Centre for Internet and Society

India blocks access to 857 porn sites

pranesh — 2015-08-05T01:31:32Z

India has blocked free access to 857 porn sites in what it says is a move to prevent children from accessing them.

The story was published by BBC on August 3, 2015. Pranesh Prakash gave his inputs.

Adults will still be able to access the sites using virtual private networks (VPNs) or proxy servers. In July, the Supreme Court expressed its unhappiness over the government's inability to block sites, especially those featuring child pornography.

Telecom companies have said they will not be able to enforce the "ban" immediately.

"We have to block each site one by one and it will take a few days for all service providers to block all the sites," an unnamed telecom company executive told The Times of India newspaper.

A senior official, who preferred to remained unnamed, told the BBC Hindi that India's department of telecommunications had "advised" telecom operators and Internet service providers to "control free and open access" to 857 porn sites.

"There is no total ban. This was done in the backdrop of Supreme Court's observation on children having free access to porn sites. The idea is also to protect India's cultural fabric. This will not prevent adults from visiting porn sites," the official said.

In July, the top court had observed that it was not for the court to order a ban on porn sites.

"It is an issue for the government to deal with. Can we pass an interim order directing blocking of all adult websites? And let us keep in mind the possible contention of a person who could ask what crime have I committed by browsing adult websites in private within the four walls of my house. Could he not argue about his right to freedom to do something within the four walls of his house without violating any law?," the court said.

According to statistics released by adult site Pornhub, India was its fourth largest source of traffic in 2014, behind the US, UK and Canada. Pranesh Prakash of the Bangalore based Centre for Internet and Society said the directive to block the 857 sites was "the largest single order of its kind" in India.

"The government's reasoning that it is not a ban because adults can still access the porn sites is ridiculous," he told the BBC. The move has caused a great deal of comment on Indian social media networks, with many prominent personalities coming forward to condemn it.

Popular author Chetan Bhagat, writer and commentator Nilanjana Roy, politician Milind Deora and director Ram Gopal Varma have all added their voices to the debate.

For more details visit https://cis-india.org/internet-governance/news/bbc-news-august-3-2015-india-blocks-access-to-857-porn-sites

Porn ban: People will soon learn to circumvent ISPs and govt orders, expert says

pranesh — 2015-08-05T01:47:52Z

The article by Karthikeyan Hemalatha was published in the Times of India on August 2. Pranesh Prakash gave inputs.

The government used other sections of the Act to circumvent this provision. Sources in the Department of Telecommunication, which comes under the ministry of communications and information technology, said a notification had been issued under Section 79 (b) of IT Act under which internet service providers could be penalized for not following government orders. "Though the section protects an internet service provider (ISP) from legal action for the content it may allow, it can be penalized for not following government orders to ban them," said Prakash.

Last month, the Supreme Court declined to pass an interim order to block websites which have pornographic content. "Such interim orders cannot be passed by this court. Somebody may come to the court and say 'look I am above 18 and how can you stop me from watching it within the four walls of my room?' It is a violation of Article 21 [right to personal liberty]," said Chief Justice H L Dattu.

The judge was reacting to a public interest litigation filed by advocate Kamlesh Vashwani who was seeking to block porn websites in the country. "The issue is definitely serious and some steps need to be taken. The Centre is expected to take a stand. Let us see what stand the Centre will take," the Chief Justice said and directed the Centre to reply within four weeks. Over the weekend, the stance became clear.

Sources also say that Section 19 (2) of the Constitution was used for the ban. The section allows the government to impose "reasonable restrictions in the interest of sovereignty and integrity of India, security of the state, decency or morality or in relation to contempt of court."

For netizens, the government could actually be providing crash courses on proxy sites. "This is the best way to teach people on how to circumvent ISPs and government orders," said Prakash, adding that real abusive porn sites might still be available.

"There is no dynamic mechanism to block all sites with pornographic content. The government has to individually pick URLs (uniform resource locator) to ban websites. Right now, only popular websites have been banned and the little known abusive sites like those that propagate revenge porn or child porn," said Prakash. "No ban can be comprehensive," he added.

For more details visit https://cis-india.org/internet-governance/news/the-times-of-india-august-2-2015-karthikeyan-hemalatha-porn-ban

Porn block in India sparks outrage

pranesh — 2015-08-05T02:10:46Z

India’s government has triggered a storm of protest after blocking 857 alleged pornography websites, with privacy and internet freedom campaigners, as well as consumers, condemning the move as arbitrary and unlawful.

The article by Amanda Hodge was published in the Australian on August 5, 2015. Pranesh Prakash gave his inputs.

The order, enforced since Sunday by the country’s main internet service providers, comes amid debate about the influence of pornography on sex crime in India, and as the Supreme Court considers a petition by lawyer Kamlesh Vaswani to ban pornographic websites that harm children.

The government has been forced to defend the move, saying it was taken in response to Supreme Court criticism at inaction against child pornography websites, although the Supreme Court itself has refused to impose any interim ban while it considers the petition. The websites — a fraction of the world’s millions of internet pornography sites — will remain blocked until the government figures out how to restrict access, a spokesman said.

Critics have slammed the measure as unconstitutional and pointed out the list includes adult humour sites that contain no pornographic content. Others have suggested it is another intrusion into the private lives of ordinary Indians by an administration intent on pushing a puritanical Hindu agenda, citing the recent ban on beef in several states and an alleged “Hindu-isation” of school textbooks.

That prompted outrage from Telecom Minister Ravi Shankar Prasad. “I reject with contempt the charge that it is a Talibani government. Our government supports free media, respects communication on social media and has respected freedom of communication always,” he said.

While India has no law preventing citizens accessing internet pornography, regulations do restrict the publishing of “obscene information in electronic form”. Centre for Internet and Society policy director Pranesh Prakash told The Australian yesterday that some elements of that act were welcome — such as prohibition of child pornography and the uploading of a person’s private parts without consent — but “the provisions relating to ‘sexually explicit materials’ are far too broad, with no exceptions made for art, architecture, education or literature”.

Mr Prakash said the pornography ban amounted to an “abdication of the government’s duty”, given the list of sites blocked was provided on request to the government by one of the Vaswani petitioners. “The additional solicitor-general essentially asked one of the petitioners to provide a list of websites, which she passed on to the Department of Information Technology, which in turn passed to Department of Telecommunications asking for them to be blocked or disabled.

“That is not acceptable in a democracy where it is not the government which has actually found any of these websites to be unlawful.” Mr Prakash also criticised the secrecy surrounding the order, which he said contravened Indian law requiring a public declaration of any intended ban so that it might be challenged. The bans were made under “Rule 12” of India’s IT Act, which empowers the government to force ISPs to block sites when it is “necessary or expedient”.

For more details visit https://cis-india.org/internet-governance/news/the-australian-news-august-5-2015-amanda-hodge-porn-block-in-india-sparks-outrage

CIS's Comments on the Draft Geospatial Information Regulation Bill, 2016

pranesh — 2016-06-05T15:06:09Z

The Centre for Internet and Society is alarmed by the Draft Geospatial Information Regulation Bill, 2016, and has recommended that the proposed law be withdrawn in its entirety. It offered the following detailed comments as its submission.

Comments on the Draft Geospatial Information Regulation Bill, 2016

by the Centre for Internet and Society

1. Preliminary

1.1. This submission presents comments and recommendations by the Centre for Internet and Society (“CIS”) on the draft Geospatial Information Regulation Bill, 2016 (“the draft bill” / “the proposed bill” / “the bill”).

2. Centre for Internet and Society

2.1. The Centre for Internet and Society is a non-profit organisation that undertakes interdisciplinary research on internet and digital technologies from the perspectives of policy and academic research. The areas of focus include accessibility for persons with disabilities, access to knowledge, intellectual property rights, openness (including open data, free and open source software, open standards, open access, open educational resources, and open video), internet governance, telecommunication reform, digital privacy, and cyber-security. The academic research at CIS seeks to understand the reconfiguration of social processes and structures through the internet and digital media technologies, and vice versa.

2.2. This submission is consistent with CIS’ commitment to safeguarding the public interest, and particularly the representing the interests of ordinary citizens and consumers. The comments in this submission aim to further the principles of people’s right to information regarding their own country, openness-by-default in governmental activities, freedom of speech and expression, and the various forms of public good that can emerge from greater availability of open (geospatial) data created by both public and private agencies, and the innovations made possible as a result.

3. Comments

3.1. General Remarks

3.1.1. While CIS welcomes the intentions of the government to prevent use of geospatial information to undermine national security, the proposed bill completely fails to do so, infringes upon Constitutional rights, harms innovation, undermines the national initiatives of Digital India and Startup India, is completely impractical and unworkable, and it will lead to a range of substantial harms if the government actually seeks to enforce it.

