Centre for Internet and Society

After the Lockdown

Shyam Ponappa — 2020-04-09T10:05:49Z

This post was first published in the Business Standard, on April 2, 2020.

This is a time when, as the authorities deal with a lockdown, there needs to be an equal emphasis on providing for large numbers of people without the money for food and necessities, while the rest of us wait it out. Hard as it is, an MIT scholar writes that after the Spanish flu in 1918, cities that restricted public gatherings sooner and longer had fewer fatalities, and emerged with stronger economic growth.1 It is likely that costs and benefits vary with economic and social capacity, and we may have a harder time with it here. Going forward, government action to help provide relief, rehabilitate people and deal with loss needs to be well planned, including targeting aid to the urban and displaced poor.2

As important now as to ensure the lockdown continues is to plan on how to revive productive activity and the economy, and restore public confidence. A systematic approach will likely yield better results.

A major element of the recovery plan is steps such as liberal credit and amortisation terms, perhaps much more than the three-month extension the Reserve Bank of India (RBI) has announced. A primary purpose is the re-initiation of large-scale activities such as construction, of which there are reportedly about 200,000 large projects around the country. These have to be nursed back to being going concerns. The RBI may need to consider doing more, including lowering rates.

An ominous development that has grown as the economy slowed is financial stress that could swell non-performing assets (NPAs). At the half-year ending September 2019, about half of non-financial large corporations in India, excluding telecom, showed financial stress (see table).

Source: Krishna Kant: "Coronavirus shutdown puts Rs 15-trillion debt at risk, to impact finances", BS, March 30, 2020:

https://www.business-standard.com/article/markets/coronavirus-shutdown-puts-rs-15-trillion-debt-at-risk-to-impact-finances-120032901036_1.html

These include some of India’s largest companies, producing power, steel, and chemicals. The 201 companies have total debt of nearly Rs 15 trillion, more than half of all borrowings. There is also the debt overhang of the National Highways Authority of India, and of the telecom companies. Ironically, the telecom companies are our lifeline now, despite having nearly collapsed under debt because of ill-advised policies in the past, which have still not changed. Perhaps our obvious dependence telecom services now will spark well conceived, convergent policies for this sector, so that we can function effectively.

A start with immediate changes in administrative rules for 60GHz, 70-80GHz, and 500-700MHz wireless use, modelled on the US FCC regulations as was done for the 5GHz Wi-Fi in October 2018, could change the game. It will provide the opportunity in India for the innovation of devices, their production, and use, possibly unleashing this sector. This can help offset our reliance on imported technology and equipment. However, such changes in policies and purchasing support have eluded us thus far. Now, the only way our high-technology manufacturers can thrive is to succeed internationally, in order to be able to sell to the domestic market. Imagine how hard that might be, and you begin to get an inkling of why we have few domestic product champions, struggling against odds in areas such as optical switches, networking equipment, and wireless devices. For order-of-magnitude change, however, structural changes need to be worked out in consultation with operators in the organisation of services through shared infrastructure.

For the longer term, a fundamental reconsideration for allocating resources is needed through coherent, orchestrated policy planning and support. What the government can do as a primary responsibility, besides ensuring law and order and security, is to develop our inadequate and unreliable infrastructure, including facilities and services that enable efficient production clusters, their integrated functioning, and skilling. For instance, Apple’s recent decision against moving iPhone production from China to India was reportedly because similar large facilities (factories of 250,000) are not feasible here, and second, our logistics are inadequate. Such considerations should be factored into our planning, although Apple may well have to revisit the very sustainability of the concept of outsize facilities that require the sort of repressive conditions prevailing in China. However, we need not aim for building unsustainable mega-factories. Instead, a more practical approach may be to plan for building agglomerations of smaller, sustainable units, that can aggregate their activity and output effectively and efficiently. Such developments could form the basis of numerous viable clusters, and where possible, capitalise on existing incipient clusters of activities. Such infrastructure needs to be extended to the countryside for agriculture and allied activities as well, so that productivity increases with a change from rain-fed, extensive cultivation to intensive practices, with more controlled conditions.

The automotive industry, the largest employer in manufacturing, provides an example for other sectors. It was a success story like telecom until recently, but is now floundering, partly because of inappropriate policies, despite its systematic efforts at incorporating collaborative planning and working with the government. It has achieved the remarkable transformation of moving from BS-IV to BS-VI emission regulations in just three years, upgrading by two levels with an investment of Rs 70,000 crore, whereas European companies have taken five to six years to upgrade by one level. This has meant that there was no time for local sourcing, and therefore heavy reliance on global suppliers, including China. While the collaborative planning model adopted by the industry provides a model for other sectors, the question here is, what now. In a sense, it was not just the radical change in market demand with the advent of ridesharing and e-vehicles, but also the government’s approach to policies and taxation that aggravated its difficulties.

Going forward, policies that are more congruent in terms of societal goals, including employment that support the development of large manufacturing opportunities, need to be thought through from a perspective of aligning and integrating objectives (in this case, transportation). Areas such as automotive and other industries for the manufacture of road and rail transport vehicles need to be considered from the perspective of reconfiguring the purpose, flow, and value-added, to achieve both low-cost, accessible mass transport, and vehicles for private use that complement transportation objectives as also employment and welfare.

Systematic and convergent planning and implementation across sectors could help achieve a better revival.

Shyam (no space) Ponappa at gmail dot com

1: https://www.reuters.com/article/us-health-coronavirus-usa-reopen-analysi/the-u-s-weighs-the-grim-math-of-death-vs-the-economy-idUSKBN21H1B4

2: https://www.financialexpress.com/opinion/the-coronavirus-lockdown-and-indias-urban-vulnerables/1915316/

For more details visit https://cis-india.org/internet-governance/blog/after-the-lockdown

Comments on NITI AAYOG Working Document: Towards Responsible #AIforAll

Shweta Mohandas, Arindrajit Basu and Ambika Tandon — 2020-08-18T06:25:18Z

The NITI Aayog Working Document on Responsible AI for All released on 21st July 2020 serves as a significant statement of intent from NITI Aayog, acknowledging the need to ensure that any conception of “Responsible AI” must fulfill constitutional responsibilities, incorporated through workable principles. However, as it is a draft document for discussion, it is important to highlight next steps for research and policy levers to build upon this report.

