The Centre for Internet and Society
https://cis-india.org
These are the search results for the query, showing results 1 to 15.
Notes From a Foreign Field: The European Court of Human Rights on Russia’s Website Blocking
https://cis-india.org/internet-governance/blog/notes-from-a-foreign-field-the-european-court-of-human-rights-on-russia2019s-website-blocking
<b>This blogpost summarises the human rights principles applied by the Court to website blocking, and discusses how they can be instructive to petitions in the Delhi High Court that challenge arbitrary censorship in India.</b>
<p class="has-text-align-justify"> </p>
<p class="has-text-align-justify">This blogpost was authored by Gurshabad Grover and Anna Liz Thomas. It was first published at the <a class="external-link" href="https://indconlawphil.wordpress.com/2021/02/05/notes-from-a-foreign-fieldthe-european-court-of-human-rights-on-russias-website-blocking-guest-post/">Indian Constitutional Law and Philosophy Blog</a> on February 5, 2021, and has been reproduced here with permission.</p>
<hr />
<p class="has-text-align-justify"> </p>
<p class="has-text-align-justify">From PUBG to TikTok, online services
are regularly blocked in India under an opaque censorship regime flowing
from section 69A of the Information Technology (IT) Act. Russia happens
to have a very similar online content blocking regime, parts and
processes of which were recently challenged in the European Court of
Human Rights (‘the Court’). This blogpost summarises the human rights
principles applied by the Court to website blocking, and discusses how
they can be instructive to petitions in the Delhi High Court that
challenge arbitrary censorship in India.</p>
<h3><strong>Challenges to Russia’s Website Blocking Practices</strong></h3>
<p class="has-text-align-justify">On 23 June 2020, the Court delivered <a href="https://strasbourgobservers.com/2020/08/26/the-strasbourg-court-establishes-standards-on-blocking-access-to-websites/">four judgements</a>
on the implementation of Russia’s Information Act, under which content
on the internet can be deemed illegal and taken down or blocked. Under
some of these provisions, a court order is not required, and the
government can send a blocking request directly to Roskomnadzor,
Russia’s telecom service regulator. Roskomnadzor, in turn, requests
internet service providers (ISPs) to block access to the webpage or
websites. Roskomnadzor also notifies the website owner within 24 hours.
Under the law, once the website owner notifies the Roskomnadzor that the
illegal content has been removed from the website, the Roskomnadzor
verifies the same and informs ISPs that access to the website may be
restored for users.</p>
<p class="has-text-align-justify">In the case of <a href="https://hudoc.echr.coe.int/eng#%7B%22itemid%22:%5B%22001-203177%22%5D%7D"><em>Vladimir Kharitonov</em></a><em>, </em>the
complainant’s website had been blocked as a result of a blocking order
against another website, which shared the same IP address as that of the
complainant. In <a href="https://hudoc.echr.coe.int/eng#%7B%22itemid%22:%5B%22001-203180%22%5D%7D"><em>Engels</em></a><em>, </em>the
applicant’s website had been ordered by a court to be blocked for
having provided information about online censorship circumvention tools,
despite the fact that such information was not unlawful under any
Russian law. <em><a href="https://hudoc.echr.coe.int/eng#%7B%22itemid%22:%5B%22001-203178%22%5D%7D">OOO Flavius</a></em>
concerned three online media outlets that had their entire websites
blocked on the grounds that some of their webpages may have featured
unlawful content. Similarly, in the case of <a href="https://hudoc.echr.coe.int/eng#%7B%22itemid%22:%5B%22001-203181%22%5D%7D"><em>Bulgakov</em></a><em>, </em>the
implementation of a blocking order targeting extremist content (one
particular pamphlet) had the effect of blocking access to the
applicant’s entire website. In both the cases of <em>Engels </em>and <em>Bulgakov, </em>where court proceedings had taken place, the proceedings had been concluded <em>inter se </em>the
Prosecutor General and server providers, without the involvement of the
website owner. In all four cases, appeals to higher Russian courts had
been summarily dismissed. Even in those cases where website owners had
taken down the offending content, their websites had not been restored.</p>
<p class="has-text-align-justify">The Court assessed the law and its
application on the basis of a three-part test on whether the censorship
is (a) prescribed by law (including foreseeability and accessibility
aspects of the law), (b) necessary (and proportionate) in a democratic
society, and (c) pursuing a legitimate aim.</p>
<p class="has-text-align-justify">Based on the application of these
tests, the Court ruled against the Russian authorities in all four
cases. The Court also held that the wholesale blocking of entire
websites was an extreme measure tantamount to banning a newspaper or a
television station, which has the collateral effect of interfering with
lawful content. According to the Court, blocking entire websites can
thus amount to prior restraint, which is only justified in exceptional
circumstances.</p>
<p class="has-text-align-justify">The Court further held that procedural
safeguards were required under domestic law in the context of online
content blocking, such as the government authorities: (a) conducting an
impact assessment prior to the implementation of blocking measures; (b)
providing advance notice to website owners, and their involvement in
blocking proceedings; (c) providing interested parties with the
opportunity to remove illegal content or apply for judicial review; and
(d) requiring public authorities to justify the necessity and
proportionality of blocking, provide reasons as to why less intrusive
means could not be employed and communicate the blocking request to the
owner of the targeted website.</p>
<p class="has-text-align-justify">The Court also referenced an earlier judgment it had issued in the case of <em>Ahmet Yildirim vs. Turkey, </em> acknowledging
that content creators are not the only ones affected; website blocking
interferes with the public’s right to receive information.</p>
<p class="has-text-align-justify">The Court also held that the
participation of the ISP as a designated defendant was not enough in the
case of court proceedings concerning blocking requests, because the ISP
has no vested interest in the proceedings. Therefore, in the absence of
a targeted website’s owner, blocking proceedings in court would lose
their adversarial nature, and would not provide a forum for interested
parties to be heard.</p>
<h3><strong>Implications for India</strong></h3>
<p class="has-text-align-justify">The online censorship regime in India
is similar to Russian terms of legal procedure, but perhaps worse when
it comes to the architecture of the law’s implementation. Note that for
this discussion, we will restrict ourselves to government-directed
blocking and not consider court orders for content takedown (the latter
may also include intellectual property infringement and defamatory
content).</p>
<p class="has-text-align-justify"><a href="https://indiankanoon.org/doc/10190353/">Section 69A</a>
of the Information Technology (IT) Act permits the Central Government
to order intermediaries, including ISPs, to block online content on
several grounds when it thinks it is “necessary or expedient” to do so.
Amongst others, these grounds include national security, public order
and prevention of cognisable offences.</p>
<p class="has-text-align-justify">In 2009, the Information Technology (Procedure and Safeguards for Blocking for Access of Information by Public) Rules, 2009 (‘<a href="https://cis-india.org/internet-governance/resources/information-technology-procedure-and-safeguards-for-blocking-for-access-of-information-by-public-rules-2009">blocking rules</a>’)
were issued under the Act. They lay out an entirely executive-driven
process: a committee (consisting entirely of secretaries from various
Ministries) examines blocking requests from various government
departments, and finally orders intermediaries to block such content.</p>
<p class="has-text-align-justify">As per Rule 8, the chairperson of this committee is required to “make all reasonable efforts identify the person <strong>or</strong>
intermediary who has hosted the information” (emphasis ours) and send
them a notice and give them an opportunity for a hearing. A plain
reading suggests that the content creator can then not be involved in
the blocking proceedings. Even this safeguard can be circumvented in
“emergency” situations as described in Rule 9, under which blocking
orders can be issued immediately. The rules ask for such orders to be
examined by the committee in the next two days, where they can decide to
continue or rescind the block.</p>
<p class="has-text-align-justify">The rules also task a separate committee, <a href="https://cis-india.org/internet-governance/resources/rule-419-a-indian-telegraph-rules-1951">appointed</a>
under the Telegraph Act, to meet every two months to review all
blocking orders. Pertinently, only ministerial secretaries comprise that
committee as well.</p>
<p class="has-text-align-justify">These are the limited safeguards
prescribed in the rules. Public accountability in the law is further
severely limited by a requirement of strict confidentiality (Rule 16) of
blocking orders. With no judicial, parliamentary or public oversight,
it is easy to see how online censorship in India operates in complete
secrecy, making it <a href="https://scroll.in/article/953146/how-india-is-using-its-information-technology-act-to-arbitrarily-take-down-online-content">susceptible</a> to wide abuse.</p>
<p class="has-text-align-justify">When the constitutionality of provision and the blocking rules was challenged in <a href="https://indiankanoon.org/doc/110813550/"><em>Shreya Singhal v. Union of India</em></a>,
the Supreme Court was satisfied with these minimal safeguards. However,
it saved the rules only because of two reasons. First, it noted that an
opportunity of a hearing is given “to the originator <strong>and</strong>
intermediary” (emphasis ours: notice how this is different from the
‘or’ in the blocking rules). It also specifically noted that the law
required reasoned orders that could be challenged through writ
petitions.</p>
<p class="has-text-align-justify">On this blog, Gautam Bhatia has earlier <a href="https://indconlawphil.wordpress.com/2015/03/25/the-supreme-courts-it-act-judgment-and-secret-blocking/">argued</a>
that the judgment then should be read as obligating the government to
mandatorily notify the content creator before issuing blocking orders.
Unfortunately, the reality of the implementation of the law has <a href="https://scroll.in/article/953146/how-india-is-using-its-information-technology-act-to-arbitrarily-take-down-online-content">not lived up</a> to this optimism. While intermediaries (ISPs when it comes to website blocking) <em>may</em>
be getting a chance to respond, content creators are also almost never
given a hearing. As we saw in the European Court’s judgment, ISPs do not
have any incentive to challenge the government’s directions.</p>
<p class="has-text-align-justify">Additionally, although the law states that “reasons [for blocking content are] to be recorded in writing”, <a href="https://internetfreedom.in/whistleblower-provides-website-blocking-orders-on-4000-websites/">leaked blocking orders</a>
suggest that even ISPs are not given this information. Apart from the
opacity around the rationale for blocking, RTI requests to uncover even
the <em>list</em> of blocked websites have been <a href="https://www.hindustantimes.com/analysis/to-preserve-freedoms-online-amend-the-it-act/story-aC0jXUId4gpydJyuoBcJdI.html">repeatedly</a> rejected (for comparison, Roskomnadzor at least maintains a <a href="https://blocklist.rkn.gov.ru/">public registry</a> of websites blocked in Russia). This lack of transparency and fair proceedings also means that <em>entire </em>websites
may be getting blocked when there are only specific web pages on that
website that serve content related to unlawful acts.</p>
<p class="has-text-align-justify">When it comes to the technical methods
of blocking, the rules are silent, leaving this decision to the ISPs.
