that service providers are keeping users updated.

Facebook has said that the recent social experiment is perfectly legal under its TOS,[6] the question of fairness of the conditions of users consent remain debatable. Facebook has a broad copyright license that goes beyond its operating requirements, such as the right to 'sublicense'. The copyright also does not end when users stop using the service, unless the content has been deleted by everyone else.

More importantly, since 2007, Facebook has brought major changes to their lengthy TOS about every year.[7] And while many point that Facebook is transparent, as it solicits feedback preceding changes to their terms, the accountability remains questionable, as the results are not binding unless 30% of the actual users vote. Facebook can and does, track users and shares their data across websites, and has no obligation or mechanism to inform users of the takedown requests.

Courts in different jurisdictions under different laws may come to different conclusions regarding these practices, especially about whether changing terms without notifying users is acceptable or not. Living in a society more protective of consumer rights is however, no safeguard, as TOS often include a clause of choice of law which allow companies to select jurisdictions whose laws govern the terms.

The recent experiment bypassed the need for informed user consent due to Facebook's Data Use Policy[8], which states that once an account has been created, user data can be used for 'internal operations, including troubleshooting, data analysis, testing, research and service improvement.' While the users worldwide may be outraged, legally, Facebook acted within its rights as the decision fell within the scope of T&Cs that users consented to. The incident's most positive impact might be in taking the questions of Facebook responsibilities towards protecting users, including informing them of the usage of their data and changes in data privacy terms, to a worldwide audience.

My right is bigger than yours

Most TOS agreements, written by lawyers to protect the interests of the companies add to the complexities of privacy, in an increasingly user-generated digital world. Often, intentionally complicated agreements, conflict with existing data and user rights across jurisdictions and chip away at rights like ownership, privacy and even the ability to sue. With conditions that that allow for change in terms at anytime, existing users do not have ownership or control over their data.

In April New York Times, reported of updates to the legal policy of General Mills (GM), the multibillion-dollar food company.[9] The update broadly asserted that consumers interacting with the company in a variety of ways and venues no longer can sue GM, but must instead, submit any complaint to “informal negotiation” or arbitration. Since then, GM has backtracked and clarified that “online communities” mentioned in the policy referred only to those online communities hosted by the company on its own websites.[10] Clarification aside, as Julia Duncan, Director of Federal programs at American Association for Justice points out, the update in the terms were so broad, that they were open to wide interpretation and anything that consumers purchase from the company could have been held to this clause. [11]

Data and whose rights?

Following Snowden revelations, data privacy has become a contentious issue in the EU, and TOS, that allow the service providers to unilaterally alter terms of the contract, will face many challenges in the future. In March Edward Snowden sent his testimony to the European Parliament calling for greater accountability and highlighted that in "a global, interconnected world where, when national laws fail like this, our international laws provide for another level of accountability."[12] Following the testimony came the European Parliament's vote in favor of new safeguards on the personal data of EU citizens, when it’s transferred to non-EU.[13] The new regulations seek to give users more control over their personal data including the right to ask for data from companies that control it and seek to place the burden of proof on the service providers.

The regulation places responsibility on companies, including third-parties involved in data collection, transfer and storing and greater transparency on concerned requests for information. The amendment reinforces data subject right to seek erasure of data and obliges concerned parties to communicate data rectification. Also, earlier this year, the European Court of Justice (ECJ) ruled in favor of the 'right to be forgotten'[14]. The ECJ ruling recognised data subject's rights override the interest of internet users, however, with exceptions pertaining to nature of information, its sensitivity for the data subject's private life and the role of the data subject in public life.

In May, the Norwegian Consumer Council filed a complaint with the Norwegian Consumer Ombudsman, “… based on the discrepancies between Norwegian Law and the standard terms and conditions applicable to the Apple iCloud service...”, and, “...in breach of the law regarding control of marketing and standard agreements.”[15] The council based its complaint on the results of a study, published earlier this year, that found terms were hazy and varied across services including iCloud, Drop Box, Google Drive, Jotta Cloud, and Microsoft OneDrive. The Norwegian Council study found that Google TOS, allow for users content to be used for other purposes than storage, including by partners and that it has rights of usage even after the service is cancelled.  None of the providers provide a guarantee that data is safe from loss, while many,  have the ability to terminate an account without notice. All of the service providers can change the terms of service but only Google and Microsoft give an advance notice.