3.1.2. There are already laws in place that prevent the use of geospatial information to undermine national security. For instance, the Official Secrets Act, 1923 (“OSA”) already contains provisions — sections 3(2)(a), (b), and (c) — all of which would prevent a person from creating maps that undermine national security and would penalise their doing so. Section 5 of the OSA contains multiple provisions that penalise the possession and communication of maps that undermine “national security.” The penalties under the OSA range from imprisonment of up to 3 years all the way to imprisonment up to 14 years. Given this, there is absolutely no need to create yet another law to deal with maps that undermine “national security.” Indeed, it is the government’s stated policy to reduce the number of laws in India, whereas the proposed bill introduces a redundant new law that adds multiple layers of bureaucracy.

3.1.3. The National Mapping Policy, 2005, already puts in place restrictions on wrongful depictions of India’s international boundaries, and as we explain below in section 3.4 of this document, even the National Mapping Policy is over-broad. Even if the government wishes to provide statutory backing to the policy, it should be a very different law that is far more limited in scope, and restricts itself to criminalising those who misrepresent India’s international boundary with an intention to mislead people into thinking that that is the official boundary of India as recognised by the Survey of India. CIS would support a law of such limited scope and mandate, provided it has an appropriate penalty.

3.1.4. There would be much utility in a law that creates a duty on the Survey of India to make available, in the form of an open standard, an official electronic version of the maps that it creates, and expressly allows and encourages citizens and startups to reuse such official maps, however the Ministry of Home Affairs would not be the nodal ministry for such a law.

3.1.5. We recommend that the proposed law be scrapped in its entirety.

3.1.6. We additionally provide an alternative manner of reducing the harms caused by this bill, in our comments below. By no means should these further comments be seen as a repudiation of our above position, since we do not feel the proposed bill, even with the inclusion of all of our recommendations, would truly further its stated aims. All our below recommendations would do is to reduce the bill’s harmful, and often unintended, consequences.

3.2. Definition of “Geospatial Information” is over-broad, all- encompassing

3.2.1. The second part of the definition of “geospatial information” refers to all “graphic or digital data depicting natural or man-made physical features, phenomenon or boundaries of the earth or any information related thereto” that are “referenced to a co-ordinate system and having attributes.” (Section 2(1)(e)) As per the definition, this will include all geo-referenced information, and data, that is produced by everyday users as an integral part of various everyday uses of digital technologies. This will also include geo-referenced tweets and messages, location of public and private vehicles shared in the real-time with agencies tracking their location (from public transport authorities, to insurance agencies, etc.), location data of mobile phones collected and used by telecommunication service providers, location of mobile phones shared by the user with various kinds of service providers (from taxi companies to delivery agencies), etc.

3.2.2. We recommend that instead of regulating all kinds of geospatial information, and giving rise to a range of possible harms, the draft bill be revised to specifically address “sensitive geospatial information,” defined as geospatial information related to the “Prohibited Places” as defined in the Official Secrets Act 1923 (section 2(8)) which will allow the bill to effectively respond to its key stated concerns of ensuring “security, sovereignty and integrity of India.” Since the National Map Policy defines “Vulnerable Points” and “Vulnerable Areas” (para 3(b)) as the two main types of geospatial units associated with “Prohibited Places”, these terms should also be referred to in the revised version of the draft bill.

3.3. Unreasonable regulation of acquiring and end-use of geospatial information

3.3.1. Section 3 of the draft bill states that “[s]ave as otherwise provided in this Act, rules or regulations made thereunder, or with the general or special permission of the Security Vetting Authority, no person shall acquire geospatial imagery or data including value addition” and “[e]very person who has already acquired any geospatial imagery or data ... including value addition prior to coming of this Act into effect, shall within one year from the commencement of this Act, make an application alongwith requisite fees to the Security Vetting Authority.” This effectively makes it illegal to acquire and maintain ownership of geospatial information that has not been subjected to security vetting.

3.3.2. This draft bill doesn’t apply just to geospatial information that may undermine national security but covers all manners of geospatial information and modern geospatial technologies embedded in everyday digital devices and intimately connected to various electronic products and services, from cars to mobile phones, result in the creation and acquiring of various kinds of geo-referenced information, ranging from the geo-referenced photographs to locations shared with friends. Even ordinary users who are unknowingly looking at maps that contain sensitive geospatial information, which are illegal under the Official Secrets Act, are committing an illegal act under the draft bill, because the users temporarily acquires such sensitive geospatial information in her/his digital device, as part of the very act of browsing the map concerned. This clearly cannot be the intention of the bill. Thus we recommend deletion of the word “acquire.”

3.3.3. Further, the insertion of the phrase “including value addition” in both Section 3(1) and 3(2) appears to suggest that all users who have created derivative products using geospatial information that includes sensitive data (that is data related to Prohibited Places) may be held liable under this draft bill, even if these users have not themselves collected or created such sensitive geospatial information, which was part of the original geospatial information published by the source map agency. This too cannot be the intention of the bill. Thus, we recommend deletion of the phrase “including value addition.”

3.3.4. In the definition of the “Security Vetting of Geospatial Information” itself, it is mentioned that the process will include “screening of the credentials of the end-users and end-use applications, with the sole objective of protecting national security, sovereignty, safety and integrity.” (Section 2(1)(o)) This appears to indicate that all end-users of all electronic and analog services and products using geospatial information will have to be individually vetted before such services and products are used, which would cover a large proportion of the Indian population. This imposes an enormous and impractical burden on the Indian digital economy in particular, and the entire national economy in general, without improving national security. This too cannot be the intention of the draft bill. Thus, we recommend deletion of this phrase, and ensure that end users are not covered by the law.

3.3.5. Given these specific characteristics of how modern geospatial technologies work, and how they provide a basis for various kinds of everyday use of electronic products and services, we would like to submit that the regulatory focus should be on large-scale and/or commercial dissemination, publication, or distribution of geospatial information, and not on the acts of acquiring, possessing, sharing, and using geospatial information. Further, the regulation in general should be aimed at the party owning the geospatial information in question, and not at the parties involved in its dissemination (say, Internet Service Providers) or in its generation or use (say, end-users).

3.4. Removal of journalistic, political, artistic, creative, and speculative depictions of India from the scope of Section 6

3.4.1. Section 6 of the draft bill states that “[n]o person shall depict, disseminate, publish or distribute any wrong or false topographic information of India including international boundaries through internet platforms or online services or in any electronic or physical form.” Section 15 imposes a penalty for such wrong depiction of maps of India.

3.4.2. Depictions of India, which do not purport to accurately represent the international boundaries as recognised by the Indian government should not be penalised. For instance, a map published in a newspaper article about India’s border disputes that shows the incorrect claims that the Chinese government has made over Indian territory would also be penalised as “wrong or false topographic information of India”, since there is a clear intention to depict the boundary as claimed by China. Criminalising such journalism cannot be the legitimate intent of such a provision.

3.4.3. There are numerous instances which have been willfully depicting inaccurate and inauthentic maps of India with international borders for political ends. For instance, there are often depictions of India which show territories within present day Pakistan, Bangladesh, Bhutan, Nepal and Sri Lanka as part of an “Akhand Bharat.” Depictions of this sort should not be penalised. In doing so, would contradict the freedom of expression guaranteed under Article 19(1)(a) without being a reasonable restriction under Article 19(2).

3.4.4. Even depictions of India for purposes of speculative fiction would be penalised under this proposed bill unless they depict the official borders. This is clearly undesirable and would not be allowed as a reasonable restriction under Article 19(2).

*3.4.5.* Even geography students in schools and colleges who mis-draw the official map of India would be liable to penalties under the draft bill. This plainly, cannot be the intention of the drafters of this bill. The creator of a rough and inaccurate tourist map of an Indian city can also be identified as committing a criminal act under the proposed bill as she would be depicting “… wrong or false topographic information of India …”

3.4.6. In brief: Merely depicting, disseminating, publishing or distributing any “wrong or false topographic information of India” should not be penalised. unless a person publishes and widely circulates an incorrect map of India while claiming that that represents the official international boundaries of India, such should not be penalised.

3.4.7. CIS recommends that the bill should instead state: “No person shall depict, disseminate, publish, or distribute any topographic information purporting to accurately depict the international boundaries of India as recognised by the Survey of India unless he is authorised to do so by the Surveyor General of India; provided that usage by any person of the international boundaries as is electronically and in print made available by the Survey of India shall deemed to be usage that is authorised by the Surveyor General of India.”