While a recent study by the Centre for Internet and Society showed that
popular ISPs are <a href="https://arxiv.org/pdf/1912.08590.pdf">using methods</a> that target specific websites, there are some recent reports that <a href="https://theprint.in/judiciary/us-firm-one-signal-moves-delhi-hc-says-ip-address-blocked-in-india-without-intimation/587852/">suggest</a>
ISPs may be blocking IP addresses too. The latter can have the effect
of blocking access to other websites that are hosted on the same
address.</p>
<p class="has-text-align-justify">There are two challenges to the rules
in the Delhi High Court, serving as opportunities for reform of website
blocking and content takedown in India. The first was filed in December
2019 by <a href="https://internetfreedom.in/delhi-hc-issues-notice-to-the-government-for-blocking-satirical-dowry-calculator-website/">Tanul Thakur</a>,
whose website DowryCalculator.com (a satirical take on the practice of
dowry) was blocked without any notice or hearing. Tanul Thakur was not
reached out to by the committee responsible for passing blocking orders
despite the fact that Thakur has publicly claimed its ownership multiple
times, and has been interviewed by the media about the website. When
Thakur <a href="https://drive.google.com/file/d/0B2NvpMoZE5HGbGVCOG5TNVF6RDRGXzk5T3VNMlhTQ0E3QUlz/view">filed</a>
a RTI asking why DowryCalculator.com was blocked, the Ministry of
Electronics cited the confidentiality rule to refuse sharing such
information!</p>
<p class="has-text-align-justify">This month, an American company providing mobile notifications services, One Signal Inc., has <a href="https://theprint.in/judiciary/us-firm-one-signal-moves-delhi-hc-says-ip-address-blocked-in-india-without-intimation/587852/">alleged</a>
that ISPs are blocking its IP address, and petitioned the court to set
aside any government order to that effect because they did not receive a
hearing. Interestingly, the IP address belongs to a popular hosting
service provider, which serves multiple websites. Considering this fact
and the lack of transparency in blocking orders, one may question
whether One Signal was the intended target at all! The European Court’s
judgment in <em>Vladimir Kharitonov</em> is quite relevant here: ISPs
should not be blocking IP addresses that are shared amongst multiple
websites, because such a measure can cause collateral damage, and make
other legitimate expression inaccessible.</p>
<p class="has-text-align-justify">Given the broad similarities between
the Indian and Russian website blocking regimes, the four judgements by
the European Court of Human Rights will be instructive to the Delhi High
Court. Note that section 69A is used for content takedown in general,
i.e. censoring posts on Twitter, not just blocking websites): the right
to hearing must extend to all such content creators. The principles
applied by the European Court can thus provide for a more rights
respecting foundation for content blocking in India for the judiciary to
uphold, or for the legislature to amend.</p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/notes-from-a-foreign-field-the-european-court-of-human-rights-on-russia2019s-website-blocking'>https://cis-india.org/internet-governance/blog/notes-from-a-foreign-field-the-european-court-of-human-rights-on-russia2019s-website-blocking</a>
</p>
No publishergurshabadContent takedown69AConstitutional Law2021-02-13T08:42:18ZBlog EntryIndia Digital Freedom Series: Internet Shutdowns, Censorship and Surveillance
https://cis-india.org/internet-governance/blog/india-digital-freedom-series-internet-shutdowns-censorship-and-surveillance
<b>A series of reports on digital rights and civic space in India, focusing on four areas where restrictive policies threaten fundamental freedoms and impede public participation: internet shutdowns, censorship, platform governance and surveillance.</b>
<h3>Read the reports<br /></h3>
<div>1. <strong><a href="https://cis-india.org/internet-governance/icnl-introduction-revised" class="internal-link" title="icnl introduction revised">Introduction, Background and Methodology</a></strong> by Arindrajit Basu</div>
<div>2. <strong><a class="external-link" href="https://cis-india.org/internet-governance/blog/india-digital-freedoms-2-internet-shutdowns">Internet Shutdowns: Threats to Digital Access</a></strong> by Torsha Sarkar, Manogna Matam and Gurshabad Grover</div>
<div>3. <strong><a class="external-link" href="https://cis-india.org/internet-governance/blog/india-digital-freedoms-3-censorship">Censorship: Threats to Expression</a></strong> by Matam Manogna, Torsha Sarkar, Gurshabad Grover and Kanav Khanna</div>
<div>4. <strong><a class="external-link" href="https://cis-india.org/internet-governance/blog/india-digital-freedoms-4-platform-governance">Platforms as Gatekeepers: Threats to Digital Space</a></strong> by Torsha Sarkar and Gurshabad Grover</div>
<div>5. <strong><a class="external-link" href="https://cis-india.org/internet-governance/blog/india-digital-freedoms-5-surveillance">Surveillance and Data Protection: Threats to Privacy and Digital Security</a></strong> by Mira Swaminathan and Arindrajit Basu</div>
<div> </div>
<h3>Background</h3>
<p>Amidst global trends towards authoritarianism and closing space for civil society, India’s dynamic changing landscape calls for ongoing attention. In the last year alone, upheaval around the Citizenship Amendment Act protests, sectarian violence and communal riots in Delhi and elsewhere, the emergence of Covid-19, and issues of statelessness and discrimination have raised questions about the state of civic freedoms in India. At the same time, efforts to mold and restrict civil society, through funding limitations and a narrative against activism and ‘foreign agents,’ continue to reverberate across the non-profit sector. Technology has played a major role in all of these developments, with expression and democratic debate increasingly carried into the digital sphere, and privacy, data, and surveillance taking center stage, particularly amidst a global pandemic. India additionally has the notorious distinction of being the world’s democracy with the longest-running internet shutdown. Other examples of how digital rights are being impacted in India abound: possible government-sanctioned surveillance on activists and journalists; various forms of censorship, and denial of access to information.</p>
<p>Documentation and consideration of such phenomena is critical, given the role digital developments will play shaping Indian society in the 21st century. Technology can be a great enabler of constitutional values, welfare, and act as a facilitator of public discourse. It can also be used by the state to fetter the realization of constitutional rights and restrict the growth of civil society activism and public discourse. To date, there exists little comprehensive coverage of the overall universe of policies and laws affecting digital rights, and how their implementation is impacting Indian civil society actors, including non-profits, activists, media, minority groups, and others.</p>
<p>India’s constitutional ethos provides for a wide array of fundamental rights designed to protect and empower the most vulnerable. It views the state as a key actor in breaking existing barriers of structural inequality - something technology can play a role in - if designed and implemented reasonably, with the widest possible consultation. Given India’s status as the world’s most populous democracy, along with its considerable heft in the Information and Communications Technology (ICT) sector globally, how these issues play out will be critical for the future of digital civic space, in South Asia, Asia, and beyond.</p>
<p>This report undertakes an examination of key topics related to digital rights and civic space in India. It focuses on four areas of particular concern, where restrictive policies threaten to violate fundamental freedoms and restrict civil society and public participation. The topics covered include: 1) Internet Shutdowns, 2) Online Censorship, 3) Platform Governance, and 4) Surveillance. Each chapter begins with a factual overview identifying the scope of the problem across the country. It proceeds to evaluate relevant Indian laws and regulations affecting the enjoyment of fundamental human rights of members of civil society online, including the rights to free association, assembly, expression, privacy, access to information and public participation. The chapter then summarizes relevant international law and standards, many of which are obligatory on the Indian government and constitute binding international commitments, and concludes with some reflections and recommendations.</p>
<p>Ultimately, the report emphasizes the importance of a free, fair, and democratic digital civic space in line with international law and best practices. It evaluates ongoing Indian policies in the four topic areas in light of these standards, and provides suggestions for paths to reform that Indian policymakers can undertake to enable the use of technology in consonance with India’s rich constitutional ethos.</p>
<h3>Methodology</h3>
<p>This report was researched and written by the Centre for Internet and Society (CIS), with support from the International Center for Not-for-Profit Law (ICNL). Researchers at CIS with specialized knowledge in digital rights undertook an expansive review of a wide range of sources related to this topic, including academic scholarship and legal literature, news articles, government documents, laws, and other publications. In addition to desk research, two teams of CIS researchers travelled across five cities - Jodhpur and Jaipur (state of Rajasthan), Ahmedabad (state of Gujarat), Siliguri (state of West Bengal), and Guwahati (state of Assam). Each of these states have a vibrant civic space, and have seen a number of individuals and organizations engaging with key issues in the digital space over the past months. Researchers interviewed a diverse array of stakeholders, including student activists, public interest lawyers, government officials, party workers, and journalists. While refraining from undertaking quantitative or empirical analysis of the fieldwork findings, the qualitative insights and data gathered from these interviews were instrumental in the shaping of this report.</p>
<p>This report uses the World Bank’s definition of “civil society,” namely: “a wide array of organizations: community groups, non-governmental organizations [NGOs], labour unions, indigenous groups, charitable organizations, faith-based organizations, professional associations, and foundations.” However, to truly understand public participation in a democracy, the report looks beyond organised groups and their workings, and examines how various individuals participate in public processes - including through protests, writing, and engagement through social media. Thus, when considering the impact of digital rights, this report did not limit its investigation only to organised civil society but considered a larger scope to engage with a broader notion of public participation.</p>
<h3>Acknowledgements</h3>
<div>The Centre for Internet and Society would like to thank the International Center for Not- for-Profit Law for the financial support that made the report possible. The authors would also like to thank Abhijit Roy, Arun Chauhan, Gajendra Singh Dahiya, Kumar Shubham, Manjula Pradeep, Rahul Bordoloi, Roshan Gupta, and many others who chose to remain anonymous for their inputs that informed the research; Akash T for research assistance; and Julie Hunter, Lisa Vermeer, and Nick Robinson for their feedback. Thanks also to the ICNL team for designing, formatting and editing the reports. All opinions and errors in the piece remain those of the authors.</div>
<div>We would also like to wholeheartedly thank The Legal Aid and Awareness Committee from the National Law University Jodhpur for helping us set up a number of interviews with key stakeholders.</div>