Read our comments in their entirety here.

For more details visit https://cis-india.org/internet-governance/blog/comments-on-niti-aayog-working-document-towards-responsible-aiforall

Fundamental Right to Privacy — Three Years of the Puttaswamy Judgment

pranav — 2020-08-24T07:46:10Z

Today marks three years since the Supreme Court of India recognised the fundamental right to privacy, but the ideals laid down in the Puttaswamy Judgment are far from being completely realized. Through our research, we invite you to better understand the judgment and its implications, and take stock of recent issues pertaining to privacy.

Amber Sinha dissects the Puttaswamy Judgment through an analysis of the sources, scope and structure of the right, and its possible limitations. [link]

Through a visual guide to the fundamental right to privacy, Amber Sinha and Pooja Saxena trace how courts in India have viewed the right to privacy since Independence, explain how key legal questions were resolved in the Puttaswamy Judgement, and provide an account of the four dimensions of privacy — space, body, information and choice — recognized by the Supreme Court. [link]

Based on publicly available submissions, press statements, and other media reports, Arindrajit Basu and Amber Sinha track the political evolution of the data protection ecosystem in India, on EPW Engage. They discuss how this has, and will continue to impact legislative and policy developments. [link]

For the AI Policy Exchange, Arindrajit Basu and Siddharth Sonkar examine the Automated Facial Recognition Systems (AFRS), and define the key legal and policy questions related to privacy concerns around the adoption of AFRS by governments around the world. [link]

Over the past decade, reproductive health programmes in India have been digitising extensive data about pregnant women. In partnership with Privacy International, we studied the Mother and Child Tracking system (MCTS), and Ambika Tandon presents the impact on the privacy of mothers and children in the country. [link]

While the right to privacy can be used to protect oneself from state surveillance, Mira Swaminathan and Shubhika Saluja write about the equally crucial problem of lateral surveillance — surveillance that happens between individuals, and within neighbourhoods, and communities — with a focus on this issue during the COVID-19 crisis. [link]

Finally, take a dive into the archives of the Centre for Internet and Society to read our work, which was cited in the Puttaswamy judgment — essays by Ashna Ashesh, Vidushi Marda and Bhairav Acharya that displaced the notion that privacy is inherently a Western concept, by attempting to locate the constructs of privacy in Classical Hindu [link], and Islamic Laws [link]; and Acharya’s article in the Economic and Political Weekly, which highlighted the need for privacy jurisprudence to reflect theoretical clarity, and be sensitive to unique Indian contexts [link].

For more details visit https://cis-india.org/internet-governance/blog/fundamental-right-to-privacy-three-years-of-the-puttaswamy-judgment

Comments to National Digital Health Mission: Health Data Management Policy

Shweta Mohandas, Pallavi Bedi, Shweta Reddy, and Saumyaa Naidu — 2020-10-05T15:56:51Z

CIS has submitted comments to the National Health Data Management Policy. We welcome the opportunity provided to our comments on the Policy and we hope that the final Policy will consider the interests of all the stakeholders to ensure that it protects the privacy of the individual while encouraging a digital health ecosystem.

Read the full set of comments here.

For more details visit https://cis-india.org/internet-governance/blog/comments-to-national-digital-health-mission-health-data-management-policy

Decrypting Automated Facial Recognition Systems (AFRS) and Delineating Related Privacy Concerns

Arindrajit Basu, Siddharth Sonkar — 2020-01-02T14:01:48Z

Arindrajit Basu and Siddharth Sonkar have co-written this blog as the first of their three-part blog series on AI Policy Exchange under the parent title: Is there a Reasonable Expectation of Privacy from Data Aggregation by Automated Facial Recognition Systems?

The use of aggregated Big Data by governments has the potential to exacerbate power asymmetries and erode civil liberties like few technologies of the past. In order to guard against the aggressive aggregation and manipulation of the data generated by individuals who are branded as suspect, it is critical that our firmly established constitutional rights protect human dignity in the face of this potential erosion.

The increasing ubiquity of Automated Facial Recognition Systems (AFRS) serve as a prime example of the rising desire of governments to push fundamental rights to the brink. With AFRS, the core fundamental right in question is privacy, although questions have been posed regarding the potential violation of other related rights, such as the Right to Equality and the Right to Free Speech and Expression, as well.

There is a rich corpus of literature, (see here, here and an excellent recent paper by Smriti Parsheera here) from a diverse coterie of scholars that call out the challenges posed by AFRS, particularly with respect to its proportionality as a restriction over the right to privacy. Our contribution to this discourse focuses on a very specific question around a ‘reasonable expectation of privacy’ — the standard identified for the protection of privacy in public spaces across jurisdictions, including in India. This is because at this juncture, the precise nature of the AFRS which will eventually be used and the regulations it will be subject to are not clear.

In Retd. K.S Puttaswamy (Retd.) v. Union of India: Justice Chandrachud (Puttaswamy I), the Indian Supreme Court was concerned with the question whether there exists a fundamental right to privacy under the Indian Constitution. A nine-judge bench of the Court recognized that the right to privacy is a fundamental right implicit inter alia in the right to life within Article 21 of the Constitution.

The right to privacy protects people and not places. Every person is entitled, however, to a reasonable expectation of privacy. The expectation of privacy must be twofold. First, the person must prove that the alleged act could inflict some harm. Such harm must be real and not be speculative or imaginary. Second, society must recognize this expectation as reasonable. The test of reasonable expectations is contextual, i.e., the extent to which it safeguards privacy depends on the place at which the individual is.

