India Should Watch Its Internet Watchmen

It's taken about two years for the first signs of misuse to show up. And there may be many more, as the government uses vague discretion instead of firm rules to police India's Internet. Various groups can exploit these discretionary powers to their own ends.

Earlier this month, the Indian Computer Emergency Response Team (CERT-In), the body appointed by the government to protect India's information infrastructure, blocked a text-message provider that sends out advertisements in bulk over mobile phone. It also blocked Typepad.com, a publishing platform used frequently by bloggers. Both restrictions have now been lifted.

Most contentiously, a Delhi court ordered CERT-In to block access to Zone-H.org, an Italian security giant that acts as a repository of hacked websites—that is, it collects screen grabs of sites that are infiltrated, which later proves valuable for studying the cyber crime in question. A representative of this website accused an Indian cyber security firm, E2 Labs, of using Zone-H's logo and images to promote its own cyber security school courses. E2 Labs dragged Zone-H to court in 2009 and, on grounds of defamation, had Zone-H's website blocked. What muddies the waters is that E2 Labs claims to work for the government.

Nobody knows what threat, if any, these websites posed to national security. Users who tried accessing them simply received a one-line message from their service providers that the sites had been blocked due to "instructions from the Department of Telecom." That message later disappeared, replaced by the standard error message: "Page Not Found."

Many bloggers immediately started comparing this case to the situation they found themselves in 2006, when the government banned Blogspot.com right after Mumbai's suburban train system was hit by bomb blasts. The Department of Telecom then did not offer an official reason, leaving people guessing that this was some kind of response to that terrorist attack.

That's happening again. The guidelines under which CERT-In operates say that all information related to website blocking is classified. Moreover, its mandate does not include communicating with the public. Which is why everyone is in the dark. Nobody even knows how widespread the blockade is. There's no hint of the process involved. There's no course for redress for those who own the affected sites.

Inquiries from journalists about the Department of Telecom's method of functioning have gone unanswered. When cornered by the press this month, India's Information Technology minister Kapil Sibal, who oversees this department, passed responsibility to the ministry of home affairs, which manages the nation's internal security.

Perhaps there are legitimate reasons for blocking these websites. India has faced its share of terrorist attacks that have, in the last decade, begun to affect the country's urban centers. Terrorists have gotten more sophisticated. The 2008 Mumbai assault especially put pressure on security personnel to be electronically vigilant, because the terrorists used satellite phones and internet technology to communicate. Since then, the government has ramped up its scrutiny of the Internet, including getting into a high-profile dispute last year with Blackberry-maker Research in Motion. Blogs are fair game, too, seeing as how terrorist groups have been known to use them for recruiting and communication. But if there are good reasons this time for blocking the sites in question, they're unknown and unexplained.

That lack of explanation is cause for alarm. First, there's the impact on businesses. Intermediary guidelines proposed by the Department of Information Technology put the onus on service providers to remove any material that, in addition to endangering national security, "causes inconvenience or annoyance," is "grossly offensive or menacing in nature," or "belongs to another person." These open-ended guidelines mean service providers have to spend a good chunk of their time dealing with government officials to determine, say, what is offensive.

The larger impact is on the rule of law. The clumsiness with which New Delhi has blocked these sites undermines any legitimacy the laws have. Lawyers I've spoken with already say that the guidelines, which are open to wide interpretation, violate the country's constitution.

This legal debacle has implications beyond any immediate security concerns. Despite being a democracy with a vigorous free press, India can't afford to take freedom of speech for granted. The concern here is that a statute intended to protect the country from terrorism may also give new legal cover to people trying to restrict speech for other reasons.

Already, thanks in part to the lack of political support for free speech, varied groups hijack cracks or loopholes in the legal framework to their populist ends. For instance, a colonial-era law against religious insults was used in 2007 to appease Hindu nationalists who wanted the government to punish Muslim painter M.F. Hussain for depicting "Mother India" in the nude. That case suggests that the new ill-considered and badly implemented rules for online policing could be exploited by political or business interests.

India undoubtedly faces a serious terrorism problem. But New Delhi needs to defend itself through laws that don't end up impinging on free speech in damaging, undemocratic ways.

Mr. Bhatia is a writer with Open Magazine in Mumbai.

Read the original story here