<div> </div>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/india-digital-freedom-series-internet-shutdowns-censorship-and-surveillance'>https://cis-india.org/internet-governance/blog/india-digital-freedom-series-internet-shutdowns-censorship-and-surveillance</a>
</p>
No publishergurshabad2021-01-11T10:07:30ZBlog EntryIntermediary liability and Safe Harbour: On due diligence and automated filtering
https://cis-india.org/internet-governance/blog/intermediary-liability-and-safe-harbour-on-due-diligence-and-automated-filtering
<b>This post discusses this ‘due diligence’ obligation in the intermediary liability regime in India, with a focus on its scope and whether it includes the possibility of automated content filtering.</b>
<p>This blogpost was authored by Gurshabad Grover and Anna Liz Thomas. It was first published at <a class="external-link" href="https://lawandotherthings.com/2020/11/intermediary-liability-and-safe-harbour-on-due-diligence-and-automated-filtering/">Law and Other Things</a>.</p>
<hr />
<p><strong><br /></strong></p>
<p><strong>Introduction</strong></p>
<p>India’s intermediary liability regime flows from <a href="https://cis-india.org/internet-governance/resources/section-79-information-technology-act">section 79 of the Information Technology Act, 2000</a>
(the “Act”), a provision that exempts intermediaries from liability for
third party content on their service, as long as certain conditions are
fulfilled. Under Section 79(2)(c) of the Act, one of the conditions for
an intermediary to claim safe harbour (immunity from liability for
third party content) is that it:</p>
<p>“<em>observes <strong>due diligence</strong> while discharging his
duties under this Act and also observes such other guidelines as the
Central Government may prescribe in this behalf.</em>” (emphasis is authors’)</p>
<p>This post discusses this ‘due diligence’ obligation with a focus on its scope and its relationship with the <a href="https://cis-india.org/internet-governance/resources/intermediary-guidelines-rules">intermediary guidelines</a> issued under the Act. We primarily analyse the arguments made by T. Prashant Reddy in <a href="https://nludslj.webs.com/Prashant%20reddy.pdf"><em>Back to the Drawing Board: What should be the new direction of the intermediary liability law?</em></a>, (“the paper”) which was published last year in the NLUD Journal of Legal Studies.</p>
<p>While the paper aims to broadly engage with the question of how
India’s intermediary liability regime should be reformed, this post only
focuses on two of the arguments that form the basis of the paper. <em>First, </em>the paper suggests that ‘due diligence’ should be interpreted as a separate requirement from the <a href="https://cis-india.org/internet-governance/resources/intermediary-guidelines-rules">intermediary guidelines</a> (“the 2011 rules”) issued under the law. The <em>second </em>argument
builds on this and argues that this due diligence requirement could be
understood to mean that intermediaries should engage in proactive
identification and filtering of unlawful content.</p>
<p>We explore the two questions in the same order, and then finally
explore alternative interpretations of the due diligence requirement. We
argue that (1) there are multiple ways to interpret the provision, but
there may be merit in considering the ‘due diligence’ requirement as
distinct from the guidelines; and that (2) even if it is a separate
requirement, proactive filtering of content by intermediaries is
unconstitutional, and thus cannot be the sort of ‘due diligence’ the law
expects from intermediaries.</p>
<p><strong>Is ‘due diligence’ a separate requirement?</strong></p>
<p><strong> </strong>Section 79 of the IT Act has long been criticised for its vague and poor drafting, including on <a href="https://www.jstor.org/stable/24479053?casa_token=XN8yX8EI9wUAAAAA:j7zFFa40s2UelK_Gvv7UUZWnaTkmD-2mlOkrZpuuHBdmusr1IpWQztP6YYU7ptejbw6ddcMqy0fse1mE1gPka5IAtfbWeweXR8KqmsAZOyIa1IpT0Hl_">whether</a>
the entire clause requiring ‘due diligence’ was mandatory at all. The
paper only suggests that ‘due diligence’ is a separate requirement from
the guidelines, with the interpretation being supported by two facts.</p>
<p>First, the paper points to the ‘and’ in Section 79(2)(c) that
separates the obligation to conduct due diligence, and the obligation to
observe the guidelines prescribed by the Central Government. This would
indicate that the two obligations are to be separately fulfilled. We
should point out that reading the statute in such a way does mean that
the two obligations are distinct, but it could also imply that both ‘due
diligence’ and ‘other guidelines’ can be notified by the Government. In
fact, we think that evidence of the claim that ‘due diligence’ is a
separate self-contained obligation is actually found in the word ‘also’
that succeeds ‘and’. If we interpret the provision in a way that the due
diligence is only what is notified in the rules, the term ‘also’ ends
up having no real significance. The <a href="https://www.law.uh.edu/faculty/adjunct/dstevenson/2018Spring/CANONS%20OF%20CONSTRUCTION.pdf">rule of surplusage</a>
in interpretation states that “every word and every provision is to be
given effect”, and that “none should be ignored.” Thus, the term ‘also’
can be understood as intentionally demarcating the ‘due diligence’
obligation and the one that obligates intermediaries to comply with the
rules notified under the provision.</p>
<p>The paper further argues that the second fact supporting this
interpretation is in the legislative history of section 79 of the Act.
Section 79, as it presently exists, was the result of the amendments to
the Act passed in 2008. The phrase ‘due diligence’ was retained in the
text of the provision on the insistence of the Standing Committee which
submitted a <a href="https://www.prsindia.org/sites/default/files/bill_files/scr1198750551_Information_Technology.pdf">report on the Bill</a>.
The Committee had contextualized the due diligence requirement in
relation to the need for an explicit provision requiring the blocking
and elimination of objectionable content through technical mechanisms.</p>
<p>However, the paper does not consider the fact that the Committee had
also specified that the reason it wanted ‘due diligence’ in the
provision was because in their opinion, “removing an enabling provision
which already exists in the principal Act and leaving it to be taken
care of by the possible guidelines makes no sense”. From the perspective
of the Standing Committee, the due diligence provision was an enabling
one, i.e., primarily meant to allow the government to make guidelines in
that regard. In an enabling provision like this one, retaining the term
‘due diligence’ and adding that intermediaries have an obligation to
observe ‘such other’ guidelines curbed the possibility of excessive
delegation, by ensuring that any guidelines prescribed specifically
concern due diligence obligations.</p>
<p>Note that the judgement of the Andhra Pradesh High Court in <a href="https://indiankanoon.org/doc/144020000/"><em>Google India Private Limited vs M/S Visaka Industries Limited</em></a>
in November 2016 may support the paper’s argument in that the ‘due
diligence’ obligation is distinct from the guidelines. In the absence of
any explicit definition of ‘due diligence’ in the IT Act, the Court
cited precedent that relied on dictionary meanings of due diligence and
concluded that that in order to meet the requirement, an intermediary
would have to prove that it “had acted as an ordinary reasonable prudent
man”, which would be a “question of fact.” Perhaps the Delhi High Court
was clearest in the matter in <a href="https://indiankanoon.org/doc/99622088/"><em>Christian Louboutin v Nakul Bajaj</em></a>
when it stated that “the ‘due diligence’ provided in the Act, has to be
construed as being broad and not restricted merely to the guidelines
themselves.”</p>
<p>On the other hand, like the paper notes, there are judgments like <a href="https://indiankanoon.org/doc/12972852/"><em>MySpace Inc. vs Super Cassettes Industries Ltd.</em></a>
by the Delhi High Court, which have not considered the specific
question, but concluded Rule 3 of the 2011 rules to completely
encapsulate ‘due diligence’. This is, of course, because of the language
in the rules. While Section 79(2)(c) of the IT Act might suffer from
some vagueness, Rule 3 of the 2011 rules is unequivocal in that it seeks
to define the “due diligence to be observed by the intermediary.” As
Chinmayi Arun <a href="http://nujslawreview.org/wp-content/uploads/2016/12/Chinmayi-Arun.pdf">notes</a>,
the notification of the rules is seen as serving to clarify the meaning
of the requirement. It is no surprise that Rule 3 has become the
traditionally-understood standard for fulfilling the ‘due diligence’
requirement under the law.</p>
<p>Overall, despite the lack of a crystal-clear answer, we agree with
the paper that there is enough merit in seriously considering the ‘due
diligence’ as distinct from the guidelines. The paper has rightly
brought up an interpretation that needs more attention in literature and
cases on intermediary liability in India.</p>
<p><strong>Interpreting ‘Due diligence’</strong></p>
<p>It thus becomes important to question what this ‘due diligence’ will
entail for intermediaries if (and/or when) it is entirely distinct from
the rules. The paper points to how the Committee had contextualized the
due diligence requirement as a need for certain intermediaries to block
and eliminate objectionable content through technical mechanisms. Using
this frame of reference, Reddy suggests that this ‘due diligence’
requirement may mean that intermediaries are obligated to proactively
filter objectionable content.</p>
<p>However, it is pertinent to note that the Standing Committee had
originally intended that the ‘due diligence’ requirement be reinstated
as a prerequisite for giving immunity to a specific kind of
intermediary: online marketplaces and online auction sites. Their
suggestions for automated tools for filtering content should also be
understood then as targeted at these specific intermediaries. Therefore,
there is nothing in the legislative history of Section 79(2)(c) that
suggests that measures such as automated content filtration were even
considered as obligations for <em>all</em> categories of intermediaries.</p>
<p>More importantly, as many have <a href="https://ccgdelhi.org/wp-content/uploads/2019/02/CCG-NLU-Comments-to-MeitY-on-Draft-IL-Guidelines-Amendment-Rules.pdf">pointed</a>
out in the context of the proposed amendments to the intermediary
guidelines, proactive filtering of content would be unreasonable and its
application definitely an unconstitutional restriction on speech.</p>
<p><em>First</em>, such a requirement would suffer from vagueness and
overbreadth. There are lots of “automated tools” that can be used to
filter content (keyword detection, hash-based content detection, machine
learning, etc.), each with their merits and demerits. Even if delegated
legislation were to provide clarity to the term, such a broad
interpretation of ‘due diligence’ would not be consistent with the
‘case-by-case’ evaluation that is the usual understanding of the term.
Apart from the fact that all forms of automated filtering have their
inherent <a href="https://www.engine.is/the-limits-of-filtering">limitations</a>,
it would be impossible for certain kinds of intermediaries, like those
that deal with end-to-end encrypted communications to implement such a
requirement.</p>
<p>The determination of whether certain acts are illegal is a public
function, left to the government and the courts. A broad proactive
filtering obligation on intermediaries is state <a href="https://thewire.in/tech/online-content-policing-censorship">censorship by proxy</a>, and worse yet, a form of <a href="https://cdt.org/insights/tackling-illegal-content-online-the-ec-continues-push-for-privatised-law-enforcement/">privatized law enforcement</a>.
