Centre for Internet and Society

India blocks access to 857 porn sites

pranesh — 2015-08-05T01:31:32Z

India has blocked free access to 857 porn sites in what it says is a move to prevent children from accessing them.

The story was published by BBC on August 3, 2015. Pranesh Prakash gave his inputs.

Adults will still be able to access the sites using virtual private networks (VPNs) or proxy servers. In July, the Supreme Court expressed its unhappiness over the government's inability to block sites, especially those featuring child pornography.

Telecom companies have said they will not be able to enforce the "ban" immediately.

"We have to block each site one by one and it will take a few days for all service providers to block all the sites," an unnamed telecom company executive told The Times of India newspaper.

A senior official, who preferred to remained unnamed, told the BBC Hindi that India's department of telecommunications had "advised" telecom operators and Internet service providers to "control free and open access" to 857 porn sites.

"There is no total ban. This was done in the backdrop of Supreme Court's observation on children having free access to porn sites. The idea is also to protect India's cultural fabric. This will not prevent adults from visiting porn sites," the official said.

In July, the top court had observed that it was not for the court to order a ban on porn sites.

"It is an issue for the government to deal with. Can we pass an interim order directing blocking of all adult websites? And let us keep in mind the possible contention of a person who could ask what crime have I committed by browsing adult websites in private within the four walls of my house. Could he not argue about his right to freedom to do something within the four walls of his house without violating any law?," the court said.

According to statistics released by adult site Pornhub, India was its fourth largest source of traffic in 2014, behind the US, UK and Canada. Pranesh Prakash of the Bangalore based Centre for Internet and Society said the directive to block the 857 sites was "the largest single order of its kind" in India.

"The government's reasoning that it is not a ban because adults can still access the porn sites is ridiculous," he told the BBC. The move has caused a great deal of comment on Indian social media networks, with many prominent personalities coming forward to condemn it.

Popular author Chetan Bhagat, writer and commentator Nilanjana Roy, politician Milind Deora and director Ram Gopal Varma have all added their voices to the debate.

For more details visit https://cis-india.org/internet-governance/news/bbc-news-august-3-2015-india-blocks-access-to-857-porn-sites

IJLT-CIS Law Essay Competition

pranesh — 2011-08-04T04:35:20Z

The Indian Journal of Law and Technology and CIS are conducting a legal essay competition to encourage law students across India to think critically about the techno-legal issues facing us today. Students can write on any of the four themes, with the top prize being Rs. 7500 and an internship at CIS.

The Indian Journal of Law and Technology (IJLT) is an annual law journal published by the Law and Technology Committee of the National Law School of India University, Bangalore. IJLT aims to provide a platform for promoting discussion on issues relating to the interface between law and technology, particularly from the perspective of the developing world.

The Centre for Internet and Society (CIS) is a leading research organisation that engages with issues of digital pluralism, public accountability and pedagogic practices, in relation to the field of Internet and Society, with special emphasis towards South-South dialogue and exchange. IJLT and CIS are proud to announce the 1st IJLT-CIS Annual Law Essay Competition 2009, which is a competition open to undergraduate law students across India. The competition seeks to encourage creative thinking and promote research and writing about crucial legal issues in the field of Information Technology and the Internet.

Themes

Criminality and Second Life: Dr. Jekyll and Mr. Hyde
Trademark and the Internet: Cybersquatting and the Google Adwords-Consim Controversy -- Reasonable Limits to Trademark Protection
3G Services and Spectrum Allocation: Fair Competition, Welfare and Freedom of Speech and Commerce on the Airwaves
Easier to Be Criminals: Judicial and Legislative Responses to Cyber Crime in India.

Judging

The winning law essays shall be determined through a blind review by a panel of eminent academicians in the field of law and technology.

Prizes

Ist Prize: Rs. 7500 and an internship at CIS

2nd Prize: Rs. 5000

3rd Prize: Rs. 4000

Please note that the terms of the above internship shall be decided by CIS on its own initiative, and as such shall not be negotiable. The winning law essay shall be considered for publication in the next issue of IJLT in accordance with the Editorial Policy of IJLT.

Eligibility

The competition is open to all undergraduate law students in any college/law school in India.

Submission Guidelines

The entries must be between 5000-7500 words inclusive of all footnotes. The entries that fall short of or exceed the above word limit shall be penalised.
Substantive footnoting is not permitted and shall be penalised. The use of endnotes or other citation methods is not permitted.
The entries should be accompanied by a 150-word abstract. The abstract is not counted towards the word limit.
All entries should be in Times New Roman, size 12, 1.5 line spacing. The footnotes used should be in Times New Roman, size 10, single line spacing.
The footnotes used should follow a uniform and complete system of citation. However, the use of the Harvard Blue Book (18th edition) system of citation is encouraged.
The entries must be submitted in the Microsoft Word format and with all identifying information removed from the text of the entries and the file properties. The covering e-mail should contain the name, e-mail address, postal address, institution, course and year of study of the author.
The entries must be submitted via e-mail to essay@ijlt.in.
The deadline for entries is 11:59 P.M., 23rd January, 2010.

For any clarifications, please send an e-mail to editorialboard@ijlt.in.

For more details visit https://cis-india.org/a2k/blogs/ijlt-cis-law-essay

How to make EVMs hack-proof, and elections more trustworthy

pranesh — 2019-01-14T15:34:48Z

Free and fair elections are the expression of democratic emancipation. India has always led by example: the Nehru Committee sought universal adult franchise in 1928, at a time when France didnât let women vote, and laws in the USA allowed disqualification of poor, illiterate, and African-American voters. But how reliable are our voting systems, particularly in terms of security?

The article was published in Times of India on December 9, 2018.

Electronic voting machines (EVM) have been in use for general elections in India since 1999 having been first introduced in 1982 for a by-election in Kerala. The EVMs we use are indigenous, having been designed jointly by two public-sector organisations: the Electronics Corporation of India Ltd. and Bharat Electronics Ltd. In 1999, the Karnataka High Court upheld their use, as did the Madras High Court in 2001.

Since then a number of other challenges have been levelled at EVMs, but the only one that was successful was the petition filed by Subramanian Swamy before the Supreme Court in 2013. But before we get to Swamy's case and its importance, we should understand what EVMs are and how they are used.

The EVM used in India are standardised and extremely simple machines. From a security standpoint this makes them far better than the myriad different, and some notoriously insecure machines used in elections in the USA. Are they 'hack-proof' and 'infallible' as has been claimed by the ECI? Not at all.

Similarly simple voting machines in the Netherlands and Germany were found to have vulnerabilities, leading both those countries to go back to paper ballots.

Because the ECI doesn't provide security researchers free and unfettered access to the EVMs, there had been no independent scrutiny until 2010. That year, an anonymous source provided a Hyderabad-based technologist an original EVM. That technologist, Hari Prasad, and his team worked with some of the world's foremost voting security experts from the Netherlands and the US, and demonstrated several actual live hacks of the EVM itself and several theoretical hacks of the election process, and recommended going back to paper ballots. Further, EVMs have often malfunctioned, as news reports tell us. Instead of working on fixing these flaws, the ECI arrested Prasad (for being in possession of a stolen EVM) and denied Princeton Prof Alex Halderman entry into India when he flew to Delhi to publicly discuss their research. Even in 2017, when the ECI challenged political parties to âhackâ EVMs, it did not provide unfettered access to the machines.

While paper ballots may work well in countries like Germany, they hadn't in India, where in some parts ballot-stuffing and booth-capturing were rampant. The solution as recognised by international experts, and as the ECI eventually realised, was to have the best of both worlds and to add a printer to the EVMs.

These would print out a small slip of paper containing the serial number and name of the candidate, and the symbol of the political party, so that the sighted voter could verify that her vote has been cast correctly. This paper would then be deposited in a sealed box, which would provide a paper trail that could be used to audit the correctness of the EVM. They called this VVPAT: voter-verifiable paper audit trail. Swamy, in his PIL, asked for VVPAT to be introduced. The Supreme Court noted that the ECI had already done trials with VVPAT, and made them mandatory.

However, VVPATs are of no use unless they are actually counted to ensure that the EVM tally and the paper tally do match. The most advanced and efficient way of doing this has been proposed by Lindeman & Stark, through a methodology called (RLAs), in which you keep auditing until either you've done a full hand count or you have strong evidence that continuing is pointless. The ECI could request the Indian Statistical Institute for its recommendations in implementing RLAs. Also, it must be remembered, current VVPAT technology are inaccessible for persons with visual impairments.