The study also found service providers lacking with respect to European privacy standards, with many allowing for browsing of user content. Tellingly, Google had received a fine in January by the French Data Protection Authority, that stated regarding Google's TOS, "permits itself to combine all the data it collects about its users across all of its services without any legal basis."

To blame or not to blame

Facebook is facing a probe by the UK Information Commissioner's Office, to assess if the experiment conducted in 2012 was a violation of data privacy laws.[16] The FTC asked the court to order T-Mobile USA,  to stop mobile cramming, provide refunds and give up any revenues from the practice. The existing mechanisms of online consent, do not simplify the task of agreeing to multiple documents and services at once, a complexity which manifolds, with the involvement of third parties.

Unsurprisingly, T-Mobile's Legere termed the FTC lawsuit misdirected and blamed the companies providing the text services for the cramming.[17] He felt those providers should be held accountable, despite allegations that T-Mobile's billing practices made it difficult for consumers to detect that they were being charged for unauthorized services and having shared revenues with third-party providers. Interestingly, this is the first action against a wireless carrier for cramming and the FTC has a precedent of going after smaller companies that provide the services.

The FTC charged  T-Mobile USA with deceptive billing practices in putting the crammed charges under a total for 'use charges' and 'premium services' and failure to highlight that portion of the charge was towards third-party charges. Further, the company urged customers to take complaints to vendors and was not forthcoming with refunds. For now, T-Mobile may be able to share the blame, the incident brings to question its accountability, especially as going forward it has entered a pact along with other carriers in USA including Verizon and AT&T, agreeing to stop billing customers for third-party services. Even when practices such as cramming are deemed illegal, it does not necessarily mean that harm has been prevented. Often users bear the burden of claiming refunds and litigation comes at a cost while even after being fined companies could have succeeded in profiting from their actions.

Conclusion

Unfair terms and conditions may arise when service providers include terms that are difficult to understand or vague in their scope. TOS that prevent users from taking legal action, negate liability for service providers actions despite the companies actions that may have a direct bearing on users, are also considered unfair. More importantly, any term that is hidden till after signing the contract, or a term giving the provider the right to change the contract to their benefit including wider rights for service provider wide in comparison to users such as a term that that makes it very difficult for users to end a contract create an imbalance. These issues get further complicated when the companies control and profiting from data are doing so with user generated data provided free to the platform.

In the knowledge economy, web companies play a decisive role as even though they work for profit, the profit is derived out of the knowledge held by individuals and groups. In their function of aggregating human knowledge, they collect and provide opportunities for feedback of the outcomes of individual choices. The significance of consent becomes a critical part of the equation when harnessing individual information. In France, consent is part of the four conditions necessary to be forming a valid contract (article 1108 of the Code Civil).

The cases highlight the complexities that are inherent in the existing mechanisms of online consent. The question of consent has many underlying layers such as reasonable notice and contractual obligations related to consent such as those explored in the case in Canada, which looked at whether clauses of TOS were communicated reasonably to the user, a topic for another blog. For now, we must remember that by creating and organising  social knowledge that further human activity, service providers, serve a powerful function. And as the saying goes, with great power comes great responsibility.

---

[1] 'FTC Alleges T-Mobile Crammed Bogus Charges onto Customers’ Phone Bills', published 1 July, 2014. See: http://www.ftc.gov/news-events/press-releases/2014/07/ftc-alleges-t-mobile-crammed-bogus-charges-customers-phone-bills

[2] 'Experimental evidence of massive-scale emotional contagion through social networks', Adam D. I. Kramera,1, Jamie E. Guilloryb, and Jeffrey T. Hancock, published March 25, 2014. See:http://www.pnas.org/content/111/24/8788.full.pdf+html?sid=2610b655-db67-453d-bcb6-da4efeebf534

[3] 'U.S. sues T-Mobile USA, alleges bogus charges on phone  bills, Reuters published 1st July, 2014 See: http://www.reuters.com/article/2014/07/01/us-tmobile-ftc-idUSKBN0F656E20140701

[4] 'The Cost of Reading Privacy Policies', Aleecia M. McDonald and Lorrie Faith Cranor, published I/S: A Journal of Law and Policy for the Information Society 2008 Privacy Year in Review issue. See: http://lorrie.cranor.org/pubs/readingPolicyCost-authorDraft.pdf