As a matter of principle, what the state cannot do directly, it cannot
do indirectly. For such forms of censorship, Prof. Seth Kreimer has <a href="https://www.law.upenn.edu/journals/lawreview/articles/volume155/issue1/Kreimer155U.Pa.L.Rev.11(2006).pdf">elucidated</a>
in detail the great dangers of “collateral damage” that come from
placing restrictions on intermediaries (if not the speaker). On its
face, it appears less egregious than a “frontal attack” on expression by
the state, but it can have the same effects.</p>
<p>To understand the impact of such obligations in the context of
intermediary liability, consider the even lower bar of requiring
intermediaries to entertain third-party takedown notices. There is <a href="https://cyberlaw.stanford.edu/blog/2015/10/empirical-evidence-over-removal-internet-companies-under-intermediary-liability-laws">evidence</a>
from multiple jurisdictions to suggest that even third party
notice-and-takedown systems make intermediaries over-censor in order to
avoid liability. When such a system existed in India before the Supreme
Court’s judgment in <a href="https://indiankanoon.org/doc/110813550/"><em>Shreya Singhal v. Union of India</em></a><em>, </em>a <a href="https://cis-india.org/internet-governance/intermediary-liability-in-india.pdf">study</a>
by Rishabh Dara found that a majority of intermediaries (that they sent
notices to) were over-censoring by complying with clearly frivolous
takedown notices. The requirement of proactive filtering will
undoubtedly cause a much amplified, unjust and disproportionate harm to
the exercise of the right to freedom of expression. Furthermore, it has
been confirmed by <em>Shreya Singhal</em> that the ‘knowledge;’ of
content to be taken down, must only be construed as being brought to the
intermediary through the medium of a court order. It, therefore,
becomes difficult to reconcile <em>Shreya Singhal </em>with automatic
filtration being mandated by law, since this would suggest that such
‘knowledge’ may be brought to the intermediary by way of an algorithm
(with or without conjunction with human inspection), rather than a court
order.</p>
<p>Rather than meeting T. Prashant Reddy’s aim, such a reading would
also concentrate more powers in the hands of private companies like
Facebook and Google that already exert an undue influence in the
moderation of the online public sphere.</p>
<p>Instead of a draconian form of ‘due diligence’, it is important to
consider what the range of possibilities that could inform the
obligation. For instance, <a href="https://www.ohchr.org/documents/publications/guidingprinciplesbusinesshr_en.pdf">the UN Guiding Principles on Business and Human Rights</a>
require business enterprises to carry out a human rights due diligence
on a regular basis, to identify, prevent, mitigate and account for how
they address their impacts on human rights. Businesses, under these
principles have differentiated responsibilities based on the size of the
business, risk of severe human rights impacts and the nature and
context of its operations. Once again, in this case, each intermediary’s
performance of its due diligence obligation would be made on a
case-to-case basis. Another interpretation can be the incorporation of
safeguards in takedown process, as Article 19 has <a href="https://www.article19.org/wp-content/uploads/2019/06/French-social-media-reg-proposal-briefing-FINAL.pdf">suggested</a>.
This could be to ensure that the companies are transparent in their
decision-making, and users are able to challenge takedown decisions made
by companies.</p>
<p><strong>Conclusion</strong></p>
<p>For the long-term reform of governance of online platforms, it is
important to keep in mind that this is one of the many problems in
section 79 of the IT Act. As the paper points out, the provision has
been long criticised for having a “one-size-fits-all” approach to
regulation, where internet service providers and social media companies
are treated similarly when it comes to their conditions for exemption
from liability. The conditions for exemption from liability in the
provision contribute to <a href="https://scroll.in/article/965151/donald-trump-is-attacking-the-social-media-giants-heres-what-india-should-do-differently">confusion</a> around their application to good faith content moderation and curation of newsfeeds.</p>
<p>There is also little in the law that advocates for transparency and
fairness in the moderation of online content, which is the area where
large and closed intermediaries act most as ‘gatekeepers’ and influence
the public sphere. Unfortunately, while the paper recognises these
issues, it goes on to advocate for proactive and automated content
filtering, which is likely to concentrate even more power in the hands
of big tech companies.</p>
<p>There are a host of problems that contribute to the misgovernance of
online platforms, including an ineffective competition law framework,
the lack of consumer protection standards applicable to most ‘free’
online services, and the opacity with which community standards are
applied. A step towards addressing these issues would be a clearer and
comprehensive intermediary liability legislation that recognises the
role of intermediaries in facilitating the right to freedom of
expression, holds them accountable to users, and dismantles unfair
concentration of power in commercial interests.</p>
<p><em>The authors would like to thank Torsha Sarkar and the Editorial Board at </em>Law and Other Things <em>for their comments and suggestions.</em></p>
<p><em>Disclosure: CIS has been a recipient of research grants from Facebook and Google.</em></p>
<p><em><br /></em></p>
<p><em><br /></em></p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/intermediary-liability-and-safe-harbour-on-due-diligence-and-automated-filtering'>https://cis-india.org/internet-governance/blog/intermediary-liability-and-safe-harbour-on-due-diligence-and-automated-filtering</a>
</p>
No publishergurshabad2020-11-29T21:17:30ZBlog EntryFinance Manager (withdrawn)
https://cis-india.org/jobs/finance-manager
<b>CIS is now inviting applications for the role of Director - Finance and Operations. The position would ideally be based out of Bengaluru, could be flexible depending on the unfolding of events in relation to COVID-19, so we encourage all potential candidates to apply.</b>
<p dir="ltr"><em> </em></p>
<em>
</em>
<p dir="ltr"><em>Kindly note that this job-profile has been changed to reflect our revised decision to hire a Director - Finance and Operations. The previous call for ‘Finance Manager’ stands cancelled. If you sent an application for the previous role, and also find yourself a good fit for the new role as described <a class="external-link" href="https://cis-india.org/jobs/director-finance-and-operations">here</a>, kindly send a fresh application. The deadline is 7th June, 2020. <br /></em></p>
<p>
For more details visit <a href='https://cis-india.org/jobs/finance-manager'>https://cis-india.org/jobs/finance-manager</a>
</p>
No publishergurshabad2020-05-15T08:39:35ZPageDivyank Katira
https://cis-india.org/about/people/divyank-katira
<b></b>
<p>
For more details visit <a href='https://cis-india.org/about/people/divyank-katira'>https://cis-india.org/about/people/divyank-katira</a>
</p>
No publishergurshabad2020-03-23T09:48:56ZImageProgramme Associate (Communications)
https://cis-india.org/jobs/programme-associate-communications
<b>The Centre for Internet & Society (CIS) is seeking applications for the position of Programme Associate (Communications), to support its Access to Knowledge (CIS-A2K) Programme. In keeping with efforts within the larger Wikimedia movement in encouraging an inclusive workplace and addressing issues of gender disparity
This position is presently open only to applicants who identify as women.
</b>
<h2>Context of the CIS-A2K programme</h2>
<p>As an affiliate of the Wikimedia Foundation, the nonprofit behind Wikipedia and it’s sister projects, we design and implement different initiatives with an aim to create high-quality content and bring new contributors to Wikimedia projects in Indian languages. The initiatives are premised on various themes and seek to create a multilingual repository of knowledge using Wikimedia projects as a platform. You are encouraged to carefully read through the CIS-A2K work plan before making the application. You will work cohesively with the Wikimedia community and the Wikimedia India communities to meet the specific goals of each language community in India. You will be a part of a small team of 5 to 10 members doing high visibility and high impact work. Please learn more about CIS-A2K <a class="external-link" href="https://meta.wikimedia.org/wiki/CIS-A2K">here</a>.<br /><br /></p>
<h2>Position Summary</h2>
<p>As Programme Associate, your job will be to support the Team’s larger goals -- growth of Indian language Wikipedias, other Wikimedia projects and the contributor communities. Your primary responsibility will be to support the Programme Associates -- that spearhead our on-ground programmatic activities -- with regular communication with the community and the outside world.</p>
<p> </p>
<h2>Responsibilities</h2>
<ul><li>Storytelling and all other forms of of communication-related responsibilities are two major focus areas of this job. You will explore conventional to new media to share the stories of the many of volunteers that make Wikipedia and Wikimedia projects such great knowledge repositories</li><li>Creating original stories of challenges and success of the Indian language Wikimedia communities, including the ones that we closely work with Being the interface between A2K team and the community and lead different kinds of communications activities</li><li>Sharing the work of the community and A2k team in a regular manner through print media, <a class="external-link" href="https://meta.wikimedia.org/wiki/CIS-A2K/Reports/Newsletter">newsletters</a>, social media, mailing list updates, blog posts etc., including timely announcement of programme activities on these platforms </li><li>Providing training on effective communications to the communities on a need basis and enabling them to independently tell their own stories in their own languages</li><li>Support with writing, review and editing of the annual work plan and reports of the programme</li><li>Interviewing Wikimedians under the ambit of the <a class="external-link" href="https://commons.wikimedia.org/wiki/WikipediansSpeak">WikipediansSpeak</a> project and beyond, and share the story of the Wikimedia community widely in the media</li></ul>
<div> </div>
<h2>Required skills</h2>
<ul><li>Good communication skill in writing and speaking, which will be required for correspondence, blog, report etc writing</li><li>Experience of blog post, report etc writing<br /></li><li>Prior experience of working in a collaborative community, preferably online.</li><li>Strong understanding of the internet and work of the Wikimedia movement.</li><li>Active participation as a Wikimedia volunteer would be an asset, though not a prerequisite. Demonstrated experience working in a global, multi-cultural team environment.</li><li>Must be fluent in English and at least one Indian language.</li><li>A good understanding of the cultural and knowledge universe of one Indian language will be an added advantage.</li><li>Ability to integrate with and understand the complexity of the Indian Wikimedia community.</li><li>Prior experience/ knowledge in working with social media for professional communication would be an added advantage. </li><li>Prior experience/knowledge in liasioning with conventional print/broadcast media would be an added advantage. </li></ul>
<p> </p>
<h2>Characteristics of the Programme Associate</h2>
<ul><li>High level of commitment: The Programme Associate should believe in the values of CIS and Wikimedia projects, exude enthusiasm for the mission and can powerfully embody and communicate the mission.</li><li>Intellectual curiosity and flexibility: Must enjoy tackling difficult, ambiguous problems and able to incorporate new knowledge into how one approaches situations and generates solutions, loves learning from others while expanding intellectual horizons.</li><li>Open and transparent: Have a high level of integrity and be comfortable working in a highly transparent fashion, open to input and feedback, a proactive and candid communicator who isn't afraid to bring others in when things are off-track or when they need help and should be able to handle criticism in a mature fashion.</li><li>Community builder: It is essential that the Programme Associate sees themself as a partner to and supporter of the Wikimedians who have and will continue to be the leaders in building the Wikimedia projects. The Programme Associate must be willing and able to work with a diverse array of people, many of whom come from non-traditional backgrounds and have a fervent commitment to Wikimedia movement’s community-led nature.</li><li>Strong cultural competency: Able to navigate in a global movement and on a global team in addition to navigating the complexity of India.</li></ul>
<p><br /><br /><strong>Location</strong>: Candidate willing to work from CIS’s Bangalore office will be preferred. Remote working option may be considered for experienced Wikimedians</p>
<p><strong>Remuneration</strong>: Compensation structure will be determined by the level of expertise, experience and current remuneration.</p>
<p><em><strong>Do not send anymore application now. the last date is over</strong></em><br />To apply, please send your resume to <strong>Tito Dutta (tito+comm@cis-india.org)</strong> and cover letter by <strong>21 May 2020 (applications must be submitted with cover later before 21 May 11:59:00 IST, please ensure to apply through email only).<br /></strong></p>
<p>
For more details visit <a href='https://cis-india.org/jobs/programme-associate-communications'>https://cis-india.org/jobs/programme-associate-communications</a>
</p>
No publishergurshabad2020-08-09T13:51:27ZPageProgramme Associate (Graphic designer)
https://cis-india.org/jobs/programme-associate-graphic-designer
<b>The Centre for Internet & Society (CIS) is seeking applications for the position of Programme Associate (Graphic designer), to support its Access to Knowledge (CIS-A2K) Programme. In keeping with efforts within the larger Wikimedia movement in encouraging an inclusive workplace and addressing issues of gender disparity
Women applicants are encouraged for this position, however this position for anyone to apply.