3.5. Absence of Publicly Available and Openly Reusable Standardised National Boundary of India

3.5.1. Given the lack of an reusable versions of maps of India, including of India’s official boundary as recognised by the Survey of India, it becomes impossible for people to accurately depict the boundary of India. We recommend that the bill requires the Survey of India to publish all “Open Series Maps,”as defined in the National Mapping Policy, 2005, including maps depicting the official international and subnational political and administrative boundaries of India, using open geospatial standards and under an open licence allowing such geospatial data to be used by citizens and all companies.

3.6. Remove Requirement for Prior License for Acquire, Dissemination, Publication, or Distribution of Geospatial Information

3.6.1. Section 9 of the draft bill refers to “any person who wants to acquire, disseminate, publish, or distribute any geospatial information of India” (emphasis added), which can be interpreted as the need for a prior license before any person decides to acquire (including creation, collection, generation, and buying) geospatial information. This creates at least two problems:

modern digital geospatial technologies have enabled everyday digital devices (like smartphones) to instantaneously acquire, disseminate, publish, and distribute geospatial information all the time when the person holding that device is looking at online digital maps, say Google Maps, or sharing location with their friends, online platforms and services and service providers (both local and foreign); and
the requirement of prior license involves payment of a “requisite fees” to the Security Vetting Authority, which may act as an arbitrary (since the fee might be based upon the volume of geospatial information to be acquired that one may not know fully determine before acquiring) and effective barrier to acquiring, dissemination, publication, or distribution of geospatial information even if it does not violate the concerns of “security, sovereignty, and integrity” in any manner. This requirement also impedes competition in the market, because new entrants to the geospatial industry may not have enough upfront capital to procure licenses.

3.6.2. Further, the requirement of necessary prior license for acquiring geospatial information does not seem to be a crucial component of the security vetting process, since the geospatial information, once acquired by the agency concerned, is in any case directed to be shared with the Security Vetting Authority for undertaking necessary expunging of sensitive or incorrect information.

3.6.3. We recommend revision of this section so that no prior license and/or permission is required for collection, acquiring, distribution, and/or use of geospatial information; instead, a framework may be established for monitoring of published geospatial information for purposes of ensuring geospatial information pertaining to “Prohibited Places,” as defined under the Official Secrets Act, is not made available to the general public by any person or entity under Indian jurisdiction, including, for instance, Indian subsidiaries and branches of foreign corporations.. Such a framework must not address the end-user of such geospatial information, but its publishers.

3.7. Unenforceable jurisdictional scope

3.7.1. Section 5 of the draft bill states “[s]ave as otherwise provided in any international convention, treaty or agreement of which India is signatory or as provided in this Act, rules or regulations made thereunder, or with the general or special permission of the Security Vetting Authority, no person shall, in any manner, make use of, disseminate, publish or distribute any geospatial information of India, outside India, without prior permission from the Security Vetting Authority.”

3.7.2. In compliance with this section, domestic and foreign companies and platforms will be required to obtain permission from the Security Vetting Authority of India prior to publishing, distributing etc. geospatial information. Similarly in the preliminary, the draft bill holds in person who commits an offence beyond India under the scope of the bill. The bill is thus proposing extraterritorial applicability of its provisions, yet the extent and method of enforcement of the same on other jurisdictions are kept unclear.

3.8. Negative implications for rights of citizens

3.8.1. There are a number of sections in the draft bill which have negative implications for the rights of all users and potentially impinge on the constitutional rights of Indian citizens. These include:

a. Section 18(2) which empowers the Enforcement Authority to conduct a search without a judicial search order;

b. Section 17(3) which empowers the Enforcement Authority to conduct undefined surveillance and monitoring to enforce the Act;

c. Chapter (V) which penalises individuals with Rs. 1-100 Crores and/or seven years in prison for an offence under the act;

d. Section 22 which allows the government to take ownership of a person’s land if a financial penalty has not been paid;

e. Section 30(1) which holds, in the case of the offense being committed by a company, every person in charge of and responsible for the conduct of business of the company, guilty and liable.

3.9. Overly broad powers and responsibilities of the Apex Committee and Enforcement Authority, and lack of adequate oversight

3.9.1. Section 7(2) states that “[t]he Apex Committee shall do all such acts and deeds that may be necessary or otherwise desirable to achieve the objectives of the Act, including the following functions:...” The wording in this section is broad and open ended, and allows for the responsibilities of the Apex Committee to be expanded without clear oversight of such expansion.

3.9.2. Similarly, section 17 established an “Enforcement Authority” for the purpose of carrying out surveillance and monitoring for enforcement of the draft bill. The Authority has been given a number of powers including the power of inquiry, the power to adjudicate, and the power to give directions. These powers have direct implications on the rights of individuals, yet the Authority is not subject to oversight or accountability requirements.

3.9.3. We recommend that the powers and responsibilities of the Apex Committee and Enforcement Authority are narrowly defined in the draft bill itself, limited by the principle of necessity, and subject to independent oversight and accountability requirements.

3.10. Remove the Security Vetting Authority’s power of delegation

3.10.1. Section 8(3) allows the Security Vetting Authority to delegate to any constituent member of the Authority, other subordinate committee, or officer powers and functions as it may deem necessary except the power to grant a licence. In practice, this will allow security vetting to be done by another institution and risks potential involvement of private agencies and/or quasi-governmental bodies.

3.10.2. We recommend that the power of delegation should not be granted to the Security Vetting Authority.

3.11. Negative implications for innovation and India’s digital economy

3.11.1. Section 3 of the draft bill states “[s]ave as otherwise provided in this Act, rules or regulations made thereunder, or with the general or special permission of the Security Vetting Authority, no person shall acquire geospatial imagery or data including value addition of any part of India either through any space or aerial platforms such as satellite, aircrafts, airships, balloons, unmanned aerial vehicles or terrestrial vehicles, or any other means whatsoever”. This effectively ensures that each and every user of geospatial data, products, services, and solutions — since all of these either include or are derivatives of geospatial information — would require prior permission from the Security Vetting Authority. This will substantially affect the existing and emerging digital economy in particular, and the entire economy in general.

3.11.2. Further, Section 9 of the draft bill mandates that any person submitting an application for geospatial information to be vetted must pay a fee. As the provisions of the bill mandate that users approach the Security Vetting Authority for license to use geospatial information, this will impose an immense burden on all users of digital devices in and outside of India. CIS submits that imposition of this fee for security vetting be removed.

3.12. Disproportionate penalty for acquisition of geospatial information

3.12.1. Section 12 states that “[p]enalty for illegal acquisition of geospatial information of India.- Whoever acquires any geospatial information of India in contravention of section 3, shall be punished with a fine ranging from Rupees one crore to Rupees one hundred crore and/or imprisonment for a period upto seven years.” Seven years in prison is disproportionate to the offense of acquiring geospatial information without vetting by the authority concerned. This is particularly true given the broad and all-encompassing definition of “geospatial information” in the draft bill, and the fact that the bill applies to individuals and companies both within and outside of India.

3.13. Improper and inconsistent usage of terms in the draft bill

3.13.1. Section 4 of the draft bill regulates the visualization, publication, dissemination and distribution of geospatial information of India, while section 5 regulates use, dissemination, publication, and distribution of geospatial information outside of India. The definition of “visualization” remains unclear, and the act is only regulated in section 4. The section 6 of the draft bill uses the term ‘depict’, which is undefined as well. We submit that in this context terms are interchangeable, and the draft bill should either define them expressly to avoid ambiguity in interpretations, or consistently use only one throughout the draft bill.

3.13.2. Section 11 (3) of the draft bill requires licensees to “[d]isplay the insignia of the clearance of the Security Vetting Authority on the security-vetted geospatial information by appropriate means such as water-marking or licence as relevant, while disseminating or distributing of such geospatial information.” We observe that geospatial information includes graphical representation, location coordinates, inter alia. While the former may be represented visually on an “as is” basis after the completion of the vetting, the latter may be used to perform other complex functions at the “back-end” (i.e., vendor-facing side) in various technologies. Water-marking and/or displaying of insignia would place undue burden on the licensee, depending on the kind of platform, service, or individual.

3.14. Lack of reference to technical implementation guidance

3.14.1. The regulation, harmonisation, and standardisation of the collection, generation, dissemination etc. of geospatial information is a complex process that goes beyond a process of security vetting and that will require extensive technical implementation guidance from the government. At a minimum this could include quality assurance considerations and standard operating procedures, yet the draft bill makes no reference to the need for technical standards or guidance.