In order to pass any constitutional test, therefore, AFRS must satisfy the ‘reasonable expectation’ test articulated in Puttaswamy. However, in this context, the test itself has multiple contours. Do we have a right to privacy in a public place? Is AFRS collecting any data that specifically violates a right to privacy? Is the aggregation of that data a potential violation?

After providing a brief introduction to the use cases of AFRS in India and across the world, we embark upon answering all these questions.

Primer on Automated Facial Recognition Systems (AFRS)

Facial recognition is a biometric technology that utilises cameras to match stored or live footage of individuals (including both stills and moving footage) with images or video from an existing database. Some systems might also be used to analyze broader demographic trends or conduct sentiment analysis through crowd scanning.

While the use of photographs and video footage have been core components of police investigation, the use of algorithms to process vast tracts of Big Data (characterized by ‘Volume, Velocity, and Variety), and compare disparate and discrete data points allows for the derivation of hitherto unfeasible insights on the subjects of Big Data.

The utilisation of AFRS for law enforcement is rapidly spreading around the world. A Global AI Surveillance Index compiled by the Carnegie Endowment for International Peace found that at least sixty-four countries are incorporating facial recognition systems into their AI surveillance programs.

Chinese technology company Yitu has entered into a partnership with security forces in Malaysia to equip police officers with facial recognition body cameras that, powered by enabling technologies, would allow a comparison of images caught by the live body cameras with images from several central databases.

In England and Wales, London Metropolitan Police, South Wales Police, and Leicestershire Police are all in the process of developing technologies that allow for the identification and comparison of live images with those stored in a database.

The technology is being developed by Japanese firm NEC and the police force has limited ability to oversee or modify the software, given its proprietary nature. The Deputy Chief of South Wales Police stated that “the tech is given to [them] as a sealed box… [and the police force themselves] have no input – whatever it does, it does what it does.”

In the US, Baltimore’s police set up facial recognition cameras to track and arrest protestors — a system that reached its zenith during the 2018 riots in the city.

It is suspected that authorities in Hong Kong are also using AFRS to clamp down on the ongoing pro-democracy protests.

In India, the Ministry of Home Affairs, through the National Crime Records Bureau put out a tender for a new AFRS, whose stated objective is to “act as a foundation for national level searchable platform of facial images.” The AFRS will pull facial image data from CCTV feeds and compare these with existing records across databases including the Crime and Criminal Tracking Networks and Systems (CCTNS), Inter-operable Criminal Justice System (or ICJS), Immigration Visa Foreigner Registration Tracking (IVFRT), Passport, Prisons and state police records.

Plans are also afoot to integrate this with the yet to be deployed National Automated Fingerprint Identification System (NAFIS), thereby creating a multi-faceted surveillance system.

Despite raising eyeballs due to its potential all-pervasive scope, this tender is not the first instance of AFRS being used by Indian authorities. Punjab Police, in partnership with Gurugram-based start-up Staqu has launched and commenced implementation of the Punjab Artificial Intelligence System (PAIS) which uses digitised criminal records and automated facial recognition to retrieve information on a suspected criminal and essentially tracks their public whereabouts, which poses potential constitutional questions.

This was published by AI Policy Exchange.

For more details visit https://cis-india.org/internet-governance/decrypting-automated-facial-recognition-systems-afrs-and-delineating-related-privacy-concerns

Governing ID: Introducing our Evaluation Framework

Shruti Trikanad — 2020-03-02T08:03:49Z

With the rise of national digital identity systems (Digital ID) across the world, there is a growing need to examine their impact on human rights. In several instances, national Digital ID programmes started with a specific scope of use, but have since been deployed for different applications, and in different sectors. This raises the question of how to determine appropriate and inappropriate uses of Digital ID. In April 2019, our research began with this question, but it quickly became clear that a determination of the legitimacy of uses hinged on the fundamental attributes and governing structure of the Digital ID system itself. Our evaluation framework is intended as a series of questions against which Digital ID may be tested. We hope that these questions will inform the trade-offs that must be made while building and assessing identity programmes, to ensure that human rights are adequately protected.

Rule of Law Tests

Foundational Digital ID must only be implemented along with a legitimate regulatory framework that governs all aspects of Digital ID, including its aims and purposes, the actors who have access to it, etc. In the absence of this framework, there is nothing that precludes Digital IDs from being leveraged by public and private actors for purposes outside the intended scope of the programme. Our rule of law principles mandate that the governing law should be enacted by the legislature, be devoid of excessive delegation, be clear and accessible to the public, and be precise and limiting in its scope for discretion. These principles are substantiated by the criticism that the Kenyan Digital ID, the Huduma Namba, was met with when it was legalized through a Miscellaneous Amendment Act, meant only for small or negligible amendments and typically passed without any deliberation. These set of tests respond to the haste with which Digital ID has been implemented, often in the absence of an enabling law which adequately addresses its potential harms.

Rights based Tests

Digital ID, because of its collection of personal data and determination of eligibility and rights of users, intrinsically involves restrictions on certain fundamental rights. The use of Digital ID for essential functions of the State, including delivery of benefits and welfare, and maintenance of civil and sectoral records, enhance the impact of these restrictions. Accordingly, the entire identity framework, including its architecture, uses, actors, and regulators, must be evaluated at every stage against the rights it is potentially violating. Only then will we be able to determine if such violation is necessary and proportionate to the benefits it offers. In Jamaica, the National Identification and Registration Act, which mandated citizens’ biometric enrolment at the risk of criminal sanctions, was held to be a disproportionate violation of privacy, and therefore unconstitutional.

Risk based Tests

Even with a valid rule of law framework that seeks to protect rights, the design and use of Digital ID must be based on an analysis of the risks that the system introduces. This could take the form of choosing between a centralized and federated data-storage framework, based on the effects of potential failure or breach, or of restricting the uses of the Digital ID to limit the actors that will benefit from breaching it. Aside from the design of the system, the regulatory framework that governs it should also be tailored to the potential risks of its use. The primary rationale behind a risk assessment for an identity framework is that it should be tested not merely against universal metrics of legality and proportionality, but also against an examination of the risks and harms it poses. Implicit in a risk based assessment is also the requirement of implementing a responsive mitigation strategy to the risks identified, both while creating and governing the identity programme.