While in some cases, the ECI has conducted audits of the printed paper slips, in 2017 it officially noted that only the High Court can order an audit and that the ECI doesn't have the power to do so under election law. Rule 93 of the Conduct of Election Rules needs to be amended to make audits mandatory.

The ECI should also create separate security procedures for handling of VVPATs and EVMs, since there are now reports of EVMs being replaced 'after' voting has ended. Having separate handling of EVMs and VVPATs would ensure that two different safe-houses would need to be broken into to change the results of the vote. Implementing these two changes, changing election law to make risk-limiting audits mandatory, and improving physical security practices would make Indian elections much more trustworthy than they are now, while far more needs to be done to make them inclusive and accessible to all.

For more details visit https://cis-india.org/internet-governance/blog/the-times-of-india-december-9-2018-pranesh-prakash-how-to-make-evms-hack-proof-and-elections-more-trustworthy

How Surveillance Works in India

pranesh — 2013-07-15T10:20:45Z

When the Indian government announced it would start a Centralized Monitoring System in 2009 to monitor telecommunications in the country, the public seemed unconcerned. When the government announced that the system, also known as C.M.S., commenced in April, the news didn’t receive much attention.

This article by Pranesh Prakash was published in the New York Times on July 10, 2013.

After a colleague at the Centre for Internet and Society wrote about the program and it was lambasted by Human Rights Watch, more reporters started covering it as a privacy issue. But it was ultimately the revelations by Edward J. Snowden about American surveillance that prompted Indians to ask questions about its own government’s surveillance programs.

In India, we have a strange mix of great amounts of transparency and very little accountability when it comes to surveillance and intelligence agencies. Many senior officials are happy to anonymously brief reporters about the state of surveillance, but there is very little that is officially made public, and still less is debated in the national press and in Parliament.

This lack of accountability is seen both in the way the Big-Brother acronyms (C.M.S., Natgrid, T.C.I.S., C.C.T.N.S., etc.) have been rolled out, as well as the murky status of the intelligence agencies. No intelligence agency in India has been created under an act of Parliament with clearly established roles and limitations on powers, and hence there is no public accountability whatsoever.

The absence of accountability has meant that the government has since 2006 been working on the C.M.S., which will integrate with the Telephone Call Interception System that is also being rolled out. The cost: around 8 billion rupees ($132 million) — more than four times the initial estimate of 1.7 billion — and even more important, our privacy and personal liberty. Under their licensing terms, all Internet service providers and telecom providers are required to provide the government direct access to all communications passing through them. However, this currently happens in a decentralized fashion, and the government in most cases has to ask the telecoms for metadata, like call detail records, visited Web sites, IP address assignments, or to carry out the interception and provide the recordings to the government. Apart from this, the government uses equipment to gain access to vast quantities of raw data traversing the Internet across multiple cities, including the data going through the undersea cables that land in Mumbai.

With the C.M.S., the government will get centralized access to all communications metadata and content traversing through all telecom networks in India. This means that the government can listen to all your calls, track a mobile phone and its user’s location, read all your text messages, personal e-mails and chat conversations. It can also see all your Google searches, Web site visits, usernames and passwords if your communications aren’t encrypted.


A man surfing a Facebook page at an internet cafe in Guwahati, Assam, on Dec. 6, 2011. Image Credit: Anupam Nath/Associated Press

You might ask: Why is this a problem when the government already had the same access, albeit in a decentralized fashion? To answer that question, one has to first examine the law.

There are no laws that allow for mass surveillance in India. The two laws covering interception are the Indian Telegraph Act of 1885 and the Information Technology Act of 2000, as amended in 2008, and they restrict lawful interception to time-limited and targeted interception.The targeted interception both these laws allow ordinarily requires case-by-case authorization by either the home secretary or the secretary of the department of information technology.

Interestingly, the colonial government framed better privacy safeguards into communications interception than did the post-independence democratic Indian state. The Telegraph Act mandates that interception of communications can only be done on account of a public emergency or for public safety. If either of those two preconditions is satisfied, then the government may cite any of the following five reasons: “the sovereignty and integrity of India, the security of the state, friendly relations with foreign states, or public order, or for preventing incitement to the commission of an offense.” In 2008, the Information Technology Act copied much of the interception provision of the Telegraph Act but removed the preconditions of public emergency or public safety, and expands the power of the government to order interception for “investigation of any offense.” The IT Act thus very substantially lowers the bar for wiretapping.

Apart from these two provisions, which apply to interception, there are many laws that cover recorded metadata, all of which have far lower standards. Under the Code of Criminal Procedure, no court order is required unless the entity is seen to be a “postal or telegraph authority” — and generally e-mail providers and social networking sites are not seen as such.

Unauthorized access to communications data is not punishable per se, which is why a private detective who gained access to the cellphone records of Arun Jaitley, a Bharatiya Janata Party leader, has been charged under the weak provision on fraud, rather than invasion of privacy. While there is a provision in the Telegraph Act to punish unlawful interception, it carries a far lesser penalty (up to three years of imprisonment) than for a citizen’s failure to assist an agency that wishes to intercept or monitor or decrypt (up to seven years of imprisonment).

To put the ridiculousness of the penalty in Sections 69 and 69 B of the IT Act provision in perspective, an Intelligence Bureau officer who spills national secrets may be imprisoned up to three years. And under the Indian Penal Code, failing to provide a document one is legally bound to provide to a public servant, the punishment can be up to one month’s imprisonment. Further, a citizen who refuses to assist an authority in decryption, as one is required to under Section 69, may simply be exercising her constitutional right against self-incrimination. For these reasons and more, these provisions of the IT Act are arguably unconstitutional.

As bad as the IT Act is, legally the government has done far worse. In the licenses that the Department of Telecommunications grants Internet service providers, cellular providers and telecoms, there are provisions that require them to provide direct access to all communications data and content even without a warrant, which is not permitted by the existing laws on interception. The licenses also force cellular providers to have ‘bulk encryption’ of less than 40 bits. (Since G.S.M. network encryption systems like A5/1, A5/2, and A5/3 have a fixed encryption bit length of 64 bits, providers in India have been known use A5/0, that is, no encryption, thus meaning any person — not just the government — can use off-the-air interception techniques to listen to your calls.)

Cybercafes (but not public phone operators) are required to maintain detailed records of clients’ identity proofs, photographs and the Web sites they have visited, for a minimum period of one year. Under the rules designed as India’s data protection law (oh, the irony!), sensitive personal data has to be shared with government agencies, if required for “purpose of verification of identity, or for prevention, detection, investigation including cyber incidents, prosecution, and punishment of offenses.”

Along similar lines, in the rules meant to say when an Internet intermediary may be held liable for a user’s actions, there is a provision requiring the Internet company to “provide information or any such assistance to government agencies legally authorized for investigative, protective, cybersecurity activity.” (Incoherent, vague and grammatically incorrect sentences are a consistent feature of laws drafted by the Ministry of Communications and IT; one of the telecom licenses states: “The licensee should make arrangement for monitoring simultaneous calls by government security agencies,” when clearly they meant “for simultaneous monitoring of calls.”)

In a landmark 1996 judgment, the Indian Supreme Court held that telephone tapping is a serious invasion of an individual’s privacy and that the citizens’ right to privacy has to be protected from abuse by the authorities. Given this, undoubtedly governments must have explicit permission from their legislatures to engage in any kind of broadening of electronic surveillance powers. Yet, without introducing any new laws, the government has surreptitiously granted itself powers — powers that Parliament hasn’t authorized it to exercise — by sneaking such powers into provisions in contracts and in subordinate legislation.

For more details visit https://cis-india.org/internet-governance/blog/nytimes-july-10-2013-pranesh-prakash-how-surveillance-works-in-india

How India Makes E-books Easier to Ban than Books (And How We Can Change That)

pranesh — 2012-02-21T11:50:56Z

Without getting into questions of what should and should not be unlawful speech, Pranesh Prakash chooses to take a look at how Indian law promotes arbitrary removal and blocking of websites, website content, and online services, and how it makes it much easier than getting offline printed speech removed.

E-Books Are Easier To Ban Than Books, And Safer

Contrary to what Mr. Sibal's recent hand-wringing at objectionable online material might suggest, under Indian laws currently in force it is far easier to remove material from the Web, by many degrees of magnitude, than it is to ever get them removed from a bookstore or an art gallery. To get something from a bookstore or an art gallery one needs to collect a mob, organize collective outrage and threats of violence, and finally convince either the government or a magistrate that the material is illegal, thereby allowing the police to seize the books or stop the painting from being displayed. The fact of removal of the material will be noted in various records, whether in government records, court records, police records or in newspapers of record. By contrast, to remove something from the Web, one needs to send an e-mail complaining about it to any of the string of 'intermediaries' that handle the content: the site itself, the web host for the site, the telecom companies that deliver the site to your computer/mobile, the web address (domain name) provider, the service used to share the link, etc. Under the 'Intermediary Guidelines Rules' that have been in operation since 11th April 2011, all such companies are required to 'disable access' to the complained-about content within thirty-six hours of the complaint. It is really that simple.