Comments prepared by Sumandro Chattapadhyay, Adya Garg, Pranesh Prakash, Anubha Sinha, and Elonnai Hickok. Submitted by the Centre for Internet and Society, on June 3, 2016.

For more details visit https://cis-india.org/internet-governance/blog/comments-draft-geospatial-information-regulation-bill-2016

List of Blocked 'Escort Service' Websites

pranesh — 2016-06-15T08:33:31Z

Here is the full list of URLs that Indian ISPs were asked to block on Monday, June 13, 2016.

On April 20, 2016, DNA carried a report on a PIL seeking action against advertisements for prostitution in newspapers and on websites. That report noted that the Mumbai Police had obtained an order from a magistrates court to block 174 objectionable websites, and had sent a list to the "Group Coordinator (Cyber Laws)" within the Department of Electronics and IT. On June 13, 2016, some news agencies carried reports about the Ministry of Communications and IT having ordered ISPs to block 240 websites.

As far as we know, the Mumbai Police has not proceeded against any of the people who run these websites, whose phone numbers are available, and whose names and addresses are also available in many cases through WHOIS queries on the domain names.

Unfortunately, the government does not make available publicly the list of websites they have ordered ISPs to block. Given that knowledge of what is censored by the government is crucial in a democracy, we are publishing the entire list of blocked websites.

Those of these websites that use TLS (i.e., those with 'https'), still appear to be available on multiple Indian ISPs, and others can be accessed by using a proxy VPN from outside India or by using Tor.

Notes:

The list circulated to ISPs has two sub-lists, numbered from 1-174 (but containing 175 entries, with a numbering mistake), and 1-64, for a total of 239 URLs.
4 URLs are repeated in the list ("www.salini.in/navi-mumbai-independent-escort-service.php", "exmumbai.in", "www.mansimathur.in/pinkyagarwal", "www.mumbaifunclubs.com")
For one website, both the domain name and a specific web page within it are listed (""www.mumbaiwali.in" and "www.mumbaiwali.in/navi-mumbai-escort-service.php")
One URL is incomplete (No. 214: "www.independentescortservicemumbai.com/mumbai%20escort%20servi..")
There are thus 235 unique URLs, targetting 234 websites and web pages.

Full List of Blocked URLs

www.sterlingbioscience.com
rawpoint.biz
www.onemillionbabes.com
www.mumbaihotcollection.in
simranoberoi.in
rubinakapoor.biz
talita.biz
www.mumbaiescortsagency.net
www.mumbaifunclubs.com
www.alishajain.co.in
www.ankitatalwar.co.in
https://www.jennyarora.ind.in
www.riya-kapoor.com
shneha.in
missinimi.in
www.mumbaiglamour.in
kalyn.in
www.saumyagiri.co.in/city/mumbai/
bookerotic.com
www.divyamalik.in
www.suhanisharma.co.in
www.ruhi.biz
umbaiqueens.in
www.aliyaghosh.com
priyasen.in
www.highprofilemumbaiescorts.co.in
charmingmumbai.com
www.poojamehata.in
kiiran.in/
mansikher.in
www.newmumbaiescorts.in
www.mumbaifunclubs.com
www.punarbas.in
www.discreetbabes.in
www.alisharoy.in
www.arpitarai.in
www.nidhipatel.in
navimumbailescort.com
www.zoyaescorts.com
www.juhioberoi.in
shoniya.in
panchibora.in
rehu.in
www.nehaanand.com
www.aditiray.co.in
www.rakhibajaj.in
www.alianoidaescorts.in
www.sobiya.in
www.alishaparul.in
mumbai-escorts.leathercurrency.com
ankita-ahuja.in
www.yamika.in
mumbailescort.co
www.ranjika.in
www.aditiray.com
www.alinamumbailescort.in
www.sonikaa.com/services/
riyamodel.in
mumbai-escorts.info
soonam.in
www.sejalthakkar.com
www.yomika-tandon.in
www.asika.in
www.siyasharma.org/
www.rubikamathur.in
www.mumbaiescortslady.com
www.sexyshe.in
www.indepandentescorts.com
www.saanvichopra.co.in
www.goswamipatel.in
ojaloberoi.in
www.naincy.in
www.sonyamehra.com
www.pinkgrapes.in
anjalitomar.in/
www.nishakohli.com/
sagentia.co.in
mumbai.vivastreet.co.in/escort+mumbai
www.deseescortgirls.in
guides.wonobo.com/mumbai/mumbai-escorts-service/.4299
jasmineescorts.com
www.shalinisethi.com
www.highclassmumbailescort.com
www.vipescortsinmumbai.com
www.mumbaiescorts69.co.in
monikabas.co.in
www.riyasehgal.com
onlycelebrity.in
www.greatmumbaiescorts.com/escort-service-mumbai.html
www.aishamumbailescort.com
www.jennydsouzaescort.com
www.desifun.in
www.siyaescort.co.in
masti—escort.in
www.sofya.in
www.mumbaiwali.in/navi-mumbai-escort-service.php
www.mumbaiwali.in
www.calldaina.com
www.mumbaiescortsservice.co.in
www.escortsgirlsinmumbai.com
www.passionmumbai.escorts.com
www.nehakapoor.in
meerakapoor.com
www.dianamumbaiescorts.net .in
www.allmumbailescort.in
www.rakhiarora.in
www.ritikasingh.com
www.rekhapatil.com
www.mumbaidolls.com
www.piapandey.com
www.mumbaicuteescorts.in
www.mumbaiescortssevice.com
www.onlycelebrity.com
www.meetescortservice.com
onlyoneescorts.com
simirai.org
www.riyamumbaiescorts.in
www.neharana.in
www.tanyaroy.com
www.mumbaihiprofilegirls.in
www.sexyescortsmumbai.in
www.sexymumbai.escorts.com
www.four-seasons—escort.in
www.mumbaiescortsgirl.com
www.vdreamescorts.com
www.passionatemumbaiescorts.in
www.payalmalhotra.in
www.shrutisinha.com
www.juliemumbaiescorts.com
www.indiasexservices.com/mumbai.html
www.mumbai-escorts.co.in
www.aliyamumbaiescorts.net.in
shivaniarora.co.in/escort–service-mumbai.html
www.pinkisingh.com
soyam.in
www.arpitaray.com
www.localescorts.in
www.jennifermumbaiescorts.com
www.yanaroy.com
escorts18.in/mumbai—escorts.html
www.tinamumbaiescorts.com
www.mumbaijannatescorts.com
www.deepikaroy.com
www.nancy.co.in
www.pearlpatel.in
30minsmumbaiescorts.in
www.datinghopes.com
https://www.riyaroy.com/services.html
www.sonalikajain.com
www.zainakapoor.co.in
kavyajain.in
www.kinnu.co.in
exmumbai.in/
www.mansimathur.in/pinkyagarwal
exmumbai.in
www.mansimathur.in/pinkyagarwal
www.devikabatra.in
katlin.in
riyaverma.in
escortsinindia.co/
www.snehamumbaiescorts.in
shimi.in
www.mumbaiescortsforu.com/about
www.chetnagaur.co.in/chetna-gaur.html
www.escortspoint.in
www.rupalikakkar.in
www.hemangisinha.co.in
1escorts.in/location/mumbai.html
www.salini.in/navi-mumbai-independent—escort-service.php
www.salini.in/navi-mumbai-independent-escort-service.php
www.mumbaibella.in
mohitescortservicesmumbai.com
www.anchu.in
www.aliyaroy.co.in
jaanu.co.in/mumbai-escorts-service-call-girls.html
www.andyverma.com
dreams-come-true.biz
feel–better.biz
jellyroll.biz
dreamgirlmumbai.com
role-play.biz
mansi—mathur.com
www.zarinmumbaiescorts.com
mymumbai.escortss.com
www.goldentouchescorts.com
www.mumbaipassion.biz
ishitamalhotra.com
happy-ending.biz
juicylips.biz
www.escortsmumbai.name
www.kirstygbasai.net
www.hiremumbaiescorts.com
www.meeraescorts.com/mumbai-escorts.php
3–5–7star.biz
www.pranjaltiwari.com
www.richagupta.biz
way2heaven.biz
piya.co/
pinkflowers.info
www.beautifulmumbaiescorts.com
www.bestescortsinmumbai.com/charges-html
www.mumbaiescorts.me
www.tanikatondon.com
www.escortsinmumbai.biz
www.escortgirlmumbai.com
www.mumbaicallgrils.com
www.quickescort4u.com
www.mayamalhotra.com
www.legal-escort.com
escortsbaba.com/mumbai-escorts.html
rupa.biz
www.mumbaiescorts.agency/erotic-service-mumbai.html
www.escortscelebrity.com
www.independentescortservicemumbai.com/mumbai%20escort%20servi..
garimachopra.com
kajalgupta.biz
lipkiss.site
aanu.in
bombayescort.in
hotkiran.co.in
khushikapoor.in
joyapatel.in
rici.in
aaditi.in
andheriescorts.org.in
www.jiyapatel.in
spicymumbai.in
rimpyarora.in
lovemaking.co.in
riyadubey.co.in
escortservicesmumbai.in
mumbaiescorts.co.in
midnightprincess.in/
vashiescorts.co.in/
angee.in/
www.rozakhan.in/
www.mumbaiescortsvilla.in/
kylie.co.in/
escortservicemumbai.co.in

For more details visit https://cis-india.org/internet-governance/blog/list-of-blocked-escort-service-websites

Jurisdiction: The Taboo Topic at ICANN

pranesh — 2016-06-29T07:51:05Z

The "IANA Transition" that is currently underway is a sham since it doesn't address the most important question: that of jurisdiction. This article explores why the issue of jurisdiction is the most important question, and why it remains unaddressed.