</b>
<h2 style="text-align: justify;" dir="ltr">Context of the CIS-A2K programme</h2>
<div>
<p id="docs-internal-guid-8d18f614-7fff-d5c4-be6d-28f3f764eb25" style="text-align: justify;" dir="ltr">As an affiliate of the Wikimedia Foundation, the nonprofit behind Wikipedia and it’s sister projects, we design and implement different initiatives with an aim to create high-quality content and bring new contributors to Wikimedia projects in Indian languages. The initiatives are premised on various themes and seek to create a multilingual repository of knowledge using Wikimedia projects as a platform. You are encouraged to carefully read through the CIS-A2K work plan before making the application. You will work cohesively with the Wikimedia community and the Wikimedia India communities to meet the specific goals of each language community in India. You will be a part of a small team of 5 to 10 members doing high visibility and high impact work. Please learn more about CIS-A2K <a href="https://meta.wikimedia.org/wiki/CIS-A2K">here</a>.</p>
<p style="text-align: justify;" dir="ltr"> </p>
</div>
<h2><span id="docs-internal-guid-5f922da4-7fff-0183-8ade-361428615ad1">Position summary</span></h2>
<p><span id="docs-internal-guid-e54fd5f7-7fff-2831-5ae2-6fc620fbad9f">CIS-A2K is looking for an ideal candidate who will help the program as a graphic designer, the work will include creating and preparing graphic content such as images, media files etc related to the A2K programme. This will be a full-time position, based at the CIS office in Bengaluru. and. The designation will be Programme Associate (PA) <br /></span></p>
<p><span id="docs-internal-guid-e54fd5f7-7fff-2831-5ae2-6fc620fbad9f"><br /></span></p>
<h2><span id="docs-internal-guid-e54fd5f7-7fff-2831-5ae2-6fc620fbad9f">Responsibilities</span></h2>
<h2><span id="docs-internal-guid-e54fd5f7-7fff-2831-5ae2-6fc620fbad9f"></span></h2>
<ul><li><span id="docs-internal-guid-e54fd5f7-7fff-2831-5ae2-6fc620fbad9f">Creating images, posters, banners, infographics, and other promotional materials for events and announcements, which will be circulated on social media channels and used in reports. </span></li><li><span id="docs-internal-guid-e54fd5f7-7fff-2831-5ae2-6fc620fbad9f">Strategising and designing reports (progress reports, impact reports, and proposal forms), and newsletters, to make them more accessible.</span></li><li><span id="docs-internal-guid-e54fd5f7-7fff-2831-5ae2-6fc620fbad9f">Helping and working with Wikimedia community members to create relevant visual content. </span></li><li><span id="docs-internal-guid-e54fd5f7-7fff-2831-5ae2-6fc620fbad9f">Developing illustrations, logos, and other graphic material digitally or by hand.</span></li></ul>
<div> </div>
<div>
<h2 id="docs-internal-guid-23c03375-7fff-ac7a-61f8-81e6ae57f6c5" style="text-align: justify;" dir="ltr">Required skills</h2>
<div>
<ul><li>Proven experience with graphic design (note related education qualification is a plus, but not mandatory)<br /></li><li>A strong portfolio of illustrations and visual communication material</li><li>The person must have good experience in creating and preparing graphic content using design software like Adobe Creative Suite, Inkscape, and GIMP (free software usage experience will be preferable)</li><li>Relevant degree holders will be given preference. </li><li>Prior knowledge of working with open knowledge or open-source community will be a plus. </li><li>Candidates who are part of the Wikimedia community, or who have experience in contributing to Wikimedia projects will be given preference. </li><li>Ability to work methodically and meet deadlines.</li></ul>
<div> </div>
<div>Location: The position is based out of the CIS’s Bangalore office.<br />Remuneration: Compensation structure will be determined by the level of expertise, experience and current remuneration. <br />To apply, please send your resume and cover letter to Tito Dutta (tito+gd@cis-india.org) by 24 May 2020 11:59 pm IST (applications won't be accepted after the deadline)</div>
<div>Please do not miss the +gd part in the email, that is an email filter for us)<br /><br /></div>
</div>
</div>
<p><span id="docs-internal-guid-e54fd5f7-7fff-2831-5ae2-6fc620fbad9f"><br /></span></p>
<p>
For more details visit <a href='https://cis-india.org/jobs/programme-associate-graphic-designer'>https://cis-india.org/jobs/programme-associate-graphic-designer</a>
</p>
No publishergurshabad2020-05-12T16:01:42ZPageInternet shutdowns: Its legal and commercial dimensions in Kashmir
https://cis-india.org/internet-governance/blog/internet-shutdowns-its-legal-and-commercial-dimensions-in-kashmir
<b></b>
<p>This article by Gurshabad Grover appeared on <a class="external-link" href="https://www.etvbharat.com/english/national/bharat/bharat-news/internet-shutdowns-its-legal-and-commercial-dimensions-in-kashmir/na20200210142001095">ETVBharat</a> on February 10, 2020. The author would like to thank Kanav Khanna for his research assistance. The article was edited by Arindrajit Basu and translated into various languages by the ETVBharat team. You can also read it in <a class="external-link" href="https://www.etvbharat.com/gujarati/gujarat/bharat/bharat-news/internet-ban-its-legal-and-professional-parameters/gj20200206232118732">Gujarati</a>, <a class="external-link" href="https://www.etvbharat.com/hindi/delhi/bharat/bharat-news/gurshabad-grover-on-ban-on-internet-in-kashmir/na20200206152810106">Hindi</a>,<a class="external-link" href="https://www.etvbharat.com/kannada/karnataka/bharat/bharat-news/the-shutdown-of-internet-services-and-repression-of-freedom-of-expression-by-central-govt/ka20200206171455629"> Kannada</a>, <a class="external-link" href="https://www.etvbharat.com/oriya/odisha/bharat/bharat-news/a-report-on-jammu-kashmir-and-blocked-internet/or20200207141942589">Odia</a>, and <a class="external-link" href="https://www.etvbharat.com/urdu/national/city/jammu/kashmir-internet-shutdowns-and-blocklists/na20200206130244436">Urdu</a>.</p>
<hr />
<p>On 4 August 2019, the Central Government ordered the
suspension of telecommunication and internet services in Jammu and
Kashmir. Suddenly, roughly a crore citizens found themselves unable to
exercise their basic freedoms of expression and association online. According
to the Software Freedom Law Centre’s Internet Shutdown Tracker, Jammu
and Kashmir endured 180 partial or complete internet shutdowns in the
last seven years. These astonishing numbers indicate that
communication blockades in the state are a common occurrence, but
perhaps even Kashmiris did not anticipate that they are entering the
longest internet shutdown ever imposed by a democratic country.</p>
<p>It
is no secret that the internet has become an essential tool for
democratic participation. The loss of the network infrastructure also
causes both social and economic harm: students are denied access to
critical educational resources, hospitals and emergency services face an
administrative catastrophe, and local business can crumble. As
recent work by the scholar Jan Rydzak demonstrates, shutting down the
internet may not even be ensuring public order and peace, as the
government would readily claim. Rydzak argues that access to the
internet allows wide coordination that is necessary to demonstrate a
peaceful protest, and that internet shutdowns may thus be fueling
violent protests rather than curbing them.</p>
<p>When the
internet shutdown, among other state action, was challenged by Kashmiri
Times editor Anuradha Bhasin, the Supreme Court (SC) did have an
opportunity to consider these factors when deciding on the legality of
the shutdown. The concerns of civil society were made severe in this
particular situation because the Government failed, in a total disregard
for the rule of law, failed to publish the internet shutdown orders or
present them before the court. In its final order on 10
January this year, the SC did affirm basic constitutional principles and
sets progressive precedent for future cases.</p>
<p>First and foremost, the Court affirms that the Constitution,
through Article 19, protects the “freedom of speech and expression and
the freedom to practice any profession or carry on any [...] occupation
over the medium of internet.” Second, the Court
recognised that internet shutdowns cannot be imposed indefinitely, must
be reviewed by the executive every week and that the orders are subject
to judicial review. In that regard, the SC may pave for strengthened
challenges to internet shutdowns in the future. However, as several
scholars have noted, besides ordering the restoration of some essential
services, the Court does fall short of providing relief to Kashmiri
citizens in the case. Soon after the SC delivered this
judgment, the government of Jammu and Kashmir issued orders to internet
service providers to restore 2G internet services but only permit access
to 301 websites. Besides the fact that the list arbitrarily includes
and excludes services, major communication services were notably from
the list. Most importantly, this piece of ‘internet regulation’ makes
little sense when you consider either the internet or the regulations
governing it.</p>
<p>In the technical sense, the regulations completely
misunderstand how the modern web functions. When one connects to a
website, the websites in turn often make the system download critical
resources from other servers. If internet service providers permit only
specific websites, the content from other unwhite listed sources still
remains inaccessible. A recent experiment by Rohini Lakshané and Prateek
Waghre confirms this empirically: out of the 301 websites in the list,
only 126 were usable in some form. While the order seems
like a necessary consequence of the SC order, there is also little
legislative basis for the order. The order cites the Temporary
Suspension of Telecom Services (Public Emergency or Public Safety)
Rules issued in 2017 under the colonial-era Indian Telegraph Act. These
regulations do permit the Government to shut down telecom and internet
services but do not allow the government to issue orders that allow
‘whitelists’ such as this one. The Information Technology
(IT) Act, namely through Section 69A, allows the Central Government and
courts to order the blocking of certain websites. Even the license agreements issued by the government to
internet service providers only allow the Government to order the
blocking certain online resources on the grounds of national security.
