The Centre for Internet and Society
https://cis-india.org
These are the search results for the query, showing results 2831 to 2845.
Hammered government offers Virtual ID firewall to protect your Aadhaar
https://cis-india.org/internet-governance/news/indian-express-january-11-2018-
<b>Days after reports surfaced claiming security breaches, the Unique Identification Authority of India (UIDAI) on Wednesday announced the implementation of a new security protocol that would remove the need to divulge Aadhaar numbers during authentication processes and limit third-party access to KYC details.</b>
<p>The article was published in <a class="external-link" href="http://www.newindianexpress.com/nation/2018/jan/11/hammered-government-offers-virtual-id-firewall-to-protect-your-aadhaar-1750466.html">New Indian Express</a> on January 11, 2018.</p>
<hr />
<p style="text-align: justify; ">Admitting that the “collection and storage of Aadhaar numbers by various entities has heightened privacy concerns”, the UIDAI circular said Authentication User Agencies (AUAs) providing Aadhaar services have to be ready to implement the protocol from March 1, 2018. From June 1 use of Virtual ID for authentication would be mandatory.</p>
<p style="text-align: justify; ">The linchpin of the new protocol will be the virtual ID (VID) — a “temporary, revocable 16-digit random number” that can be used instead of Aadhaar to verify or link services. VIDs will have a limited validity and can be generated only by the Aadhaar holder. “UIDAI will provide various options to generate, retrieve and replace VIDs… these will be made available via UIDAI’s resident portal, Aadhaar Enrolment Centre, mAadhaar mobile application, etc.,” it said. While only one VID per Aadhaar number will be valid at a time, users can revoke and generate new VIDs as many times as desired.</p>
<p style="text-align: justify; ">UIDAI will also limit KYC details accessible by AUAs by classifying them as Global AUAs, which are required to use Aadhaar e-KYC by law, and Local AUAs. Only the former will have full access to e-KYC details and can store Aadhaar numbers. Local AUAs will only have access to limited KYC details and be prohibited from storing Aadhaar numbers. UIDAI will also generate UID tokens which will be used to identify customers within agencies’ systems, but these will not be usable by other AUAs.</p>
<p style="text-align: justify; ">However, cybersecurity experts say that even if the new “patch” is effective, verification processes will have to be redone to prevent misuse of already-leaked Aadhaar numbers. “The concept is attractive, but the devil is in the details,” observed Pavan Duggal, cyberlaw expert, adding that the new system does not address those who have already gained unauthorised access to Aadhaar numbers. Sunil Abraham, executive director, Centre for Internet and Society, was more categorical. “If it has to be effective, they will have to redo (Aadhaar-KYC) from scratch.”</p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/news/indian-express-january-11-2018-'>https://cis-india.org/internet-governance/news/indian-express-january-11-2018-</a>
</p>
No publisherAdminAadhaarInternet GovernancePrivacy2018-01-16T23:34:12ZNews ItemAadhaar Body Talked About Virtual ID 7 Years Ago, Put It Off: UIDAI Chief
https://cis-india.org/internet-governance/news/ndtv-sukriti-dwivedi-january-13-2018-aadhaar-body-talked-about-virtual-id-7-years-ago-put-it-off-uidai-chief
<b>"And at that time, it was felt that let us first give Aadhaar number, let us see how it plays out and then, at an appropriate time, this will be introduced," Ajay Bhushan Pandey, the chief executive officer of UIDAI, or the Unique Identification Authority of India said in an interview to NDTV this week. He called it an "extra layer of security" for the 119 crore people issued Aadhaar numbers.</b>
<p style="text-align: justify; ">The blog post by Sukriti Dwivedi was <a class="external-link" href="https://www.ndtv.com/india-news/aadhaar-body-talked-about-virtual-id-7-years-ago-put-it-off-uidai-chief-1799467">published by NDTV</a> on January 13, 2018.</p>
<hr style="text-align: justify; " />
<p style="text-align: justify; ">Virtual ID, the 16-digit temporary number, announced by UIDAI this week had been suggested way back in 2009-10 when its architects were still designing the system. But the Aadhaar authority, which has called Virtual ID a unique innovation to enhance privacy and security, decided against rolling it out at that time.</p>
<p id="_mcePaste" style="text-align: justify; ">"And at that time, it was felt that let us first give Aadhaar number, let us see how it plays out and then, at an appropriate time, this will be introduced," Ajay Bhushan Pandey, the chief executive officer of UIDAI, or the Unique Identification Authority of India said in an interview to NDTV this week. He called it an "extra layer of security" for the 119 crore people issued Aadhaar numbers.</p>
<p style="text-align: justify; "><span>It may be a step forward. But not everyone is as convinced.</span></p>
<div id="_mcePaste" style="text-align: justify; "></div>
<p id="_mcePaste" style="text-align: justify; ">Cyber security Jiten Jain is one of them. Mr Jain told NDTV that UIDAI should first of all decide if the Aadhaar number was confidential information or not because it had changed its stance on this aspect on more than one occasion.</p>
<div id="_mcePaste" style="text-align: justify; "></div>
<p id="_mcePaste" style="text-align: justify; ">Like when government departments put out lakhs of Aadhaar number, the government agency had insisted that there was nothing really confidential about the number which could not be misused. Or when The Tribune earlier this month claimed to have found gaps in UIDAI's security system that let the newspaper demographic details of an individual, UIDAI claimed that "the Aadhaar number is not a secret number" anyways.</p>
<div id="_mcePaste" style="text-align: justify; "></div>
<p id="_mcePaste" style="text-align: justify; ">Also, a point is being made that if hiding an Aadhaar number enhances privacy, then what about the crores of people who have been forced to share their Aadhaar numbers - and a copy of their Aadhaar cards - all these years.</p>
<div id="_mcePaste" style="text-align: justify; "></div>
<p id="_mcePaste" style="text-align: justify; ">Experts suggest the timing of the announcement may not have been a coincidence. The initiative came against the backdrop of mounting privacy concerns after the newspaper expose. The hearing by a five-judge Constitution Bench of the Supreme Court to decide if the Aadhaar project violates citizens' privacy is to start hearing from next week, January 17.</p>
<div id="_mcePaste" style="text-align: justify; "></div>
<div id="_mcePaste" style="text-align: justify; "></div>
<p id="_mcePaste" style="text-align: justify; ">Srinivas Kodali, cyber security expert and an Aadhaar researcher, said it was clear that the UIDAI had brought it hurriedly. "They said they will release the codes by March 1. So it clearly looks like they haven't planned this thoroughly," he said.</p>
<div id="_mcePaste" style="text-align: justify; "></div>
<p id="_mcePaste" style="text-align: justify; ">There are also concerns about the ability of people living in remote areas to generate the Virtual IDs, in terms of connectivity and literacy. That means a large proportion of people would not be able to generate the Virtual IDs.</p>
<div id="_mcePaste" style="text-align: justify; "></div>
<p id="_mcePaste" style="text-align: justify; ">UIDAI chief Mr Pandey said there was nothing to prevent them from continuing to use their Aadhaar number. It is an option, he stressed.</p>
<div id="_mcePaste" style="text-align: justify; "></div>
<p id="_mcePaste" style="text-align: justify; ">This, experts at the Bengaluru-based research group, Centre for Internet and Society, which has long advocated for a token system such as the Virtual ID, said was a problem area.</p>
<p style="text-align: justify; ">"And at that time, it was felt that let us first give Aadhaar number, let us see how it plays out and then, at an appropriate time, this will be introduced," Ajay Bhushan Pandey, the chief executive officer of UIDAI, or the Unique Identification Authority of India said in an interview to NDTV this week. He called it an "extra layer of security" for the 119 crore people issued Aadhaar numbers. It may be a step forward. But not everyone is as convinced.</p>
<p style="text-align: justify; ">Cyber security Jiten Jain is one of them. Mr Jain told NDTV that UIDAI should first of all decide if the Aadhaar number was confidential information or not because it had changed its stance on this aspect on more than one occasion.</p>
<p style="text-align: justify; ">Like when government departments put out lakhs of Aadhaar number, the government agency had insisted that there was nothing really confidential about the number which could not be misused. Or when The Tribune earlier this month claimed to have found gaps in UIDAI's security system that let the newspaper demographic details of an individual, UIDAI claimed that "the Aadhaar number is not a secret number" anyways.</p>
<p style="text-align: justify; ">Also, a point is being made that if hiding an Aadhaar number enhances privacy, then what about the crores of people who have been forced to share their Aadhaar numbers - and a copy of their Aadhaar cards - all these years.</p>
<p style="text-align: justify; ">Experts suggest the timing of the announcement may not have been a coincidence. The initiative came against the backdrop of mounting privacy concerns after the newspaper expose. The hearing by a five-judge Constitution Bench of the Supreme Court to decide if the Aadhaar project violates citizens' privacy is to start hearing from next week, January 17.</p>
<p style="text-align: justify; ">Srinivas Kodali, cyber security expert and an Aadhaar researcher, said it was clear that the UIDAI had brought it hurriedly. "They said they will release the codes by March 1. So it clearly looks like they haven't planned this thoroughly," he said.</p>
<p style="text-align: justify; ">There are also concerns about the ability of people living in remote areas to generate the Virtual IDs, in terms of connectivity and literacy. That means a large proportion of people would not be able to generate the Virtual IDs.</p>
<p style="text-align: justify; ">UIDAI chief Mr Pandey said there was nothing to prevent them from continuing to use their Aadhaar number. It is an option, he stressed.</p>
<p style="text-align: justify; ">This, experts at the Bengaluru-based research group, Centre for Internet and Society, which has long advocated for a token system such as the Virtual ID, said was a problem area.</p>
<p style="text-align: justify; ">"Privacy can be protected by design and not by choice," said CIS executive director Sunil Abraham, who believes the biggest flaw with Aadhaar was its design.</p>
<p style="text-align: justify; ">"Since it is not mandatory most people will just use the Aadhaar number instead of getting into the hassle of generating a VID... This is privacy through hurdles instead of privacy by design. I suggest authorities should generate VIDs for people and ensure that third parties only use VID and not the Aadhaar number," Pranesh Prakash at the CIS' policy director told NDTV.</p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/news/ndtv-sukriti-dwivedi-january-13-2018-aadhaar-body-talked-about-virtual-id-7-years-ago-put-it-off-uidai-chief'>https://cis-india.org/internet-governance/news/ndtv-sukriti-dwivedi-january-13-2018-aadhaar-body-talked-about-virtual-id-7-years-ago-put-it-off-uidai-chief</a>
</p>
No publisherAdminAadhaarInternet GovernancePrivacy2018-01-16T23:42:58ZNews ItemVirtual Aadhaar ID: too little, too late?