"That's ridiculous," you think, "surely he must be exaggerating." Think again. A researcher working with us at the Centre for Internet and Society tried it out, several times, with many different intermediaries and always with frivolous and flawed complaints, and was successful six out of seven times . Thus it is easier to prevent Flipkart or Amazon from selling Rushdie's Midnight's Children than it is to prevent a physical bookstore from doing so: today Indira Gandhi wouldn't need to win a lawsuit in London against the publishers to remove a single line as she did then; she would merely have to send a complaint to online booksellers and get the book removed. It is easier to block Vinay Rai's Akbari.in (just as CartoonsAgainstCorruption.com was recently blocked) than it is to prevent its print publication. Best of all for complainants: there is no penalty for frivolous complaints such as those sent by us, nor are any records kept of who's removed what. Such great powers of censorship without any penalties for their abuse are a sure-fire way of ensuring a race towards greater intolerance, with the Internet — that republic of opinions and expressions — being a casualty.

E-Book Bans Cannot Be Challenged

In response to some of the objections raised, the Cyberlaw Division of the Department of Information Technology, ever the dutiful guardian of free speech, noted that if you have a problem with access to your content being 'disabled', you could always approach a court and get that ban reversed. Unfortunately, the Cyberlaw Division of the Department of Information Technology forgot to take into account that you can't contest a ban/block/removal if you don't know about it. While they require all intermediaries to disable access to the content within thirty-six hours, they forgot to mandate the intermediary to tell you that the content is being removed. Whoops. They forgot to require the intermediary to give public notice that content has been removed following a complaint from person ABC or corporation XYZ on such-and-such grounds. Whoops, again.

So while records are kept, along with reasons, of book bans, there are no such records required to be kept of e-book bans.

E-Book Censors Are Faceless

Vinay Rai is a brave man. He is being attacked by fellow journalists who believe he's disgracing the professional upholders of free-speech, and being courted by television channels who believe that he should be encouraged to discuss matters that are sub judice. He is viewed by some as a man who's playing politics in courts on behalf of unnamed politicians and bureaucrats, while others view him as being bereft of common-sense for believing that companies should be legally liable for not having been clairvoyant and removing material he found objectionable, though he has never complained to them about it, and has only provided that material to the court in a sealed envelope. I choose, instead, to view him as a scrupulous and brave man. He has a face, and a name, and is willing to openly fight for what he believes in. However, there are possibly thousands of unscrupulous Vinay Rais out there, who know the law better than he does, and who make use not of the court system but of the Intermediary Guidelines Rules, firmly assured by those Rules that their censorship activities will never be known, will never be challenged by Facebook and Google lawyers, and will never be traced back to them.

Challenging Invisible Censorship

Dear reader, you may have noticed that this is a bit like a trial involving Free Speech in which Free Speech is presumed guilty upon complaint, is not even told what the charges against it are, has not been given a chance to prove its innocence, and has no right to meet its accusers nor to question them. Yet, the Cyberlaw Division of the Department of Information Technology continues to issue press releases defending these Rules as fair and just, instead of being simultaneously Orwellian and Kafkaesque. These Rules are delegated legislation passed by the Department of Information Technology under s.79 of the Information Technology Act. The Rules were laid before Parliament during the 2011 Monsoon session. We at CIS believe that these Rules are *ultra vires* the IT Act as well as the Constitution of India, not only with respect to what is now (newly) proscribed online (which in itself is enough to make it unconstitutional), but how that which is purportedly unlawful is to be removed. We have prepared an alternative that we believe is far more just and in accordance with our constitutional principles, taking on best practices from Canada, the EU, Chile, and Brazil, while still allowing for expeditious removal of unlawful material. We hope that the DIT will consider adopting some of the ideas embodied in our draft proposal.

As Parliament passed the IT Act in the midst of din, without any debate, it is easy to be skeptical and wonder whether Rules made under the IT Act will be debated. However, I remain hopeful that Parliament will not only exercise its power wisely, but will perform its solemn duty — borne out of each MP's oath to uphold our Constitution — by rejecting these Rules.

Photo credit: Lynn Gardner, under CC-BY-NC-SA 2.0 licence*

This was reproduced in Outlook Magazine on 27 January 2012

For more details visit https://cis-india.org/internet-governance/blog/india-ebooks-easier-to-ban-than-books

Global Censorship: Shifting Modes, Persisting Paradigms

pranesh — 2015-08-14T11:22:11Z

'Global Censorship: Shifting Modes, Persisting Paradigms' is a book edited by Pranesh Prakash, Nagla Rizk, and Carlos Affonso Souza, and published by the Access to Knowledge Global Academy as part of its Access to Knowledge Research Series.

For more details visit https://cis-india.org/a2k/a2kga-global-censorship

Glaring Errors in UIDAI's Rebuttal

pranesh — 2016-09-18T03:22:32Z

This response note by Pranesh Prakash questions Unique Identification Authority of India’s reply to Hans Verghese Mathews' article titled “Flaws in the UIDAI Process” (EPW, March 12, 2016), which found “serious mathematical errors” in the article.

The article was published in Economic & Political Weekly Vol. 51, Issue No. 36, September 3, 2016.

While I am not a statistician, I have followed the technical debate between Hans Verghese Mathews and the UIDAI closely, and see a number of glaring errors in the latter’s so-called rebuttal in EPW (March 12, 2016).

The UIDAI alleges Mathews to have ignored the evidence that the Receiver Operating Characteristic (ROC) "flattens" with more factors. However, Mathews cannot be accused of ignorance if the flattening of the ROC is not relevant to his argument. To explain this in simple terms, the ROC curve is used to choose the appropriate "threshold distance" which determines false positives and false negatives, and belongs to a stage which precedes the estimation of the false positive identification rates (FPIR).

However, Mathews has used the FPIR estimates provided by the UIDAI (based on evidence from the enrolment of 84 million persons), and calculated how the FPIR changes when extrapolated for a population of 1.2 billion persons. In other words, he did not need to look at the ROC curve as that factor is not relevant to his argument, since he has used UIDAI data (which has presumably been estimated on the basis of all 12 factors : 10 fingerprints and 2 irises).

Further, UIDAI asks why Mathews has assumed a linear curve for his extrapolation. Mathews has done no such thing. In fact, in their paper "Role of Biometric Technology in Aadhaar Enrollment," the UIDAI states: "FPIR rate grows linearly with the database size" (nd, 19). Thus, this is an assumption formerly made by them (without providing rationale for it to be a linear curve as opposed to anything else). Mathews mathematically derives bounds for the FPIR in his paper, that is, the range within which the FPIR lies. One gets a linear curve only if they use the upper bound and not on the usage of anything else. So while Mathews does, as he explains, provide the results of the calculation based on the upper bound for the sake of simplicity, he nowhere asserts nor assumes a linear curve.

If, as the UIDAI claims, one cannot perform such an extrapolation and needs to depend on “empirical evidence” instead, the question arises as to how the UIDAI decided to scale up the programme to 1.3 billion people given the error rates. One could also ask if the machines being used to capture biometrics are good enough for the enlargement. Surely they would have performed some extrapolations to decide this.

In their paper they note that "although it [FPIR] is expected to grow as the database size increases, it is not expected to exceed manageable values even at full enrolment of 120 crores" (UIDAI nd, 13). They do not illustrate the extent to which the FPIR is expected to grow—neither in their initial paper, nor in their rebuttal to Mathews—whereas Mathews provides a method of estimating the increase of FPIR. Even if UIDAI is correct in its appraisal of FPIR and that it will not exceed "manageable values," they need to either exemplify their calculations or release the latest data. They have done neither, and that is quite unfortunate.

References

UIDAI (nd): “Role of Biometric Technology in Aadhaar Enrollment,” Unique Identification Authority of India, Government of India, New Delhi, viewed on 18 August 2016, https://uidai.gov.in/images/FrontPageUpdates/role_of_biometric_technology

Related Links

Flaws in the UIDAI Process http://www.epw.in/journal/2016/9/special-articles/flaws-uidai-process.html
Erring on Aadhaar http://www.epw.in/journal/2016/11/discussion/erring-aadhaar.html
Request for Specifics http://www.epw.in/journal/2016/36/documents/request-specifics-rebuttal-u...
Glaring Errors in UIDAI's Rebuttal http://www.epw.in/journal/2016/36/documents/glaring-errors-uidais-rebutt...
Overlooking the UIDAI Process http://www.epw.in/journal/2016/36/documents/response-hans-verghese-mathe...