[5] 'Reading the Privacy Policies You Encounter in a Year Would Take 76 Work Days', Alexis C. Madrigal, published The Atlantic, March 2012 See: http://www.theatlantic.com/technology/archive/2012/03/reading-the-privacy-policies-you-encounter-in-a-year-would-take-76-work-days/253851/

[6] Facebook Legal Terms. See: https://www.facebook.com/legal/terms

[7] 'Facebook's Eroding Privacy Policy: A Timeline', Kurt Opsahl, Published Electronic Frontier Foundation , April 28, 2010 See:https://www.eff.org/deeplinks/2010/04/facebook-timeline

[8] Facebook Data Use Policy. See: https://www.facebook.com/about/privacy/

[9] 'When ‘Liking’ a Brand Online Voids the Right to Sue', Stephanie Strom, published in New York Times on April 16, 2014 See: http://www.nytimes.com/2014/04/17/business/when-liking-a-brand-online-voids-the-right-to-sue.html?ref=business

[10] Explaining our website privacy policy and legal terms, published April 17, 2014 See:http://www.blog.generalmills.com/2014/04/explaining-our-website-privacy-policy-and-legal-terms/#sthash.B5URM3et.dpufhttp://www.blog.generalmills.com/2014/04/explaining-our-website-privacy-policy-and-legal-terms/

[11] General Mills Amends New Legal Policies, Stephanie Strom, published in New York Times  on 1http://www.nytimes.com/2014/04/18/business/general-mills-amends-new-legal-policies.html?_r=0

[12] Edward Snowden Statement to European Parliament published March 7, 2014. See: http://www.europarl.europa.eu/document/activities/cont/201403/20140307ATT80674/20140307ATT80674EN.pdf

[13] Progress on EU data protection reform now irreversible following European Parliament vote, published 12 March 201 See: http://europa.eu/rapid/press-release_MEMO-14-186_en.htm

[14] European Court of Justice rules Internet Search Engine Operator responsible for Processing Personal Data Published by Third Parties, Jyoti Panday, published on CIS blog on May 14, 2014. See: http://cis-india.org/internet-governance/blog/ecj-rules-internet-search-engine-operator-responsible-for-processing-personal-data-published-by-third-parties

[15] Complaint regarding Apple iCloud’s terms and conditions , published on 13 May 2014 See:http://www.forbrukerradet.no/_attachment/1175090/binary/29927

[16] 'Facebook faces UK probe over emotion study' See: http://www.bbc.co.uk/news/technology-28102550

[17] Our Reaction to the FTC Lawsuit See: http://newsroom.t-mobile.com/news/our-reaction-to-the-ftc-lawsuit.htm

Introduction

State authorised surveillance in India derives its basis from two colonial legislations; §26 of the Indian Post Office Act, 1898 and §5 of the Telegraph Act, 1885 (hereinafter the Act) provide for the interception of postal articles[1] and messages transmitted via telegraph[2] respectively. Both of these sections, which are analogous, provide that the powers laid down therein can only be invoked on the occurrence of a public emergency or in the interest of public safety. The task of issuing orders for interception of communications is vested in an officer authorised by the Central or the State government. This blog examines whether the preconditions set by the legislature for allowing interception act as adequate safeguards. The second part of the blog analyses the limits of discretionary power given to such authorised officers to intercept and detain communications.

Surveillance by law enforcement agencies constitutes a breach of a citizen’s Fundamental Rights of privacy and the Freedom of Speech and Expression. It must therefore be justified against compelling arguments against violations of civil rights. Right to privacy in India has long been considered too ‘broad and moralistic’[3] to be defined judicially. The judiciary, though, has been careful enough to not assign an unbound interpretation to it. It has recognised that the breach of privacy has to be balanced against a compelling public interest [4] and has to be decided on a careful examination of the facts of a certain case. In the same breath, Indian courts have also legitimised surveillance by the state as long as such surveillance is not illegal or unobtrusive and is within bounds [5]. While determining what constitutes legal surveillance, courts have rejected “prior judicial scrutiny” as a mandatory requirement and have held that administrative safeguards are sufficient to legitimise an act of surveillance. [6]

Conditions Precedent for Ordering Interception

§§5(2) of the Telegraph Act and 26(2) of the Indian Post Office Act outline a two tiered test to be satisfied before the interception of telegraphs or postal articles. The first tier consists of sine qua nons in the form of an “occurrence of public emergency” or “in the interests of public safety.” The second set of requirements under the provisions is “the interests of the sovereignty and integrity of India, the security of the State, friendly relations with foreign States or public order or for preventing incitement to the commission of an offence.” While vesting the power of interception in administrative officials, the sections contemplate a legal fiction where a public emergency exists and it is in the interest of sovereignty, integrity, security of the state or for the maintenance of public order/ friendly relations with foreign states. The term “public emergency,” however, has not been clearly defined by the legislature or by the courts. It thus vests arbitrary powers in a delegated official to order the interception of communication violating one’s Fundamental Rights.