In March 2014, the US government announced that they were going to end the contract they have with ICANN to run the Internet Assigned Numbers Authority (IANA), and hand over control to the “global multistakeholder community”. They insisted that the plan for transition had to come through a multistakeholder process and have stakeholders “across the global Internet community”.

Why is the U.S. government removing the NTIA contract?

The main reason for the U.S. government's action is that it will get rid of a political thorn in the U.S. government's side: keeping the contract allows them to be called out as having a special role in Internet governance (with the Affirmation of Commitments between the U.S. Department of Commerce and ICANN, the IANA contract, and the cooperative agreement with Verisign), and engaging in unilateralism with regard to the operation of the root servers of the Internet naming system, while repeatedly declaring that they support a multistakeholder model of Internet governance.

This contradiction is what they are hoping to address. Doing away with the NTIA contract will also increase — ever so marginally — ICANN’s global legitimacy: this is something that world governments, civil society organizations, and some American academics have been asking for nearly since ICANN’s inception in 1998. For instance, here are some demands made in a declaration by the Civil Society Internet Governance Caucus at WSIS, in 2005:

“ICANN will negotiate an appropriate host country agreement to replace its California Incorporation, being careful to retain those aspects of its California Incorporation that enhance its accountability to the global Internet user community. "ICANN's decisions, and any host country agreement, must be required to comply with public policy requirements negotiated through international treaties in regard to, inter alia, human rights treaties, privacy rights, gender agreements and trade rules. … "It is also expected that the multi-stakeholder community will observe and comment on the progress made in this process through the proposed [Internet Governance] Forum."

In short: the objective of the transition is political, not technical. In an ideal world, we should aim at reducing U.S. state control over the core of the Internet's domain name system.¹

It is our contention that U.S. state control over the core of the Internet's domain name system is not being removed by the transition that is currently underway.

Why is the Transition Happening Now?

Despite the U.S. government having given commitments in the past that were going to finish the IANA transition by "September 30, 2000", (the White Paper on Management of Internet Names and Addresses states: "The U.S. Government would prefer that this transition be complete before the year 2000. To the extent that the new corporation is established and operationally stable, September 30, 2000 is intended to be, and remains, an 'outside' date.") and later by "fall of 2006",² those turned out to be empty promises. However, this time, the transition seems to be going through, unless the U.S. Congress manages to halt it.

However, in order to answer the question of "why now?" fully, one has to look a bit at the past.

In 1998, through the White Paper on Management of Internet Names and Addresses the U.S. government asserted it’s control over the root, and asserted — some would say arrogated to itself — the power to put out contracts for both the IANA functions as well as the 'A' Root (i.e., the Root Zone Maintainer function that Network Solutions Inc. then performed, and continues to perform to date in its current avatar as Verisign). The IANA functions contract — a periodically renewable contract — was awarded to ICANN, a California-based non-profit corporation that was set up exclusively for this purpose, but which evolved around the existing IANA (to placate the Internet Society).

Meanwhile, of course, there were criticisms of ICANN from multiple foreign governments and civil society organizations. Further, despite it being a California-based non-profit on contract with the government, domestically within the U.S., there was pushback from constituencies that felt that more direct U.S. control of the DNS was important.

As Goldsmith and Wu summarize:

"Milton Mueller and others have shown that ICANN’s spirit of “self-regulation” was an appealing label for a process that could be more accurately described as the U.S. government brokering a behind-the-scenes deal that best suited its policy preferences ... the United States wanted to ensure the stability of the Internet, to fend off the regulatory efforts of foreign governments and international organizations, and to maintain ultimate control. The easiest way to do that was to maintain formal control while turning over day-to-day control of the root to ICANN and the Internet Society, which had close ties to the regulation-shy American technology industry." [footnotes omitted]

And that brings us to the first reason that the NTIA announced the transition in 2014, rather than earlier.

ICANN Adjudged Mature Enough

The NTIA now sees ICANN as being mature enough: the final transition was announced 16 years after ICANN's creation, and complaints about ICANN and its legitimacy had largely died down in the international arena in that while. Nowadays, governments across the world send their representatives to ICANN, thus legitimizing ICANN. States have largely been satisfied by participating in the Government Advisory Council, which, as its name suggests, only has advisory powers. Further, unlike in the early days, there is no serious push for states assuming control of ICANN. Of course they grumble about the ICANN Board not following their advice, but no government, as far as I am aware, has walked out or refused to participate.

L'affaire Snowden

Many within the United States, and some without, believe that the United States not only plays an exceptional role to play in the running of the Internet — by dint of historical development and dominance of American companies — but that it ought to have an exceptional role because it is the best country to exercise 'oversight' over 'the Internet' (often coming from clueless commentators), and from dinosaurs of the Internet era, like American IP lawyers and American 'homeland' security hawks, Jones Day, who are ICANN's lawyers, and other jingoists and those policymakers who are controlled by these narrow-minded interests.

The Snowden revelations were, in that way, a godsend for the NTIA, as it allowed them a fig-leaf of international criticism with which to counter these domestic critics and carry on with a transition that they have been seeking to put into motion for a while. The Snowden revelations led Dilma Rousseff, President of Brazil, to state in September 2013, at the 68th U.N. General Assembly, that Brazil would "present proposals for the establishment of a civilian multilateral framework for the governance and use of the Internet", and as Diego Canabarro points out this catalysed the U.S. government and the technical community into taking action.

Given this context, a few months after the Snowden revelations, the so-called I* organizations met — seemingly with the blessing of the U.S. government³ — in Montevideo, and put out a 'Statement on the Future of Internet Governance' that sought to link the Snowden revelations on pervasive surveillance with the need to urgently transition the IANA stewardship role away from the U.S. government. Of course, the signatories to that statement knew fully well, as did most of the readers of that statement, that there is no linkage between the Snowden revelations about pervasive surveillance and the operations of the DNS root, but still they, and others, linked them together. Specifically, the I* organizations called for "accelerating the globalization of ICANN and IANA functions, towards an environment in which all stakeholders, including all governments, participate on an equal footing."

One could posit the existence of two other contributing factors as well.

Given political realities in the United States, a transition of this sort is probably best done before an ultra-jingoistic President steps into office.

Lastly, the ten-yearly review of the World Summit on Information Society was currently underway. At the original WSIS (as seen from the civil society quoted above) the issue of US control over the root was a major issue of contention. At that point (and during where the 2006 date for globalization of ICANN was emphasized by the US government).

Why Jurisdiction is Important

Jurisdiction has a great many aspects. Inter alia, these are:

Legal sanctions applicable to changes in the root zone (for instance, what happens if a country under US sanctions requests a change to the root zone file?)
Law applicable to resolution of contractual disputes with registries, registrars, etc.
Law applicable to labour disputes.
Law applicable to competition / antitrust law that applies to ICANN policies and regulations.
Law applicable to disputes regarding ICANN decisions, such as allocation of gTLDs, or non-renewal of a contract.
Law applicable to consumer protection concerns.
Law applicable to financial transparency of the organization.
Law applicable to corporate condition of the organization, including membership rights.
Law applicable to data protection-related policies & regulations.
Law applicable to trademark and other speech-related policies & regulations.
Law applicable to legal sanctions imposed by a country against another.

Some of these, but not all, depend on where bodies like ICANN [the policy-making body], the IANA functions operator [the proposed "Post-Transition IANA"], and the root zone maintainer are incorporated or maintain their primary office, while others depend on the location of the office [for instance, Turkish labour law applies for the ICANN office in Istanbul], while yet others depend on what's decided by ICANN in contracts (for instance, the resolution of contractual disputes with ICANN, filing of suits with regard to disputes over new generic TLDs, etc.).