Digital ID programmes create an inherent power imbalance between the State and its residents because of the personal data they collect and the consequent determination of significant rights, potentially creating risks of surveillance, exclusion, and discrimination. The accountability and efficiency gains they promise must not lead to hasty or inadequate implementation.

For more details visit https://cis-india.org/internet-governance/blog/governing-id-introducing-our-evaluation-framework

Governing ID: India’s Unique Identity Programme

Vrinda Bhandari — 2020-03-02T11:38:51Z

In our second case-study, we use our Evaluation Framework for Digital ID to assess India’s Unique Identity Programme.

Read the case-study or download as PDF.

For more details visit https://cis-india.org/internet-governance/governing-id-india2019s-unique-identity-programme

Governing ID: Use of Digital ID in the Healthcare Sector

Shruti Trikanad — 2020-03-02T13:21:22Z

In our third case-study, we use our Evaluation Framework for Digital ID to examine the use of Digital ID in the healthcare sector.

Read the case-study or download as PDF.

For more details visit https://cis-india.org/internet-governance/blog/governing-id-use-of-digital-id-in-the-healthcare-sector

A Compilation of Research on the PDP Bill

pranav — 2020-03-05T08:04:24Z

The most recent step in India’s initiative to create an effective and comprehensive Data Protection regime was the call for comments to the Personal Data Protection Bill, 2019, which closed last month. Leading up to the comments, CIS has published numerous research pieces with the goal of providing a comprehensive overview of how this legislation would place India within the global scheme, and how the local situation has developed, as well as analysing its impacts on citizens’ rights.

In addition to general and clause-by-clause comments and recommendations, we have compiled an annotated version of the Personal Data Protection Bill, which lays out our commentary in an easy-to-follow format.

Below, you can find our other recent research on Data Protection:

Pallavi Bedi has put together a note on the Divergence between EU’s General Data Protection Regulation (GDPR) and the Personal Data Protection Bill.

In addition, Pallavi has also contrasted the Personal Data Protection Bill with the GDPR and California Consumer Protection Act, in the contexts of jurisdiction and scope, rights of the data principal, obligations of data fiduciaries, exemptions, data protection authority, and breach of personal data.

On IAPP’s blog Privacy Perspectives, D. Shweta Reddy has assessed whether the Personal Data Protection Bill 2019 is sufficient for India to receive adequacy status from the EU.

Along with Justin Sherman, Arindrajit Basu has outlined the key global takeaways from the Personal Data Protection Bill 2019 on Lawfare.

On The Diplomat, Arindrajit has also traced the narrowing localization provisions in India, as well as Vietnam and Indonesia, and studied the actors and geopolitical tussle that has shaped these provisions.

Through a string of publicly available submissions, press statements, and other media reports, Arindrajit and Amber Sinha have tracked the political evolution of the data protection ecosystem in India, and how this has, and will continue to impact legislative and policy developments on EPW Engage.

Gurshabad Grover and Tanaya Rajwade have written on The Wire about how the Personal Data Protection Bill regulates social media.

Amber was also a guest on Suno India’s Cyber Democracy podcast, with Srinivas Kodali, to discuss how the latest version of the Personal Data Protection Bill will impact the right to privacy.

For more details visit https://cis-india.org/internet-governance/blog/compilation-of-research-on-data-protection

RBI Ban on Cryptocurrencies not backed by any data or statistics

vipul — 2020-03-05T18:35:48Z

In March 2020, the Supreme Court of India quashed the RBI order passed in 2018 that banned financial services firms from trading in virtual currency or cryptocurrency. Keeping this policy window in mind, the Centre for Internet & Society will be releasing a series of blog posts and policy briefs on cryptocurrency regulation in India

On April 6, 2018 the RBI issued a circular preventing all Commercial and Co-operative Banks, Payments Banks, Small Finance Banks, NBFCs, and Payment System Providers not only from dealing in virtual currencies themselves but also directing them to stop providing services to all entities which deal with virtual currencies. The RBI had issued a Press Release cautioning the public against dealing in virtual currencies including Bitcoin in 2013. However, the growing popularity of cryptocurrencies and its adoption by large numbers of Indian users, may have been the reason which forced the RBI to issue another Press Release in February 2017 reiterating its earlier concerns regarding cryptocurrencies raised in its earlier circular of 2013. In December 2017 both the RBI as well as the Ministry of Finance issued Press Releases cautioning the general public about the dangers and risks associated with cryptocurrencies, finally culminating in the circular dated April 6, 2018 banning financial institutions from dealing with cryptocurrency traders. As a result of this circular the operations of cryptocurrency exchanges took a severe hit and the number of transactions on these exchanges reduced substantially. The cryptocurrency market in India all but disappeared with only a few extremely determined enthusiasts still dealing in cryptocurrencies, at the risk of potentially depriving themselves of banking services altogether.

The RBI circular was challenged in the Supreme Court by the Internet and Mobile Association of India; final arguments in the case were concluded only in the last week of January, 2020 with the judgment of the Supreme Court being awaited. Generally speaking, whenever such policy decisions of the executive branch are challenged in the courts, a well accepted defense for the executive authorities, specifically in highly complicated fields such as finance, etc. is that the decision was taken by an expert body using its expertise in the field. The basic rationale underlying this argument is that the authority has relied on verifiable data and used its expertise to analyse the same in order to arrive at its decision.