https://cis-india.org/internet-governance/news/hindu-yuthika-bhargava-january-11-2018-virtual-aadhaar-id-too-little-too-late
<b>Problems persist as many have already shared their 12-digit number with various entities, say experts</b>
<p style="text-align: justify; ">The article by Yuthika Bhargava was <a class="external-link" href="http://www.thehindu.com/news/national/virtual-aadhaar-id-too-little-too-late/article22423218.ece">published in the Hindu</a> on January 11, 2018</p>
<hr style="text-align: justify; " />
<p style="text-align: justify; ">The move to introduce an “untested” virtual ID to address security concerns over Aadhaar database is a step in the right direction, but may be a case of too little, too late, according to experts, as many of the 119 crore Aadhaar holders have already shared their 12-digit numbers with various entities.</p>
<p style="text-align: justify; ">“What about all the databases that are already linked up with our Aadhaar number? Virtual ID will therefore not attack the root of the problem. At best, it is band-aid,” said Reetika Khera, faculty, Indian Institute of Technology-Delhi.</p>
<p style="text-align: justify; ">“Can we realistically expect rural folks to use this to protect themselves? Or are we pushing the barely literate into the hands of middlemen who will ‘help’ them navigate it?” she questioned.</p>
<p style="text-align: justify; ">The Unique Identification Authority of India (UIDAI) on Wednesday introduced the concept of a virtual ID that can be used in lieu of the Aadhaar number at the time of authentication, thus eliminating the need to share and store Aadhaar numbers. It can be generated only by the Aadhaar number-holder via the UIDAI website, Aadhaar enrolment centre, or its mobile application.</p>
<p style="text-align: justify; ">Experts pointed out that the virtual ID is voluntary and the Aadhaar number will still need to be used at some places.</p>
<p style="text-align: justify; ">“Unless all entities are required to use virtual IDs or UID tokens, and are barred from storing Aadhaar numbers, the new measures won’t really help,” said Pranesh Prakash, Policy Director, Centre for Internet and Society, Bengaluru.</p>
<p style="text-align: justify; ">Kiran Jonnalagadda, co-founder of the Internet Freedom Foundation, agreed. “The idea is good but it should have been done in 2010, as now all the data is already out. Now, what can be done is revoke everybody’s Aadhaar and give new IDs.”</p>
<p style="text-align: justify; ">Mr. Jonnalagadda added that Authentication User Agencies (AUAs) categorised as ‘global AUAs’ by the UIDAI will be exempted from using the virtual IDs. “These are likely to be entities which require de-duplication for subsidy transfer, such as banks and government agencies. All the leaks have happened till now from these entities. So, basically, the move will exempt the parties that are the problem,” he said.</p>
<p style="text-align: justify; ">Vipin Nair, one of the advocates representing the petitioners who have challenged the Aadhaar Act in the Supreme Court said, “It is potentially a case of unmitigated chaos purely from an Information Technology perspective.”</p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/news/hindu-yuthika-bhargava-january-11-2018-virtual-aadhaar-id-too-little-too-late'>https://cis-india.org/internet-governance/news/hindu-yuthika-bhargava-january-11-2018-virtual-aadhaar-id-too-little-too-late</a>
</p>
No publisherAdminAadhaarInternet GovernancePrivacy2018-01-16T23:59:21ZNews ItemIndia To Introduce Virtual ID For Aadhaar To Strengthen Privacy
https://cis-india.org/internet-governance/news/bloomberg-quint-january-11-2018-india-to-introduce-virtual-id-for-aadhaar-to-strengthen-privacy
<b>The government will introduce a virtual identification number for Aadhaar to help strengthen privacy following several instances of data leaks.</b>
<p style="text-align: justify; ">The blog post was published by <a class="external-link" href="https://www.bloombergquint.com/aadhaar/2018/01/10/india-to-introduce-virtual-id-for-aadhaar-to-strengthen-privacy">Bloomberg Quint </a>on January 11, 2018.</p>
<hr style="text-align: justify; " />
<p style="text-align: justify; "><span>The additional layer of security is meant to help Aadhaar users avoid sharing their unique identification number at the time of authentication to avail various services and welfare schemes, UIDAI said in a circular seen by BloombergQuint. The virtual ID will be an optional feature and users will be allowed to provide Aadhaar for verification.</span></p>
<div id="_mcePaste" style="text-align: justify; "></div>
<p id="_mcePaste" style="text-align: justify; ">The Aadhaar-issuing body, Unique Identification Authority of India, will also introduce limited know-your-customer rules to eliminate the need for agencies to store the biometric ID. Migration to the new system will start from June 1, it added.</p>
<div id="_mcePaste" style="text-align: justify; "></div>
<p id="_mcePaste" style="text-align: justify; ">Virtual IDs should be made mandatory and the UIDAI should itself generate these codes instead of having the user do it, said Pranesh Prakash, policy director at the Center for Internet Security, which has published reports on the security flaws in the world’s largest database.</p>
<p style="text-align: justify; ">The additional layer of security is meant to help Aadhaar users avoid sharing their unique identification number at the time of authentication to avail various services and welfare schemes, UIDAI said in a circular seen by BloombergQuint. The virtual ID will be an optional feature and users will be allowed to provide Aadhaar for verification.</p>
<p style="text-align: justify; ">The Aadhaar-issuing body, Unique Identification Authority of India, will also introduce limited know-your-customer rules to eliminate the need for agencies to store the biometric ID. Migration to the new system will start from June 1, it added.</p>
<p style="text-align: justify; ">Virtual IDs should be made mandatory and the UIDAI should itself generate these codes instead of having the user do it, said Pranesh Prakash, policy director at the Center for Internet Security, which has published reports on the security flaws in the world’s largest database.</p>
<blockquote class="quoted" style="text-align: justify; ">This takes into account concerns of third-party databases being combined without the consent of the individual but fails to address issues of government surveillance, exclusion and cybersecurity, he added.</blockquote>
<p style="text-align: justify; ">The move comes barely a week after The Tribune, a Chandigarh-based newspaper, reported that it could access the Aadhaar database by paying Rs 500, raising privacy concerns. Petitions challenging the validity of Aadhaar and the government’s decision to make it mandatory for everything from bank accounts to mobile services are pending in the Supreme Court.</p>
<p style="text-align: justify; ">As of now, citizens are required to share their Aadhaar number for authentication to avail certain services. With the introduction of the virtual ID that would change.</p>
<p style="text-align: justify; ">It would be a randomly generated 16-digit number that'd be digitally linked to a person's Aadhaar number. This ID would be temporary and revocable. There can be only one active and valid virtual ID for an Aadhaar number at any given point in time. Aadhaar holders will be able to use the virtual ID whenever authentication is required.</p>
<p class="callout" style="text-align: justify; ">Virtual ID, by design being temporary, cannot be used by agencies for duplication.<br /><span><strong>UIDAI Circular</strong></span></p>
<p style="text-align: justify; ">Only Aadhaar holders themselves can generate a virtual ID and set a minimum validity period for that after which it will have to be replaced by a new one. The virtual IDs can be changed through UIDAI's portal, at an Aadhaar enrolment centre or using the mAadhaar mobile application, the circular said.</p>
<h3 style="text-align: justify; ">Who Can Store Your Aadhaar Data?</h3>
<p style="text-align: justify; ">The UIDAI will limit the number of agencies that can access and store your Aadhaar number. For this purpose, it will divide the agencies that seek to use Aadhaar authentication for services into two categories—global and local.</p>
<p style="text-align: justify; ">Global authentication agencies will be allowed to "securely" store the Aadhaar number, while local agencies won't. The latter would be the ones that’d use the virtual IDs and a unique token for authentication.</p>
<p style="text-align: justify; ">The Aadhaar-issuing body has not clearly defined what would classify as a global agency. It has only said that it will "from time to time" evaluate authentication agencies "based on the laws governing them and categorise them" as global agencies. Any authentication agency that is not classified as global would be local.</p>
<h3 style="text-align: justify; ">Transition To New System</h3>
<p style="text-align: justify; ">UIDAI has told all agencies that use Aadhaar authentication to update their applications and processes for accepting virtual IDs instead of the Aadhaar number and allow authentication using the UID token. This has to be done by June 1.</p>
<p style="text-align: justify; ">If an agency fails to migrate to the new system by then, their authentication services "may be discontinued" and a penalty may be imposed, UIDAI said.</p>
<p style="text-align: justify; ">UIDAI will release the updated tools and protocols required for building the authentication software by March 1. All authentication agencies would also receive technical documents, workshops and training session to ensure smooth implementation.</p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/news/bloomberg-quint-january-11-2018-india-to-introduce-virtual-id-for-aadhaar-to-strengthen-privacy'>https://cis-india.org/internet-governance/news/bloomberg-quint-january-11-2018-india-to-introduce-virtual-id-for-aadhaar-to-strengthen-privacy</a>
</p>
No publisherAdminAadhaarInternet GovernancePrivacy2018-01-17T00:11:13ZNews ItemAnother Step towards Privacy Law
https://cis-india.org/internet-governance/blog/governance-now-elonnai-hickok-another-step-towards-privacy-law-data-protection
<b>A comparison between the 2012 experts’ report and the 2017 white paper on data protection.</b>
<p><span style="text-align: justify; ">The column was published in </span><a class="external-link" href="http://www.governancenow.com/views/columns/another-step-towards-privacy-law-data-protection" style="text-align: justify; ">Governance Now</a><span style="text-align: justify; "> in January 15, 2018 issue.</span></p>
<hr />
<table class="plain">
<tbody>
<tr>
<th><img src="https://cis-india.org/home-images/PrivacyLaw.png/@@images/e6aec54f-c20a-4f80-8dfe-b5e48e585ee0.png" style="text-align: justify; " title="Privacy Law" class="image-inline" alt="Privacy Law" /></th>
</tr>
<tr>
<td>(Illustration: Ashish Asthana)</td>
</tr>
</tbody>
</table>
<p style="text-align: justify; ">On July 31 the ministry of electronics and information technology (MeitY) constituted a committee of experts, headed by justice (retired) BN Srikrishna, to deliberate on a data protection framework for India. The committee is another step in India’s journey in formulating a national-level privacy legislation.</p>
<div id="_mcePaste" style="text-align: justify; "></div>
<p id="_mcePaste" style="text-align: justify; ">The formulation of a privacy law started as early as 2010 with an approach paper for a legislation on privacy towards envisioning a privacy framework for India. In 2011, a bill on right to privacy was drafted. In 2012 the planning commission constituted a group of experts, with justice (retired) AP Shah as its chief, which prepared a report recommending a privacy framework.</p>
<div id="_mcePaste" style="text-align: justify; "></div>
<p id="_mcePaste" style="text-align: justify; ">A month after the formation of the committee, in August, the sectoral regulator, Telecom Regulatory Authority of India (TRAI), released the consultation paper, ‘Privacy, Security and Ownership of the Data in the Telecom Sector’. In the same month, the supreme court in a landmark decision recognised privacy as a fundamental right.</p>
<div id="_mcePaste" style="text-align: justify; "></div>
<p id="_mcePaste" style="text-align: justify; ">In November 2017, the expert group released a ‘White Paper of the Committee of Experts on a Data Protection Framework for India’ to solicit public comments on the contours of a data protection law for India.</p>
<div id="_mcePaste" style="text-align: justify; "></div>
<p id="_mcePaste" style="text-align: justify; ">To understand the evolution of the thinking around a privacy framework for India, this article outlines and analyses common themes and differences between (a) the 2012 group of experts’ report, and the 2017 expert committee’s white paper.</p>
<div style="text-align: justify; "></div>
<p style="text-align: justify; "><span>The white paper seeks to gather inputs from the public on key issues towards the development of a data protection law for India. The paper places itself in the context of the NDA government’s Digital India initiative, the justice Shah committee report, and the judicial developments on the right to privacy in India. It is divided into three substantive parts: (1) scope and exemptions, (2) grounds of processing, obligation and entities, individual rights, and (3) regulation and enforcement. Each part is comprised of deep dives into key issues, international practices, preliminary views of the committee, and questions for public consultation.</span></p>
<p style="text-align: justify; ">Broadly, the 2012 report defined nine national-level privacy principles and recommended a co-regulatory framework that consisted of privacy commissioners, courts, self-regulating organisations, data controllers, and privacy officers at the organisational level. At the outset, the 2017 white paper is different from that report simply by the fact that it is a consultation paper soliciting views as compared to a report that recommends a broad privacy framework for India. In doing so, the white paper explores a broader set of issues than those discussed in the justice Shah report – ranging from the implications of emerging technologies on the relevance of traditional privacy principles, data localisation, child’s consent, individual participation rights, the right to be forgotten, cross-border flow of data, breach notification etc. Given that the white paper is a consultation paper, this article examines the provisional views shared in it with the recommendations of the 2012 report.</p>
<p style="text-align: justify; ">Key areas that the both the documents touch upon (though not necessarily agree on) include:</p>
<h3 style="text-align: justify; ">Applicability</h3>
<p style="text-align: justify; ">The 2012 report of experts recommended a privacy legislation that extends the right to privacy to all persons in India, all data that is processed by a company or equipment located in India, and to data that originate in India.</p>
<p style="text-align: justify; ">Provisional views in the white paper reflect this position, but also offer that applicability could be in part determined by the legitimate interest of the state, carrying on a business or offering services or goods in India, and if, despite location, the entity is processing the personal data of Indian citizens. The provisional views also touch upon retrospective application of a data protection law and agree with the 2012 report by recommending that a law apply to privacy and public bodies. They also go a step further by recommending specific exemptions in application for well defined categories of public or private entities.</p>