However, an issue like sanctions, for instance, depends on where ICANN/PTI/RMZ are incorporated and maintain their primary office.

As Milton Mueller notes, the current IANA contract "requires ICANN to be incorporated in, maintain a physical address in, and perform the IANA functions in the U.S. This makes IANA subject to U.S. law and provides America with greater political influence over ICANN."

He further notes that:

While it is common to assert that the U.S. has never abused its authority and has always taken the role of a neutral steward, this is not quite true. During the controversy over the .xxx domain, the Bush administration caved in to domestic political pressure and threatened to block entry of the domain into the root if ICANN approved it (Declaration of the Independent Review Panel, 2010). It took five years, an independent review challenge and the threat of litigation from a businessman willing to spend millions to get the .xxx domain into the root.

Thus it is clear that even if the NTIA's role in the IANA contract goes away, jurisdiction remains an important issue.

U.S. Doublespeak on Jurisdiction

In March 2014, when NTIA finally announced that they would hand over the reins to “the global multistakeholder community”. They’ve laid down two procedural condition: that it be developed by stakeholders across the global Internet community and have broad community consensus, and they have proposed 5 substantive conditions that any proposal must meet:

Support and enhance the multistakeholder model;
Maintain the security, stability, and resiliency of the Internet DNS;
Meet the needs and expectation of the global customers and partners of the IANA services; and,
Maintain the openness of the Internet.
Must not replace the NTIA role with a solution that is government-led or an inter-governmental organization.

In that announcement there is no explicit restriction on the jurisdiction of ICANN (whether it relate to its incorporation, the resolution of contractual disputes, resolution of labour disputes, antitrust/competition law, tort law, consumer protection law, privacy law, or speech law, and more, all of which impact ICANN and many, but not all, of which are predicated on the jurisdiction of ICANN’s incorporation), the jurisdiction(s) of the IANA Functions Operator(s) (i.e., which executive, court, or legislature’s orders would it need to obey), and the jurisdiction of the Root Zone Maintainer (i.e., which executive, court, or legislature’s orders would it need to obey).

However, Mr. Larry Strickling, the head of the NTIA, in his testimony before the U.S. House Subcommittee on Communications and Technology, made it clear that,

“Frankly, if [shifting ICANN or IANA jurisdiction] were being proposed, I don't think that such a proposal would satisfy our criteria, specifically the one that requires that security and stability be maintained.”

Possibly, that argument made sense in 1998, due to the significant concentration of DNS expertise in the United States. However, in 2015, that argument is hardly convincing, and is frankly laughable.⁴

Targetting that remark, in ICANN 54 at Dublin, we asked Mr. Strickling:

"So as we understand it, the technical stability of the DNS doesn't necessarily depend on ICANN's jurisdiction being in the United States. So I wanted to ask would the US Congress support a multistakeholder and continuing in the event that it's shifting jurisdiction."

Mr. Strickling's response was:

"No. I think Congress has made it very clear and at every hearing they have extracted from Fadi a commitment that ICANN will remain incorporated in the United States. Now the jurisdictional question though, as I understand it having been raised from some other countries, is not so much jurisdiction in terms of where ICANN is located. It's much more jurisdiction over the resolution of disputes.

"And that I think is an open issue, and that's an appropriate one to be discussed. And it's one I think where ICANN has made some movement over time anyway.

"So I think you have to ... when people use the word jurisdiction, we need to be very precise about over what issues because where disputes are resolved and under what law they're resolved, those are separate questions from where the corporation may have a physical headquarters."

As we have shown above, jurisdiction is not only about the jurisdiction of "resolution of disputes", but also, as Mueller reminds us, about the requirement that ICANN (and now, the PTI) be "incorporated in, maintain a physical address in, and perform the IANA functions in the U.S. This makes IANA subject to U.S. law and provides America with greater political influence over ICANN."

In essence, the U.S. government has essentially said that they would veto the transition if the jurisdiction of ICANN or PTI's incorporation were to move out of the U.S., and they can prevent that from happening after the transition, since as things stand ICANN and PTI will still come within the U.S. Congress's jurisdiction.

Why Has the ICG Failed to Consider Jurisdiction?

Will the ICG proposal or the proposed new ICANN by-laws reduce existing U.S. control? No, they won't. (In fact, as we will argue below, the proposed new ICANN by-laws make this problem even worse.) The proposal by the names community ("the CWG proposal") still has a requirement (in Annex S) that the Post-Transition IANA (PTI) be incorporated in the United States, and a similar suggestion hidden away as a footnote. Further, the proposed by-laws for ICANN include the requirement that PTI be a California corporation. There was no discussion specifically on this issue, nor any documented community agreement on the specific issue of jurisdiction of PTI's incorporation.

Why wasn't there greater discussion and consideration of this issue? Because of two reasons: First, there were many that argued that the transition would be vetoed by the U.S. government and the U.S. Congress if ICANN and PTI were not to remain in the U.S. Secondly, the ICANN-formed ICG saw the US government’s actions very narrowly, as though the government were acting in isolation, ignoring the rich dialogue and debate that’s gone on earlier about the transition since the incorporation of ICANN itself.

While it would be no one’s case that political considerations should be given greater weightage than technical considerations such as security, stability, and resilience of the domain name system, it is shocking that political considerations have been completely absent in the discussions in the number and protocol parameters communities, and have been extremely limited in the discussions in the names community. This is even more shocking considering that the main reason for this transition is, as has been argued above, political.

It can be also argued that the certain IANA functions such as Root Zone Management function have a considerable political implication. It is imperative that the political nature of the function is duly acknowledged and dealt with, in accordance with the wishes of the global community. In the current process the political aspects of the IANA function has been completely overlooked and sidelined. It is important to note that this transition has not been a necessitated by any technical considerations. It is primarily motivated by political and legal considerations. However, the questions that the ICG asked the customer communities to consider were solely technical. Indeed, the communities could have chosen to overlook that, but they did not choose to do so. For instance, while the IANA customer community proposals reflected on existing jurisdictional arrangements, they did not reflect on how the jurisdictional arrangements should be post-transition , while this is one of the questions at the heart of the entire transition. There were no discussions and decisions as to the jurisdiction of the Post-Transition IANA: the Accountability CCWG's lawyers, Sidley Austin, recommended that the PTI ought to be a California non-profit corporation, and this finds mention in a footnote without even having been debated by the "global multistakeholder community", and subsequently in the proposed new by-laws for ICANN.

Why the By-Laws Make Things Worse & Why "Work Stream 2" Can't Address Most Jurisdiction Issues

The by-laws could have chosen to simply stayed silent on the matter of what law PTI would be incorporated under, but instead the by-law make the requirement of PTI being a California non-profit public benefit corporation part of the fundamental by-laws, which are close to impossible to amend.

While "Work Stream 2" (the post-transition work related to improving ICANN's accountability) has jurisdiction as a topic of consideration, the scope of that must necessarily discount any consideration of shifting the jurisdiction of incorporation of ICANN, since all of the work done as part of CCWG Accountability's "Work Stream 1", which are now reflected in the proposed new by-laws, assume Californian jurisdiction (including the legal model of the "Empowered Community"). Is ICANN prepared to re-do all the work done in WS1 in WS2 as well? If the answer is yes, then the issue of jurisdiction can actually be addressed in WS2. If the answer is no — and realistically it is — then, the issue of jurisdiction can only be very partially addressed in WS2.

Keeping this in mind, we recommended specific changes in the by-laws, all of which were rejected by CCWG's lawyers.

The Transition Plan Fails the NETmundial Statement

The NETmundial Multistakeholder Document, which was an outcome of the NETmundial process, states:

In the follow up to the recent and welcomed announcement of US Government with regard to its intent to transition the stewardship of IANA functions, the discussion about mechanisms for guaranteeing the transparency and accountability of those functions after the US Government role ends, has to take place through an open process with the participation of all stakeholders extending beyond the ICANN community

[...]

It is expected that the process of globalization of ICANN speeds up leading to a truly international and global organization serving the public interest with clearly implementable and verifiable accountability and transparency mechanisms that satisfy requirements from both internal stakeholders and the global community.

The active representation from all stakeholders in the ICANN structure from all regions is a key issue in the process of a successful globalization.