However, it appears from the response by the RBI to an RTI query by Centre for Internet and Society, that requested the RBI for a copy of all reports, papers, opinions and advice that was relied upon for issuing the April 6, 2018 circular, that the RBI has not relied upon any such data to come to a conclusion that banking services should be denied to all those entities dealing in cryptocurrencies. It appears from the response to the RTI query that it was the RBI’s own previous circulars and press releases which formed the basis for the April 6, 2018 circular. This response completely undermines the argument that the decision by the RBI was taken after an analysis of all the facts and statistics concerned with cryptocurrency trading.

Not only does the RTI response weaken the commonly accepted defense of an expert body making a well-reasoned decision, but it also strengthens another legal ground for challenging the decision of the RBI, viz. arbitrariness. One of the grounds on which executive decisions can be challenged is that the decision was made without taking into account relevant material and without the application of mind. The admission by the RBI in its RTI response that there is no material relied upon by the RBI, except its own previous Press Releases, only strengthens the argument that the decision was made in an arbitrary manner.

Such an admission by the RBI regarding the process followed before issuing the April 6, 2018 circular reduces the credibility of the decision itself. However it remains to be seen whether the Supreme Court of India agrees with the arguments of the petitioners challenging the April 6, 2018 circular, even though the petitioners may not have been able to produce this RTI response from the RBI to further bolster their case.

For more details visit https://cis-india.org/internet-governance/blog/rbi-ban-on-cryptocurrencies-not-backed-by-any-data-or-statistics

‘Future of Work’ in India’s IT/IT-es Sector

Aayush Rathi and Elonnai Hickok — 2020-04-28T09:52:59Z

The Centre for Internet and Society has recently undertaken research into the impact of Industry 4.0 on work in India. Industry 4.0, for the purposes of the research, is conceptualised as the technical integration of cyber physical systems (CPS) into production and logistics and the use of the ‘internet of things’ (connection between everyday objects) and services in (industrial) processes. By undertaking this research, CIS seeks to complement and contribute to the discourse and debates in India around the impact of Industry 4.0. In furtherance of the same, this report seeks to explore several key themes underpinning the impact of Industry 4.0 specifically in the IT/IT-es sector and broadly on the nature of work itself.

Read the complete case-study here: Download (PDF)

Introduction

Scholarship on 'Industry 4.0' that has emerged globally has sought to address the challenges of technological forecasting as it relates to work in varied forms. For instance, the Frey-Osborne methods examine characteristic tasks of each occupation and suggest that almost half of all jobs in the United States and other advanced countries are at risk of being substituted by computers or algorithms within the next 10 to 20 years. [1] On the other hand, scholars such as Autor and Handel as well as research produced by OECD on this subject argue that occupations as a whole are unlikely to be automated as there is great variability in the tasks within each occupation. [2] Existing literature on the impact on jobs in the IT sector in India too have arrived at mixed conclusions. Reports have raised concerns about job loss in the sector as a result of automation [3] whilst it has also been reported that employment from the IT sector reached 3.86 million in 2016-17 and an addition of around 105,000 was witnessed in FY18 itself. [4]

In this context, it is crucial to start by developing an understanding of which technologies are at the forefront of bringing in Industry 4.0. Such an understanding will further help understand which jobs, and more specifically, job functions are at the greatest risk of being replaced by automation technologies. To further contextualise the impact, it is imperative to develop a comprehensive understanding of how job functions are organised within the sector itself. This becomes especially relevant with the emphasis Industry 4.0 places on the horizontal and vertical integration of the various technologies constituting Industry 4.0. [5]

It is anticipated that to stay ahead of the curve of ‘technological unemployment’ there will be significant skilling and re-skilling challenges to enable new talent addition around emerging job roles. [6] The skilling challenge gains enhanced importance in the broader context of nurturing an inclusive digital economy. [7] This is particularly relevant in the context of female labour force participation, since it has been predicted that job creation will be concentrated in sectors where females are underrepresented and difficult to retain, while sectors with higher female participation, such as secretarial work, will undergo job loss. [8]

However, it is not clear how these trends will play out in the future, particularly because other structural changes are taking place simultaneously (such as globalisation and protectionism, demographic change, policy making, technological adoption etc.).

Objective and Scope

This research seeks to contribute to existing studies and dialogue on the impact and effect of industry 4.0 on work in the Information Technology services (IT) sector in India. Though the research focuses on the impact of technologies that comprise Industry 4.0, such technologies are frequently interchanged with the words ‘automation’ and ‘digitisation’. Thus, the desk research also examines the impact of ‘automation’ and ‘digitisation’ on the IT sector in India. The case study looks atthe IT sector broadly and where applicable, calls out information specific to sub-sectors such as IT enabled services (IT-eS) or Business Process Management (IT-BPM). The IT sector in India is uniquely placed; it is producing the technologies that are disrupting work in other industries as well as implementing them internally. This report focuses on the latter, but brings into context the former when relevant to work in the sector.

By drawing out trends and providing an analysis of contextual, quantitative and qualitative data on changes to work and labour markets in India as a result of technological uptake, it is anticipated that comparative research can be enabled by creating a framework that can be replicated in other, particularly developing, contexts.

References

[1] Carl Benedikt Frey and Michael A. Osborne, 2013. The future of employment: How susceptible are jobs to computerisation?, Oxford Martin School, September.

[2] See David H. Autor & Michael J. Handel, 2013. “Putting Tasks to the Test: Human Capital, Job Tasks, and Wages,” Journal of Labor Economics, University of Chicago Press, Vol. 31(S1), pages S59 -S96. See also: Future of Work and Skills, The Organisation for Economic Co-operation and Development, February 2017.