For more details visit https://cis-india.org/internet-governance/blog/glaring-errors-in-uidai-rebuttal-epw

Freedom struggle 2.0

pranesh — 2015-04-27T01:23:44Z

In the face of the debate on net neutrality, here is a look at the consequences of not having a free, equal, and private internet.

The article was published in the Hindu on April 25, 2015. Pranesh Prakash gave his inputs.

There has been so much noise surrounding net neutrality (generously helped along by All India Bakchod’s explanatory video) that by now even my technology-abhorring grandmother knows something is rotten in the state of Denmark.

However, let us recap: net neutrality refers to a free and open Internet that lets us utilise every channel of communication without bias or — heaven forbid — having to pay extra dough. Paid sites and subscriptions excluded of course; the owners have to send their kids to college, you know. As to the Importance of net neutrality, it is “... a democratic principle (in line with the right to equality in our Constitution) and it is important for freedom of speech and expression,” says Pranesh Prakash of the Centre for Internet and Society.

“Evolving technologies cannot be regulated” was one of the opening lines of Almost Human, a science fiction/crime series that did not survive its debut season. A profound statement, especially in the light of the blistering debate over net neutrality. A debate that has the Twitterati frothing at the mouth and primed to spew sarcasm at those against them in what is being perceived as a battle of epic proportions. Sample these: @Roflindian: What if this net neutrality debate was a clever ploy by telcos to merrily push up rates? And we’ll be like — anything for net freedom! @GabbbarSingh: Someone should launch a start-up just to announce its support to #NetNeutrality “We at Random-Word-with-no-vowels support #NetNeutrality”. @madversity: Net Neutrality has become so popular in Delhi in just three days Aunties want to know where it is available so they can wear it for Karva Chauth.

The battle for net neutrality, in India at least, looks to have exacerbated suddenly in the past few weeks. In truth, however, the issue has been brewing for quite a while, fanned by the Federal Communications Commission’s (FCC) penchant for preparing sheaves of rules and regulations, sundry disputes and discourses by the Reddit demigods and anyone who owns a blog or a YouTube channel, the Bitcoin mafia’s complacent insistence on being the saviour of the web as we know it, and the rumours and filtered nuggets of news surrounding Google’s plans for a mobile virtual network operator (MVNO).

Here, then, are the main antagonists of our piece: telecom company Airtel (post its announcement of the ostensibly unpopular Airtel Zero plan, so much so that the CEO decided to grace Airtel’s users with an e-mail to “clear the air”) and Telecom Regulatory Authority of India (TRAI) that has taken to pitting Davids (consumers) against Goliaths (telecom companies) by floating a paper (subject to discussion and a cannonade of indignant e-mails) containing “some of the strangest and some ridiculously biased statements”, as Nikhil Pahwa succinctly put it in a MediaNama piece.

According to Airtel’s CEO, their “vision is to have every Indian on the Internet. There are millions of Indians who think that the Internet is expensive and do not know what it can do for them… We know that if we allow them to experience the joys of the Internet they will join the digital revolution.” Noble thought, but the sentiment is marred by the sordid matter of blunt. “Airtel Zero is a technology platform that connects application providers to their customers for free. The platform allows any content or application provider to enrol on it so their customers can visit these sites for free. Instead of charging customers we charge the providers who choose to get on to the platform.” In effect, restricting the freedom of the consumer to choose what site he/she wishes to use.

And I wish telecoms would stop bandying about the word “free” like confetti at a wedding. ‘100 free SMSes per day! Only at Rs. 50 a month!’ Well, I’m still losing Rs. 50, aren’t I? Why would you insult my intelligence by telling me my 100 SMSes are free then? “Customers are free to choose which website they want to visit, whether it is toll free or not. If they visit a toll free site they are not charged for data. If they visit any other site normal data charges apply.” Well, pray tell us plebians, Mr. CEO, since companies like Flipkart, NDTV and others have already abandoned the Airtel Zero ship, and a Google probably mightn’t consider coming aboard, having bigger fish to fry (i.e. its MVNO plans), does not your unequal treatment of these websites go against the very backbone of net neutrality?

The debate on net neutrality has more far-reaching consequences, however, than just having to shell out extra to exchange annoying Whatsapp group messages all day long or Skyping with your significant other. The absence of neutrality will result in a barrage of unregulated technologies and the unprecedented growth of the deep web (the portion of Internet content that is not or cannot be indexed by regular or standard search engines — typically comprising around 90 per cent of data presently available on the World Wide Web). Most of the deep web is a fairly innocuous place, consisting of anything from library catalogues to your private folder of dead baby jokes, but it is also a lair of (mostly) undetectable criminal activity (case in point, the recent shutdown of Silk Road, an online black market for your every requirement, and I mean every requirement).

The deep web, naturally, is the best illustration of “a free, equal, and private Internet” (when its powers are harnessed for good, not evil) and so is its most popular currency — Bitcoin. A Bitcoin is, in the concise words of Danny Bradbury (in an informative CoinDesk piece), “a payment mechanism designed to level the playing field, driving out unnecessary costs and making it possible for even the lowest income members of society to participate in the economy. But it relies on a free and open Internet to do so.” And vice versa. Researchers have been working on a way to make micropayments and encryption work together without privacy or bandwidth compromise via mesh networks (faster connections through nearby peers, thus leading to net neutrality, and further to telecoms becoming skittish). However, steady price gains for Bitcoin as well as altcoins (alternative cryptocurrencies to bitcoin) are undeniable proof that telecoms may have to bow to the inevitable.

Also, in the absence of a free and open Internet, organisations like Wikileaks and Anonymous would abound with alacrity. While some would call that an excellent development, there are those who would want to banish Internet altogether from our fair land, making the aam junta cower, tremble and rage by turns at the usurping of its digital rights.

Another thing that seems to be troubling very few, especially in the wake of the wave of acrimony against Airtel, is Google’s plans to expand into the MVNO market. Google, so goes the news, is planning to go into partnership with Sprint and T-Mobile to further its plans of becoming a wireless carrier. While Google already provides free or subsidised Internet with Project Loon and Google Fiber, the new move could easily prove a challenge to net neutrality. Some see the move as harmless — in fact, for the greater good. Evidenced by a senior software engineer of my acquaintance who, since Google makes money by tracking user information and behaviour online and doesn’t prioritise certain kinds of traffic on the Internet access it provides currently, doesn’t see them having any incentive to do so in the cellular space. In fact, he finds the Google MVNO a fascinating move, especially since Sprint and T-Mobile have far fewer subscribers than ATT or Verizon — meaning that the MVNO provider is at the mercy of these MNOs and that, were Google to be successful with this, it means the MNOs are losing selling power. An interesting irony in the context of net neutrality. On the other hand, a researcher at Centre for Internet and Society and former tech journalist is of the opinion that Google may try to push its services since that has always been the case with corporates, whether they provide CSR freebies or diversify their business.

After all, “Who decides what we consume? What if tomorrow the government decides everyone watching YouTube is wasting their time, or [those] watching cricket should be doing something better? That starts to tread into censorship...” says Vijay Anand of The Startup Centre. I suppose all we can do is keep hope animatedly existent as to the triumph of the freedom in our webspace and spam TRAI’s inbox with as many e-mails as we can.

Net Neutrality

Net neutrality is a principle that says Internet Service Providers (ISPs) should treat all traffic and content on their networks equally.

How does net neutrality affect you?
The internet is now a level-playing field. Anybody can start up a website, stream music or use social media with the same amount of data that they have purchased with a particular ISP. But in the absence of neutrality, your ISP might favour certain websites over others for which you might have to pay extra. Website A might load at a faster speed than Website B because your ISP has a deal with Website A that Website B cannot afford. It’s like your electricity company charging you extra for using the washing machine, television and microwave oven above and beyond what you are already paying.

Why Now?

Late last month, Trai released a draft consultation paper seeking views from the industry and the general public on the need for regulations for over-the-top (OTT) players such as Whatsapp, Skype, Viber etc, security concerns and net neutrality. The objective of this consultation paper, the regulator said, was to analyse the implications of the growth of OTTs and consider whether or not changes were required in the current regulatory framework.