Therefore, the order of a ‘whitelist’ of websites has no basis in law
because it turns the logic of only blocking websites on its head.</p>
<p>After
Kashmiris found a way to circumvent the ‘whitelist’ by using virtual
private networks (VPNs), reports emerged that security forces were
forcing Kashmiris to uninstall these applications. All this, of course,
despite the fact that there is no law preventing the use of VPNs or the
circumvention of internet censorship in general.</p>
<p>It has
now been around seven months since internet and telecom services were
suspended in Kashmir. This long-standing deprivation of basic rights to
Kashmiris is wrong that perhaps even the future cannot correct. After
months of a complete shutdown, the Government can make better amends
than restoring only limited and partial access. As we march onto the
next decade, the world is watching. History will not judge kindly those
who occluded civil liberties through a facile ritual incantation of
‘public order’ and ‘national security’.</p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/internet-shutdowns-its-legal-and-commercial-dimensions-in-kashmir'>https://cis-india.org/internet-governance/blog/internet-shutdowns-its-legal-and-commercial-dimensions-in-kashmir</a>
</p>
No publishergurshabad2020-02-10T12:51:08ZBlog EntryHow India Censors The Web
https://cis-india.org/internet-governance/blog/how-india-censors-the-web
<b>An empirical study of web censorship in India</b>
<p>A paper authored by Kushagra Singh, Gurshabad Grover and Varun Bansal is now available on <a class="external-link" href="https://arxiv.org/abs/1912.08590">arXiv</a>.</p>
<h2>Executive Summary<br /></h2>
<p>Our work presents the largest study of web censorship in India, both in terms of number of censorship mechanisms that we test for, and the number of potentially-blocked websites. We compile a list of potentially blocked websites from three sources: (i) Published and leaked Government orders issued under section 69A of the IT Act, (ii) Court orders for blocking websites made public via RTIs, and (iii) User reports collected and published by the Internet Freedom Foundation. We pass this list to our tests and run them from connections of six different ISPs (Jio, Airtel, Vodafone, MTNL, BSNL, and ACT), which together serve more than 98% of Internet users in India. Our findings not only confirm that ISPs are using different techniques to block websites, but also demonstrate that different ISPs are not blocking the same websites.</p>
<p>In terms of censorship methods, our results confirm that ISPs in India are at liberty to use any technical filtering mechanism they wish: there was, in fact, no single mechanism common across ISPs. We observe ISPs to be using a melange of techniques for blocking access, including DNS poisoning\ and HTTP host inspection. Our tests also discern the use of SNI inspection being employed by the largest ISP in India (Jio) to block HTTPS websites, the use of which is previously undocumented in the Indian context.</p>
<p>Our study also records large inconsistencies in website blocklists of different Indian ISPs. From our list of 4379 potentially blocked websites, we find that 4033 appear in at least one ISP’s blocklist. In terms of absolute numbers, we notice that ACT blocks the maximum number of websites (3721). Compared to ACT, Airtel blocks roughly half the number of websites (1892). Perhaps most surprisingly, we find that only 1115 websites out of the 4033 (just 27.64%) are blocked by all six ISPs. Simply stated, we find conclusive proof that Internet users in India can have wildly different experiences of web censorship.</p>
<p>Analysing inconsistencies in blocklists also makes it clear that ISPs in India are (i) not properly complying with website blocking (or subsequent unblocking orders), and/or (ii) arbitrarily blocking websites without the backing of a legal order. This has important legal ramifications: India’s net neutrality regulations, codified in the license agreements that ISPs enter with the Government of India, explicitly prohibit such behaviour.</p>
<p>Our study also points to how the choice of technical methods used by ISPs to censor websites can decrease transparency about state-ordered censorship in India. While some ISPs were serving censorship notices, other ISPs made no such effort. For instance, Airtel responded to DNS queries for websites it wishes to block with NXDOMAIN. Jio used SNI-inspection to block websites, a choice which makes it technically impossible for them to serve censorship notices. Thus, the selection of certain technical methods by ISPs exacerbate the concerns created by the opaque legal process that allows the Government to censor websites.</p>
<p>Web censorship is a curtailment of the right to freedom of expression guaranteed to all Indians. There is an urgent need to reevaluate the legal and technical mechanisms of web censorship in India to make sure the curtailment is transparent, and the actors accountable.</p>
<p>The paper can be accessed on <a class="external-link" href="https://arxiv.org/abs/1912.08590">arXiv</a>.</p>
<p><em>Update (12 June 2020): </em>The paper will appear at the 12th ACM Conference on Web Science (WebSci '20). The updated paper can be accessed <a class="external-link" href="https://cis-india.org/internet-governance/how-india-censors-the-web-websci">here</a>.</p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/how-india-censors-the-web'>https://cis-india.org/internet-governance/blog/how-india-censors-the-web</a>
</p>
No publishergurshabad2020-06-12T08:12:55ZBlog EntryPolicy Officer (Policy research around building the cybersecurity discourse in India)
https://cis-india.org/jobs/policy-officer-policy-research-around-building-the-cybersecurity-discourse-in-india
<b></b>
<p id="docs-internal-guid-260a4c2d-7fff-b7a5-215b-f13192ac9c25" dir="ltr">The Centre for Internet & Society is looking to hire a policy researcher for its cybersecurity policy project. Research focuses around governance of emerging technologies, international frameworks for cybersecurity and cyber norms, domestic cyber policy frameworks, human rights in the cybersecurity domain, personal data governance and the commercial aspects of cyber security among others. Women and individuals from under-represented communities are specifically encouraged to apply. The will be till December 2020, with a possibility of extension.</p>
<p dir="ltr"><strong>Job Description</strong></p>
<ul><li style="list-style-type: disc;" dir="ltr">
<p dir="ltr">To independently produce writing and research on various topics assigned</p>
</li><li style="list-style-type: disc;" dir="ltr">
<p dir="ltr">To proactively identify policy windows and opportunities for engagement</p>
</li><li style="list-style-type: disc;" dir="ltr">
<p dir="ltr">To conceptualise and plan events to disseminate and discuss research</p>
</li><li style="list-style-type: disc;" dir="ltr">
<p dir="ltr">To complete any administrative task concerning institution building assigned by the supervisor</p>
</li></ul>
<div> </div>
<p dir="ltr"><strong>Requirements</strong></p>
<ul><li>Any under-graduate degree</li><li>Relevant Masters Degree in Law, Public Policy or Economics preferred</li><li>Strong working knowledge of cyber security and cyber policy</li><li>Relevant work experience and publication record preferred</li><li>Ability to work independently and communicate with a team that is spread out across multiple cities</li></ul>
<p dir="ltr"> </p>
<p dir="ltr"><strong>Compensation</strong></p>
<p dir="ltr">Based on experience and educational qualifications.</p>
<p> </p>
<p dir="ltr"><strong>Application</strong></p>
<p dir="ltr">Please e-mail the following documents</p>
<ol><li>Cover Letter</li><li>CV</li><li>Two writing samples ( co-authored samples do not count) of around 1500 words each. (If you are submitting an extract of a longer paper, please provide appropriate context) Relevant writing samples preferred</li><li>Names of two referees who we can contact.</li></ol>
<p> </p>
<p dir="ltr">Please mail these details to Arindrajit Basu (Research Manager, Cybersecurity Project) at arindrajit@cis-india.org</p>
<p> </p>
<p> </p>
<p>
For more details visit <a href='https://cis-india.org/jobs/policy-officer-policy-research-around-building-the-cybersecurity-discourse-in-india'>https://cis-india.org/jobs/policy-officer-policy-research-around-building-the-cybersecurity-discourse-in-india</a>
</p>
No publishergurshabad2020-01-21T13:31:44ZPageTechnology researcher (Internet governance and standards)
https://cis-india.org/jobs/staff-technologist-internet-governance-and-standards
<b>The Centre for Internet and Society is looking to hire a technologist to work across multiple teams in the organisation.</b>
<p id="docs-internal-guid-e408ccfe-7fff-7007-8810-2660ddac93db" dir="ltr">The Centre for Internet and Society is looking to hire a technologist to work across multiple teams in the organisation.</p>
<p dir="ltr"><br /><strong>Roles and Responsibilities</strong><br />The responsibilities of the person will be split across two projects. The first responsibility will be to engage at the Internet Engineering Task Force (IETF), and advance security and privacy in the standards under development at the forum. The role will primarily include analysing and writing about network protocols. The second responsibility will be contributing to CIS’ work on digital identity. The role will require studying information architectures and cybersecurity concerns around the use of technological choices in digital identity. The work will involve a survey of technological options in digital identity systems, their critical appraisal, and working on a decision guide on how to make inclusive, secure and privacy enhanced choices for digital identity systems. Other responsibilities will include occasionally supporting the cybersecurity team at CIS with technical inputs.</p>
<p dir="ltr">The contract will be till December 2020, with the possibility of further extension.<br /><br /><strong>Indicative requirements</strong></p>
<ul><li>Working knowledge of computer networks and cryptography</li><li>A degree in computer science and engineering or equivalent is preferred</li><li>Demonstrated experience in writing on technical topics</li><li>Strong interpersonal skills and ability to work with multiple stakeholders</li><li>Ability to collaborate remotely<br /></li></ul>
<p dir="ltr"><br /><strong>Location</strong><br />Bangalore/Delhi<br /><br /><strong>Compensation</strong><br />Based on experience and educational qualifications<br /><br /><strong>Application</strong><br />Please send an email to Gurshabad Grover (Research Manager, Internet Governance) at gurshabad [at] cis-india.org with: (i) a brief cover letter; (ii) a resume/CV; (iii) two writing samples, preferably relating to computer networks/cryptography/technology policy; (iv) contact information of two references. Women and individuals from under-represented communities are specifically encouraged to apply.<br /><br /></p>
<p>
For more details visit <a href='https://cis-india.org/jobs/staff-technologist-internet-governance-and-standards'>https://cis-india.org/jobs/staff-technologist-internet-governance-and-standards</a>
</p>
No publishergurshabad2020-01-21T13:31:07ZPageHow safe is your harbour? Discussions on intermediary liability and user rights
https://cis-india.org/internet-governance/blog/how-safe-is-your-harbour-discussions-on-intermediary-liability-and-user-rights
<b>The Centre for Internet and Society is holding discussions on 10 January 2020 to discuss research on automated content filtering, content takedown, traceability and the future of intermediary liability in India</b>
<h2><br /></h2>