Tracing the History of the Expression “Public Emergency”

The origins of the laws governing interception can be traced back to English laws of the late 19th Century; specifically one that imposed a penalty on a postal officer who delayed or intercepted a postal article.[7] This law guided the drafting of the Indian Telegraph Act in 1885 that legitimised interception of communications by the state. The expression “public emergency” appeared in the original Telegraph Act of 1885 and has been adopted in that form in all subsequent renderings of provisions relating to interception. Despite the contentious and vague nature of the expression, no consensus regarding its interpretation seems to have been arrived at. One of the first post-independence analyses of this provision was undertaken by the Law Commission in 1968. The 38th Law Commission in its report on the Indian Post Office Act, raised concerns about the constitutionality of the expression. The Law Commission was of the opinion that the term not having been defined in the constitution cannot serve as a reasonable ground for suspension of Fundamental Rights.[8] It further urged that a state of public emergency must be of such a nature that it is not secretive and is apparent to a reasonable man.[9] It thus challenged the operation of the act in its then current form where the determination of public emergency is the discretion of a delegated administrative official. The Commission, in conclusion, implored the legislature to amend the laws relating to interception to bring them in line with the Constitution. This led to the Telegraph (Amendment) Act of 1981. Questions regarding the true meaning of the expression and its potential misuse were brought up in both houses of the Parliament during passing of the amendment. The Law Ministry, however, did not issue any additional clarifications regarding the terms used in the Act. Instead, the Government claimed that the expressions used in the Act are “exactly those that are used in the Constitution.” [10] It may be of interest to note here that the Constitution of India, neither uses nor defines the term “public emergency.” Naturally, it is not contemplated as a ground for reasonably restricting Fundamental Rights provided under Article 19(1). [11] Similarly, concerns regarding the potential misuse of the powers were defended with the logically incompatible and factually inaccurate position that the law had not been misused in the past.[12]

Locating “Public Emergency” within a Proclamation of Emergency under the Constitution (?)

Public emergency in not equivalent to a proclamation of emergency under Article 352 of the Constitution simply because it was first used in legislations over six decades before the drafting of the Indian Constitution began. Besides, orders for interception of communications have also been passed when the state was not under a proclamation of emergency. Moreover, public emergency is not the only prerequisite prescribed under the Act. §5(2) states that an order for interception can be passed either on the occurrence of public emergency or in the interest of public safety. Therefore, the thresholds for the satisfaction of both have to be similar or comparable. If the threshold for the satisfaction of public emergency is understood to be as high as a proclamation of emergency then any order for interception can be passed easily under the guise of public safety. The public emergency condition will then be rendered redundant. Public emergency is therefore a condition that is separate from a proclamation of emergency.

In a similar vein the Supreme Court has also clarified[13] that terms like “public emergency” and “any emergency,” when used as statutory prerequisites, refer to the occurrence of different kinds of events. These terms cannot be equated with one another merely on the basis of the commonality of one word.

The Supreme Court in Hukam Chand v. Union of India,[14] correctly stated that the terms public emergency and public safety must “take colour from each other.” However, the court erred in defining public emergency as a situation that “raises problems concerning the interest of the public safety, the sovereignty and integrity of India, the security of the State, friendly relations with foreign States or public order or the prevention of incitement to the commission of an offence.” This cyclic definition does not lend any clarity to the interpretive murk surrounding the term. The Act envisages public emergency as a sine qua non that must exist prior to a determination that there is a threat to public order and sovereignty and integrity of the state. The court’s interpretation on the other hand would suggest that a state of public emergency can be said to exist only when public order, sovereignty and integrity of the state are already threatened. Therefore, while conditions precedent exist for the exercise of powers under §5(2) of the Act, there are no objective standards against which they are to be tested.