Key Players
Internet Service Providers like Airtel, Vodaphone, Reliance... The Telecom Regulatory Authority of India which lays down the rules for telecom companies The Internet companies like Facebook, Google, whatsapp and other smaller startups You, the consumer

What is an OTT?
OTT or over-the-top refers to applications and services which are accessible over the internet and ride on operators' networks offering internet access services. The best known examples of OTT are Skype, Viber, WhatsApp, e-commerce sites, Ola, Facebook messenger. The OTTs are not bound by any regulations. The Trai is of the view that the lack of regulations poses a threat to security and there’s a need for government’s intervention to ensure a level playing field in terms of regulatory compliance.

For more details visit https://cis-india.org/internet-governance/news/the-hindu-zara-khan-april-25-2015-freedom-struggle

Free and Open Source Software

pranesh — 2010-01-11T10:59:01Z

Free and open source software (FOSS) is a good thing from both the perspective of programmer and user freedoms as well as from the perspective of better and more efficient software production. Also, FOSS forms the backbone of the Internet (BIND/NSD for DNS servers, Apache for web servers, sendmail/postfix/qmail for mail servers, Asterisk for VoIP servers, etc.), and the Internet as we know it would not exist without FOSS.

For more details visit https://cis-india.org/openness/publications/foss

Free and Open Source Software

pranesh — 2010-01-11T10:57:14Z

For more details visit https://cis-india.org/openness/publications/foss/FLOSS

Framing an Alternative Approach to the Jan Lokpal

pranesh — 2011-10-11T11:42:00Z

The National Campaign for Peoples' Right to Information (NCPRI) and the Centre for Internet and Society (CIS) are organizing a public talk on "Framing an Alternative Approach to the Jan Lokpal" on Friday, August 5, 2011 at CIS, Bangalore. Shankar Singh, Nikhil Dey and Aruna Roy of MKSS and NCPRI will be speaking.

The drafts of both the Lokpal as well as the Jan Lokpal bill have been criticised extensively on multiple grounds, including that of lack of accountability and concentration of power in a singular body. This public talk seeks to provide a framework for an alternative conception of the Jan Lokpal that takes a multi-pronged approach to tackling corruption by moving towards concurrent anti-corruption and grievance redress measures.

Speakers

Shankar Singh, Aruna Roy and Nikhil Dey of the Mazdoor Kisan Shakti Sangathan (MKSS) and the National Campaign for Peoples' Right to Information (NCPRI)

Date and Time

Friday, August 5, 2011
18:00-19:30

Venue

Centre for Internet and Society
(next to Domlur Club and close to TERI)
194, 2-C Cross,
Domlur Stage II,
Bangalore

Map: http://goo.gl/2UV5J

Background Reading

Nikhil Dey & Ruchi Gupta, Putting the "Jan" in Lokpal Bill
Aruna Roy & Nikhil Dey, Make Sure the Cure Isn't Worse than the Disease
Aruna Roy & Rakshita Swamy, Lokpal Must Lead by Example
NCPRI, Draft Concept Notes from Public Consultations on Collective and Concurrent Lokpal Anti-Corruption and Grievance Redress Measures
NCPRI, Background Documents on Jan Lok Pal Bill

== Contact ==
For more information, please contact:
Rakshita Swamy <rakshitaswamy at gmail dot com>, or
Pranesh Prakash <pranesh at cis-india dot org>

VIDEO

For more details visit https://cis-india.org/events/alternative-jan-lokpal

Fixing India’s anarchic IT Act

pranesh — 2012-11-30T06:33:58Z

Section 66A of the Information Technology (IT) Act criminalizes “causing annoyance or inconvenience” online, among other things. A conviction for such an offence can attract a prison sentence of as many as three years.

Pranesh Prakash's article was published in LiveMint on November 28, 2012.

How could the ministry of communications and information technology draft such a loosely-worded provision that’s clearly unconstitutional? How could the ministry of law allow such shoddy drafting with such disproportionate penalties to pass through? Were any senior governmental legal officers—such as the attorney general—consulted? If so, what advice did they tender, and did they consider this restriction “reasonable”? These are some of the questions that arise, and they raise issues both of substance and of process.

When the intermediary guidelines rules were passed last year, the government did not hold consultations in anything but name. Industry and non-governmental organizations (NGOs) sent in submissions warning against the rules, as can be seen from the submissions we retrieved under the Right to Information Act and posted on our website. However, almost none of our concerns, including the legality of the rules, were paid heed to.

Earlier this year, parliamentarians employed a little-used power to challenge the law passed by the government, leading communications minister Kapil Sibal to state that he would call a meeting with “all stakeholders”, and will revise the rules based on inputs. A meeting was called in August, where only select industry bodies and members of Parliament were present, and from which a promise emerged of larger public consultations. That promise hasn’t been fulfilled.

Substantively, there is much that is rotten in the IT Act and the various rules passed under it, and a few illustrations—a longer analysis of which is available on the Centre for Internet and Society (CIS) website—should suffice to indicate the extent of the malaise.

Some of the secondary legislation (rules) cannot be passed under the section of the IT Act they claim as their authority. The intermediary guidelines violate all semblance of due process by not even requiring that a person whose content is removed is told about it and given a chance to defend herself. (Any content that is complained about under those rules is required to be removed within 36 hours, with no penalties for wilful abuse of the process. We even tested this by sending frivolous complaints, which resulted in removal.)

The definition of “cyber terrorism” in section 66F(1)(B) of the IT Act includes wrongfully accessing restricted information that one believes can be used for defamation, and this is punishable by imprisonment for life. Phone-tapping requires the existence of a “public emergency” or threat to “public safety”, but thanks to the IT Act, online surveillance doesn’t. The telecom licence prohibits “bulk encryption” over 40 bits without key escrow, but these are violated by all, including the Reserve Bank of India, which requires that 128-bit encryption be used by banks. These are but a few of the myriad examples of careless drafting present in the IT Act, which lead directly to wrongful impingement of our civil and political liberties. While we agree with the minister for communications, that the mere fact of a law being misused cannot be reason for throwing it out, we believe that many provisions of the IT Act are prone to misuse because they are badly drafted, not to mention the fact that some of them display constitutional infirmities. That should be the reason they are amended, not merely misuse.

What can be done? First, the IT Act and its rules need to be fixed. Either a court-appointed amicus curiae (who would be a respected senior lawyer) or a committee with adequate representation from senior lawyers, Internet policy organizations, government and industry must be constituted to review and suggest revisions to the IT Act. The IT Act (in section 88) has a provision for such a multi-stakeholder advisory committee, but it was filled with mainly government officials and became defunct soon after it was created, more than a decade ago. This ought to be reconstituted. Importantly, businesses cannot claim to represent ordinary users, since except when it comes to regulation of things such as e-commerce and copyright, industry has little to lose when its users’ rights to privacy and freedom of expression are curbed.

Second, there must be informal processes and platforms created for continual discussions and constructive dialogue among civil society, industry and government (states and central) about Internet regulation (even apart from the IT Act). The current antagonism does not benefit anyone, and in this regard it is very heartening to see Sibal pushing for greater openness and consultation with stakeholders. As he noted on the sidelines of the Internet Governance Forum in Baku, different stakeholders must work together to craft better policies and laws for everything from cyber security to accountability of international corporations to Indian laws. In his plenary note at the forum, he stated: “Issues of public policy related to the Internet have to be dealt with by adopting a multi-stakeholder, democratic and transparent approach” which is “collaborative, consultative, inclusive and consensual”. I could not have put it better myself. Now is the time to convert those most excellent intentions into action by engaging in an open reform of our laws.

Pranesh Prakash is policy director at the Centre for Internet and Society.

For more details visit https://cis-india.org/internet-governance/blog/livemint-opinion-november-28-2012-pranesh-prakash-fixing-indias-anarchic-it-act

Financial Express hosts #NetNeutralityDebate: ‘Price discrimination can be allowed, but not for the same packet of data’

pranesh — 2015-04-27T02:18:18Z

Trying to cut through the noise on Net Neutrality in India, FICCI in partnership with Financial Express is hosting a panel discussion titled ‘Decoding Net Neutrality’ in New Delhi on Wednesday.

This was published in the Financial Express on April 24, 2015. Pranesh Prakash participated in the discussion.

Moderated by Sunil Jain, the guests on the Net Neutrality debate panel are Rajya Sabha MP Rajeev Chandrasekhar, Lok Sabha MP Baijayant Jay Panda along with ICRIER chief executive Dr Rajat Kathuria, IAMAI president Dr Subho Ray, Facebook’s head of public policy for South and Central Asia Ankhi Das, COAI director general Rajan S Mathew, Com First director Dr Mahesh Uppal and Policy Director of the Centre for Internet and Society Pranesh Prakash.