[3] Business Today, AI, automation will cost 7 lakh IT jobs by 2022, says report. (November 7, 2017) Retrieved https://www.businesstoday.in/sectors/it/ai-and-automation-to-cost-7-lakh-it-jobs-by-2022-says-report/story/259880.html

[4] Advantage India, India Brand Equity Foundation. Retrieved https://www.ibef.org/download/IT-ITeS-Report-Apr-2018.pdf

[5] Embracing Industry 4.0 -and Rediscovering Growth, Boston Consulting Group. Retrieved https://www.bcg.com/capabilities/operations/embracing-industry-4.0-rediscovering-growth.aspx

[6] India’s Readiness for Industry 4.0 -A Focus on Automotive Sector, Grant Thorton and Confederation of Indian Industry. Retrieved http://www.nasscom.in/sites/default/files/NASSCOM_Annual_Guidance_Final_22062017.pdf

[7] G20 Insights, Bridging the digital divide: Skills for the new age., Retrieved http://www.g20-insights.org/policy_briefs/bridging-digital-divide-skills-new-age/

[8] World Economic Forum, The Future of Jobs -Employment, Skills and Workforce Strategy for the Fourth Industrial Revolution, (January 2016).

For more details visit https://cis-india.org/internet-governance/blog/future-of-work-in-india-it-it-es-sector

An Evidence based Intermediary Liability Policy Framework: Workshop at IGF

jyoti — 2014-07-04T06:41:10Z

CIS is organising a workshop at the Internet Governance Forum 2014. The workshop will be an opportunity to present and discuss ongoing research on the changing definition of intermediaries and their responsibilities across jurisdictions and technologies and contribute to a comprehensible framework for liability that is consistent with the capacity of the intermediary and with international human-rights standards.

The Centre for Internet and Society, India and Centre for Internet and Society, Stanford Law School, USA, will be organising a workshop to analyse the role of intermediary platforms in relation to freedom of expression, freedom of information and freedom of association at the Internet Governance Forum 2014. The aim of the workshop is to highlight the increasing importance of digital rights and broad legal protections of stakeholders in an increasingly knowledge-based economy. The workshop will discuss public policy issues associated with Internet intermediaries, in particular their roles, legal responsibilities and related liability limitations in context of the evolving nature and role of intermediaries in the Internet ecosystem. distinct

Online Intermediaries: Setting the context

The Internet has facilitated unprecedented access to information and amplified avenues for expression and engagement by removing the limits of geographic boundaries and enabling diverse sources of information and online communities to coexist. Against the backdrop of a broadening base of users, the role of intermediaries that enable economic, social and political interactions between users in a global networked communication is ubiquitous. Intermediaries are essential to the functioning of the Internet as many producers and consumers of content on the internet rely on the action of some third party–the so called intermediary. Such intermediation ranges from the mere provision of connectivity, to more advanced services such as providing online storage spaces for data, acting as platforms for storage and sharing of user generated content (UGC), or platforms that provides links to other internet content.

Online intermediaries enhance economic activity by reducing costs, inducing competition by lowering the barriers for participation in the knowledge economy and fuelling innovation through their contribution to the wider ICT sector as well as through their key role in operating and maintaining Internet infrastructure to meet the network capacity demands of new applications and of an expanding base of users.

Intermediary platforms also provide social benefits, by empowering users and improving choice through social and participative networks, or web services that enable creativity and collaboration amongst individuals. By enabling platforms for self-expression and cooperation, intermediaries also play a critical role in establishing digital trust, protection of human rights such as freedom of speech and expression, privacy and upholding fundamental values such as freedom and democracy.

However, the economic and social benefits of online intermediaries are conditional to a framework for protection of intermediaries against legal liability for the communication and distribution of content which they enable.

Intermediary Liability

Over the last decade, right holders, service providers and Internet users have been locked in a debate on the potential liability of online intermediaries. The debate has raised global concerns on issues such as, the extent to which Internet intermediaries should be held responsible for content produced by third parties using their Internet infrastructure and how the resultant liability would affect online innovation and the free flow of knowledge in the information economy?

Given the impact of their services on communications, intermediaries find themselves as either directly liable for their actions, or indirectly (or “secondarily”) liable for the actions of their users. Requiring intermediaries to monitor the legality of the online content poses an insurmountable task. Even if monitoring the legality of content by intermediaries against all applicable legislations were possible, the costs of doing so would be prohibitively high. Therefore, placing liability on intermediaries can deter their willingness and ability to provide services, hindering the development of the internet itself.

Economics of intermediaries are dependent on scale and evaluating the legality of an individual post exceeds the profit from hosting the speech, and in the absence of judicial oversight can lead to a private censorship regime. Intermediaries that are liable for content or face legal exposure, have powerful incentives, to police content and limit user activity to protect themselves. The result is curtailing of legitimate expression especially where obligations related to and definition of illegal content is vague. Content policing mandates impose significant compliance costs limiting the innovation and competiveness of such platforms.

More importantly, placing liability on intermediaries has a chilling effect on freedom of expression online. Gate keeping obligations by service providers threaten democratic participation and expression of views online, limiting the potential of individuals and restricting freedoms. Imposing liability can also indirectly lead to the death of anonymity and pseudonymity, pervasive surveillance of users' activities, extensive collection of users' data and ultimately would undermine the digital trust between stakeholders.

Thus effectively, imposing liability for intermediaries creates a chilling effect on Internet activity and speech, create new barriers to innovation and stifles the Internet's potential to promote broader economic and social gains. To avoid these issues, legislators have defined 'safe harbours', limiting the liability of intermediaries under specific circumstances.

Online intermediaries do not have direct control of what information is or information are exchanged via their platform and might not be aware of illegal content per se. A key framework for online intermediaries, such limited liability regimes provide exceptions for third party intermediaries from liability rules to address this asymmetry of information that exists between content producers and intermediaries.

However, it is important to note, that significant differences exist concerning the subjects of these limitations, their scope of provisions and procedures and modes of operation. The 'notice and takedown' procedures are at the heart of the safe harbour model and can be subdivided into two approaches:

a. Vertical approach where liability regime applies to specific types of content exemplified in the US Digital Copyright Millennium Act

b. Horizontal approach based on the E-Commerce Directive (ECD) where different levels of immunity are granted depending on the type of activity at issue

Current framework

Globally, three broad but distinct models of liability for intermediaries have emerged within the Internet ecosystem:

1. Strict liability model under which intermediaries are liable for third party content used in countries such as China and Thailand

2. Safe harbour model granting intermediaries immunity, provided their compliance on certain requirements

3. Broad immunity model that grants intermediaries broad or conditional immunity from liability for third party content and exempts them from any general requirement to monitor content.