<div> </div>
<p><img src="https://cis-india.org/internet-governance/blog/how-safe-is-your-harbour-discussions-on-intermediary-liability-and-user-rights/leadImage" alt="null" width="100%" /></p>
<h2 id="docs-internal-guid-75af2250-7fff-4eef-f287-436009190986" dir="ltr">Background<br /></h2>
<p dir="ltr">The Manila Principles <a href="https://www.eff.org/files/2015/07/08/manila_principles_background_paper.pdf">outline</a> three kinds of liability regimes that countries follow while regulating intermediaries; expansive protections against liability, conditional immunity and primary liability. Post Avneesh Bajaj, India has been following the second model, where intermediaries are provided safe harbour for the acts of their users. In December 2018, the Ministry of Electronics and Information Technology (MeitY), released a <a href="https://meity.gov.in/comments-invited-draft-intermediary-rules">draft</a> of the Information Technology (Intermediary Guidelines (Amendment) Rules), 2018. These rules raised a host of concerns in the way they envision liability and user rights in the digital domain. The proposed amendments may mark a departure from the current model by creating cumbersome obligations for intermediaries to avail safe harbour.</p>
<p dir="ltr">At the Centre for Internet and Society (CIS), we have been closely examining some of the draft rules to decipher the changed regime. Our research has focussed on the impact of mandating automated content filtering, <a href="https://cis-india.org/internet-governance/blog/torsha-sarkar-november-30-2019-a-deep-dive-into-content-takedown-timeframes">shortened turnaround times</a> for intermediaries to take content down, and the traceability of originators of information.</p>
<p dir="ltr">As part of our ongoing work, we are hosting this event to contribute to the discussion around the nuances of the rules and the future of intermediary liability in India. As such, this event will begin with a brief analysis of the proposed amendments. We will also address the restrictions these would place on freedom of expression online and the way intermediaries do their business, among others. Subsequently, we would be having sessions on particular aspects of the rules. Finally, we would dedicate the last session on contemplating the future of intermediary liability regime in India. </p>
<h2 dir="ltr">Panels</h2>
<h3>Automated content filtering</h3>
<p>One of the more controversial and stringent rules introduced in the proposed amendments is Rule 3(9) which necessitates the use of automated technology in filtering content. The draft rule does not specify the scope of the content to be detected, the technologies to be used, or any procedural safeguards that accompany the deployment of the technology. The discussion on the rule will, thus, centre around the legal validity of the proposal, the effect on different scales of intermediaries, and the consequences of intermediaries’ compliance on the exercise of freedom of expression in India.</p>
<p><strong>Panelists</strong>: Kanksshi Agarwal (Senior Researcher, Centre for Policy Research); Nayantara Ranganathan (Independent researcher); Shashank Mohan (Counsel, Software Freedom Law Centre); <em>Moderator</em>: Akriti Bopanna (Policy Officer, CIS)</p>
<h3>Content takedown<br /></h3>
<p>In this session, we will examine S.69 and S.79 of the IT Act that permit the Government to mandate intermediaries to remove/block content. Our discussion will focus on the procedural flaws of the law, issues of due process, and the lack of transparency in the legal process of content takedown. Additionally, we will discuss findings from our research on the feasibility of a specific turnaround time, and regulatory factors that need to be considered before fixing an appropriate takedown timeframe.<br /><br /><strong>Panelists</strong>: Bhavna Jha (Research Associate, IT for Change); Divij Joshi (Technology Policy Fellow, Mozilla); <em>Moderator</em>: Torsha Sarkar (Policy Officer, CIS)</p>
<h3>Traceability<br /></h3>
<p>The draft Intermediary Guidelines propose requiring intermediaries to enable traceability of originators of information. While this move is ostensibly to crack down on misinformation and fake news, there are questions regarding its feasibility and effects on platform architecture. More importantly, it poses grave dangers for the freedom of expression and privacy of users. The discussion will be centred around how traceability interacts with the Constitution and other laws in India, the litigation around it, possible methods to implement traceability (by or without breaking encryption) and what it means for the larger debate on intermediary liability and free speech.</p>
<p><strong>Panelists</strong>: Aditi Agrawal (Senior Research Associate, MediaNama); Anand Venkatanarayanan (Cybersecurity researcher); G S Madhusudan (Principal Scientist, IIT Madras); <em>Moderator</em>: Tanaya Rajwade (Policy Officer, CIS)</p>
<div>
<h3>Future of intermediary liability in India<br /></h3>
<p>The panel will bring together the threads from the previous discussions and discuss the ways in which the draft intermediary guidelines represent a departure from the current model of intermediary liability in India, and its potential effects on similar regulation in other countries. We will discuss the nature of changes, especially as they relate to classification of intermediaries, and whether they are within the scope of S.79 of the IT Act and the intermediary guidelines. We will also aim to address the effects of legislation and jurisprudence in related areas such as data protection and competition law. Finally, we will discuss regulatory frameworks for intermediary liability that should be considered in India.</p>
<p><strong>Panelists</strong>: Alok Prasanna (Senior Resident Fellow, Vidhi Centre for Legal Policy); Sarvjeet Singh (Executive Director, Centre for Communication Governance); Tanya Sadana (Principal Associate, Ikigai Law); Udbhav Tiwari (Public Policy Advisor, Mozilla); <em>Moderator</em>: Gurshabad Grover (Research Manager, CIS)</p>
</div>
<h3>RSVP</h3>
<div> </div>
<p>To register for the event, please RSVP <a class="external-link" href="https://docs.google.com/forms/d/e/1FAIpQLScKNFcOlfScsUtb2u542cDXHeKGHd2U7XbDkhZ5y8wLuR97JA/viewform">here</a>.</p>
<p>Note that this is a research event. Please ignore social media messages
that have erroneously identified this event as a protest.</p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/how-safe-is-your-harbour-discussions-on-intermediary-liability-and-user-rights'>https://cis-india.org/internet-governance/blog/how-safe-is-your-harbour-discussions-on-intermediary-liability-and-user-rights</a>
</p>
No publishergurshabad2020-01-10T04:43:35ZEventA judicial overreach into matters of regulation
https://cis-india.org/internet-governance/blog/the-hindu-august-27-2019-a-judicial-overreach-into-matters-of-regulation
<b>A PIL on Aadhaar sheds light on some problematic trends</b>
<p style="text-align: justify; ">The article by Gurshabad Grover was <a class="external-link" href="https://www.thehindu.com/opinion/op-ed/a-judicial-overreach-into-matters-of-regulation/article29262148.ece">published in the Hindu</a> on August 27, 2019.</p>
<hr />
<p style="text-align: justify; ">The Madras High Court has been hearing a PIL petition since 2018 that initially asked the court to declare the linking of Aadhaar with a government identity proof as mandatory for registering email and social media accounts. The petitioners, victims of online bullying, went to the court because they found that law enforcement agencies were inefficient at investigating cybercrimes, especially when it came to gathering information about pseudonymous accounts on major online platforms. This case brings out some of the most odious trends in policymaking in India.</p>
<p style="text-align: justify; ">The first issue is how the courts, as Anuj Bhuwania has argued in the book <em>Courting the People</em>, have continually expanded the scope of issues considered in PILs. In this case, it is absolutely clear that the court is not pondering about any question of law. In what could be considered as abrogation of the separation of powers provision in the Constitution, the Madras High Court started to deliberate on a policy question with a wide-ranging impact: Should Aadhaar be linked with social media accounts?</p>
<p style="text-align: justify; ">After ruling out this possibility, it went on to consider a question that is even further out of its purview: Should platforms like WhatsApp that provide encrypted services allow forms of “traceability” to enable finding the originator of content? In essence, the court is now trying to regulate one particular platform on a very specific technical question, ignoring legal frameworks entirely. It is worrying that the judiciary is finding itself increasingly at ease with deliberations on policy and regulatory measures, and its recent actions remind us that the powers of the court also deserve critical questioning.</p>
<h2 style="text-align: justify; ">Government’s support</h2>
<p style="text-align: justify; ">Second, not only are governments failing to assert their own powers of regulation in response to the courts’ actions, they are on the contrary encouraging such PILs. The Attorney General, K.K. Venugopal, who is representing the State of Tamil Nadu in the case, could have argued for the case’s dismissal by referring to the fact that the Ministry of Electronics and Information Technology has already published draft regulations that aim to introduce “traceability” and to increase obligations on social media platforms. Instead, he has largely urged the court to pass regulatory orders.</p>
<p style="text-align: justify; ">Third, ‘Aadhaar linking’ is becoming increasingly a refrain whenever any matter even loosely related to identification or investigation of crime is brought up. While the Madras High Court has ruled out such linking for social media platforms, other High Courts are still hearing petitions to formulate such rules. The processes that law enforcement agencies use to get information from platforms based in foreign jurisdictions rely on international agreements. Linking Aadhaar with social media accounts will have no bearing on these processes. Hence, the proposed ‘solution’ misses the problem entirely, and comes with its own threats of infringing privacy.</p>
<h2 style="text-align: justify; ">Problems of investigation</h2>
<p style="text-align: justify; ">That said, investigating cybercrime is a serious problem for law enforcement agencies. However, the proceedings before the court indicate that the cause of the issues have not been correctly identified. While legal provisions that allow agencies to seek information from online platforms already exist in the Code of Criminal Procedure and the Information Technology Act, getting this information from platforms based in foreign jurisdictions can be a long and cumbersome process. For instance, the hurdles posed by the mutual legal assistance treaty between India and the U.S. effectively mean that it might take months to receive a response to information requests sent to U.S.-based platforms, if a response is received at all.</p>
<p style="text-align: justify; ">To make cybercrime investigation easier, the Indian government has various options. India should push for fairer executive agreements possible under instruments like the United States’ CLOUD Act, for which we need to first bring our surveillance laws in line with international human rights standards through reforms such as judicial oversight. India could use the threat of data localisation as a leverage to negotiate bilateral agreements with other countries to ensure that agencies have recourse to quicker procedures. As a first step, however, Indian courts must wash their hands of such questions. For its part, the Centre must engage in consultative policymaking around these important issues, rather than support ad-hoc regulation through court orders in PILs.</p>