<h3 style="text-align: justify; ">Exceptions</h3>
<p style="text-align: justify; ">The experts’ report defined the following exceptions to the right to privacy: artistic and journalistic purposes, household purposes, historic and scientific research, and the Right to Information. Exceptions that must be weighed against the principles of proportionality, legality, and necessary in a democratic state included: national security, public order, disclosure in public <span>interest, prevention, detection, investigation, and prosecution of criminal offences, and protection of the individual or of the rights and freedoms of others.</span></p>
<p style="text-align: justify; ">Provisional views in the 2017 white paper broadly mirror the exemptions defined in the experts’ report, but do not weigh exceptions related to national security and public interest etc. against the principles of proportionality, legality, and necessary in a democratic state and instead explored a review mechanism for these exceptions.</p>
<h3 style="text-align: justify; ">Consent</h3>
<p style="text-align: justify; ">Provisional views in the white paper on consent note that aspects of consent should include that it is freely given, informed and specific and that standards for implied consent need to be evolved.</p>
<p style="text-align: justify; ">Though the 2012 experts’ report defined a principle for choice and consent, this principle did not define aspects of what would constitute valid consent, yet it did incorporate an opt-out mechanism.</p>
<h3 style="text-align: justify; ">Notice</h3>
<p style="text-align: justify; ">Provisional views in the white paper hold that notice is important in enabling consent and explore a number of mechanisms that can be implemented to effect meaningful notice such as codes of practice for designing notice, multilayered notices, assessing notices in privacy impact assessments, assigning ‘data trust scores’ based on their data use policy, and having a ‘consent dashboard’ to help individuals manage their consent across entities.</p>
<p style="text-align: justify; ">These views build upon and complement the principle of notice defined in the 2012 report which defined components of a privacy policy as well as other forms of notice including data breach (also addressed in the white paper) and legal access to personal information.</p>
<h3 style="text-align: justify; ">Purpose limitation/minimisation</h3>
<p style="text-align: justify; ">Provisional views in the white paper recognise the challenges that evolving technology is posing to the principle of purpose limitation and recommend that layered privacy policies and the standard of reasonableness can be used to contextualise this principle to actual purposes and uses.</p>
<p style="text-align: justify; ">Though the 2012 report defined a purpose limitation principle, the principle does not incorporate a standard of reasonableness or explore methods of implementation.</p>
<h3 style="text-align: justify; ">Data Retention and Quality</h3>
<p style="text-align: justify; ">Provisional views in the white paper suggest that the principles of data retention and data quality can be guided by the terms “reasonably and necessary” to ensure that they are not overly burdensome on industry.</p>
<p style="text-align: justify; ">The 2012 report of experts briefly touched on data retention in the principle of purpose limitation –holding that practices should be in compliance with the national privacy principles.</p>
<h3 style="text-align: justify; ">Right to Access</h3>
<p style="text-align: justify; ">Provisional views in the white paper recognise the importance of the right confirmation, access, and rectify personal information of the individual, but note that this is increasingly becoming harder to enforce with respect to data that is observed behavioral data and derived from habits. A suggested solution is to impose a fee on individuals for using these rights to deter frivolous requests.</p>
<p style="text-align: justify; ">Though the 2012 report defined a principle of access and correction it did not propose a fee for using this right and it included the caveat that if the access would affect the privacy rights of others, access may not be given by the data controller.</p>
<h3 style="text-align: justify; ">Enforcement Mechanisms</h3>
<p style="text-align: justify; ">Provisional views in the 2017 white paper broadly agree with the appropriateness of the model of co-regulation and development of codes of practice as suggested in the 2012 report. Within the system envisioned in the 2012 report of experts, self-regulating organisations at the indu<span>stry level will have the ability to develop industry specific norms and standards in compliance with the national privacy principles to be approved by the privacy commissioner.</span></p>
<h3 style="text-align: justify; ">Accountability</h3>
<p style="text-align: justify; ">The provisional views of the white paper go beyond the principle of accountability defined in the 2012 report by suggesting that data controllers should not only be held accountable for implementation of defined data protection standards, but in defined circumstances, also for harm that is caused to an individual.</p>
<h3 style="text-align: justify; ">Additional Obligations and Data Controllers</h3>
<p style="text-align: justify; ">Provisional views in the white paper suggest the following mechanisms as methods towards ensuring accountability of specific categories of data controllers: registration, data protection impact assessment, data audits, and data protection officers that are centres of accountability.</p>
<p style="text-align: justify; ">The 2012 experts’ report also envisioned impact assessments and investigations carried out by the privacy commissioner and the role of a data controller, but did not explore registration of these entities.</p>
<h3 style="text-align: justify; ">Authorities and Adjudication</h3>
<p style="text-align: justify; ">The both documents are in agreement on the need for a privacy commissioner/data protection authority and envision similar functions such as conducting privacy impact assessments, audits, investigation, and levying of fines. The white paper differs from the 2012 experts’ report in its view that the appellate tribunals under the IT Act and bodies like the National Commission Disputes Redressal Commission could potentially be appropriate venues for adjudicating and resolving disputes.</p>
<p style="text-align: justify; ">Though the 2012 experts’ report recommended that complaints can be issued through an alternative dispute resolution mechanism, to central and regional level commissioners, or to the courts – for remedies– enforcement of penalties should involve district and high-level courts and the supreme court. The 2012 report specified that a distinct tribunal should not be created nor should existing tribunals be relied upon as there is the possibility that the institution will not have the capacity to rule on a broad right of privacy. Individuals that can be held liable by individuals include data controllers, organisation directors, agency directors, and heads of governmental departments.</p>
<h3 style="text-align: justify; ">Penalty and Remedy</h3>
<p style="text-align: justify; ">The white paper goes much further in its thinking on penalties, remedies and compensation than the 2012 report of experts – discussing potential models for calculation of civil penalties including nature and extent of violation of the data protection obligation, nature of personal information involved, number of individuals affected, whether infringement was intentional or negligent, measures taken by the data controller to mitigate the damage, and previous track record of the data controller.</p>
<p style="text-align: justify; ">The white paper is a progressive and positive step towards formulating a data protection law for India that is effective and relevant nationally and internationally. It will be interesting to see the public response to it and the response of the committee to the inputs received from the consultation as well as how the final recommendations differ, build upon, and incorporate previous policy steps towards a comprehensive privacy framework for India.</p>
<div style="text-align: justify; "></div>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/governance-now-elonnai-hickok-another-step-towards-privacy-law-data-protection'>https://cis-india.org/internet-governance/blog/governance-now-elonnai-hickok-another-step-towards-privacy-law-data-protection</a>
</p>
No publisherelonnaiInternet GovernancePrivacy2018-01-18T01:50:59ZBlog EntryWhy you should keep a close eye on the net neutrality debate in the US
https://cis-india.org/internet-governance/news/digit-in-subhrojit-mallick-november-24-2017-why-you-should-keep-a-close-eye-on-the-net-neutrality-debate-in-the-us
<b>As the United State's FCC Chairman Ajit Pai gears up to repeal the net neutrality laws put in place in 2015, India should sit up and take note.</b>
<p style="text-align: justify; ">The blog post by Subhrojit Mallick was published by <a class="external-link" href="https://www.digit.in/internet/why-you-should-keep-a-close-eye-on-the-net-neutrality-debate-in-the-us-38307.html">Digital.in</a> on November 24, 2017.</p>
<hr />
<p style="text-align: justify; ">Back in 2014, a group of Redditors started debating net neutrality in India after Airtel announced it would charge extra for Voice Over IP (VoIP) services like Skype. Soon, that <a href="https://www.digit.in/internet/nothing-basic-about-facebooks-free-basics-28434.html" target="_blank">snowballed into a nation-wide campaign</a> with over a million internet users participating. Things didn’t help when Facebook too wanted to provide a bunch of internet services for free in India through its Internet.org or Free Basics initiative. However, a year-long discussion and public outrage against the two, led the Telecom Regulatory Authority of India (TRAI) <a href="https://www.digit.in/mobile-phones/trai-rules-for-net-neutrality-says-no-to-differential-pricing-28931.html" target="_blank">to rule in favour of net neutrality</a> and stop both Airtel and Facebook in their tracks of violating a free and open internet.</p>
<p style="text-align: justify; ">Fast forward three years down the line and America, the birthplace of the internet, is struggling with the problem of internet freedom. The Federal Communications Commission (FCC) under the Donald Trump Administration led by Chairman Ajit Pai submitted a final draft proposal yesterday to repeal the existing net neutrality laws put in force by the Obama administration in 2015. The draft proposal will be voted upon by FCC by the end of the year and considering the FCC has a Republican majority under Ajit Pai, the proposal is likely to pass.</p>
<p style="text-align: justify; "><strong>What is FCC chairman Ajit Pai doing?</strong></p>
<p style="text-align: justify; "><a href="https://apps.fcc.gov/edocs_public/attachmatch/DOC-347927A1.pdf" rel="Nofollow" target="_blank">The draft</a> removes almost every net neutrality rule from 2015, making ISPs the gatekeepers of the internet. It states internet providers will have the freedom to implement fast and slow speed lanes, prioritise traffic and block apps and services. The only rule they have to follow -- publicly disclose when they are doing any of the things stated above.</p>
<p style="text-align: justify; ">Executive director of the Centre for Internet and Society, Sunil Abraham elaborated on what's on Pai's mind.</p>
<p style="text-align: justify; ">"Ajit Pai's ideology is pro-market. He believes the market will sort all problems out. According to Pai, the magic of competition will eliminate all the harms emerging from net neutrality violation," he said.</p>
<p style="text-align: justify; ">"Pai has said, you do what you want to do, but you have to disclose that to the public. You can block, throttle, have fast lanes, prioritise traffic, have discriminatory pricing, but you disclose them. If the customer doesn't like it, he can swith to another network. Pai believes the transparency requirements will allow the magic of the market to diminish and eliminate harm. His regulation of net neutrality is transparency," Abraham further added.</p>
<p style="text-align: justify; ">However, such a move will have drastic effects on the free flow of internet traffic. Telecom companies and ISPs can handpick services by charging customers to access some sites or by slowing down the speeds of others. For instance, ISPs can make consumers pay more to watch high-quality content on Netflix.</p>
<p style="text-align: justify; ">With net neutrality rules repealed, the internet will become a pay-to-play service. It will essentially divide the internet into fast and slow lanes. One will be a speedy service that could be priced higher and another, much slower and cheaper. While big players like Amazon, Facebook, Google, Netflix and the likes can easily pay the higher fees and stay unfettered, newcomers and smaller players will have it tough. Although, the <a href="https://geek.digit.in/2017/07/tech-companies-are-fighting-for-net-neutrality-together/" target="_blank">move will lead to cuts in profits for everyone</a>. A higher price to consumers will eat into the user base of these companies, while startups and new voices in the media will find entry and success prohibitive.</p>
<p style="text-align: justify; ">Although it’s true that no single ISP in the US has the entire market to itself and the market is indeed divided into a handful of players, they do operate in a de facto monopolised way. How? ISPs in the US have sliced up the entire country into areas such that users in a particular area have only one choice of service provider. That essentially leaves users at the mercy of whatever Comcast or Spectrum is offering (or not offering).</p>
<p style="text-align: justify; ">By putting the net neutrality rules in place in 2015, the US had ensured these ISPs won’t do anything grossly uncompetitive. The current rules make broadband in the country a public utility, same as electricity. And now, Ajit Pai-led FCC is about to repeal those very rules that kept them grounded.</p>
<p style="text-align: justify; "><strong>Will the FCC ruling make apps and services expensive in other countries? </strong></p>
<p style="text-align: justify; ">While Pai’s jurisdiction does not extend beyond the United States, his tirades against a free internet will most definitely have rippling effects across the world. More importantly, it will raise the cost of operations of companies like Netflix and Amazon who will have to hire legal experts and lobbyists to negotiate deals with service providers. That extra cost will be burdened on the US consumers of course, but since they have a large international presence, it is likely that the extra cost will trickle down to users outside the US as well.</p>
<p style="text-align: justify; ">And that’s not just the streaming companies. All the tech giants hail from the US and it is only logical that a rise in their costs of operation will have an impact on their global operations.</p>
<p style="text-align: justify; ">Although, if the level playing field in the US is disrupted, companies will look for greener pastures and if that means moving out of the US to other countries, it could happen.</p>
