Centre for Internet and Society

Report on 15 days Training in Basic Computing with use of NVDA and eSpeak in Oriya

nirmita — 2015-05-10T13:41:20Z

This programme was the first of its kind in the state of Orissa. The participants were mostly completely new to using computers and were also completely from the vernacular background. This training demonstrates that many more such regional level trainings should be organized in order to reach the untouched population of persons with blindness, and expose them to the advantages of today’s technology.

Newspaper Report

Post News Network

Bhubaneswar, April 16: Several visually impaired citizens living in the state Thursday got a reason to celebrate. The Vocational Rehabilitation Centre for Handicapped (VRCH), an outfit of the Central government, launched a training programme on the day for a bunch of men and women suffering from visual imparity. They would be imparted training on e-learning software, which can assist them in getting acquainted with the different aspects of computer operations.

The 15-day e-learning programme witnessed coming together of several physically challenged citizens of diverse age groups, from different parts of the state. The training is being provided by the government unit free of cost. The software, which will help the blind read texts on a computer, is known as Non-Visual Desktop Access (NVDA). It helps in bridging the chasm between die visually impaired people and the technology It facilitates communication between them through a» audio device. The software reads out text on the screen to the differently able, who are unable to read screen texts due to vision difficulties.
“Although the software came into existence in 2006 but it gained popularity slowly. The main advantage of this software is its diversity. It has now inculcated several other Indian languages, including Oriya into it. So now people from different ethnic groups can access texts in their mother tongue.

Moreover, the software is free for its users and can be downloaded easily from the Internet. Users of this software can now read computer files, use social networking sites and can even read all available resources on cyberspace,” said Mrutunjay Kumar, Member of All India Association for Blind who will impart teaching on the software to the blind students. Kumar himself suffers from visual imparity. Similar e-learning software, however, already existed to help the blind people use computers, but its high annual subscription amount and limited language options narrowed the usage of such software.

NVDA being subscription free and diverse is expected to cater to the larger interests of the visually impaired citizens of the state and the country Pokhariput-based VRCH on whose campus the training programme is being held was overwhelmed by the response it garnered from the public. Officials of the institution also assured all possible support for the participants. “The main aim of the training-programme is to give them a platform to strengthen their skills. The whole programme is totally free. No participation fees will be levied on the trainees. Moreover, special arrangements have been made for free accommodation and food for the trainees so that they can focus only on training,” said Ram Kishore Sharma, assistant director, VRCH.

Earlier in the day, many outgoing trainees, who completed some skill development training at the institution, were felicitated by the institution. Ashok Behera, deputy director, State Directorate of Welfare of Persons with Disabilities, was present during the occasion as chief guest and felicitated several students who had successfully completed their training at the institution.

Venue: Institute of Social Work and Research, Bhubaneswar, Orissa.
Dates: 16th – 29th April 2015
No. of Participants: 30
Trainer: Mritunjay Kumar.

For more details visit https://cis-india.org/accessibility/blog/report-on-training-in-basic-computing-with-use-of-nvda-and-e-speak-in-oriya

Report on 15 days Training in Basic Computing with use of NVDA and eSpeak in Hindi

nirmita — 2015-04-10T02:33:56Z

The highlight of the session was that the students on completion of the 15 days training, were able to write passages in Hindi. All the participants were able to do basic computing, such as opening files, saving them in different locations, surfing the Internet, etc.

The university officials appreciated the work of the students as they showed a resolve to learn Hindi typing. This would enable them to write their own examination papers using eSpeak Hindi. This is a historic step, as till now the students had to depend upon their scribes to write their exams.

Some documents of the final day's work of the students are listed below:

Story

एक जंगल में एक खरगोश और एक कछूआ रहता था। वे दोनो अच्छे दोस्त थे। पह खरगोस बहुत घमंडी था। वह हमेसा कछूए को यह कहता रहता था कि तुम तो बहुत धीरे चलते हो और मै तो बहुत तेज चलता हूं। और कछूए को निचा दिखाने के लिए खरगोश ने कहा कि चलो हम रेस लगाते हैं।और एक दिन सुबह वे दोनो रेस के लिए एक पेड़ के निचे मिलते हैं।और रेस सुरु करते हैं।जैसा की हम सभी जानते हैं कि खरगोस बहुत तेज दौड़ता है तो वह तेजी से दौड़ के आगे निकल जाता है और कछूआ पिछे रह जाता है।जब खरगोश पिछे देखता है तो ऊसे बहूत दूर तक कछूआ दिखाई नही देता है।तो खरगोश सोचता है कि कुछ देर तक आराम कर लेता हूं।तो खरगोस एक पेड़ के निचे आराम के लिए बैठ जाता है।और उसे नींद आ जाती है और वो सो जाता है। और कछूआ धीरे धीरे चल कर खरगोस से आगे निकल जाता है और धीरे घीरे कर के अपने लक्ष्य तक पहूंच जाता है।और खरगोस सोता रह जाता है।और जब उसकी नींद खुलती है तो खरगोस देखता है कि कछूआ रेस के आखरी लक्ष्य तक पहूंच चुका है।और इस तरह कछूआ धीरे चल कर भी रेस जीत जाता है और खरगोस तेज चल कर भी हार जाता है।