<p style="text-align: justify; "><span>(</span><em>Disclosure: The CIS is a recipient of research grants from Facebook.</em><span>)</span></p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/the-hindu-august-27-2019-a-judicial-overreach-into-matters-of-regulation'>https://cis-india.org/internet-governance/blog/the-hindu-august-27-2019-a-judicial-overreach-into-matters-of-regulation</a>
</p>
No publishergurshabadAadhaarInternet GovernancePrivacy2019-08-28T01:28:52ZBlog EntryThe Huawei bogey
https://cis-india.org/telecom/blog/indian-express-may-30-2019-gurshabad-grover-the-huawei-bogey
<b>India needs to prove company aids Chinese government, or risk playing into US hands.</b>
<p style="text-align: justify; ">The article by Gurshabad Grover was published in <a class="external-link" href="https://indianexpress.com/article/opinion/columns/huawei-ban-india-united-states-china-5755232/">Indian Express</a> on May 30, 2019.</p>
<hr style="text-align: justify; " />
<p style="text-align: justify; ">The Trump administration has not only passed orders restricting the US government and its departments from procuring networking equipment from Chinese companies, but is exerting considerable pressure on other countries to follow suit. The fear that <a href="https://indianexpress.com/about/huawei/">Huawei</a> and ZTE will aid Chinese espionage and surveillance operations has become common even though there has been no compelling evidence to suggest that Huawei’s equipment is substantively different from its competitors.</p>
<p style="text-align: justify; ">These events have also sparked a larger debate about the security of India’s communications infrastructure, an industry powered by foreign imports. Commentators have not shied away from suggesting that India ban the import of network equipment. <a href="https://indianexpress.com/article/opinion/columns/the-tech-wars-are-here-huawei-cfo-meng-wanzhou-arrest-5487264/" rel="noopener" target="_blank">C Raja Mohan, in ‘The tech wars are here</a>’ (IE, December 11, 2018), expressed these concerns and asked whether Chinese telecom equipment manufacturers should be allowed to operate in India. A larger point was made by <a href="https://indianexpress.com/article/opinion/columns/cyber-warfare-indian-military-defence-cyber-attack-at-digital-war-5416998/" rel="noopener" target="_blank">D S Hooda in his piece, ‘At digital war’</a> (IE, October 25, 2018). He pointed out threats that arise from using untrusted software and hardware all over the stack: From Chinese networking middleboxes to American operating systems and media platforms. As a method to establish trust in ICT infrastructure, Hooda recommends “indigenis[ing] our cyber space”.</p>
<p style="text-align: justify; ">The path towards indigenised manufacturing of networking equipment is an expensive, elaborate process. Restricting certain foreign companies from operating in the country without evidence would be a knee-jerk reaction solely based on cues from US policy, and would undermine India’s strategic autonomy.</p>
<p style="text-align: justify; ">At the heart of threats from untrusted software or hardware, lies an information asymmetry between the buyer and seller. It is not always possible to audit the functioning of every product that you purchase. Open technical standards, developed by various standards development organisations (SDOs), govern the behaviour of networking software, and remove this information asymmetry: They allow buyers to glean or implicitly trust operational and security aspects of the equipment.</p>
<p style="text-align: justify; ">It is clear that various governments including India have repeatedly failed to advance privacy and security in the 5G standards, which are developed at the 3rd Generation Partnership Project (3GPP) — the organisation developing standards for telephony. Government and industry dominance at the 3GPP has ensured that telecom technologies include security vulnerabilities that are euphemistically termed as “lawful interception”. From an architectural perspective, 5G does not contain any significant vulnerabilities that were absent in older telecom standards. Unfortunately, these vulnerabilities are indifferent to those who exploit them: A security exception for law enforcement is tantamount to a security vulnerability for malicious actors. As the report from UK’s Huawei Cyber Security Evaluation Centre Oversight Board confirmed, there is perhaps no technical way to mitigate the security risks that 5G poses now. But there is still no evidence to suggest that Huawei is operating differently from say Ericsson or <a href="https://indianexpress.com/about/nokia/">Nokia</a>.</p>
<p style="text-align: justify; ">India needs to establish that Huawei is aiding the Chinese government through their products (5G or otherwise) before reacting. That Chinese companies are rarely insulated from Beijing’s influence is indisputable. However, the legal requirements placed on Chinese companies by Beijing are equivalent to de facto practices of countries like the US, which has a history of intercepting equipment from American companies to introduce vulnerabilities, or directly compelling them to aid intelligence operations. Such influence should be fought back by pushing for international norms that prevent states from acquiring data from companies en masse, and domestic data protection legislation.</p>
<p style="text-align: justify; ">In the long term, the Indian government and its defence wings would benefit from understanding the argument Lawrence Lessig has made since the 1990s: Decisions of technical architecture have far-reaching regulatory effects. A long-term strategy that focuses on advancing security at technical SDOs will prove more effective in ensuring the security of India’s critical infrastructure than the economically expensive push for indigenisation.</p>
<p>
For more details visit <a href='https://cis-india.org/telecom/blog/indian-express-may-30-2019-gurshabad-grover-the-huawei-bogey'>https://cis-india.org/telecom/blog/indian-express-may-30-2019-gurshabad-grover-the-huawei-bogey</a>
</p>
No publishergurshabadTelecom2019-06-05T03:38:19ZBlog EntryRTI Application to BSNL for the list of websites blocked in India
https://cis-india.org/internet-governance/blog/rti-application-to-bsnl-for-the-list-of-websites-blocked-in-india
<b>A Right to Information (RTI) request to a public company operating as an ISP for the list of websites and URLs blocked in India, and copies of such blocking orders issued by the Government of India.</b>
<h2>Background</h2>
<p>The Government of India draws powers from Section 69A of the Information Technology (IT) Act and the rules issued under it to order Internet Service Providers (ISPs) to block websites and URLs for users. Several experts <a class="external-link" href="https://cis-india.org/internet-governance/blog/is-india2019s-website-blocking-law-constitutional-2013-i-law-procedure">have</a> <a class="external-link" href="https://indianexpress.com/article/opinion/columns/but-what-about-section-69a/">questioned</a> the constitutionality of the process laid out in the <a class="external-link" href="https://cis-india.org/internet-governance/resources/information-technology-procedure-and-safeguards-for-blocking-for-access-of-information-by-public-rules-2009">Information Technology (Procedure and Safeguards for Blocking for Access of Information by Public) Rules, 2009</a> (hereinafter, “the rules”) [1] since Rule 16 in the regulations allows blocking of websites by the Government and ISPs in secrecy, as it mandates all such orders to be maintained confidentially.<br /><br />Thus, the law sets up a structure where it is impossible to know the complete list of websites blocked in India and the reasons thereof. Civil society and individual efforts have repeatedly failed to obtain this list. For instance, the Software Freedom Law Centre (SFLC), in August 2017, <a class="external-link" href="https://sflc.in/rti-meity-provides-details-blocked-websitesurls">asked</a> the Ministry of Electronics and Information Technology (MeitY) for the number and list of websites and URLs that are blocked in India. In response, MeitY revealed the number of blocked websites and URLs: 11,422. MeitY refused to share the list of websites blocked by Government orders citing the aforementioned confidentiality provision in the rules (and subsequently citing national security when MeitY’s reply was appealed against by SFLC). In 2017, researchers at the Centre for Internet and Society (CIS) <a class="external-link" href="https://cis-india.org/internet-governance/blog/ranking-digital-rights-in-india">contacted</a> five ISPs, all of which refused to share information about website blocking requests.</p>
<p> </p>
<h2>Application under the Right to Information (RTI) Act</h2>
<div>In a more recent request filed by under the Right to Information (RTI) Act in June 2018, Akash Sriram (who worked at the Centre for Internet and Society) tried to obtain this information from Bharat Sanchar Nagam Limited (BSNL), a public company which operates as an ISP.</div>
<div> </div>
<div>The text of the request of the RTI request is reproduced here:</div>
<blockquote>To<br />Manohar Lal, DGM(Cordn), Bharat Sanchar Nigam Limited<br />Room No. 306, Bharat Sanchar Bhawan, H.C.Mathur Lane<br />Janpath, New Delhi, PIN 110001<br /><br />Subject: Seeking of Information under RTI Act 2005<br /><br />Sir,<br />Kindly arrange to provide the following information under the provisions of RTI Act:<br /><br />
<ul><li>What are the names and URLs of websites currently blocked by government notification in India?</li></ul>
<ul><li>Please provide copies of blocking orders issued by the Department of Telecommunications, Ministry of Communications and other competent authorities to block such websites.</li></ul>
<br />Thanking you<br />Yours faithfully<br /><br />Akash Sriram<br />Centre for Internet and Society<br /></blockquote>
<div> </div>
<div>BSNL refused to respond to the request citing sections 8(e) and 8(g) of the RTI Act. Their response is reproduced below.</div>
<div> </div>
<div>
<blockquote>The Information sought vide above reference cannot be disclosed vide clause 8(e) and 8(g) of the RTI act which states.<br /><br />"8(e) - Information, available to a person in his fiduciary relationship, unless the competent authority is satisfied that the larger public interest warrants the disclosure of such information"<br /><br />“8(g) - Information, the disclosure of which would endanger the life or physical safety of any person or identify the source of information or assistance given in confidence for law enforcement or security purposes"<br /><br />This is issued with the approval of competent authority.<br /></blockquote>
</div>
<div> </div>
<div>A PDF of the response can be accessed <a class="external-link" href="https://cis-india.org/internet-governance/resources/rti-application-to-bsnl-for-the-list-of-websites-blocked-in-india-pdf/">here</a>.</div>
<div> </div>
<div>[1] <em>Note that in Shreya Singhal v. Union of India, the Supreme Court upheld the legality of the rules.</em></div>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/rti-application-to-bsnl-for-the-list-of-websites-blocked-in-india'>https://cis-india.org/internet-governance/blog/rti-application-to-bsnl-for-the-list-of-websites-blocked-in-india</a>
</p>
No publishergurshabad2019-05-09T09:43:54ZBlog Entry