<p style="text-align: justify; "><strong>How will FCC’s decision impact India?</strong></p>
<p style="text-align: justify; ">While US is grappling with such a reality, Indians fought against it and won. Or did they? Last year, after Airtel and Facebook were asked to drop their plans for differential pricing, TRAI <a href="https://www.digit.in/telecom/net-neutrality-20-is-india-facing-internet-traffic-discrimination-33384.html" target="_blank">released a paper on net neutrality and differential pricing</a>to finalise its views on the matter. The regulatory body released a 14-question long consultation paper seeking comments on internet traffic management from the public.</p>
<p style="text-align: justify; ">“Increasingly, concerns have been raised globally relating to discriminatory treatment of Internet traffic by access providers. These concerns relating to nondiscriminatory access have become the centre of a global policy debate. The purpose of this second stage of consultation is to proceed towards the formulation of final views on policy or regulatory interventions, where required, on the subject of NN,” the <a href="https://trai.gov.in/consultation-paper-net-neutrality-11" rel="Nofollow" target="_blank">paper</a> read.</p>
<p style="text-align: justify; ">“Net Neutrality being repealed in the US will hurt innovation in that country, and will lead to a consolidation of power with those Internet companies which have the money to partner with US carriers. This hurts Indian product startups, because it means that their apps may not be as easily available to users in the US. The Internet is one world, and we need the same Internet to be available everywhere, across the world: one Internet for the entire world,” Nikhil Pahwa, Co-Founder of Internet Freedom Foundation told Digit.</p>
<p style="text-align: justify; ">That means, essentially, the debate on net neutrality is not over in India. In fact, both RS Sharma, the Chairman of TRAI and FCC’s Ajit Pai agree on the need to bridge the digital divide. Both are exploring ways to keep the internet open while providing access to the unconnected. Thankfully, both differs on the approach to meet that goal.</p>
<p style="text-align: justify; ">Pai believes the internet should be left unregulated despite the “hypothetical harms” to the consumer. He thinks the current rules were put in place to avoid theoretical harms which were not based on hard evidence. Pai claims there should be evidence-based regulation of the internet.</p>
<p style="text-align: justify; ">Sharma, in contrast, disagrees on an evidence-based approach.</p>
<p style="text-align: justify; ">“The TRAI's view of Net Neutrality has so far been diametrically opposite to Ajit Pai's FCC, and with good reason. Net Neutrality ensures that all ISPs and telecom operators act as exchanges of data between users, and do not discriminate on the basis of the type or source of that data. This allows for permission-less innovation on the Internet, which has given us the Internet that we have today,” Pahwa added.</p>
<p style="text-align: justify; "><strong>Will India’s stance on net neutrality change after the FCC’s decision? </strong></p>
<p style="text-align: justify; ">Rajan Mathews, Director General of Cellular Operators Association of India believes the FCC’s decision will no doubt have some impact on the path India takes.</p>
<p style="text-align: justify; ">“I think the policymakers will look at the decision the US makes. They had taken their decision as a point of reference before and the FCC’s ruling is too large an issue to not look at it. Both the DoT (Department of Telecom) and TRAI will have to reevaluate their approach in the context of the what happens in the US,” he said.</p>
<p style="text-align: justify; ">“Net neutrality approach in both countries is still in flux and India is going to tread lightly on net neutrality issues,” he added. As per Mathews, in India, the situation is different from the US where a handful of telecom companies and ISPs wield control of the entire country. In India, there is a licensed environment which provides a minimal standard of net neutrality, which is applied across the board and everybody who is providing a similar service is made to follow similar guidelines.</p>
<p style="text-align: justify; ">However, Mathews did attribute India’s efforts to enforce net neutrality to the United States’ efforts to place the rules in the first place in 2015 under the Obama administration, when internet was deemed as a public utility, same as electricity or telephone.</p>
<p style="text-align: justify; ">“Net neutrality in India emerged from the US definition. Now that they are going to repeal it, people in India who were looking at the US as a model will evaluate the implications of the move,” Mathews elaborated.</p>
<p style="text-align: justify; ">The US is looking to implement an ex-post approach to regulating the internet wherein the ISPs and telcos will adopt a free market approach and will only be investigated if they violate a rule. India, Mathews says, is adopting an ex-ante approach where there will be some commonly accepted criteria of net neutrality, but operators will have the ability to manage their traffic to ensure quality of service.</p>
<p style="text-align: justify; ">Minister of Information and Broadcasting, Ravi Shankar Prasad also helped alleviate fears of India following suit. During the Global Summit for Cyberspace Security held yesterday, he said, "The citizens' right of accessing the internet is "non-negotiable" and the government will not allow any company to restrict people's entry to the worldwide web."</p>
<p style="text-align: justify; ">Prime Minister Narendra Modi also came in support of net neutrality in India. He tweeted, "The internet, by nature, is inclusive and not exclusive. It offers equity of access and equality of opportunity."</p>
<p style="text-align: justify; ">Pahwa, who fought hard against Airtel and Facebook to ensure the internet remains neutral, was confident the decision won’t affect India’s stance on net neutrality. However, he is apprehensive that Indian telecom companies might borrow a leaf from their US counterparts and lobby hard to repeal the rules.</p>
<p style="text-align: justify; ">“I don't think the FCC decision affects the Indian regulation in any way, because the Indian regulator TRAI has already established strong and well rooted principles for Net Neutrality regulations in India. The only thing that worries me is that Indian telecom operators will use the developments in the US to push back against Net Neutrality with renewed vigour,” he said.</p>
<p style="text-align: justify; ">So, on the face of it, while India is well insulated from the catastrophe the United States has embarked upon, it is important to watch what the US is doing closely and make sure we don’t repeat their mistakes here.</p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/news/digit-in-subhrojit-mallick-november-24-2017-why-you-should-keep-a-close-eye-on-the-net-neutrality-debate-in-the-us'>https://cis-india.org/internet-governance/news/digit-in-subhrojit-mallick-november-24-2017-why-you-should-keep-a-close-eye-on-the-net-neutrality-debate-in-the-us</a>
</p>
No publisherAdminNet NeutralityInternet Governance2018-01-18T14:50:52ZNews Item‘Hurt sentiments’ cost Udaipur internet access for four days
https://cis-india.org/internet-governance/blog/2018hurt-sentiments2019-cost-udaipur-internet-access-for-four-days
<b>Strap: Authorities suggest it was more than a Facebook post that led to shutdown.</b>
<p class="normal" style="text-align: justify; "><b>Udaipur:</b> In April 2017, a Facebook post led to 21-year-old Ibrahim* getting arrested and Rajasthan’s Udaipur city losing its mobile internet for four days (broadband banned only for first day). The authorities say the hateful content proliferating after Ibrahim’s social media post in praise of neighbouring nation Pakistan could be tackled only by curtailing internet service. Ibrahim’s family has since left the Fatehnagar locality where they were residing.</p>
<p class="normal" style="text-align: justify; ">“On April 19, an FIR was filed by Fatehnagar resident Rahul Chawda” stating that Ibrahim “is a Muslim and has commented on Facebook ‘<i>Pakistan zindabad tha, Pakistan zindabad hai aur Pakistan zindabad rahega</i>’, which had hurt their religious sentiments. People from Vishwa Hindu Parishad and Shiv Sena had also come along with Rahul to press that a case of sedition be filed,” Subhash Chand, head constable of Fatehnagar police station, told 101reporters.</p>
<p class="normal" style="text-align: justify; ">A case under section 153A (promoting enmity on grounds of religion, race, place of birth, etc.) of the Indian Penal Code (IPC) and section 67 of the Information Technology Act (punishment for publishing or transmitting obscene material in electronic form) was registered. “However, sedition charges were not registered as their report did not have sufficient basis for it,” Chand says.</p>
<p class="normal" style="text-align: justify; ">Ibrahim, an undergraduate, lived in a slum in Fatehnagar and did odd jobs to earn money. His father works as a taxi driver to support a family of four children. “Ibrahim had no past criminal record. His family left the locality after the incident. Their house is locked since past few months. He was arrested the same day when FIR was registered, but is presently out on bail,” says Gopal Lal Sharma, station house officer, Fatehnagar police station.</p>
<p class="normal" style="text-align: justify; ">In his locality though, Ibrahim’s reputation was that of a “notorious” boy. “His family was fed up with him. He used to post useless content on Facebook. The atmosphere in the city was tensed between the communities at that time. So, his post triggered the religious sentiments,” says Nadir Khan, 40, a neighbour.</p>
<p class="normal" style="text-align: justify; ">Udaipur police say the content posted by Ibrahim on social media was hateful and could’ve lead to clashes between communities. “Isn’t it enough to say the post was inflammatory?” replied Anand Shrivastava, inspector general of police (IG), Udaipur, when questioned about the content of Ibrahim’s post. “Such messages get easily viral on social media. Some people use Facebook and WhatsApp to spread hatred, but there is no particular site, or content that is blocked during internet shutdown. Accessibility to the internet is completely restricted,” he added.</p>
<p class="normal" style="text-align: justify; ">“Messages that could outrage the religious sentiments of the Hindu community were circulated, and we had to shut down internet in the district for four days,” Shrivastava says. When asked what happens if such inflammatory content finds its way back on internet once it is restored, the IG says, “We review the situation. If it is still in circulation, we can continue with the shutdown.”</p>
<p class="normal" style="text-align: justify; "><b>‘More than an FB post’</b></p>
<p class="normal" style="text-align: justify; ">Then Udaipur district magistrate Rohit Gupta, however, doesn’t attribute the shutdown to the post by Ibrahim. “It was not because of a particular kid. There were other reasons. Some incidents had happened in the city which led to a lot of improper posts being circulated on social media,” says Rohit Gupta, who is now the district magistrate for Kota.</p>
<p class="normal" style="text-align: justify; ">Explaining the administrative procedure behind an internet shutdown, Gupta says, “Based on a report from the police, many agencies, including intelligence and the affected party, are consulted about the decision to implement internet shutdown. Curtailing internet doesn’t allow the situation to aggravate further. Its fallout affects the general masses, too, but that happens even in the case of a curfew when we restrict people’s movement.”</p>
<p class="normal" style="text-align: justify; ">Gupta says internet shutdown is a preventive action to keep the situation from escalating into a full blown law and order problem. “People will then question why the administration didn’t act in time to prevent it.”</p>
<p class="normal" style="text-align: justify; ">While the administration ensured that banking and lease-line providers were not affected during the internet ban, several other businesses dependent on internet were affected.</p>
<p class="normal" style="text-align: justify; "><b>“Why all of us?”</b></p>
<p class="normal" style="text-align: justify; ">“If four people post hateful content on social media, why should 20 lakh others be punished? When police are unable to control a situation, the easiest way they have is to curtail the internet. I couldn’t work for four days. Many others, who depend on internet for work like me, were affected. They should ban only the social media,” says Chhatrapati Sarupria, an online graphic designer who <a href="https://timesofindia.indiatimes.com/city/jaipur/plea-to-quash-order-on-net-ban-in-udaipur/articleshow/58287646.cms">petitioned</a> the sessions and district court against the arbitrary suspension of internet services in Udaipur. <b></b></p>
<p class="normal" style="text-align: justify; ">Cyber experts feel there can be other ways to keep social and business activities out of the purview of ban during such law and order situation, but the competent authorities fail to make any attempts in this direction.</p>
<p class="normal" style="text-align: justify; ">“Internet shutdown is not the only solution. Since, there is no procedure to stop only the hateful content on social media, the only option left is to turn off the internet completely. Facebook has a ‘report abuse’ mechanism, which allows review and removal of any post that goes against the Facebook community standards. We need to work on better alternatives to control inflammatory content on social media. Only if such alternative ways are initiated now, they can be regulated as we progress,” says Mukesh Choudhary, a cyber expert.</p>
<p class="normal" style="text-align: justify; ">*Name changed to protect identity.</p>
<p class="normal" style="text-align: justify; "><b><i>(Shruti Jain is a Jaipur-based journalist and a member of </i></b><a href="https://101reporters.com/"><b><i>101Reporters.com</i></b></a><b><i>, a pan-India network of grassroots reporters.)</i></b></p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/2018hurt-sentiments2019-cost-udaipur-internet-access-for-four-days'>https://cis-india.org/internet-governance/blog/2018hurt-sentiments2019-cost-udaipur-internet-access-for-four-days</a>
</p>
No publisherShruti JainInternet ShutdownInternet Governance2018-01-19T13:51:51ZBlog EntryPaytm Payments Bank woos corporates with digital incentives
https://cis-india.org/internet-governance/news/livemint-komal-gupta-remya-nair-january-24-2018-paytm-payments-bank-woos-corporates-with-digital-incentives
<b>Offerings will be an incentive to companies already using Paytm e-wallet services to shift employees’ salary accounts to the bank, says Paytm Payments Bank CEO Renu Satti.</b>
<p style="text-align: justify; ">The article was published by Komal Gupta and Remya Nair was <a class="external-link" href="http://www.livemint.com/Industry/10K7o13Xrfk9xsXF5lGpIL/Paytm-Payments-Bank-woos-corporates-with-digital-incentives.html">published in Livemint</a> on January 24, 2018</p>
<hr style="text-align: justify; " />