Highlights of the debate:

Starting off the discussion, Rajeev Chandrasekhar said that this issue is all about market abuse and market power and not as utopian as it sounds. He said that this debate is nothing new as regulators identified the problem long ago. Chandarasekhar added, “TRAI had recognized in 2006 that there is an opportunity to abuse by access providers.”

Joining the conversation, COAI director general Rajan S Mathew said, “We have put the cart before the horse. What needs to be addressed first is online governance.”

Looking forward, ICRIER chief executive Rajat Kathuria said that we need to figure out the best way to use this privately funded public good. He added, “We still haven’t so far.”

Video

Com First director Dr Mahesh Uppal tries to find a common ground and said, “Everyone is against ‘arbitrary commercial’ prioritisation or throttling.”

Subho Ray agreed and said, “There should be no blocking, throttling and preferential treatment.”

Facebook India’s Ankhi Das said that Internet.org is not for people who are already on the Internet. She explained, “Our objective is that it should be free and non-exclusive.”

Watch video: It’s free, no one has to pay to join the app, says Ankhi Das, Facebook India, on internet.org

Pranesh Prakash, Policy Director of the Centre for Internet and Society intervened to add, “An universally affordable model is important. We must ensure that the diversity that Internet provides is not lost.”

Taking the conversation further, Rajeev Chandrasekhar said, “I don’t believe data packets can be discriminated except in terms of speed and bandwidth.

Rajan Mathews interjected, “We do not discriminate, we differentiate. And all businesses differentiate.”

On this point, Rajat Kathuria said, “Price discrimination is something that should be allowed within boundaries of regulation.”

The Indian Express New Media Editor Nandagopal Rajan said that, “#NetNeutralityDebate panel agrees that price discrimination can be allowed, but not for the same packet of data.”

Jay Panda, Lok Sabha MP now also joins the discussion and says, “I have come out in favour of net neutrality despite the fact that my family will be benefiting from the lack of it. Whether fragmentation is desirable on the Internet or not, it needs to be debated. I am not in favour of fragmented access to the Internet.”

Watch video: There should be no prioritisation of one brand over another, says Baijayant Jay Panda on Net Neutrality

Underlining his views, Jay Panda reiterated, “Spectrum may be limited but access won’t be in the future. I am against prioritizing packets over others.”

Pranesh Prakash gave an overarching view and said, “Everyone benefits from Internet. What we need to figure out is whether everyone is getting paid enough.”

Jay Panda said, “It is possible for access providers to make money.”

Rajan Mathews said, “I think it is not fair to say that telcos can influence the govt.”

On this Jay Panda quipped, “The govt has to chip in its share to make the Internet accessible to all.”

Jay Panda says govts have been behind the curve in #NetNeutralityDebate and telcos have benefitted from it.

For more details visit https://cis-india.org/internet-governance/news/financial-express-april-24-2015-net-neutrality-debate

pranesh — 2012-10-04T04:53:47Z

The Centre for Internet & Society submitted its written comments on the Draft Copyright Rules, 2012 to Mr. G.R. Raghavender, Registrar of Copyrights & Director (BP&CR), Ministry of Human Resource Development.

G.R. Raghavender
Registrar of Copyrights & Director (BP&CR)
Copyright Office
Department of Higher Education
Ministry of Human Resource Development
4th floor, Jeevan Deep Building,
Parliament Street
New Delhi — 110001

Dear Sir,

This submission contains comments from the Centre for Internet and Society on the Draft Copyright Rules, 2012. I apologize for the slight delay in submitting these.

Yours sincerely,
Pranesh Prakash
Policy Director
Centre for Internet and Society

Relinquishment of Copyright

Analysis

The law in India allows anonymously and pseudonymously created works to be copyrighted as well, as is clear from section 23 of the Copyright Act. However, rule 8 as it currently is does not allow such authors to relinquish copyright. Relinquishment of copyright is a very different kind of act from registration of copyright, and hence it is not necessary to seek the same categories of information from both. Certain categories of information sought during registration of copyright ("class of work", "language of the work", "nationality of author") are required not because they help identify a work, but because they help in indexing the work ("class of work", "language of work") or in ensuring that the work is copyrightable in India ("nationality of author"). Such considerations do not matter when it comes to relinquishment of copyright, i.e., when a work is allowed to pass into the public domain. Further, technological progress has made it difficult to determine the answer to a question like "country of first publication", "nationality of the publisher", etc. If a work has been uploaded by an author on to his blog, is the publisher the author or the person hosting the blog? If an Indian author residing in India first publishes a work on the server located in Argentina, is the country of first publication India or Argentina? The answer to these questions does not make a difference to the issue of relinquishment of copyright. The only information that is required for relinquishment of rights is a) what work is being put in the public domain, b) by whom, c) from when.

Furthermore, the current requirements of rule 8 cannot easily be satisfied by using most of the popular means of relinquishing copyright (such as the CC0 — Creative Commons Zero — licence).

Recommendations

Rule 8 be modified to read: A public notice issued by an author relinquishing his or her rights as per subsection (1) of section 21 of the Copyright Act, shall include the following details: (a) Title of the work (b) Full name, or pseudonym, in case the work has not been created anonymously (c) Date of issuance of the notice (d) If copyright in the work is registered under section 45, the registration number.

Rule 9 be modified to read: Any one of the following shall constitute public notice of relinquishment of copyright: i. Mentioning of the notice on the work, or cover of the work, or in the metadata of the work if the work is electronic; or ii. Publication in a newspaper; or iii. Publication by the author on a publicly-accessible website

Rule 10 be modified to add the following sentence: The author shall forward a copy of the public notice to the Registrar of Copyright if copyright in the work has been registered under section 45 and on receiving such notice, the Registrar of Copyright shall post the same on the website of the Copyright Office.

Statutory Licence for Cover Versions

Analysis

Rule 34(2) is redundant and does not contain any detail not already present in the existing proviso to section 31C(1) of the Copyright Act. Additionally, Rule 35 also does not contain any detail not already present in the existing parent provision, section 31C of the Copyright Act.

Recommendations

Rules 34(2) and 35 be deleted.
Rule 37 should be modified to add a sub-rule requiring maintenance of records online.

Indexes

Analysis

In rule 71(3), it requires that the indexes be maintained in the form of cards. These are presumably physical cards. It is unclear why the rule should not require the maintenance of these indexes online to facilitate search by the public. Further entries 13 and 14 of Schedule II are from a time when the transaction costs incurred by the Registrar of Copyright for providing extracts from an Index were non-negligible, and hence it would have been necessary to charge a person for such services. With the capabilities of electronic systems, such retrievals are almost costless, and can be done without the intervention of the Registrar of Copyright. Hence entries 13 and 14 should not be made applicable to online retrievals. If copyright societies can be required to provide information free of costs on their websites (as per rule 65), the Registrar of Copyright should be required to do so too.

Recommendation

Modify sub-rule (3) of rule 71 to read: "Every Index shall be available online as a downloadable database, with an online search facility."

Modify the second sentence in rule 72 to read: "The online search or inspection of the Register of Copyrights and Indexes can be utilised free of cost."

Storage of Transient or Incidental Copies of a Work

Analysis

It is not clear enough from the language of rule 74 that it applies only to s.52(1)(c) and not to s.52(1)(b). Since only s.52(1)(c) has a complaints mechanism, this should be made clear.

Importantly, to protect the interest of the public, the intermediaries should be asked to give public notice regarding the alleged infringing copy to ensure that the take-down mechanism is not abused, and secondly to ensure that the public can independently verify that intermediaries are following the requirement in rule 74(4) of restoring storage of the work if no court order is forthcoming within 21 days.

Lastly, there is no clear precedent in India to treat a uniform resource identifier (URI) as 'place' for purposes of section 51(a)(ii) of the Copyright Act, 1957. Therefore it is necessary to further clarify the meaning of the term 'place' as used in current Rule 74(2)(d). This would be best served by using the correct technological term ("URI") instead of the word "place".

Recommendation

Modify sub-rule (1) of rule 74 to: "Any owner of copyright may give a written complaint as per clause (c) of subsection (1) of section 52 of the Copyright Act to a person who has facilitated..."

Add sub-rule (6) to rule 74: "The person responsible for storage shall put up a public notice thereby notifying all persons requesting access to the alleged infringing copy by stating reasons for restraining such access whether during the period of 21 days from the complaint from the copyright owner, or pursuant to an order from a competent court."

Modify rule 74(2) to read: "Details of the specific uniform resource identifier (URI) where transient or incidental storage of the work may be taking place."