While the models described above can provide useful guidance for the drafting or the improvement of the current legislation, they are limited in their scope and application as they fail to account for the different roles and functions of intermediaries. Legislators and courts are facing increasing difficulties, in interpreting these regulations and adapting them to a new economic and technical landscape that involves unprecedented levels user generated content and new kinds of and online intermediaries.

The nature and role of intermediaries change considerably across jurisdictions, and in relation to the social, economic and technical contexts. In addition to the dynamic nature of intermediaries the different categories of Internet intermediaries‘ are frequently not clear-cut, with actors often playing more than one intermediation role. Several of these intermediaries offer a variety of products and services and may have number of roles, and conversely, several of these intermediaries perform the same function. For example , blogs, video services and social media platforms are considered to be 'hosts'. Search engine providers have been treated as 'hosts' and 'technical providers'.

This limitations of existing models in recognising that different types of intermediaries perform different functions or roles and therefore should have different liability, poses an interesting area for research and global deliberation. Establishing classification of intermediaries, will also help analyse existing patterns of influence in relation to content for example when the removal of content by upstream intermediaries results in undue over-blocking.

Distinguishing intermediaries on the basis of their roles and functions in the Internet ecosystem is critical to ensuring a balanced system of liability and addressing concerns for freedom of expression. Rather than the highly abstracted view of intermediaries as providing a single unified service of connecting third parties, the definition of intermediaries must expand to include the specific role and function they have in relation to users' rights. A successful intermediary liability regime must balance the needs of producers, consumers, affected parties and law enforcement, address the risk of abuses for political or commercial purposes, safeguard human rights and contribute to the evolution of uniform principles and safeguards.

Towards an evidence based intermediary liability policy framework

This workshop aims to bring together leading representatives from a broad spectrum of stakeholder groups to discuss liability related issues and ways to enhance Internet users’ trust.

Questions to address at the panel include:

1. What are the varying definitions of intermediaries across jurisdictions?

2. What are the specific roles and functions that allow for classification of intermediaries?

3. How can we ensure the legal framework keeps pace with technological advances and the changing roles of intermediaries?

4. What are the gaps in existing models in balancing innovation, economic growth and human rights?

5. What could be the respective role of law and industry self-regulation in enhancing trust?

6. How can we enhance multi-stakeholder cooperation in this space?

Confirmed Panel:

Technical Community: Malcolm Hutty: Internet Service Providers Association (ISPA)
Civil Society: Gabrielle Guillemin: Article19
Academic: Nicolo Zingales: Assistant Professor of Law at Tilburg University
Intergovernmental: Rebecca Mackinnon: Consent of the Networked, UNESCO project
Civil Society: Anriette Esterhuysen: Association for Progressive Communication (APC)
Civil Society: Francisco Vera: Advocacy Director: Derechos Digitale
Private Sector: Titi Akinsanmi: Policy and Government Relations Manager, Google Sub-Saharan Africa
Legal: Martin Husovec: MaxPlanck Institute

Moderator(s): Giancarlo Frosio, Centre for Internet and Society (CIS) and Jeremy Malcolm, Electronic Frontier Foundation

Remote Moderator: Anubha Sinha, New Delhi

For more details visit https://cis-india.org/internet-governance/blog/igf-workshop-an-evidence-based-intermediary-liability-policy-framework

Towards Algorithmic Transparency

Radhika Radhakrishnan, and Amber Sinha — 2020-07-15T13:16:44Z

This policy brief examines the issue of transparency as a key ethical component in the development, deployment, and use of Artificial Intelligence.

This brief proposes a framework that seeks to overcome the challenges in preserving transparency when dealing with machine learning algorithms, and suggests solutions such as the incorporation of audits, and ex ante approaches to building interpretable models right from the design stage. Read the full report here.

The Regulatory Practices Lab at CIS aims to produce regulatory policy suggestions focused on India, but with global application, in an agile and targeted manner and to promote transparency around practices affecting digital rights.
The Regulatory Practices Lab is supported by Google and Facebook.

For more details visit https://cis-india.org/internet-governance/blog/towards-algorithmic-transparency

Mapping Web Censorship & Net Neutrality Violations

pranav — 2020-10-05T07:59:47Z

For over a year, researchers at the Centre for Internet and Society have been studying website blocking by internet service providers (ISPs) in India. We have learned that major ISPs don’t always block the same websites, and also use different blocking techniques. To take this study further, and map net neutrality violations by ISPs, we need your help. We have developed CensorWatch, a research tool to collect empirical evidence about what websites are blocked by Indian ISPs, and which blocking methods are being used to do so. Read more about this project (link), download CensorWatch (link), and help determine if ISPs are complying with India’s net neutrality regulations.

Learn more about website blocking in India, through our recent work on the issue —

Using information from court orders, user reports, and government orders, and running network tests from six ISPs, Kushagra Singh, Gurshabad Grover and Varun Bansal presented the largest study of web blocking in India. Through their work, they demonstrated that major ISPs in India use different techniques to block websites, and that they don’t block the same websites (link).
Gurshabad Grover and Kushagra Singh collaborated with Simone Basso of the Open Observatory of Network Interference (OONI) to study HTTPS traffic blocking in India by running experiments on the networks of three popular Indian ISPs: ACT Fibernet, Bharti Airtel, and Reliance Jio (link).
For The Leaflet, Torsha Sarkar and Gurshabad Grover wrote about the legal framework of blocking in India — Section 69A of the IT Act and its rules. They considered commentator opinions questioning the constitutionality of the regime, whether originators of content are entitled to a hearing, and whether Rule 16, which mandates confidentiality of content takedown requests received by intermediaries from the Government, continues to be operative (link).
In the Hindustan Times, Gurshabad Grover critically analysed the confidentiality requirement embedded within Section 69A of the IT Act and argued how this leads to internet users in India experiencing arbitrary censorship (link).
Torsha Sarkar, along with Sarvjeet Singh of the Centre for Communication Governance (CCG), spoke to Medianama delineating the procedural aspects of section 69A of the IT Act (link).
Arindrajit Basu spoke to the Times of India about the geopolitical and regulatory implications of the Indian government’s move to ban fifty-nine Chinese applications from India (link).