Interpretation of Threshold Requirements

A similar question arose before the House of Lords in Liversidge v. Anderson.[15] The case examined the vires of an Act that vested an administrative authority with the conditional power to detain a person if there was reasonable cause to believe that the person was of hostile origin. Therein, Lord Atkin dissenting with the majority opinion stated in no unclear terms that power vested in the secretary of state was conditional and not absolute. When a conditional authority is vested in an administrative official but there aren’t any prescriptive guidelines for the determination of the preconditions, then the statute has the effect of vesting an absolute power in a delegated official. This view was also upheld by the Supreme Court in State of Madhya Pradesh v. Baldeo Prasad.[16] The court was of the opinion that a statute must not only provide adequate safeguards for the protection of innocent citizens but also require the administrative authority to be satisfied as to the existence of the conditions precedent laid down in the statute before making an order. If the statute failed to do so in respect of any condition precedent then the law suffered from an infirmity and was liable to be struck down as invalid.[17] The question of the existence of public emergency, therefore being left to the sole determination of an administrative official is an absolute and arbitrary power and is ultra vires the Constitution

Interestingly, in its original unamended form, §5 contained a provisio stating that a determination of public emergency was the sole authority of the secretary of state and such a finding could not be challenged before a court of law. It is this provision that the government repealed through the Telegraph (Amendment) Act of 1981 to bring it in line with Constitutional principles. The preceding discussion shows that the amendment did not have the effect of rectifying the law’s constitutional infirmities. Nonetheless, the original Telegraph Act and its subsequent amendment are vital for understanding the compatibility of surveillance standards with the Constitutional principles. The draconian provisio in the original act vesting absolute powers in an administrative official illustrates that the legislative intent behind the drafting of a 130 year law cannot be relied on in today’s context. Vague terms like public emergency that have been thoughtlessly adopted from a draconian law find no place in a state that seeks to guarantee to its citizens rights of free speech and expression.

Conclusion

Interception of communications under the Telegraph Act and the Indian Post office act violate not only one’s privacy but also one’s freedom of speech and expression. Besides, orders for the tapping of telephones violate not only the privacy of the individual in question but also that of the person he/she is communicating with. Considering the serious nature of this breach it is absolutely necessary that the powers enabling such interception are not only constitutionally authorised but also adequately safeguarded. The Fundamental Rights declared by Article 19(1) cannot be curtailed on any ground outside the relevant provisions of Cls. 2-6.[18] The restrictive clauses in Cls. (2)-(6) of Article 19 are exhaustive and are to be strictly construed.[19] Public emergency is not one of the conditions enumerated under Article 19 for curtailing fundamental freedoms. Moreover, it lacks adequate safeguards by vesting absolute discretionary power in a non-judicial administrative authority. Even if one were to ignore the massive potential for misuse of these powers, it is difficult to conceive that the interception provisions would stand a scrutiny of constitutionality.

Over the course of the last few years, India has been dangerously toeing the line that keeps it from turning into a totalitarian surveillance state. [20] In 2011, India was the third most intrusive state[21] with 1,699 requests for removal made to Google; in 2012 that number increased to 2529[22]. The media is abuzz with reports about the Intelligence Bureau wanting Internet Service Providers to log all customer details [23] and random citizens being videotaped by the Delhi Police for “looking suspicious.” It becomes essential under these circumstances to question where the state’s power ends and a citizens’ privacy begins. Most of the information regarding projects like the CMS and the CCTNS is murky and unconfirmed. But under the pretext of national security, government officials have refused to divulge any information regarding the kind of information included within these systems and whether any accountability measures exist. For instance, there have been conflicting opinions from various ministers regarding whether the internet would also be under the supervision of the CMS [24]. Even more importantly, citizens are unaware of what rights and remedies are available to them in instances of violation of their privacy.

The intelligence agencies that have been tasked with handling information collected under these systems have not been created under any legislation and therefore not subject to any parliamentary oversight. Attempts like the Intelligence Services (Powers and Regulation) Bill, 2011 have been shelved and not revisited since their introduction. The intelligence agencies that have been created through executive orders enjoy vast and unbridled powers that make them accountable to no one[25]. Before, vesting the Indian law enforcement agencies with sensitive information that can be so readily misused it is essential to ensure that a mechanism to check the use and misuse of that power exists. A three judge bench of the Supreme Court has recently decided to entertain a Public Interest Litigation aimed at subjecting the intelligence agencies to auditing by the Comptroller and Auditor General of India. But the PIL even if successful will still only manage to scratch the surface of all the wide and unbridled powers enjoyed by the Indian intelligence agencies. The question of the constitutionality of interception powers, however, has not been subjected to as much scrutiny as is necessary. Especially at a time when the government has been rumoured to have already obtained the capability for mass dragnet surveillance such a determination by the Indian courts cannot come soon enough.