<p style="text-align: justify; ">Looking to tap the ready customer base of salary accounts, Paytm Payments Bank is trying to attract corporate entities with digital offerings such as food and gift wallets for their employees.</p>
<p style="text-align: justify; ">The bank has set a target of reaching a customer base of 500 million over the next 2-3 years, managing director and chief executive Renu Satti said in an interview. The bank claims to have 170 million customers, including those using the Paytm e-wallet.</p>
<p style="text-align: justify; ">Satti said the offerings will be an incentive to companies already using Paytm e-wallet services to shift employees’ salary accounts to the bank. Around 500 corporate entities are using e-wallet services.</p>
<p style="text-align: justify; ">“These corporate offerings will ensure better accountability and convenience for both the employers and employees,” she said, giving the example of food wallets which are automatically debited when a customer buys food, due to the tagging of merchants done at the back-end by Paytm.</p>
<p style="text-align: justify; ">“We even offer customisation to the extent of restricting usage of food wallet to specific merchants like office cafeterias, basis requirement,” Satti said.</p>
<p style="text-align: justify; ">Food vouchers and gift coupons have been typically issued in a physical form by corporate entities, earlier as paper coupons and now as prepaid cards.</p>
<p style="text-align: justify; ">Paytm Payments Bank offers customers the convenience of using their food and gift wallets through the app across the merchant base of Paytm, Satti said. “It doesn’t require any card, which also does away with issues such as loss of card and expiry of coupons, plus avail the benefits of cashback running on any Paytm merchant,” she added.</p>
<p style="text-align: justify; ">Last week, Paytm Payments Bank launched physical debit cards for its customers to facilitate account holders to withdraw cash from ATMs and make offline payments. Hitherto, the bank had been issuing virtual debit cards which could only be used for online payments.</p>
<p style="text-align: justify; ">The bank also plans to set up around 100,000 banking outlets across the country in the next one year to cater largely to under-banked rural areas.</p>
<p style="text-align: justify; ">The list of these outlets will be available on the bank’s website where the customer will be able to access a range of services including net banking, National Electronic Funds Transfer (NEFT), Immediate Payment Service (IMPS) and Unified Payments Interface (UPI). There will be monetary incentives for these correspondents for every transaction they perform for the customer. These outlets could be a local kirana store or a chemist shop, Satti said.</p>
<p style="text-align: justify; "><span>“We will follow a stringent process to shortlist merchants. There will be screening, quality check, physical check to ensure whether the place is actually authorized to run a business,” she said.</span></p>
<p style="text-align: justify; "><span></span><span>The bank plans to onboard some from the existing merchant networks using Paytm wallets while others will be from areas where there is no Paytm presence as of now.</span></p>
<p style="text-align: justify; ">More than 6 million merchants are already a part of the Paytm ecosystem, primarily using wallet services.</p>
<p style="text-align: justify; ">Paytm Payments Bank was launched in November after receiving a payments bank license from RBI in January last year. Vijay Shekhar Sharma, founder of One97 Communications, holds the majority share in Paytm Payments Bank, with the rest being held by One97 Communications.</p>
<p style="text-align: justify; ">The bank currently has no minimum balance requirements and offers 4% interest on savings deposits. India has three other operational payment banks—Airtel Payments Bank, India Post Payments Bank and Fino Payments Bank. “The traditional banks that offer customized corporate services to its customers having a high amount of deposits would face competition from payments banks. They will have no other option but to offer those services to customers with deposits at the Payments bank limits, to stay relevant in the market,” said Udbhav Tiwari, programme manager at the Centre for Internet and Society, a Bengaluru-based think tank.</p>
<p style="text-align: justify; ">“Also, as a payment company, Paytm has data pertaining to the spending patterns of customers which help it be more competitive in the market,” he added.</p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/news/livemint-komal-gupta-remya-nair-january-24-2018-paytm-payments-bank-woos-corporates-with-digital-incentives'>https://cis-india.org/internet-governance/news/livemint-komal-gupta-remya-nair-january-24-2018-paytm-payments-bank-woos-corporates-with-digital-incentives</a>
</p>
No publisherAdminDigital MoneyInternet Governance2018-01-24T23:52:36ZNews ItemJanuary 2018 Newsletter
https://cis-india.org/about/newsletters/Qjanuary-2018-newsletter
<b>January 2018 Newsletter</b>
<p style="text-align: justify; "><span>Dear readers,</span></p>
<p style="text-align: justify; ">Previous issues of the newsletters can be <a class="external-link" href="http://cis-india.org/about/newsletters">accessed here</a>.</p>
<hr style="text-align: justify; " />
<table class="plain">
<tbody>
<tr>
<th>Highlights</th>
</tr>
<tr>
<td>
<ul>
<li style="text-align: justify; ">The paper titled <a class="external-link" href="https://cis-india.org/a2k/blogs/patent-working-requirements-and-complex-products">"Patent Working Requirements and Complex Products" </a>has been published in the latest issue of the NYU Journal of Intellectual Property and Entertainment Law. It is one of the outputs of the Pervasive Technology project and has been authored by Prof. Jorge L. Contreras, Paxton M. Lewis, and Rohini Lakshané.</li>
<li style="text-align: justify; ">CIS <a class="external-link" href="https://cis-india.org/a2k/blogs/submission-to-dipp-at-meeting-with-ip-stakeholders">made a submission to the Department of Industrial Planning and Promotion on mobile patents</a>. CIS offered its assistance on matters aimed at developing a suitable policy framework for SEPs and FRAND in India, and, working towards sustained innovation, manufacture and availability of mobile technologies in India</li>
<li style="text-align: justify; ">The use of Artificial Intelligence (AI) in healthcare in India is increasing with new startups and large ICT companies offering AI solutions for healthcare challenges in the country. <a class="external-link" href="https://cis-india.org/internet-governance/blog/artificial-intelligence-and-the-healthcare-industry-in-india" style="text-align: left; ">The report</a><span style="text-align: left; "> by </span><span>by Yesha Paul, Elonnai Hickok, Amber Sinha and Udbhav Tiwari <span>seeks to map the present state of AI in the healthcare sector in India.</span></span></li>
<li style="text-align: justify; "><span><span>About 27% of India's population is still illiterate or barely literate. Most privacy policies and terms of services for web and mobile applications are in English and therefore it is only 10% of us who can actually read them before we provide our consent. The article by Sunil Abraham was <a class="external-link" href="https://cis-india.org/internet-governance/blog/deccan-herald-january-20-2018-sunil-abraham-data-protection-we-can-innovate-leapfrog">published in Deccan Herald</a> on January 20, 2018.</span></span></li>
<li style="text-align: justify; "><span><span>CIS <a class="external-link" href="https://cis-india.org/telecom/blog/submission-to-trai-consultation-on-inputs-for-formulation-of-national-telecom-policy-2018">made a submission to TRAI Consultation</a> on inputs to the National Telecom Policy. CIS in its submission also recommended what all should be the main objectives of TRAI while drafting the next edition of National Telecom Policy.</span></span></li>
<li style="text-align: justify; "><span><span>Under a <a class="external-link" href="https://cis-india.org/raw/life-of-a-tuple-nrc-assam-citizen-identification-infrastructure">research grant from the Azim Premji University CIS</a> has initiated a study of the ongoing updation process of the National Register of Citizens (NRC) in Assam and the resultant reform of citizen identification infrastructure in India.</span></span></li>
<li style="text-align: justify; "><span><span>The <a class="external-link" href="https://cis-india.org/telecom/blog/business-standard-shyam-ponappa-january-3-2018-2g-judgment-of-december-2017">2G judgment of December 2017</a> provides a critique of how no proper evidence was presented on existence of an FCFS policy and its improper implementation, wrote Shyam Ponappa in his article in the Business Standard which was published on January 3, 2018. </span></span></li>
</ul>
</td>
</tr>
</tbody>
</table>
<p>The following articles were written by CIS members:</p>
<ul>
<li><a class="external-link" href="https://cis-india.org/raw/indian-express-nishant-shah-december-3-2017-digital-native-memory-card-is-full">Digital native: Memory card is full</a><span> (Nishant Shah; Indian Express; January 3, 2018).</span></li>
<li><a class="external-link" href="https://cis-india.org/telecom/blog/business-standard-shyam-ponappa-january-3-2018-2g-judgment-of-december-2017">The 2G Judgment of December 2017: What Was It About?</a> (Shyam Ponappa; Business Standard; January 3, 2018).</li>
<li><a class="external-link" href="https://cis-india.org/internet-governance/blog/business-standard-sunil-abraham-january-10-fixing-aadhaar">Fixing Aadhaar: Security developers' task is to trim chances of data breach</a> (Sunil Abraham; Business Standard; January 10, 2018).</li>
<li><a class="external-link" href="https://cis-india.org/internet-governance/blog/governance-now-elonnai-hickok-another-step-towards-privacy-law-data-protection">Another Step towards Privacy Law</a> (Elonnai Hickok; Governance Now; January 15, 2018).</li>
</ul>
<ul>
<li><a class="external-link" href="https://cis-india.org/internet-governance/blog/deccan-herald-january-20-2018-sunil-abraham-data-protection-we-can-innovate-leapfrog">Data Protection: We can innovate, leapfrog</a> (Sunil Abraham; Deccan Herald; January 20, 2018).</li>
</ul>
<p><span><br />CIS in the News:</span></p>
<ul>
<li style="text-align: justify; "><a class="external-link" href="https://cis-india.org/internet-governance/news/economic-times-surabhi-agarwal-and-samanwaya-rautray-from-net-neutrality-to-ibc-and-aadhaar-how-vidhi-is-framing-key-government-legislation">From net neutrality to IBC & Aadhaar, how Vidhi is framing key government legislation</a> (Surabhi Agarwal and Samanwaya Rautray; Economic Times; January 4, 2018).</li>
<li style="text-align: justify; "><a class="external-link" href="https://cis-india.org/internet-governance/news/livemint-komal-gupta-january-7-2018-uidai-denies-any-breach-of-aadhaar-database">UIDAI denies any breach of Aadhaar database</a> (Komal Gupta; Livemint; January 7, 2018).</li>
<li style="text-align: justify; "><a class="external-link" href="https://cis-india.org/internet-governance/news/livemint-january-9-2018-manasa-venkataraman-ajay-patri-token-security-or-tokenized-security">Token security or tokenized security?</a> (Manasa Venkataraman and Ajay Patri; Livemint; January 9, 2018).</li>
<li style="text-align: justify; "><a class="external-link" href="https://cis-india.org/internet-governance/news/economic-times-january-11-2018-uidai-introduces-new-two-layer-security-system-to-improve-aadhaar-privacy">UIDAI introduces new two-layer security system to improve Aadhaar privacy</a> (Economic Times; January 11, 2018).</li>
<li style="text-align: justify; "><a class="external-link" href="https://cis-india.org/internet-governance/news/indian-express-january-11-2018-">Hammered government offers Virtual ID firewall to protect your Aadhaar </a>(New Indian Express; January 11, 2018).</li>
<li style="text-align: justify; "><a class="external-link" href="https://cis-india.org/internet-governance/news/hindu-yuthika-bhargava-january-11-2018-virtual-aadhaar-id-too-little-too-late">Virtual Aadhaar ID: too little, too late?</a> (Yuthika Bhargava; Hindu; January 11, 2018).</li>
<li style="text-align: justify; "><a class="external-link" href="https://cis-india.org/internet-governance/news/bloomberg-quint-january-11-2018-india-to-introduce-virtual-id-for-aadhaar-to-strengthen-privacy">India To Introduce Virtual ID For Aadhaar To Strengthen Privacy</a> (Bloomberg Quint; January 11, 2018).</li>
<li style="text-align: justify; "><a class="external-link" href="https://cis-india.org/internet-governance/news/uidais-virtual-id-limited-kyc-does-little-to-protect-aadhaar-data-already-collected-say-critics">UIDAI's Virtual ID, limited KYC does little to protect Aadhaar data already collected, say critics</a> (Business Today; January 12, 2018).</li>
<li style="text-align: justify; "><a class="external-link" href="https://cis-india.org/internet-governance/news/ndtv-sukriti-dwivedi-january-13-2018-aadhaar-body-talked-about-virtual-id-7-years-ago-put-it-off-uidai-chief">Aadhaar Body Talked About Virtual ID 7 Years Ago, Put It Off: UIDAI Chief</a> (Sukriti Dwivedi; NDTV; January 13, 2018).</li>
<li style="text-align: justify; "><a class="external-link" href="https://cis-india.org/internet-governance/news/deccan-herald-january-14-2018-pranshu-rathee-bengaluru-gives-data-safety-tips-to-panel">Bengaluru gives data safety tips to panel </a>(Deccan Herald; January 14, 2018).</li>
<li style="text-align: justify; "><a class="external-link" href="https://cis-india.org/internet-governance/news/hindu-businessline-january-16-2018-sravanthi-challapalli-is-your-personal-information-under-lock-and-key">Is your personal information under lock and key?</a> (Sravanthi Challapalli; Hindu Businessline; January 16, 2018).</li>
<li style="text-align: justify; "><a class="external-link" href="https://cis-india.org/internet-governance/news/first-post-january-18-2018-aadhaar-privacy-debate-how-the-12-digit-number-went-from-personal-identifier-to-all-pervasive-transaction-tool">Aadhaar-privacy debate: How the 12-digit number went from personal identifier to all pervasive transaction tool</a> (First Post; January 18, 2018).</li>
<li style="text-align: justify; "><a class="external-link" href="https://cis-india.org/internet-governance/news/livemint-komal-gupta-remya-nair-january-24-2018-paytm-payments-bank-woos-corporates-with-digital-incentives">Paytm Payments Bank woos corporates with digital incentives</a> (Komal Gupta and Remya Nair; Livemint; January 24, 2018).</li>
<li style="text-align: justify; "><a class="external-link" href="https://cis-india.org/internet-governance/news/business-standard-january-25-2018-alnoor-peermohamed-aadhaars-new-security-measures-are-good-it-is-still-work-in-progress">Aadhaar's new security measures are good, it is still work in progress</a> (Alnoor Peermohamed; Business Standard; January 25, 2018).</li>
</ul>
<p style="text-align: justify; "><strong>-----------------------------------</strong><br /><a href="http://cis-india.org/a2k">Access to Knowledge</a> <br /><strong>----------------------------------- </strong><br />Our Access to Knowledge programme currently consists of two projects. The Pervasive Technologies project, conducted under a grant from the International Development Research Centre (IDRC), aims to conduct research on the complex interplay between low-cost pervasive technologies and intellectual property, in order to encourage the proliferation and development of such technologies as a social good. The Wikipedia project, which is under a grant from the Wikimedia Foundation, is for the growth of Indic language communities and projects by designing community collaborations and partnerships that recruit and cultivate new editors and explore innovative approaches to building projects.</p>