For more details visit https://cis-india.org/internet-governance/blog/mapping-web-censorship-net-neutrality-violations

ICANN Begins its Sojourn into Open Data

Padmini Baruah and Sumandro Chattapadhyay — 2016-11-12T01:17:24Z

The Internet Corporation for Assigned Names and Numbers (ICANN) recently announced that it will now set up a pilot project in order to introduce an Open Data initiative for all data that it generates. We would like to extend our congratulations to ICANN on the development of this commendable new initiative, and would be honoured to support the creation of this living document to be prepared before ICANN 58.

To quote the ICANN blog directly, the aim of this project is to “bring selected data sets into the open, available through web pages and programming APIs, for the purposes of external party review and analysis” [1]. This will play out through the setting up of three components:

Development of a catalogue of existing data sets which will be appropriate for publication
Selection of the technology necessary for managing the publication of these data sets.
Creation of a process to prioritise the order in which the data sets are made available [2].

Principles in Question

The Centre for Internet and Society firmly believes in the value of accessible, inclusive open data standards as a tool for enhancing transparency in any system. Greater transparency goes a long way towards bringing a regulatory authority closer to those who are governed under it – be it a state or a body such as ICANN. It is, in fact, an indispensable component of a multistakeholder model of governance to facilitate informed participation by all parties concerned in the decision making process.

The right to information that a regulatory authority owes those it regulates has two kinds of components. The first may be described as reactive disclosure – “when individual members of the public file requests for and receive information” [3]. The second is disclosure that is more proactive in nature – “when information is made public at the initiative of the public body, without a request being filed” [4]. The former is epitomized by initiatives such as the Freedom of Information Act [5] in the United States, the Right to Information Act in India [6], or ICANN’s very own Documentary Information Disclosure Policy [7].

Proactive disclosure policies, on the other hand, operate out of the principle that the provision of information by those in positions of regulatory authority will ensure free and timely flow of information to the public, and the information so provided will be equally accessible to everyone, without the need for individual requests being filed [8]. Proactive disclosure also goes a long way towards preventing officials from denying or manipulating information subsequent to publication [9]. Scholars have touted proactive disclosure as the “future of the right to know” [10].

At the Centre for Internet and Society, much of our research has pointed towards the direction of creating better open data standards for governments (Please see “Open Data Government Study: India”). We are one of the Lead Stewards of the International Open Data Charter [11] and have maintained that it is crucial for governments to maintain open data standards in the interest of transparency and accountability. We firmly believe that the same principles extend also to ICANN – a body which, as per its own by-laws commits towards operating “…to the maximum extent feasible in an open and transparent manner and consistent with procedures designed to ensure fairness”[12].

Suggestions

While this policy is in its nascent stage, we would like to put forward certain principles which we believe ought to be kept in mind before it gets chalked out, in the best interest of the ICANN community:

To determine what data sets should be made publicly accessible, it would be useful to carry out an analysis of existing DIDP requests to understand trends in the kind of information that the ICANN community is interested in accessing, which can then be proactively disclosed. It would be redundant on ICANN’s part to disclose, under this Open Data Policy, data which is already publicly available.
ICANN should first develop a catalog of all existing data sets with ICANN, apply the principles for deciding appropriateness for publication, then make publicly available both the full catalog, and the actual data sets identified for publication. ICANN should make clear the kind of information it is not going to make accessible under this open data standards, and justify the principles on the basis of which it is choosing to do so (analogous to the exceptions clauses under the DIDP).
With respect to technology to be selected for managing the publication of data sets, free and open source software (such as CKAN) ought to be used, and open standards should be adopted for the use and licensing of such data.
Such data ought to be downloadable in bulk in CSV/JSON/XML formats.
DIDP responses and the open data work flows ought to be integrated so that all the responses to DIDP requests are automatically published in a machine-readable format as open data.
Qualitative (text of speeches, slides from presentations, recordings of sessions, etc.) and quantitative data should both be included under this new policy.

In conclusion, we would like to extend our congratulations to ICANN on the development of this commendable new initiative, and would be honoured to support the creation of this living document before ICANN 58.

Endnotes

[1] Internet Corporation for Assigned Names and Numbers, ICANN Kicks off Open Data Initiative Pilot, (November 6, 2016), available at https://www.icann.org/news/blog/icann-kicks-off-open-data-initiative-pilot (Last visited on November 9, 2016).

[2] Id.

[3] Naniette Coleman, Proactive vs. Reactive Transparency, (February 8, 2010), available at: http://blogs.worldbank.org/publicsphere/proactive-vs-reactive-transparency (Last visited on November 9, 2016).

[4] Id.

[5] Freedom of Information Act, 1966, 5 U.S.C. § 552.

[6] Right to Information Act, 2005 available at http://righttoinformation.gov.in/rti-act.pdf

[7] ICANN, Documentary Information Disclosure Policy, available at https://www.icann.org/resources/pages/didp-2012-02-25-en (Last visited on November 9, 2016).

[8] Helen Darbishire, Proactive Transparency: The future of the right to information? Working paper. N.p.: World Bank, (2009).

[9] Id.

[10] Darbishire, supra note 8.

[11] Open Data Charter, Who We Are, available at http://opendatacharter.net/who-we-are/ (Last visited on November 10, 2016).

[12] Article III(1), Bylaws For Internet Corporation For Assigned Names And Numbers

For more details visit https://cis-india.org/internet-governance/icann-begins-its-sojourn-into-open-data