सीख-नीरंतर प्रयास करने वाले को सफलता जरूर मिलती है।

अतुलित भलधामम्, हेम शैला भजेहम, दनुज वन किसानम ज्ञान नमामि द्रिगड़्यम वह शक्ति हमे दो दयानिधे, कर्तव्य मार्ग पर डट जावेँ पर सेवा, पर उपकार मेँ हम, जग जिवन सफल बन जावेँ हम दीन दुखी निवलोँ विकलो के सेवक बन सँताप हरेँ जो हैँ अटके भूले बटके, उनको तारेँ खुद तर जावेँ थल दँभ द्वश पाखड झूठ अन्याय से निश दिन दूर रहे जीवन हो शुद्ध, सरल अपना, निश प्रेम शुधारल बरसावेँ निज आन मान मर्यादा का प्रभु, ध्यान रहे अभिमान रहे

जिस देश धरा पर जन्म लिया, बलिदान उसी पर हो जावे सकल गुढ़ा निदानम, वानराढ़ाम धीषम रघुपति प्रिय भक्तम वातजातम नमामी

The Training in Brief (As Provided by the Trainer)

Day 1: Keyboard orientation and introduction to computers
Day 2: Typing
Day 3: Hindi Typing
Day 4: Introduction to Desktop
Day 5: Introduction to Dialogue Boxes and Menus
Day 6: Saving Documents and Creating Folders
Day 7: Content Editing
Day 8: Opening and Closing Programs
Day 9: Concepts of Internet
Day 10: Google Search, Gmail Account, Book Share and Websites
Day 11: Tying Paras in Hindi
Day 12: More Tying Exercises
Day 13 - 15: Revision Exercises

For more details visit https://cis-india.org/accessibility/blog/report-on-training-in-basic-computing-with-nvda-and-e-speak-in-hindi

Report on 15 days Training in Basic Computing with use of NVDA and eSpeak in Gujarati

nirmita — 2015-05-10T11:23:42Z

This programme was aimed at high school students who were completely new to computers. The aim of the workshop was to empower the students to at least read and write using eSpeak Gujarati with NVDA within the 15 day duration.

Venue: Shree Navchetan Andhajan Mandal Madhapar - Kachchh.
Dates: April 2 to April 16, 2015
Trainer: Mahendra Chudasma.
Language: Gujarati
Number of Participants: 15

Most of the participants achieved the target and were also able to manage simple tasks like opening and saving documents in Word and also had the opportunity of gaining knowledge of the use of Android phones. Our thanks to Mahendra for ensuring that the participants came out with flying colours at the end of the workshop.

Training Schedule

April 2

Introduction
Information about Computer and its Parts
Keyboard orientation. Function keys, alphabets keys and number keys and number pad
About desktop, start menu, notification and taskbar
2: how to press 2 keys windows plus M. and alt plus F4

April 3

How to start Microsoft Office and Word
How to type words and how to read it. And modify delete and add alphabets and word
Modify spellings

April 4

Practice on topics covered in the first two days
How to start narrator without screen reader and how to install screen reader
How to read NVDA's commands by its help

April 5

How to formatting file by title, bold, increase and decrees fonts, make underline and justified and save it
How to make folder on desktop and how to search and copy file in the documents and paste in folder

April 8

Information about notification
How to set clock by notification and control panel
Difference between file and folder
How to play song with media player, VLC and Winamp
How to search in file and folders in your computer
Run Windows

April 9

Internet's information
Internet short commands
Read news in English, Gujarati, and Hindi newspaper through online

April 10

How to short navigate in internet by h for heading, t for table, l for list and insert f7 for links
About check box, combo box, radio button and button
How to create mail, and read it and compose mail and send it. With bcc and cc

April 11

About job related sites and banks sites
Searching through Google

April 12

How to download
Some general questions on computer practice

April 13

Practice for last days and some questions answers
Information about some messengers Facebook and Skype with its demonstration
How to create account and how to use these

April 14

Practice of old topics
Information about scanner with its demonstration
And demonstration with EnAble India EYE Tool and EnAble India Spelling Tool