The power to be unidentifiable on the internet has been a major reason for its sheer number of users. Most of the internet can now be freely used by anybody under a pseudonym without the fear of being recognised by anybody else. These conditions allow for the furtherance of free expression and protection of privacy on the internet, which is particularly important for those who use the internet as a medium to communicate political dissent or engage in any other activity which would be deemed controversial in a society yet not illegal. For example, an internet forum for homosexuals in India, discussing various issues which surround homosexuality may prove far more fruitful if contributors are given the option of being undetectable, considering the stigma that surrounds homosexuality in India, and the recent setting-aside of the Delhi High Court decision reading down Section 377 of the Indian Penal Code. The possibility of being anonymous or pseudonymous exists on many internet fora but on Facebook, the world’s greatest internet space for building connections and free expression, there is no sanction given to pseudonymous accounts as Facebook follows a real name policy. And as the recent decision of a New York judge, disallowing Facebook from contesting warrants on private information of over 300 of its users, shows, there are clear threats to freedom of expression and privacy.

On the subject of using real names, Facebook’s Community Standards states, “Facebook is a community where people use their real identities. We require everyone to provide their real names, so you always know who you're connecting with. This helps keep our community safe.” Facebook’s Marketing Director, Randi Zuckerberg, bluntly dismissed the idea of online anonymity as one that “has to go away” and that people would “behave much better” if they are made to use their real names. Apart from being a narrow-minded statement, she fails to realise that there are many different kinds of expression on the internet, from stories of sexual abuse victims to the views of political commentators, or indeed, whistleblowers, many of whom may prefer to use the platform without being identified. It has been decided in many cases that humans have a right to anonymity as it provides for the furtherance of free speech without the fear of retaliation or humiliation (see Talley v. California).

While Facebook’s rationale behind wanting users to register for accounts with their own names is based on the goal of maintaining the security of other users, it is still a serious infraction on users’ freedom of expression, particularly when anonymous speech has been protected by various countries. Facebook has evolved from a private space for college students to connect with each other to a very public platform where not just social connections but also discussions take place, often with a heavily political theme. Facebook has been described as instrumental in the facilitation of communication during the Arab Spring, providing a space for citizens to effectively communicate with each other and organise movements. Connections on Facebook are no longer of a purely social nature but have extended to political and legal as well, with it being used to promote movements all through the country. Even in India, Facebook was the most widely adopted medium, along with Twitter and Facebook, for discourse on the political future of the country during, before and after the 2014 elections. Earlier in 2011, Facebook was used intensively during the India Against Corruption movement. There were pages created, pictures and videos uploaded, comments posted by an approximate of 1.5 million people in India. In 2012, Facebook was also used to protest against the Delhi gang rape with many coming forward with their own stories of sexual assault, providing support to the victim, organising rallies and marches and protesting about the poor level of safety of women in Delhi.

Much like its content policy, Facebook exhibits a number of discrepancies in the implementation of the anonymity ban. Salman Rushdie found that his Facebook account had been suspended and when it was reinstated after he sent them proof of identity, Facebook changed his name to the name on his passport, Ahmed Rushdie instead of the name he popularly goes by. Through a series of tweets, he criticised this move by Facebook, forcing him to display his birth name. Eventually Facebook changed his name back to Salman Rushdie but not before serious questions were raised regarding Facebook’s policies. The Moroccan activist Najat Kessler’s account was also suspended as it was suspected that she was using a fake name. Facebook has also not just stopped at suspending individual user accounts but has also removed pages and groups because the creators used pseudonyms to create and operate the pages in question. This was seen in the case of Wael Ghonim who created a group which helped in mobilizing citizens in Egypt in 2011. Ghonim was a Google executive who did not want his online activism to affect his professional life and hence operated under a pseudonym. Facebook temporarily removed the group due to his pseudonymity but later reinstated it.