<p style="text-align: justify; ">►Wikipedia</p>
<p style="text-align: justify; "><strong>Blog Entries</strong></p>
<ul>
<li><a class="external-link" href="https://cis-india.org/a2k/blogs/government-of-odisha-adopting-creative-commons-license-to-promote-transparency-and-access-to-knowledge">Government of Odisha adopting Creative Commons License to Promote Transparency and Access to Knowledge</a> (Sailesh Patnaik; January 17, 2018).</li>
<li><a class="external-link" href="https://cis-india.org/a2k/blogs/experience-and-learning-outcome-from-wikipedia-education-program">Experience and Learning outcome from Wikipedia Education Program</a> (Lakshmi Karlekar; January 30, 2018).</li>
</ul>
<p style="text-align: justify; "><strong>Events Organized</strong></p>
<ul>
<li><a class="external-link" href="https://meta.wikimedia.org/wiki/Marathi_Wikipedia_Workshop_at_Dept._of_Mass_Communication,_Solapur_University">Marathi Wikipedia Workshop at Dept. of Mass Communication, Solapur University</a> (Organized by CIS-A2K and Dept of Mass Communication, Solapur University; Solapur; January 2, 2018).</li>
<li><a class="external-link" href="https://meta.wikimedia.org/wiki/Marathi_Wikipedia_Workshop_at_Dayanand_College,_Solapur">Marathi Wikipedia Workshop at Dayanand College, Solapur</a> (Organized by CIS-A2K and Dayanand College, Solapur; Solapur; January 3, 2018).</li>
<li><a class="external-link" href="https://meta.wikimedia.org/wiki/Marathi_Wikipedia_Workshop_at_Willingdon_College,_Sangli">Marathi Wikipedia Workshop at Willingdon College, Sangli</a> (Organized by CIS-A2K and Willingdon College; Sangli; January 5, 2018).</li>
<li><a class="external-link" href="https://meta.wikimedia.org/wiki/Marathi_Wikipedia_Workshop_at_Govt.Science_%26_Arts_College,_Aurangabad">Marathi Wikipedia Workshop at Govt.Science & Arts College, Aurangabad</a> (Organized by CIS-A2K and Govt.Science & Arts College; Aurangabad; January 9, 2018).</li>
<li><a class="external-link" href="https://meta.wikimedia.org/wiki/Marathi_Wikipedia_Workshop_at_Dr.Babasaheb_Ambedkar_Marathwada_Vidyapeeth">Marathi Wikipedia Workshop at Dr.Babasaheb Ambedkar Marathwada Vidyapeeth</a> (Organized by CIS-A2K and Dr. Babasaheb Ambedkar Marathwada University; Aurangabad; January 10, 2018).</li>
<li><a class="external-link" href="https://meta.wikimedia.org/wiki/Marathi_Wikipedia_Workshop_at_Shivaji_University,_Kolhapur">Marathi Wikipedia Workshop at Shivaji University, Kolhapur </a>(Organized by CIS-A2K and Shivaji University; Kolhapur; January 15, 2018).</li>
<li><a class="external-link" href="https://te.wikipedia.org/wiki/%E0%B0%B5%E0%B0%BF%E0%B0%95%E0%B1%80%E0%B0%AA%E0%B1%80%E0%B0%A1%E0%B0%BF%E0%B0%AF%E0%B0%BE:%E0%B0%B5%E0%B0%BF%E0%B0%95%E0%B1%80%E0%B0%AA%E0%B1%8D%E0%B0%B0%E0%B0%BE%E0%B0%9C%E0%B1%86%E0%B0%95%E0%B1%8D%E0%B0%9F%E0%B1%81/%E0%B0%86%E0%B0%82%E0%B0%A7%E0%B1%8D%E0%B0%B0_%E0%B0%B2%E0%B1%8A%E0%B0%AF%E0%B1%8B%E0%B0%B2_%E0%B0%95%E0%B0%B3%E0%B0%BE%E0%B0%B6%E0%B0%BE%E0%B0%B2/2018/%E0%B0%B5%E0%B0%BF%E0%B0%95%E0%B1%80%E0%B0%A1%E0%B1%87%E0%B0%9F%E0%B0%BE_%E0%B0%95%E0%B0%BE%E0%B0%B0%E0%B1%8D%E0%B0%AF%E0%B0%B6%E0%B0%BE%E0%B0%B2_-_%E0%B0%9C%E0%B0%A8%E0%B0%B5%E0%B0%B0%E0%B0%BF">Wikidata Workshop</a> (Organized by CIS-A2K and Andhra Loyola College; Vijaywada; January 20 - 21, 2018).</li>
<li><a class="external-link" href="https://cis-india.org/a2k/events/train-the-trainer-2018">Train the Trainer 2018</a> (Organized by CIS-A2K; Mysore; January 26 - 28, 2018).</li>
</ul>
<p><span style="text-align: justify; ">►</span><span style="text-align: justify; ">Pervasive Technologies</span></p>
<p style="text-align: justify; "><strong>Research Paper</strong></p>
<ul>
<li><a class="external-link" href="https://cis-india.org/a2k/blogs/patent-working-requirements-and-complex-products">Patent Working Requirements and Complex Products</a> (Jorge L. Contreras, Rohini Lakshané and Paxton M. Lewis; JIPEL NYU Journal of Intellectual Property & Entertainment Law, Vol. 7 - No.1 on January 16, 2018). </li>
</ul>
<p><strong>Submission</strong></p>
<ul>
<li><a class="external-link" href="https://cis-india.org/a2k/blogs/submission-to-dipp-at-meeting-with-ip-stakeholders">Submission to DIPP at Meeting with IP Stakeholders</a> (Anubha Sinha; January 1, 2018). <i>The submission was made in December 2017 but it was published on the website in January 2018</i>.</li>
</ul>
<p>►Openness</p>
<div style="text-align: justify; ">Our work in the Openness programme focuses on open data, especially open government data, open access, open education resources, open knowledge in Indic languages, open media, and open technologies and standards - hardware and software. We approach openness as a cross-cutting principle for knowledge production and distribution, and not as a thing-in-itself.</div>
<div style="text-align: justify; "><strong>-----------------------------------</strong><span style="text-align: justify; "> </span>
<p style="text-align: justify; "><a href="http://cis-india.org/internet-governance">Internet Governance</a> <br /><strong>-----------------------------------</strong></p>
<p style="text-align: justify; ">As part of its research on privacy and free speech, CIS is engaged with two different projects. The first one (under a grant from Privacy International and IDRC) is on surveillance and freedom of expression (SAFEGUARDS). The second one (under a grant from MacArthur Foundation) is on restrictions that the Indian government has placed on freedom of expression online.</p>
<ul style="text-align: justify; ">
</ul>
<p style="text-align: justify; ">►Privacy</p>
<ul style="text-align: justify; ">
</ul>
<p style="text-align: justify; "><strong>Blog Entry</strong></p>
<ul>
<li><a class="external-link" href="https://cis-india.org/internet-governance/blog/artificial-intelligence-and-the-healthcare-industry-in-india">Artificial Intelligence and the Healthcare Industry in India</a> (Yesha Paul, Elonnai Hickok, Amber Sinha and Udbhav Tiwari (Ecosystem mapping by Shweta Mohandas, Sidharth Ray and Elonnai Hickok. Designed by Saumyaa Naidu under Creative Commons Attribution 4.0 International License; January 26, 2018).</li>
</ul>
<div><strong>
<p style="text-align: justify; ">Events Organized</p>
<ul>
<li><a class="external-link" href="https://cis-india.org/internet-governance/events/roundtable-on-ai-and-manufacturing-and-services">Roundtable on A.I. and Manufacturing and Service</a>s (TERI, Bengaluru; January 19, 2018).</li>
<li><a class="external-link" href="https://cis-india.org/internet-governance/events/null-bangalore-meet-january-19">null Bangalore Meet: Special Session on Digital Identity and Privacy</a> (CIS, Bengaluru; January 19, 2018). Sunil Abraham gave a talk.</li>
</ul>
<br />
<p style="text-align: justify; ">►Free Speech and Expression</p>
<p style="text-align: justify; ">Blog Entries</p>
<ul>
<li><a class="external-link" href="https://cis-india.org/internet-governance/blog/internet-governance-forum-report-2017">Internet Governance Forum Report 2017</a> (Shweta Mohandas; January 11, 2018).</li>
<li><a class="external-link" href="https://cis-india.org/internet-governance/blog/mobile-net-ban-during-peaceful-protest-leaves-farmers-confused">Mobile net ban during peaceful protest leaves farmers confused</a> (Shruti Jain; January 19, 2018).</li>
<li><a class="external-link" href="https://cis-india.org/internet-governance/blog/2018hurt-sentiments2019-cost-udaipur-internet-access-for-four-days">‘Hurt sentiments’ cost Udaipur internet access for four days</a> (Shruti Jain; January 19, 2018).</li>
</ul>
</strong></div>
<div><span style="text-align: justify; "><strong><strong>-----------------------------------</strong></strong><span style="text-align: justify; "> </span>
<p style="text-align: justify; "><strong><a href="http://cis-india.org/telecom">Telecom</a> <br /><strong>----------------------------------- </strong><br /></strong><span>CIS is involved in promoting access and accessibility to telecommunications services and resources, and has provided inputs to ongoing policy discussions and consultation papers published by TRAI. It has prepared reports on unlicensed spectrum and accessibility of mobile phones for persons with disabilities and also works with the USOF to include funding projects for persons with disabilities in its mandate:</span></p>
<p style="text-align: justify; "><strong>Article </strong></p>
<ul>
<li><a class="external-link" href="https://cis-india.org/telecom/blog/submission-to-trai-consultation-on-inputs-for-formulation-of-national-telecom-policy-2018">Submission to TRAI Consultation on "Inputs for Formulation of National Telecom Policy - 2018"</a> (Pranesh Prakash; January 25, 2018).</li>
</ul>
<div>
<p style="text-align: justify; "><strong>-----------------------------------</strong><br /><a href="http://cis-india.org/raw">Researchers at Work</a> <br /><strong>----------------------------------- </strong><br /><span>The Researchers at Work (RAW) programme is an interdisciplinary research initiative driven by an emerging need to understand the reconfigurations of social practices and structures through the Internet and digital media technologies, and vice versa. It aims to produce local and contextual accounts of interactions, negotiations, and resolutions between the Internet, and socio-material and geo-political processes:</span></p>
<p style="text-align: justify; "><strong>Blog Entry</strong></p>
<ul>
<li><strong><a class="external-link" href="https://cis-india.org/raw/life-of-a-tuple-nrc-assam-citizen-identification-infrastructure">Life of a Tuple: National Register of Citizens (NRC) and the Reform of Citizen Identification Infrastructure in Assam</a> (Sumandro Chattapadhyay; January 22, 2018). All posts related to the study can be <a class="external-link" href="https://cis-india.org/raw/life-of-a-tuple/">found here</a>.</strong></li>
</ul>
<p style="text-align: justify; "><strong><strong><br /><span>-----------------------------------<br /></span></strong></strong><a href="http://cis-india.org/">About CIS<br /></a><span>----------------------------------- </span></p>
<div class="keyResearch">
<div id="parent-fieldname-text-8a5942eb6f4249c5b6113fdd372e636c">
<div style="text-align: justify; ">
<p>The Centre for Internet and Society (CIS) is a non-profit organisation that undertakes interdisciplinary research on internet and digital technologies from policy and academic perspectives. The areas of focus include digital accessibility for persons with disabilities, access to knowledge, intellectual property rights, openness (including open data, free and open source software, open standards, open access, open educational resources, and open video), internet governance, telecommunication reform, digital privacy, and cyber-security. The academic research at CIS seeks to understand the reconfigurations of social and cultural processes and structures as mediated through the internet and digital media technologies.</p>
<p>► Follow us elsewhere</p>
<div>
<ul>
<li>Twitter:<a href="http://twitter.com/cis_india"> http://twitter.com/cis_india</a></li>
<li>Twitter - Access to Knowledge: <a href="https://twitter.com/CISA2K">https://twitter.com/CISA2K</a></li>
<li>Twitter - Information Policy: <a href="https://twitter.com/CIS_InfoPolicy">https://twitter.com/CIS_InfoPolicy</a></li>
<li>Facebook - Access to Knowledge:<a href="https://www.facebook.com/cisa2k"> https://www.facebook.com/cisa2k</a></li>
<li>E-Mail - Access to Knowledge: <a>a2k@cis-india.org</a></li>
<li>E-Mail - Researchers at Work: <a>raw@cis-india.org</a></li>
<li>List - Researchers at Work: <a href="https://lists.ghserv.net/mailman/listinfo/researchers">https://lists.ghserv.net/mailman/listinfo/researchers</a></li>
</ul>
</div>
<p>► Support Us</p>
<div>Please help us defend consumer and citizen rights on the Internet! Write a cheque in favour of 'The Centre for Internet and Society' and mail it to us at No. 194, 2nd 'C' Cross, Domlur, 2nd Stage, Bengaluru - 5600 71.</div>
<p>► Request for Collaboration</p>
<div>
<p>We invite researchers, practitioners, artists, and theoreticians, both organisationally and as individuals, to engage with us on topics related internet and society, and improve our collective understanding of this field. To discuss such possibilities, please write to Sunil Abraham, Executive Director, at sunil@cis-india.org (for policy research), or Sumandro Chattapadhyay, Research Director, at sumandro@cis-india.org (for academic research), with an indication of the form and the content of the collaboration you might be interested in. To discuss collaborations on Indic language Wikipedia projects, write to Tanveer Hasan, Programme Officer, at <a>tanveer@cis-india.org</a>.</p>
<div><em>CIS is grateful to its primary donor the Kusuma Trust founded by Anurag Dikshit and Soma Pujari, philanthropists of Indian origin for its core funding and support for most of its projects. CIS is also grateful to its other donors, Wikimedia Foundation, Ford Foundation, Privacy International, UK, Hans Foundation, MacArthur Foundation, and IDRC for funding its various projects</em>.</div>
</div>
<div></div>
</div>
<ul style="text-align: justify; ">
</ul>
</div>
</div>
<div id="viewlet-below-content-body">
<div class="visualClear"></div>
<div class="documentActions"></div>
</div>
<ul style="text-align: justify; ">
</ul>
</div>
<ul style="text-align: justify; ">
</ul>
</span></div>
<ul style="text-align: justify; ">
</ul>
</div>
<div></div>
<ul>
</ul>
<p>
For more details visit <a href='https://cis-india.org/about/newsletters/Qjanuary-2018-newsletter'>https://cis-india.org/about/newsletters/Qjanuary-2018-newsletter</a>
</p>
No publisherpraskrishnaAccess to KnowledgeTelecomAccessibilityInternet GovernanceResearchers at Work2018-03-01T01:35:56ZPageCIS Submission to the Committee of Experts on a Data Protection Framework for India
https://cis-india.org/internet-governance/blog/cis-submission-to-the-committee-of-experts-on-a-data-protection-framework-for-india
<b>This submission presents comments by the Centre for Internet and Society, India (“CIS”) on the ‘White Paper of the Committee of Experts on a Data Protection Framework for India’ (“White Paper”) released by the Ministry of Electronics and Information Technology. The White paper was drafted by a Committee of Expert (“Committee”) constituted by the Ministry. CIS has conducted research on the issues of privacy, data protection and data security since 2010 and is thankful for the opportunity to put forth its views. The submission was made on January 31, 2018.</b>
<p><span>The submission is divided into four parts — I. Preliminary, II. Scope and Exemption, III. Grounds of Processing, Obligations of Entities and Individual Rights and IV. Regulation and Enforcement. The submission follows the same the order as adopted by the White Paper.</span></p>
<h4></h4>
<p><b>Please access the <a class="external-link" href="http://cis-india.org/internet-governance/files/data-protection-submission">full submission here</a>.</b></p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/cis-submission-to-the-committee-of-experts-on-a-data-protection-framework-for-india'>https://cis-india.org/internet-governance/blog/cis-submission-to-the-committee-of-experts-on-a-data-protection-framework-for-india</a>
</p>
No publisheramberInternet GovernanceData ProtectionPrivacy2018-04-18T16:39:11ZBlog EntrySubmission to the Committee of Experts on a Data Protection Framework for India