Making or Adapting the Work by Organizations Working for the Benefit of Persons with Disabilities

Analysis

Rule 75 requires organizations making use of the exception granted under s.52(1)(zb) to maintain records. This could not have been the intention of the legislature in passing s.52(1)(zb), since that provision does not require any maintenance of records. Indeed, none of the exceptions ennume-rated in s.52(1) require the maintenance of records. This is in contrast with s.31B, which is also applicable to organizations working for the benefit of persons with disabilities, but only those that are doing so as a for-profit venture. Rule 29(6) already requires the Registrar of Copyright to notify the grant of a licence under s.31B in the Official Gazette. That provision may be modified to add that the Registrar of Copyright maintains these records in a centralized database that can be queried online.

Recommendations

Delete rule 75, and modify rule 29(6) to include a centralized database.

Technological Protection Measures

Analysis

Most experts seem to hold that s.65A of the Indian Copyright Act does not affect circumvention tools, as it only deals with the act of unauthorized circumvention and not with the tools, in sharp contrast with s.1201(a)(2) of the Digital Millennium Copyright Act in the US, which criminalises the "manufacture, import, offer to the public, provision, or otherwise trafficking in any [circumvention] technology, product, service, device, component, or part thereof". The Indian law has conciously chosen not to emulate the DMCA in this respect, as the WIPO Copyright Treaty does not require it.

The broad understanding of "facilitation" contained the Copyright Rules unfortunately seem to undermine this clear distinction. If facilitation is understood to include offer to the public, provision, or distribution, as seems to be the case in Rule 79(3) and 79(4), then law becomes unworkable with each and every website that allows for the downloading of any software that can be used to play DVDs, etc., must specifically keep a register of downloaders from India. This is unnecessary, and goes beyond the intent of s.65A, which is to cover those who actively facilitate circumvention and not those who make available the tools to circumvent. This distinction should not be blurred.

Recommendation

Delete sub-rules (3) and (4) of rule 79.

For more details visit https://cis-india.org/a2k/feedback-to-draft-copyright-rules-2012

Fallacies, Lies, and Video Pirates

pranesh — 2011-08-04T04:43:08Z

At a recent conference on counterfeiting and piracy, industry representatives variously pushed for stiffer laws for IP violation, more stringent enforcement of existing IP laws, and championed IP as the most important thing for businesses today. This blog post tries to show how their arguments are flawed.

The Confederation of Indian Industry (CII) organized its third annual conference on counterfeiting and piracy, with support from the United States Embassy and the Quality Brands Protection Committee of China (a body comprising more than 80 multinational companies). Last week we criticised the conference in an open letter. This week, we examine a few of the recurring themes that came up at the conference.

Something being substandard is not the same as something being counterfeit.

This was a mistake made by many whenever they invoked 'counterfeit' in the sense of something that is violative of one's patent and trademark rights. The Indian Drugs and Cosmetics Act itself distinguishes between 'misbranded', 'adulterated', and 'spurious' drugs, thus recognizing that something that is made without proper authorization from rights owners isn't necessarily of a bad quality. Indeed, this was substantiated by an audience member, a lawyer from Dr. Reddy's Lab. She spoke of a mandi in Agra where they seized medicines being sold under the Dr. Reddy's name, but produced by local manufacturers. Upon lab testing, it turned out, much to their surprise, that the medicines were of the highest quality and were not substandard. Similarly, many large companies including trusted FMCG companies like Hindustan Unilever and ITC are upbraided by authorities for violations of the Drugs and Cosmetics Act (for the cosmetics they produce) as well as the Prevention of Food Adulteration Act. Thus, even legitimate businesses can produce substandard products. Thus, a product can be unauthorized but not substandard, just as a product can be substandard but not counterfeit.

This distinction becomes very important when we talk about patents, and especially drug patents. A generic drug is by definition identical or within an acceptable bio-equivalent range to the brand name counterpart with respect to pharmacokinetic and pharmacodynamic properties. Thus, this entire category of high-quality drugs is often sought to be made illegal or counterfeit by large pharma companies. Some countries like Kenya have capitulated. But so far the World Health Assembly has been forced by developing countries to keep the issue of substandard medicines separate from patent-bypassing medicines.

The industry, for all their talk about "out of the box" thinking on the issue, still only consider metrics such the number of piracy raids conducted as measures of success. A question was put forth by Manisha Shridhar of the Intellectual Property & Trade Unit of the World Health Organization upon learning of the quality of the drugs seized at the Agra mandi: Why not cut a licensing deal with those manufacturers, who obviously have excellent production facilities? That kind of thinking, which helped HMV in India in the 1980s, and copying innovative features from video pirates and pricing their products competitively has helped an Indian company, Moserbaer, do extremely well.

Counterfeiters and pirates are not always seeking to fool consumers.

Only lawyers hired by the industry would think that a consumer aspiring towards a Rolex watch would actually think that the one he purchased off the streets for one-hundredth the original's price was in fact original. Street-side DVD hawkers are not thought by the general public to be selling original wares. Still, despite knowing the difference between the original and the fake, consumers many times opt for the latter.

Having said that, counterfeiting, by using someone else's trademark and trying to pass off fake goods as real ones, is quite obviously wrong. It harms customers, and it harms the manufacturers. Thus, a distinction deserves to be made here between the counterfeiters who try to deceive consumers (for instance by copying authenticity marks, like holograms, etc.) and those who are just providing them with highly cheaper alternatives (pirated DVDs, etc.). In this light, it is also important here to distinguish between counterfeiting, traditionally taken to be trademark violation, and piracy, traditionally taken to be a violation of international law, but now generally meaning a large-scale violation of copyright law. While the former can lead to consumer confusion, the latter scarcely ever does. This is ignored by industry people who evoke the image of the consumer quite often, but only when it helps them, and not in any meaningful manner. They negate consumer choice when it comes to consciously purchasing pirated goods, and consumer freedoms when it comes to usage of copyrighted materials.

While commercial film piracy funds terrorists, so does pretty much every business activity.

A favourite of the MPAA (and by association, the MPA) is the RAND report on Film Piracy and its Connection to Organized Crime and Terrorism. This report, which was funded by the MPAA, predictably concludes that film piracy funds organized crime and terrorism. Even if we are to believe its findings wholesale, it leaves us wondering whether all business activities from which terrorists derive funds should be banned.

In India, there is a substantiated link between organized crime and film and music production, and terrorists have been said to make money off the stock market. If the MPA's arguments are taken to their logical conclusions, then film production and equity trading should also be prosecuted. Furthermore, while the mafia and terrorists are the ostensible targets, the laws that are brought about to tackle it affect poor roadside vendors and non-commercial online file sharers. To tackle the funding of terrorists, roadside piracy shouldn't become the target just as film production per se shouldn't. The invocation of the RAND report is thus only meant for rhetorical effect, as it is hard to find logic in there.

"To copy without authorization is to steal", the death penalty, and drug peddling.

At the conference, Dominic Keating of the US Embassy pointed out that "to copy without authorization is to steal" and David Brener of US Customs and Border Protection kept emphasising, on at least two occasions, that "drug peddling merits an automatic death sentence in many countries". There are numerous arguments one can make to show the lack of thought in the former. One could point out that 'stealing' and 'theft' are things that happen to tangible property, and that not only is copyright not tangible, but it is barely property. Copying without authorization creates one more of what existed, without depriving the authorizer (usually a corporation) of its original. This goes against our notion of 'stealing'. If the argument is to be shifted to the terrain of control over one's property/copyright, Mark Lemley in an illuminative article shows how the economic theories behind externalities in property and copyright are vastly different, and that complete control over either has never been, nor should it ever be, an aim of the law. Simply put, someone free riding on your property leaves you worse off than earlier, while someone free riding on your copyright usually doesn't.

One could also point out that 'stealing' is endemic in activities involving human creativity. T.S. Eliot notes that "Immature poets imitate; mature poets steal; bad poets deface what they take, and good poets make it into something better, or at least something different". He does not even consider the possibility that artistic borrowing, whether by imitation or by 'stealing' does not happen. Even Y.S. Rajan, Principal Adviser to CII recognized this when during the conference he noted that "imitation and innovation have an interesting and intertwining philosophical history". If we are to take Mr. Keating's admonishment seriously, we would indeed have a very illustrious list of thieves on our hands, including the Walt Disney Corporation, William Shakespeare, Vladamir Nabokov, Public Enemy, and pretty much every creative person who has ever lived. Books can be written about this (and indeed, numerous books have been), so we shall not dwell on this issue.