While Facebook performs its due diligence when it comes to some accounts, it has still done nothing about the overwhelmingly large number of obviously fake accounts, ranging from Santa Claus to Jack the Ripper. On my own Facebook friend list, there are people who have entered names of fictional characters as their own, clearly violating the real name policy. I once reported a pseudonymous account that used the real name of another person. Facebook thanked me for reporting the account but also said that I will “probably not hear back” from them. The account still exists with the same name. The redundancy of the requirement lies in the fact that Facebook does not request users to upload some form identification when they register with the site but only when they suspect them to be using a pseudonym. Since Facebook also implements its policies largely only on the basis of complaints by other users or the government, the real name policy makes many political dissidents and social activists the target of abuse on the internet.

Further, Articles 21 and 22 of the ICCPR grant all humans the right to free and peaceful assembly. As governments increasingly crack down on physical assemblies of people fighting for democracy or against legislation or conditions in a country, the internet has proved to be an extremely useful tool for facilitating this assembly without forcing people to endure the wrath of governmental authorities. A large factor which has promoted the popularity of internet gatherings is the way in which powerful opinions can be voice without the fear of immediate detection. Facebook has become the coveted online space for this kind of assembly but their policies and more particularly, faulty implementation of the policies, lead to reduced flows of communication on the site.

Of course, Facebook’s fears of cyberbullying and harassment are likely to materialise if there is absolutely no check on the identity of users.  A possible solution to the conflict between requiring real names to keep the community safe and still allowing individuals to be present on the network without the fear of identification by anybody would be to ask users to register with their own names but still allowing them to create a fictional name which would be the name that other Facebook users can see. Under this model, Facebook can also deal with the issue of safety through their system of reporting against other users. If a pseudonymous user has been reported by a substantial number of people for harassment or any other cause, then Facebook may either suspend the account or remove the content that is offensive. If the victim of harassment chooses to approach a judicial body, then Facebook may reveal the real name of the user so that due process may be followed. At the same time, users who utilise the website to present their views and participate in the online process of protest or contribute to free expression in any other way can do so without the fear of being detected or targeted.  Safety on the site can be maintained even without forcing users to reveal their real names to the world. The system that Facebook follows currently does not help curb the presence of fake accounts and neither does it promote completely free expression on the site.

The Indian surveillance regime has been the subject of discussion for quite some time now. Its nature and scope is controversial. The Central Monitoring System, through which the government can obtain direct access to call records, appears to have the potential to be used for bulk surveillance, although official claims emphasise that it will only be implemented in a targeted manner. The Netra system, on the other hand, is certainly about dragnet collection, since it detects the communication, via electronic media, of certain “keywords” (such as “attack”, “bomb”, “blast” and “kill”), no matter what context they are used in, and no matter who is using them.

Surveillance is quintessentially thought to raise concerns about privacy. Over a series of decisions, the Indian Supreme Court has read in the right to privacy into Article 21’s guarantee of the right to life and personal liberty. Under the Supreme Court’s (somewhat cloudy) precedents, privacy may only be infringed if there is a compelling State interest, and if the restrictive law is narrowly tailored – that is, it does not infringe upon rights to an extent greater than it needs to, in order to fulfill its goal. It is questionable whether bulk surveillance meets these standards.

Surveillance, however, does not only involve privacy rights. It also implicated Article 19 – in particular, the Article 19(1)(a) guarantee of the freedom of expression, and the 19(1)(c) guarantee of the freedom of association.

Previously on this blog, we have discussed the “chilling effect” in relation to free speech. The chilling effect evolved in the context of defamation cases, where a combination of exacting standards of proof, and prohibitive damages, contributed to create a culture of self-censorship, where people would refrain from voicing even legitimate criticism for fear of ruinous defamation lawsuits. The chilling effect, however, is not restricted merely to defamation, but arises in free speech cases more generally, where vague and over-broad statutes often leave the border of the permitted and the prohibited unclear.