https://cis-india.org/internet-governance/submission-to-the-committee-of-experts-on-a-data-protection-framework-for-india
<b>This submission presents comments by the Centre for Internet and Society, India (“CIS”) on the ‘White Paper of the Committee of Experts on a Data Protection Framework for India’ (“White Paper”) released by the Ministry of Electronics and Information Technology. The White paper was drafted by a Committee of Expert (“Committee”) constituted by the Ministry. CIS has conducted research on the issues of privacy, data protection and data security since 2010 and is thankful for the opportunity to put forth its views. The submission was made on January 31, 2018.</b>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/submission-to-the-committee-of-experts-on-a-data-protection-framework-for-india'>https://cis-india.org/internet-governance/submission-to-the-committee-of-experts-on-a-data-protection-framework-for-india</a>
</p>
No publisheramberData GovernanceInternet GovernanceData ProtectionPrivacy2018-02-05T13:39:00ZFileStatement of Solidarity on Freedom of Expression and Safety of Internet Users in Bangladesh
https://cis-india.org/internet-governance/blog/statement-of-solidarity-asif-mohiuddin
<b>This is a statement on the violent attack on blogger Asif Mohiuddin by the participants to the Third South Asian Meeting on the Internet and Freedom of Expression that took place in Dhaka, Bangladesh, on January 14–15, 2013.</b>
<p>Bangladeshi blogger Asif Mohiuddin was brutally attacked in a stabbing last evening. His condition is currently said to be critical. Violent attacks on mediapersons have led to at least four deaths in the past year. This trend is now extending to those writing online.</p>
<p>It is the duty of societies at large to ensure that principles we universally consider sacrosanct, such as the right to life and liberty and of freedom of expression are in fact ideas, and of the government to actively protect the rights guaranteed under the Constitution of Bangladesh and to ensure they are not just words on paper.</p>
<p>Article 39 of the Constitution of Bangladesh—and Article 19 of the Universal Declaration of Human Rights—guarantee both the freedom of thought and conscience, as well as the right of every citizen of freedom of speech and expression, and freedom of the press.</p>
<p>Article 32 of the Constitution of Bangladesh—and Article 3 of the Universal Declaration of Human Rights—guarantee that no person shall be deprived of life or personal liberty except by law.</p>
<p>The attack on Asif Mohiuddin constitutes a violation these fundamental principle by criminals, and we request the government to act decisively to show it will not tolerate such violations.</p>
<p>Reporters Without Borders note that "the ability of those in the media to work freely has deteriorated alarmingly in Bangladesh, which is now ranked 129th of 179 countries in the 2011-2012 World Press Freedom Index".</p>
<p>In general, the situation of those working as non-professional 'citizen journalists' is even worse. In a 2010 report, the UN Special Rapporteur wrote:
<blockquote>"Citizen journalists are by nature more isolated, they are more vulnerable to attack than professional journalists. However, citizen journalists enjoy less protection than their counterparts in traditional media, as they do not have the support of media organizations and networks, in particular the organizational resources, including lawyers and financial resources, which can help shield them from harassment."</blockquote>
This reality of greater vulnerability is equally applicable to those who do not self-identify as 'citizen journalists', but use social media to express unpopular opinions.</p>
<p>Keeping this in mind, we call upon the government on Bangladesh to carry out swift investigations into this particular incident and bring the perpetrators to justice, and to grant greater legal support to citizen journalists and ensure better protections for all those who use the Internet as a means of expression.</p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/statement-of-solidarity-asif-mohiuddin'>https://cis-india.org/internet-governance/blog/statement-of-solidarity-asif-mohiuddin</a>
</p>
No publisherpraneshFreedom of Speech and ExpressionSafetyStatementInternet Governance2013-01-15T11:51:44ZBlog EntryIs freedom of expression under threat in digital age?
https://cis-india.org/news/ians-news-is-freedomexpression-under-threat-in-digital-age
<b>With social networking site Facebook boasting of 1 billion members globally and micro-blogging site Twitter claiming millions, opinion was divided on whether the freedom of expression was under threat in the digital age.</b>
<hr />
<p>This article was originally published by<a class="external-link" href="http://in.news.yahoo.com/freedom-expression-under-threat-digital-age-035801134.html"> Indo Asian News Service</a> on January 16, 2013. It was also covered in <a class="external-link" href="http://www.business-standard.com/generalnews/ians/news/is-freedomexpression-under-threat-in-digital-age/110168/">Business Standard</a>, <a class="external-link" href="http://www.vancouverdesi.com/news/is-freedom-of-expression-under-threat-in-digital-age/453154/">Vancouver Desi</a>, <a class="external-link" href="http://www.dnaindia.com/scitech/report_is-freedom-of-expression-under-threat-in-digital-age_1789344">DNA</a>, and <a class="external-link" href="http://tech2.in.com/news/general/is-freedom-of-expression-under-threat-in-digital-age/695272">Tech2</a>. Sunil Abraham is quoted.</p>
<hr />
<p id="yui_3_5_1_19_1358402432026_232" style="text-align: justify; ">"Censorship of content should be the last resort as curbing a particular content online actually amplifies its spread over the internet," said <span class="cs4-ndcor yshortcuts" id="lw_1358308825_6">Sunil Abraham</span> from Centre for Internet and Society.</p>
<p id="yui_3_5_1_19_1358402432026_224" style="text-align: justify; ">He was speaking at a panel discussion organised by London based <span class="cs4-ndcor yshortcuts" id="lw_1358308825_7">Index on Censorship</span> and the <span class="cs4-ndcor yshortcuts" id="lw_1358308825_1">Editors Guild of India</span> on the issue at the <span class="cs4-ndcor yshortcuts" id="lw_1358308825_3">India International Centre</span> Tuesday evening.</p>
<p id="yui_3_5_1_19_1358402432026_276" style="text-align: justify; ">"The government has refused to amend Section 66(A) of the IT Act which is used to curb free speech on the net," said Guild chief TN Ninan who moderated the debate. "The law treats digital media differently than the print media," he said.</p>
<p id="yui_3_5_1_19_1358402432026_230" style="text-align: justify; ">Director of Free Speech Debate, Oxford University, <span class="cs4-ndcor yshortcuts" id="lw_1358308825_5">Timothy Garton Ash</span> said, "There was no threat to the freedom of speech as internet was actually an opportunity for spreading freedom of expression."</p>
<p id="yui_3_5_1_19_1358402432026_289" style="text-align: justify; ">India with the large number of net users could act as swing state between two extremes of China which is trying to control the net and the US which champions free speech, he said.</p>
<p id="yui_3_5_1_19_1358402432026_296" style="text-align: justify; ">"The question is what are the legitimate limits of free speech rather than asking for unlimited speech," said Ash.</p>
<p style="text-align: justify; ">Ajit Balakrishnan, CEO and founder of online portal rediff.com, said "there was a sense of powerlessness among nation states as only local laws applied to any such violations."</p>
<p id="yui_3_5_1_19_1358402432026_277" style="text-align: justify; ">He said the internet was not so democratic as it sounded as the actual numbers of users who posted content on Facebook were just 8-9 million while the rest just watched. The same was with Twitter with just 7-8 percent users actually posting messages.</p>
<p style="text-align: justify; ">Kirsty Hughes, CEO, Index on Censorship, said "freedom of speech was universal" while noting a "worrying trend that increasingly governments were moving to control the internet."</p>
<p id="yui_3_5_1_19_1358402432026_284" style="text-align: justify; ">"The risks of such controls are that we could have a much more controlled, censored and fragmented internet," she said.</p>
<p id="yui_3_5_1_19_1358402432026_228" style="text-align: justify; ">Ramanjit Singh Chima of Google India stressed on the need to have laws to protect <span class="cs4-ndcor yshortcuts" id="lw_1358308825_4">internet freedom</span> as such curbs affected livelihood of many users and contributed to local economies.</p>
<p id="yui_3_5_1_19_1358402432026_295" style="text-align: justify; ">He said the internet allowed people to instantly collaborate and publish critical information during emergency situations.</p>
<p>
For more details visit <a href='https://cis-india.org/news/ians-news-is-freedomexpression-under-threat-in-digital-age'>https://cis-india.org/news/ians-news-is-freedomexpression-under-threat-in-digital-age</a>
</p>
No publisherpraskrishnaFreedom of Speech and ExpressionInternet GovernanceCensorship2013-01-17T06:16:09ZNews ItemWeb of Sameness
https://cis-india.org/internet-governance/blog/indianexpress-nishant-shah-january-12-2013-web-of-sameness
<b>The social Web has been an ominous space at the start of 2013. It has been awash with horror, pain and grief. The recent gang rape and death of a medical student in Delhi prevents one from being too optimistic about the year to come. My live feeds on various social networks are filled with rue and rage at the gruesome incident and the seeming depravity of our society. </b>
<hr />
<p>Nishant Shah's column was <a class="external-link" href="http://www.indianexpress.com/news/web-of-sameness/1058374/0">published in the Indian Express</a> on January 18, 2013.</p>
<hr />
<p style="text-align: justify; ">As I contemplate the event, I see that the Web has become a space for coping with pain and mitigating the horror of our lives. I feel comforted, when I go online, and see people grieving for a woman they never knew, and demanding better conditions for all. As I look at these resolves for change, battle cries demanding justice, and angry responses directed at imagined and imaginary perpetrators of these crimes, I realise that I have heard it all before, over and over again.</p>
<p style="text-align: justify; ">“Not Again!” has been the refrain of the year. If life were a musical, this would have been the persistent chorus line of 2012. From fighting against censorship and violation of privacy by government and corporations to acts of hatred, or from ridiculing the map glitches on the iPhone to seeing the growing stronghold of authoritarian forces over the social Web, we have repeatedly rolled our digital sleeves, gnashed our fingers on the keyboards and shouted in political solidarity, “Not Again!”. While this show of protest, this robust expression of change holds a promise of how things will change for the better, it is also a refrain that has lost its bite. What does it mean, this ability to repeatedly say “Not Again!” only to experience these horrors in despairing cyclic patterns?</p>
<p style="text-align: justify; ">I want to see how the social Web and the new public spheres online might offer us outlets for emotions but not necessarily platforms for action. Some of the earliest critiques of the Web expressed the fear that given the extreme customisation of social networks, we might soon reside only in digital echo chambers. In the heavily informatised ages that we live in, it is not uncommon to set up specific groups that we belong to, identify friends that we talk with, mark people we follow, set up circles we share in, and configure filters that help us receive information that is tailor-made to suit our personalised preferences. Unfortunately, this quest for selective information sampling often means that we separate the digital spaces of life from the physical ones, without even realising it. We might be seamlessly navigating these two spaces, not really caring for the distinctions of “virtual reality” and “real life”, but in instances like these, it is easy to see how we shroud ourselves in echo chambers, never allowing voices to translate into the world of action.</p>
<p style="text-align: justify; ">You are sure to have been bombarded with tweets that have insightfully analysed the conditions of safety in our public spaces. And in all of this, like me, you must have been comforted thinking that there is still hope. But for every “like” you received on your status update, for every time your tweet got favourited or retweeted, for every time you found yourself agreeing with the social experts, you also separated yourself from the reality. Because the people who gave your opinions the attention, are actually people just like you. They are already on your side of things. Talking to them, exchanging ideas with them, calling for change side-by-side is like preaching to the choir, but it gives us a sense of having reached out. The voices in an echo chamber are not just repeated ad nauseum, but they are also not heard by anybody else on the outside, thus stifling the energy and passions that might have resulted in real change.</p>
<p style="text-align: justify; ">The Web also offers an easy separation of us versus them. As coping mechanisms and as a way of distancing ourselves from these events, the Web offers us a clear disavowal of guilt. The young man, who shot those children in the school, was mentally unstable. The laws that allowed him to purchase guns are because of the politicians and the arms industry. The student, who got raped in a bus, is the responsibility of the ‘rape capital’ Delhi. If we were in charge, these things would not have happened this way. But now they have happened, and so we will be angry, we will be shocked, we will tweet “Not Again!” and then quickly shift our ever-expanding attention to the burgeoning space of information online.</p>
<p style="text-align: justify; ">And then we will wait, for the next incident to happen — oh, not the same, but similar — and we will go through this process once again.</p>
<p style="text-align: justify; ">If I have to look into the future and hope that 2013 shall be the year of change, then I am hoping that the change will be from “Not Again” to a “Never Again”. We will have to learn how to use the energy, the power of the Web, the influence of the digital crowds on the digital commons, to produce a change that goes beyond the social network feeds.</p>
<p style="text-align: justify; ">I hope that the social Web matures. We have to make sure that the promise of change that the digital social network offers, does not die as armchair clicktivism that witnesses but does nothing to change the act that affects us.</p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/indianexpress-nishant-shah-january-12-2013-web-of-sameness'>https://cis-india.org/internet-governance/blog/indianexpress-nishant-shah-january-12-2013-web-of-sameness</a>
</p>
No publishernishantInternet GovernanceCensorship2013-01-18T06:17:29ZBlog EntryFinancial Inclusion and the UID
https://cis-india.org/internet-governance/privacy_uidfinancialinclusion
<b>Since 2009, when Nandan Nilekani began to envision and implement the Unique Identification Project,