Mr. Brener's repeatedly spoke of how drug peddling attracts death penalty in many countries (though in neither the US nor in India has anyone ever received capital punishment for drug peddling), but he also clarified that he is not advocating for the death penalty for copyright violations. That made one wonder why he was bringing up the death penalty at all. He also made the dubious, non-substantiated claim (noting it as "true fact") that pirating movies is more profitable than selling heroin. This claim appears in an article about a report produced by the Australian Federation Against Counterfeit Theft (AFACT), but the original report is nowhere to be found. The article about the AFACT report also claims that the pirates are using their illicit profits promote drug smuggling. The seeming contradiction of film pirates investing in something that is riskier and less profitable doesn't seem to have caught the eye of the writers. One version of the 'drugs are less profitable than pirated DVDs' claim (with marijuana taking heroin's place) was debunked on the Commons Law mailing list. Pirated DVDs are sold for a fraction of the cost of the original. It would be obvious to anyone that DVDs that are typically sold for Rs.30-50, where the cost of manufacture alone may be estimable to be around Rs. 10, cannot be more profitable than heroin peddling. That apart, most online file sharing (deemed to be "piracy") is non-commercial. Thus the question of profit does not really arise. Still, for the industry, absence of a profit is equal to a loss.

Thus, the rhetoric of crime, and that too heinous crime, is continually used, despite its being completely inapposite. Why does used to try to make IP enforcement a matter of state concern, rather than a matter of private, and civil, interest. This way, illegitimate statistics and factoids are used to make individual file-sharers who earn no money get lengthy prison sentences. This and other ways in which IP enforcement has expanded are carefully documented in this paper by Susan Sell.

Repeating false 'statistics' does not make them true.

Again, we were subjected to a number of dubious claims during the conference: If only counterfeiting and piracy were eliminated, India's fiscal deficit would disappear; the Indian entertainment industry loses 16000 crore (USD 4 billion) yearly to piracy; 820,000 direct jobs are lost due to film piracy; software piracy costs the industry USD 2.7 billion annually, etc. These reports' methodologies have been thorougly discredited. Even The Economist, a very conservative and pro-industry newspaper, believes that the BSA-IDC annual reports on software piracy are utterly distorted. Similarly, in the U.S., the figure of 750,000 jobs (around 8% of the U.S. unemployed in 2008) being lost due to piracy were touted by everyone from the Department of Commerce, the Chamber of Commerce, U.S. Border and Customs Protection, and the MPAA, RIAA, and BSA. The amount of money lost each year in the U.S. due to IP infringement has been estimated to be between USD 200-250 billion (that's more than the combined 2005 gross domestic revenues of the movie, music, software, and video game industries). In a lengthy piece in Ars Technica, Julian Sanchez traces back the history of both these figures, and shows how they are just large numbers used for lobbying, and are not based on actual studies. The industry-commissioned Ernst & Young report ("The Effects of Counterfeiting and Piracy on India's Entertainment Industry") was never made available to the public at large, thereby making it impossible to judge the methodological soundness of the survey and the veracity of the figures.

IP expansion and more stringent enforcement is counter-productive.

Chander Mohan Lall, copyright lawyer to various film studios (including Warner Bros.) in India, used a number of short film clips in presentation during the conference. Upon being questioned about it, he admitted that he did not have permissions of the copyright holders, but claimed that his use fell under "the education exception" in Indian copyright law. While I wish he were correct (because what he was doing was indeed educational use), as per the law he is wrong. Section 52(1)(i) of the Copyright Act only exempts educational usage of cinematograph film recordings when "audience is limited to such staff and students [of an educational institution], the parents and guardians of the students and persons directly connected with the activities of the institution". While there are other arguments he could seek to use to make his usage of the film clilps non-infringing, being excepted by the educational fair dealings clauses isn't one of them. Thus, more stringent enforcement of IP rights actually engenders such unauthorized, but perfectly legitimate copying and communication to the public such as that done by Mr. Lall.

Another way in which IP enforcement is being sought to be increased is by way of the so-called Goonda Acts. These are generally statutes aimed at criminals and lumpen elements in society. The Maharastra version, the Maharashtra Prevention of Dangerous Activities of Slumlords, Bootleggers, Drug-Offenders and Dangerous Persons Act, 1981, just became the Maharashtra Prevention of Dangerous Activities of Slumlords, Bootleggers, Drug-Offenders, Dangerous Persons and Video Pirates Act. The term "video pirate" is very widely defined, to include any copyright infringement-chargesheeter who is "engaged or is making preparations for engaging in any of his activities as a video pirates, which affect adversely or likely to affect adversely, the maintenance of public order". Public order is deemed to be disturbed by "producing and distributing pirated copies of music or film products, thereby resulting in a loss of confidence in administration". Thus video pirates can possibly be interpreted to include individual sitting at home and using P2P networks to share films. The only requirement is that they should have had a chargesheet lodged against them previously -- they needn't even have been convicted; being chargesheeted suffices. Thus, non-commercial activities of file-sharing are equated to bootleggers and drug smugglers, and preventive detention (an anti-civil rights relic of India's colonial past) is applicable to them.

IP expansion is happening without the ostensible justifications for IP being kept in mind. That Tirupathi ladoos are going to get GI (geographical indicator) protection was announced at the conference with great pride. Geographical indicators are used to protect consumer interests, to ensure that no one outside a particular region (Champagne) can lay claim to be producing that product (Champagne) if the production of that product is intrinsically linked to special features found in that region (climate, etc.). However, no devout person would want to purchase anything advertised as "Tirupathi ladoo" if it were produced outside the Venkateswara temple at Tirupathi, thus the question of consumer confusion does not arise. What if someone malignantly advertises something as Tirupathi ladoo and claims it was made in Tirupathi (and not just that it tastes like the ladoo made there)? Such a person can be taken to task for deceptive advertising, and there is no need for something to have IP protection to do so. This represents a senseless expansionism of IP. It is now IP for IP's sake.

One of the speakers, Mr. V.N. Deshmukh, who though pro-stringent IP enforcement, astutely noted that, "When local demand is not met, they [consumers] turn to counterfeiters and pirates." Local demand can be unsatisfied because of lack of supply, or because the supply is overpriced, or because the supply is not easy to access, or because what is supplied is inferior to what is demanded. At the end of the day, as William Patry, Google's lead counsel, has noted, what companies sell to the public are products and services, and not IP. It would thus be wise for businesses to be innovative and compete rather than trying to extend their monopolies and engaging in rent-seeking behaviour that is economical harmful to consumers. They would also do well to remember that IP is not only a product but an input as well, so they are ultimately consumers themselves. All the harsher laws and enforcement mechanisms that they push for right now will have unintended consequences, and come to affect them adversely.

For more details visit https://cis-india.org/a2k/blogs/fallacies-lies-and-video-pirates

Centre for Internet and Society

India blocks access to 857 porn sites

IJLT-CIS Law Essay Competition

Themes

Judging

Prizes

Eligibility

Submission Guidelines

How to make EVMs hack-proof, and elections more trustworthy

How Surveillance Works in India

How India Makes E-books Easier to Ban than Books (And How We Can Change That)

E-Books Are Easier To Ban Than Books, And Safer

E-Book Bans Cannot Be Challenged

E-Book Censors Are Faceless

Challenging Invisible Censorship

Global Censorship: Shifting Modes, Persisting Paradigms

Glaring Errors in UIDAI's Rebuttal

Freedom struggle 2.0

Net Neutrality

Free and Open Source Software

Free and Open Source Software

Framing an Alternative Approach to the Jan Lokpal

Speakers

Date and Time

Venue

Background Reading

Fixing India’s anarchic IT Act

Financial Express hosts #NetNeutralityDebate: ‘Price discrimination can be allowed, but not for the same packet of data’

Video

Feedback to Draft Copyright Rules, 2012

Relinquishment of Copyright

Analysis

Recommendations

Statutory Licence for Cover Versions

Analysis

Recommendations

Indexes

Analysis

Recommendation

Storage of Transient or Incidental Copies of a Work

Analysis

Recommendation

Making or Adapting the Work by Organizations Working for the Benefit of Persons with Disabilities

Analysis

Recommendations

Technological Protection Measures

Analysis

Recommendation

Fallacies, Lies, and Video Pirates

Something being substandard is not the same as something being counterfeit.

Counterfeiters and pirates are not always seeking to fool consumers.

While commercial film piracy funds terrorists, so does pretty much every business activity.

"To copy without authorization is to steal", the death penalty, and drug peddling.

Repeating false 'statistics' does not make them true.

IP expansion and more stringent enforcement is counter-productive.