Indeed, a few years before it decided New York Times v. Sullivan, which brought in the chilling effect doctrine into defamation and free speech law, the American Supreme Court applies a very similar principle in a surveillance case. In NAACP v. Alabama, the National Association for the Advancement of Coloured People (NAACP), which was heavily engaged in the civil rights movement in the American deep South, was ordered by the State of Alabama to disclose its membership list. NAACP challenged this, and the Court held in its favour. It specifically connected freedom of speech, freedom of association, and the impact of surveillance upon both:

“Effective advocacy of both public and private points of view, particularly controversial ones, is undeniably enhanced by group association, as this Court has more than once recognized by remarking upon the close nexus between the freedoms of speech and assembly. It is beyond debate that freedom to engage in association for the advancement of beliefs and ideas is an inseparable aspect of the “liberty” assured by the Due Process Clause of the Fourteenth Amendment, which embraces freedom of speech. Of course, it is immaterial whether the beliefs sought to be advanced by association pertain to political, economic, religious or cultural matters, and state action which may have the effect of curtailing the freedom to associate is subject to the closest scrutiny… it is hardly a novel perception that compelled disclosure of affiliation with groups engaged in advocacy may constitute [an] effective a restraint on freedom of association… this Court has recognized the vital relationship between freedom to associate and privacy in one’s associations. Inviolability of privacy in group association may in many circumstances be indispensable to preservation of freedom of association, particularly where a group espouses dissident beliefs.”

In other words, if persons are not assured of privacy in their association with each other, they will tend to self-censor both who they associate with, and what they say to each other, especially when unpopular groups, who have been historically subject to governmental or social persecution, are involved. Indeed, this was precisely the argument that the American Civil Liberties Union (ACLU) made in its constitutional challenge to PRISM, the American bulk surveillance program. In addition to advancing a Fourth Amendment argument from privacy, the ACLU also made a First Amendment freedom of speech and association claim, arguing that the knowledge of bulk surveillance had made – or at least, was likely to have made – politically unpopular groups wary of contacting it for professional purposes (the difficulty, of course, is that any chilling effect argument effectively requires proving a negative).

If this argument holds, then it is clear that Articles 19(1)(a) and 19(1)(c) are prima facie infringed in cases of bulk – or even other forms of – surveillance. Two conclusions follow: first, that any surveillance regime needs statutory backing. Under Article 19(2), reasonable restrictions upon fundamental rights can only be imposed by law, and not be executive fiat (the same argument applies to Article 21 as well).

Assuming that a statutory framework is brought into force, the crucial issue then becomes whether the restriction is a reasonable one, in service of one of the stated 19(2) interests. The relevant part of Article 19(2) permits reasonable restrictions upon the freedom of speech and expression “in the interests of… the security of the State [and] public order.” The Constitution does not, however, provide a test for determining when a restriction can be legitimately justified as being “in the interests of” the security of the State, and of public order. There is not much relevant precedent with respect to the first sub-clause, but there happens to be an extensive – although conflicted – jurisprudence dealing with the public order exception.

One line of cases – characterised by Ramji Lal Modi v. State of UP and Virendra v. State of Punjab – has held that the phrase “for the interests of” is of very wide ambit, and that the government has virtually limitless scope to make laws ostensibly for securing public order (this extends to prior restraint as well, something that Blackstone, writing in the 18^th century, found to be illegal!). The other line of cases, such as Superintendent v. Ram Manohar Lohia and S. Rangarajan v. P. Jagjivan Ram, have required the government to satisfy a stringent burden of proof. In Lohia, for instance, Ram Manohar Lohia’s conviction for encouraging people to break a tax law was reversed, the Court holding that the relationship between restricting free speech and a public order justification must be “proximate”. In Rangarajan, the Court used the euphemistic image of a “spark in a powder keg”, to characterise the degree of proximity required. It is evident that under the broad test of Ramji Lal Modi, a bulk surveillance system is likely to be upheld, whereas under the narrow test of Lohia, it is almost certain not to be.

Thus, if the constitutionality of surveillance comes to Court, three issues will need to be decided: first, whether Articles 19(1)(a) and 19(1)(c) have been violated. Secondly – and if so – whether the “security of the State” exception is subject to the same standards as the “public order” exception (there is no reason why it should not be). And thirdly, which of the two lines of precedent represent the correct understanding of Article 19(2)?

---

Gautam Bhatia — @gautambhatia88 on Twitter — is a graduate of the National Law School of India University (2011), and has just received an LLM from the Yale Law School. He blogs about the Indian Constitution at http://indconlawphil.wordpress.com. Here at CIS, he blogs on issues of online freedom of speech and expression.

---

For feedback, comments and any incidents of online free speech violation you are troubled or intrigued by, please email Geetha at geetha[at]cis-india.org or on Twitter at @covertlight.