As our past analysis has shown, the IANA transition process and the discussions on the mailing lists that shaped it were neither global nor multistakeholder. The DNS industry represented in ICANN is largely US-based. 3 in 5 registrars are from the United States of America, whereas less than 1% of ICANN-registered registrars are from Africa. Two-thirds of the Business Constituency in ICANN is from the USA. While ICANN-the-corporation has sought to become more global, the ICANN community has remained insular, and this will not change until the commercial interests involved in ICANN can become more diverse, reflecting the diversity of users of the Internet, and a TLD like .COM can be owned by a non-American corporation and the PTI can be a non-American entity.

What We Need: Jurisdictional Resilience

It is no one's case that the United States is less fit than any other country as a base for ICANN, PTI, or the Root Zone Maintainer, or even as the headquarters for 9 of the world's 12 root zone operators (Verisign runs both the A and J root servers). However, just as having multiplicity of root servers is important for ensuring technical resilience of the DNS system (and this is shown in the uptake of Anycast by root server operators), it is equally important to have immunity of core DNS functioning from political pressures of the country or countries where core DNS infrastructure is legally situated and to ensure that we have diversity in terms of legal jurisdiction.

Towards this end, we at CIS have pushed for the concept of "jurisdictional resilience", encompassing three crucial points:

Legal immunity for core technical operators of Internet functions (as opposed to policymaking venues) from legal sanctions or orders from the state in which they are legally situated.
Division of core Internet operators among multiple jurisdictions
Jurisdictional division of policymaking functions from technical implementation functions

Of these, the most important is the limited legal immunity (akin to a greatly limited form of the immunity that UN organizations get from the laws of their host countries). This kind of immunity could be provided through a variety of different means: a host-country agreement; a law passed by the legislature; a U.N. General Assembly Resolution; a U.N.-backed treaty; and other such options exist. We are currently investigating which of these options would be the best option.

And apart from limited legal immunity, distribution of jurisdictional control is also valuable. As we noted in our submission to the ICG in September 2015:

Following the above precepts would, for instance, mean that the entity that performs the role of the Root Zone Maintainer should not be situated in the same legal jurisdiction as the entity that functions as the policymaking venue. This would in turn mean that either the Root Zone Maintainer function be taken up Netnod (Sweden-headquartered) or the WIDE Project (Japan-headquartered) [or RIPE-NCC, headquartered in the Netherlands], or that if the IANA Functions Operator(s) is to be merged with the RZM, then the IFO be relocated to a jurisdiction other than those of ISOC and ICANN. This, as has been stated earlier, has been a demand of the Civil Society Internet Governance Caucus. Further, it would also mean that root zone servers operators be spread across multiple jurisdictions (which the creation of mirror servers in multiple jurisdictions will not address).

However, the issue of jurisdiction seems to be dead-on-arrival, having been killed by the United States government.

Unfortunately, despite the primary motivation for demands for the IANA transition being those of removing the power the U.S. government exercises over the core of the Internet's operations in the form of the DNS, what has ended up happening through the IANA transition is that these powers have not only not been removed, but in some ways they have been entrenched further! While earlier, the U.S. had to specify that the IANA functions operator had to be located in the U.S., now ICANN's by-laws themselves will state that the post-transition IANA will be a California corporation. Notably, while the Montevideo Declaration speaks of "globalization" of ICANN and of the IANA functions, as does the NETmundial statement, the NTIA announcement on their acceptance of the transition proposals speaks of "privatization" of ICANN, and not "globalization".

All in all, the "independence" that IANA is gaining from the U.S. is akin to the "independence" that Brazil gained from Portugal in 1822. Dom Pedro of Brazil was then ruling Brazil as the Prince Regent since his father Dom João VI, the King of United Kingdom of Portugal, Brazil and the Algarves had returned to Portugal. In 1822, Brazil declared independence from Portugal (which was formally recognized through a treaty in 1825). Even after this "independence", Dom Pedro continued to rule Portugal just as he had before indepedence, and Dom João VI was provided the title of "Emperor of Brazil", aside from being King of the United Kingdom of Portugal and the Algarves. The "indepedence" didn't make a whit of a difference to the self-sufficiency of Brazil: Portugal continued to be its largest trading partner. The "independence" didn't change anything for the nearly 1 million slaves in Brazil, or to the lot of the indigenous peoples of Brazil, none of whom were recognized as "free". It had very little consequence not just in terms of ground conditions of day-to-day living, but even in political terms.

Such is the case with the IANA Transition: U.S. power over the core functioning of the Domain Name System do not stand diminished after the transition, and they can even arguably be said to have become even more entrenched. Meet the new boss: same as the old boss.

It is an allied but logically distinct issue that U.S. businesses — registries and registrars — dominate the global DNS industry, and as a result hold the reins at ICANN.↩
As Goldsmith & Wu note in their book Who Controls the Internet: "Back in 1998 the U.S. Department of Commerce promised to relinquish root authority by the fall of 2006, but in June 2005, the United States reversed course. “The United States Government intends to preserve the security and stability of the Internet’s Domain Name and Addressing System (DNS),” announced Michael D. Gallagher, a Department of Commerce official. “The United States” he announced, will “maintain its historic role in authorizing changes or modifications to the authoritative root zone file.”↩
Mr. Fadi Chehadé revealed in an interaction with Indian participants at ICANN 54 that he had a meeting "at the White House" about the U.S. plans for transition of the IANA contract before he spoke about that when he visited India in October 2013 making the timing of his White House visit around the time of the Montevideo Statement.↩
As an example, NSD, software that is used on multiple root servers, is funded by a Dutch foundation and a Dutch corporation, and written mostly by European coders.↩

For more details visit https://cis-india.org/internet-governance/blog/jurisdiction-the-taboo-topic-at-icann

CIS Submission to TRAI Consultation on Free Data

pranesh — 2016-07-01T16:04:27Z

The Telecom Regulatory Authority of India (TRAI) held a consultation on Free Data, for which CIS sent in the following comments.

The Telecom Regulatory Authority of India (TRAI) asked for public comments on free data. Below are the comments that CIS submitted to the four questions that it posed.

Question 1
Is there a need to have TSP agnostic platform to provide free data or suitable reimbursement to users, without violating the principles of Differential Pricing for Data laid down in TRAI Regulation? Please suggest the most suitable model to achieve the objective.

Is There a Need for Free Data?

No, there is no need for free data, just as there is no need for telephony or Internet. However, making provisions for free data would increase the amount of innovation in the Internet and telecom sector, and there is a good probability that it would lead to faster adoption of the Internet, and thus be beneficial in terms of commerce, freedom of expression, freedom of association, and many other ways.

Thus the question that a telecom regulator should ask is not whether there is a need for TSP agnostic platforms, but whether such platforms are harmful for competition, for consumers, and for innovation. The telecom regulator ought not undertake regulation unless there is evidence to show that harm has been caused or that harm is likely to be caused. In short, TRAI should not follow the precautionary principle, since the telecom and Internet sectors are greatly divergent from environmental protection: the burden of proof for showing that something ought to be prohibited ought to be on those calling for prohibition.

Goal: Regulating Gatekeeping

TRAI wouldn’t need to regulate price discrimination or Net neutrality if ISPs were not “gatekeepers” for last-mile access. “Gatekeeping” occurs when a single entity establishes itself as an exclusive route to reach a large number of people and businesses or, in network terms, nodes. It is not possible for Internet services to reach their end customers without passing through ISPs (generally telecom networks). The situation is very different in the middle-mile and for backhaul. Even though anti-competitive terms may exist in the middle-mile, especially given the opacity of terms in “transit agreements”, a packet is usually able to travel through multiple routes if one route is too expensive (even if that is not the shortest network path, and is thus inefficient in a way). However, this multiplicity of routes is generally not possible in the last mile.¹ This leaves last mile telecom operators (ISPs) in a position to unfairly discriminate between different Internet services or destinations or applications, while harming consumer choice.

However, the aim of regulation by TRAI cannot be to prevent gatekeeping, since that is not possible as long as there are a limited number of ISPs. For instance, even by the very act of charging money for access to the Internet, ISPs are guilty of “gatekeeping” since they are controlling who can and cannot access an Internet service that way. Instead, the aim of regulation by TRAI should be to “regulate gatekeepers to ensure they do not use their gatekeeping power to unjustly discriminate between similarly situated persons, content or traffic”, as we proposed in our submission to TRAI (on OTTs) last year.

Models for Free Data

There are multiple models possible for free data, none of which TRAI should prohibit unless it would enable OTTs to abuse their gatekeeping powers.

Government Incentives For Non-Differentiated Free Data

The government may opt to require all ISPs to provide free Internet to all at a minimum QoS in exchange for exemption from paying part of their USO contributions, or the government may pay ISPs for such access using their USO contributions.