the UID authority has promoted the UID/Aadhaar scheme as a tool of development for India - arguing that an identity will assist in bringing benefits to the poor, promote financial inclusion in India, and allow for economic and social development. In this blog entry I will focus on the challenges and possibilities of the UID number providing the residents of India a viable method of access to financial services across the country.</b>
<p> </p>
<h3>Why the UID could bring financial inclusion</h3>
<p>In their strategy document “Exclusion to Inclusion with Micro payments” the UIDAI argues that a few of many challenges to successful financial inclusion in India for the poor have been: lack of identity, lack of accessibility of financial outlets, unreliability of infrastructure, high costs of banking, and the common presence of a middle man. For Indian banks the UID sites challenges such as: the high cost of transactions for banks servicing clients in rural areas, lack of infrastructure, costly processes of cash management, and high costs of IT.(UIDAI, 2010)The UID's solution to these obstacles is a system of financial services and micro payments based off of an individuals UID number, in which an individual with a UID number would be able to: open a bank account, make a payment, withdraw money, deposit money, and send remittances. The hope is that this system will allow banks to scale up their branch less banking, and reach out to larger populations. Residents having a bank account linked to their UID number is also key to the UID's larger scheme for subsidy delivery to the poor. Until all consumers who rely on government subsidies have a bank account linked to their UID number, the UID will not be able to implement a system of direct transfer of cash subsidies.(CNBC-TV18, 2011) For example, the UIDAI has started conducting a pilot disbursement of funds under the Mahatma Gandhi National Rural Employment Guarantee Scheme (MNREGS) to Jharkhand through Union Bank, ICICI Bank and Bank of India branches.(IBN-Live, 2011)</p>
<h3>How the UID will bring financial inclusion</h3>
<p>In their vision, the UIDAI has designed a system that involves bank branches enrolling individuals, bank branches establishing relationships with BC organizations, the use of Micro ATM's, and the use of the UID numbers for authentication in all financial transactions. In short the system of financial inclusion would work as follows:</p>
<p><strong>Step 1. Enroll and obtain UID number</strong></p>
<p>An individual enrolls for a UID number. During enrollment an individual shares his/her KYC information with the UIDAI. The UIDAI verifies the individuals KYC information, along with their other information, and issues the individual a UID number. If an individual already has a bank account at the time of enrollment they have the option to link their UID number to their bank account [1]</p>
<p>In India every bank must verify and confirm an individuals KYC information. This is to help reduce tax evasion and fraud. In December 2011, India's Ministry of Finance recognized the Aadhaar number has an officially valid identification to satisfy the KYC norms for opening bank accounts. By verifying an individuals KYC information at the enrollment stage the UIDAI is hoping reduce the amount of paperwork and time needed for an individual to open a bank account. In addition to satisfying KYC norms, the Government of India has also recognized the Aadhaar number as an acceptable form of identity for the purpose of obtaining a mobile connection. By having the UID number accepted for establishing both mobile connections and bank accounts, financial inclusion through mobile banking is encouraged as it allows for individuals who previously had no identity, to join the financial system and mobile network – thus allowing bank accounts to be more accessible than before, and aiding banks by simplifying the process of account opening.(Akhand Tiawari, Anurodh Giri, 2011)</p>
<p><strong>Step 2. Open UID Enabled Bank Account</strong><br />Now that the individual has a UID number they can open a bank account by presenting their UID number and thumb print to the bank branch for authentication. Currently the one bank enrolling citizens and issuing UID numbers and UID based ATM cards is the Bank of India.(Aggarwal, 2011) Bank of Maharashtra, State Bank of India and Indian Overseas Bank are currently waiting for approval from the UIDAI.(Chavan, 2011) In this scenario the UID number will be the only form of identification needed to open a bank account.</p>
<p><strong>3.Make financial transactions with UID number</strong><br />Once a UID Enabled Bank Account (UEBA) is opened, individuals can begin making financial transactions using their UID number and fingerprint. Individuals can access their UEBA through BC institutions. With a UEBA individuals have the option of using four basic banking services:</p>
<ul><li> Store cash for savings through electronic deposits and withdraw only small amounts of cash</li><li>Make payments</li><li>Send and receive remittances</li><li>Acquire balance and transaction history</li></ul>
<p>Transactions completed through the UID-enabled bank account work similarly to a prepaid mobile system. BC organizations, or Bank Correspondents, are organizations such as SHGs, kirana stores, dairy agents that larger banks develop a business relationship with. The BC organizations handle all transactions at the local level. Using BC organizations as financial outlets is meant to increase the penetration of financial outlets and make financial services more accessible in rural areas. How the process works is: a BC institution begins by depositing a certain amount of money with a larger banking institution. This ‘ prepaid balance’ paid by the BC institution changes with every transaction the BC institution makes. For example, when an individual makes a deposit it decreases as that money is then transferred into an individuals account, and increases when an individual withdraws money, because of the transaction fee that is charged to the individual. When the individual is making a deposit, he pays physical cash to the BC, who in turn makes an electronic transfer from the BC account to the individual's account. When making a withdrawal, the electronic transfer is made from the individual's account to the BC account, and the BC hands out physical cash to the customer, (UIDAI, 2010).</p>
<p><br />The micro ATM that is to be used at BC institutions is a hand held device, in this case a mobile phone, attached to a finger print reader. The micro ATM is meant to replace larger ATM’s and reduce the cost that banks incur when establishing full fledged ATM machines. The hand held device will be remotely accessed to the central server of the bank. Currently Italian tech company Telit Communication SpA, is hoping to provide the GSM wireless M2M modules that will allow the wireless device and the wired server to communicate with each other. (Kanth, 2011) The most significant difference between the micro ATM system and the traditional ATM system is that the BC employee executes the transaction. </p>
<p>Though having BC employees carry out financial transactions might eliminate the possibility of a fraudulent ATM being set up, it opens many possibly corrupt doors. How will it be ensured that the transaction is completed without fraud, and how can it be ensured that the Micro-ATM is not fraudulent, or that the BC organization itself is not fraudulent. Though this scenario might sound unlikely, the UID has already experienced difficulties with fake enrollment centers being set up, such as in Pune. (Gadkari, 2011), fake UID papers being issued, as was done in Patna(Tripathi, 2011) and enrollment centers illegally outsourcing work, as the IT company Tera Software was found doing (Prajakta, 2011). If these scenarios have all been tried, it is not unreasonable to see the same being tried with financial institutions.</p>
<h3><strong>Challenges to a system of authentication for financial transactions with the biometric based UID number</strong></h3>
<p>Not withstanding the fact that financial inclusion cannot be achieved only through an identity, focusing on the identity component of financial inclusion - in the report Low Cost Secure Transaction Model for Financial Services, published by Nitin Munjal, Ashish Paliwal, and Rajat Moona, from the Indian Institute of Technology, the authors note that present challenges in India to financial inclusion through access to financial institutions include(Munjal, Nitin Paliwal, Ashish Moona, 2011):</p>
<ul><li>Currently financial transactions require network connectivity to take place. For financial transactions made in rural areas this has lead to both high costs for each transaction and to high fixed IT costs.</li><li>Current financial schemes such as mobile banking depend on network connectivity, making the network indispensable, yet 70% of the Indian population is rurally located with limited or no network connectivity.</li><li>Current financial service outlets are densely located in urban areas and not rural areas. Rural populations are financially excluded, as in most cases the completion of financial transaction require the presence of financial outlets.</li><li>Currently there are no easy safeguards to protect against fake ATMS or fraud, because the current Financial Service Model is based on blind trust of the service outlet – this allows for high rates of fake ATM’s being installed and fraud.</li><li>For an individual to access financial services, an identity is required. In most cases the poor lack an identity.</li></ul>
<p><br />Clearly there are many obstacles that the UID identity card must overcome to successfully authenticate individuals in financial transactions and facilitate financial inclusion. For the system to be successful the UID must at the minimum do the following:</p>
<ul><li>Accurately generate unique numbers</li><li>Capture accurate personal information</li><li>Ensure security of the database</li><li>Ensure that the technology is secure and accurate</li><li>Ensure that only necessary information is collected</li><li>Verify BC centers</li><li>Provide a secure network that can handle large numbers of transactions</li></ul>
<p><br /><strong>Possible ways in which the system can go wrong include:</strong></p>
<ul><li>Inaccurate authentication</li><li>Delays in authentication</li><li>Fraud at the level of the BC institution</li><li>Over collection of personal information by banks</li><li>Linking of databases by banks, or other agencies</li><li>Network failure</li><li>Down time of the database</li></ul>
<p>Though UID enabled bank accounts have yet to be officially established the UID is already experiencing many of the listed difficulties. For instance, in an Indian Express article published on June 15th, it was reported that banks are issuing additional UID forms that ask if individuals have credit cards, operate mobile or internet banking accounts, own a two wheeler or four wheeler, or live in a rented or personally owned accommodation. (Indian Express, 2011) Even more alarming is a recent news item from the Deccan Herald, which details the efforts that have been taken by NATGRID to access banking clients personal information, and NATGRID's proposal to tie banking information to a linked database containing information from bank accounts, railways, airlines, stock exchanges, income tax, credit card, immigration records, and telecom service providers. (Arun, 2011)The banks<br />have refused to give NATGRID access to clients personal information, but the ease at which NATGRID could track and collect information about individuals with the UID is chilling – especially if the UID is linked to almost every bank account in India. Several news reports have also shared experiences of confusion, inconsistent requirements, and unorganized enrollment centers, which place doubt in the accuracy of the information collected and the accuracy of the UID numbers issued.(Tripathi, 2011). </p>
<p><br />Looking at the technology and operational design of the UEBA system, though the scheme relies on mobile networks, it fails to eliminate the need for connectivity to the central server, because authentication of individuals biometric must be done through comparison of one fingerprint to the central server of all fingerprints. This will not only complicate the effectiveness of delivery of services, as it is possible for connectivity to be limited and slow, but it will also incur large network overhead costs for each transaction that is verified. Furthermore, even though the use of BC institutions as financial service outlets is meant to increases the availability of financial outlets, a dependency is created on BC institutions – as they must be present for any financial transaction to take place.<br />Additionally, individuals have no way of authenticating and verifying BC institutions. As mentioned earlier this allows for possible scenarios of fraud. Additionally, the UID has not provided any alternative method of identification in the case that the network or technology fails, or if an individuals biometrics are incorrectly rejected.</p>
<h3>Could the SCOSTA standard be an option?</h3>
<p>Many developing countries, like Kenya and Brazil, that face similar challenges to financial inclusion have looked towards smart cards as secure methods for authenticating individuals. In 2003 India also implemented a smart card approach to identity management. The SCOSTA standard smart card was introduced with the MNIC national identification scheme. Though the scheme was eventually dropped by the Indian Government, the SCOSTA smart card standard is still a valid option for authentication of individuals in financial transactions. A SCOSTA standard based approach for financial inclusion would include: </p>
<ul><li>Authentication of an individuals key, pass-phrase, and pin. This is known as public keyinfrastructure. This will allow a person to protect their password and easily replace it if stolen.</li><li> Authentication through public key infrastructure would not depend on connectivity to thenetwork. This would allow for financial inclusion of populations not connected to networks and not be fully dependent on working networks.</li><li> Authentication through public key infrastructure establishes mutual trust of user and institution. This would lower the presence of fraudulent institutions and corrupt transactions.</li><li> Connection to a central server is not required for the authentication of an individual in a financial transaction. This will lower the cost of transactions and lower IT overhead costs (ibid Munjal, Nitin Paliwal, Ashish Moona, 2011)</li></ul>
<h3>Conclusion</h3>
<p>Though it is hard to say that a fool proof system of authentication can easily be made, and that system will indeed promote financial inclusion, when comparing the biometric UID number with the SCOSTA standard smart card, there are many benefits to the SCOSTA standard such as ability of individuals to verify banking institutions, no need for connectivity to the central server, and the ability to easily replace lost or stolen pins and passwords. No matter what standard is implemented though, it is important to clearly look at the current implementation, technological, and operational challenges that identification schemes face and the possible ramifications of such challenges before adapting it as a ubiquitous system.</p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/privacy_uidfinancialinclusion'>https://cis-india.org/internet-governance/privacy_uidfinancialinclusion</a>
</p>
No publisherelonnai hickokInternet GovernancePrivacy2011-08-23T10:36:31ZBlog Entry