TRAI should recommend to DoT that it set up a committee to study the feasibility of this model.

ISP subsidies

ISP subsidies of Internet access only make economic sense for the ISP under the following ‘Goldilocks’ condition is met: the experience with the subsidised service is ‘good enough’ for the consumers to want to continue to use such services, but ‘bad enough’ for a large number of them to want to move to unsubsidised, paid access.

Providing free Internet to all at a low speed.
1. This naturally discriminates against services and applications such as video streaming, but does not technically bar access to them.
Providing free access to the Internet with other restrictions on quality that aren’t discriminatory with respect to content, services, or applications.

Rewards model

A TSP-agnostic rewards platform will only come within the scope of TRAI regulation if the platform has some form of agreement with the TSPs, even if it is collectively. If the rewards platform doesn’t have any agreement with any TSP, then TRAI does not have the power to regulate it. However, if the rewards platform has an agreement with any TSP, it is unclear whether it would be allowed under the Differential Data Tariff Regulation, since the clause 3(2) read with paragraph 30 of the Explanatory Memorandum might disallow such an agreement.

Assuming for the sake of argument that platforms with such agreements are not disallowed, such platforms can engage in either post-purchase credits or pre-purchase credits, or both. In other words, it could be a situation where a person has to purchase a data pack, engage in some activity relating to the platform (answer surveys, use particular apps, etc.) and thereupon get credit of some form transferred to one’s SIM, or it could be a situation where even without purchasing a data pack, a consumer can earn credits and thereupon use those credits towards data.

The former kind of rewards platform is not as useful when it comes to encouraging people to use the Internet, since only those who already see worth in using in the Internet (and can afford it) will purchase a data pack in the first place. The second form, on the other hand is quite useful, and could be encouraged. However, this second model is not as easily workable, economically, for fixed line connections, since there is a higher initial investment involved.

Recharge API

A recharge API could be fashioned in one of two ways: (1) via the operating system on the phone, allowing a TSP or third parties (whether OTTs or other intermediaries) to transfer credit to the SIM card on the phone which have been bought wholesale. Another model could be that of all TSPs providing a recharge API for the use of third parties. Only the second model is likely to result in a “toll-free” experience since in the first model, like in the case of a rewards platform that requires up-front purchase of data packs, there has to be a investment made first before that amount is recouped. This is likely to hamper the utility of such a model.

Further, in the first case, TRAI would probably not have the powers to regulate such transactions, as there would be no need for any involvement by the TSP. If anti-competitive agreements or abuse of dominant position seems to be taking place, it would be up to the Competition Commission of India to investigate.

However, the second model would have to be overseen by TRAI to ensure that the recharge APIs don’t impose additional costs on OTTs, or unduly harm competition and innovation. For instance, there ought to be an open specification for such an API, which all the TSPs should use in order to reduce the costs on OTTs. Further, there should be no exclusivity, and no preferential treatment provided for the TSPs sister concerns or partners.

“0.example” sites

Other forms of free data, for instance by TSPs choosing not to charge for low-bandwidth traffic should be allowed, as long as it is not discriminatory, nor does it impose increased barriers to entry for OTTs. For instance, if a website self-certifies that it is low-bandwidth and optimized for Internet-enabled feature phones and uses 0.example.tld to signal this (just as wap.* were used in for WAP sites and m.* are used for mobile-optimized versions of many sites), then there is no reason why TSPs should be prohibited from not charging for the data consumed by such websites, as long as the TSP does so uniformly without discrimination. In such cases, the TSP is not harming competition, harming consumers, nor abusing its gatekeeping powers.

OTT-agnostic free data

If a TSP decides not to charge for specific forms of traffic (for example, video, or for locally-peered traffic) regardless of the Internet service from which that traffic emanates, as as long as it does so with the end customer’s consent, then there is no question of the TSP harming competition, harming consumers, nor abusing its gatekeeping powers. There is no reason such schemes should be prohibited by TRAI unless they distort markets and harm innovation.

Unified marketplace

One other way to do what is proposed as the “recharge API” model is to create a highly-regulated market where the gatekeeping powers of the ISP are diminished, and the ISP’s ability to leverage its exclusive access over its customers are curtailed. A comparison may be drawn here to the rules that are often set by standard-setting bodies where patents are involved: given that these patents are essential inputs, access to them must be allowed through fair, reasonable, and non-discriminatory licences. Access to the Internet and common carriers like telecom networks, being even more important (since alternatives exist to particular standards, but not to the Internet itself), must be placed at an even higher pedestal and thus even stricter regulation to ensure fair competition.

A marketplace of this sort would impose some regulatory burdens on TRAI and place burdens on innovations by the ISPs, but a regulated marketplace harms ISP innovation less than not allowing a market at all.

At a minimum, such a marketplace must ensure non-exclusivity, non-discrimination, and transparency. Thus, at a minimum, a telecom provider cannot discriminate between any OTTs who want similar access to zero-rating. Further, a telecom provider cannot prevent any OTT from zero-rating with any other telecom provider. To ensure that telecom providers are actually following this stipulation, transparency is needed, as a minimum.

Transparency can take one of two forms: transparency to the regulator alone and transparency to the public. Transparency to the regulator alone would enable OTTs and ISPs to keep the terms of their commercial transactions secret from their competitors, but enable the regulator, upon request, to ensure that this doesn’t lead to anti-competitive practices. This model would increase the burden on the regulator, but would be more palatable to OTTs and ISPs, and more comparable to the wholesale data market where the terms of such agreements are strictly-guarded commercial secrets. On the other hand, requiring transparency to the public would reduce the burden on the regulator, despite coming at a cost of secrecy of commercial terms, and is far more preferable.

Beyond transparency, a regulation could take the form of insisting on standard rates and terms for all OTT players, with differential usage tiers if need be, to ensure that access is truly non-discriminatory. This is how the market is structured on the retail side.

Since there are transaction costs in individually approaching each telecom provider for such zero-rating, the market would greatly benefit from a single marketplace where OTTs can come and enter into agreements with multiple telecom providers.

Even in this model, telecom networks will be charging based not only on the fact of the number of customers they have, but on the basis of them having exclusive routing to those customers. Further, even under the standard-rates based single-market model, a particular zero-rated site may be accessible for free from one network, but not across all networks: unlike the situation with a toll-free number in which no such distinction exists.

To resolve this, the regulator may propose that if an OTT wishes to engage in paid zero-rating, it will need to do so across all networks, since if it doesn’t there is risk of providing an unfair advantage to one network over another and increasing the gatekeeper effect rather than decreasing it.

Question 2

Whether such platforms need to be regulated by the TRAI or market be allowed to develop these platforms?

In many cases, TRAI would have no powers over such platforms, so the question of TRAI regulating does not arise. In all other cases, TRAI can allow the market to develop such platforms, and then see if any of them violates the Discriminatory Data Tariffs Regualation. For government-incentivised schemes that are proposed above, TRAI should take proactive measure in getting their feasibility evaluated.

Question 3

Whether free data or suitable reimbursement to users should be limited to mobile data users only or could it be extended through technical means to subscribers of fixed line broadband or leased line?

Spectrum is naturally a scarce resource, though technological advances (as dictated by Cooper’s Law) and more efficient management of spectrum make it less so. However, we have seen that fixed-line broadband has more or less stagnated for the past many years, while mobile access has increased. So the market distortionary power of fixed-line providers is far less than that of mobile providers. However, competition is far less in fixed-line Internet access services, while it is far higher in mobile Internet access. Switching costs in fixed-line Internet access services are also far higher than in mobile services. Given these differences, the regulation with regard to price discrimination might justifiably be different.

All in all, for this particular issue, it is unclear why different rules should apply to mobile users and fixed line users.

Question 4

Any other issue related to the matter of Consultation.

None.

In India’s mobile telecom sector, according to a Nielsen study, an estimated 15% of mobile users are multi-SIM users, meaning the “gatekeeping” effect is significantly reduced in both directions: Internet services can reach them via multiple ISPs, and conversely they can reach Internet services via multiple ISPs. See Nielsen, ‘Telecom Transitions: Tracking the Multi-SIM Phenomena in India’, http://www.nielsen.com/in/en/insights/reports/2015/telecom-transitions-tracking-the-multi-sim-phenomena-in-india.html↩

For more details visit https://cis-india.org/internet-governance/blog/cis-submission-trai-consultation-free-data

World Trends in Freedom of Expression and Media Development

pranesh — 2016-02-17T16:41:28Z

For more details visit https://cis-india.org/internet-governance/blog/world-trends-in-freedom-of-expression-and-media-development