April 15

Revision for complete course of NVDA of 15 days

April 16

Information about Android on students demand

List of Students for Gujarati Training

Garva Ajay Valjibhai
Chauhan Jayendrasinh Popatsinh
Meriya Pravin Karamshibhai
Gadhvi Hari Karsanbhai
Jat Razak Haronbhai
Koli Mavji Ramjibhai
Ganava Mital Panglabhai
Chawda Bharti Popatbhai
Maheswari Sunita Sumarbhai
Goyal Dipin Ravjibhai
Jeda Hisan Samirbhai
Patel Ritesh Bipinbhai
Raval Bhumi Nitinbhai
Mokariya Shardaben Girishbhai
Jain Alpaben Manojbhai

For more details visit https://cis-india.org/accessibility/blog/report-on-training-in-basic-computing-with-use-of-nvda-e-speak-gujarati

Report on 15 days Training in Basic Computing at RNKS

nirmita — 2015-07-21T15:16:55Z

The NVDA team organized a 15 days training in basic computing at Rajasthan Natrahin Kalyan Sansthan (RNKS) in Jaipur. The training programme held from June 1 - 15, 2015 was attended by 12 delegates. Mrityunjay Kumar was the trainer. The basic training for computers was targeted for school going children of RNKS.

The aim was to enable them to at least start using a computer as a Tool for Reading and Writing in Hindi. Along with knowledge of Basic computer Operations, the participants were also taught about the use of Bookshare Online Library, Use of Android and other Assistive Devices.

Report from Master Trainer: Mritunjay Kumar

Day 1: We have learnt Keyboard orientation and Introduction to computer, like what is a computer, where do you use a computer and advantages of computer.
Day 2: We have learnt Typing and introduction of screen reader, what screen reader is and how many types of screen reader. Also discussed about input and output devices.
Day 3: We have played small game about typing, how do we use fingers do typing? Also explained desktop and taskbar concept.
Day 4: We have learnt about software and types of software, There are three types of software, also explained menu, what is menu? What types of menu?
Day 5: We have learnt Opening closing and saving the document, editing concept have also been discussed.
Day 6: We have learnt how to cutting, copying and pasting the text in documents. Also we discussed Hindi alphabet.
Day 8: We have done Hindi typing and we have written small story in Hindi language.
Day 9: We have learnt File folder management and explain concept of dialog box, what is dialog box, types of dialog box.
Day 10: We learnt find and replace feature using Microsoft word document. Also explained how to create table in Microsoft Word.
Day 11: We have learnt spelling tool.
Day 12: We have discussed brief history of internet, and how will be do Google search. Also we learnt how to open website using NVDA
Day 13: We discussed about book share website, then we have learnt how to open book share website, and how to download books. Also we explain about android.

For more details visit https://cis-india.org/accessibility/blog/report-on-15-days-training-in-basic-computing-at-rnks

Report on 5 day TOT for Training in Use of Espeak Kannada with NVDA

nirmita — 2015-10-04T10:34:33Z

A unique programme was organized in partnership with Mitra Jyothi – Bangalore, Enable India – Bangalore and NFB Karnataka. The aim of the programme was to empower the Computer Teacherrs for the blind in the use of Espeak Kannada and apprise them with Modern Teaching Techniques for the Blind.

The training programme was held from September 21 - 25, 2015 at Mithra Jyoti in Bangalore. Fourteen delegates attended the programme. Suresh, Sandesh and Moses from Enable India were the trainers. NFB Karnataka helped in sourcing the participants, Mitra Jyothi hosted the event and the female participants and the trainers were from Enable India.

The workshop started with a round of introductions and expectations from the participants. All the participants expressed various needs, which include the following:

Need to learn to read and write in Kannada.
Need to learn new teaching Techniques.
Need to learn how to make accessible materials for teaching computers.
Need for learning EYE tool and /spelling tools.

The participants were a blend of Sighted and Blind Trainers. The Sighted trainers were very keen in knowing all they could about the new Teaching Techniques and the Screen Readers. They were also excited to know more about Assistive Technology for partially sighted students.

The Blind trainers showed special interest in NVDA and Assistive Technology.

The Session began with an introduction to NVDA and its advantages followed by a detailed presentation by Suresh.

The validation function was conducted by Major A. Singh – CEO Mitra Jyothi.

For more details visit https://cis-india.org/accessibility/blog/report-on-5-day-tot-for-training-in-use-of-espeak-kannada-with-nvda

Report of the Global Accessibility Awareness Day 2017

nirmita — 2017-06-19T15:07:28Z

Aditya Tejas attended the Global Accessibility Awareness Day event organized at NIMHANS Convention Centre in Bengaluru. The event had multiple panels and presentations, including a talk on coding for accessibility, a panel on why accessibility is necessary and how India is lagging behind in implementing it, and a presentation on how accessibility principles are integrated into the product life cycle at Cisco.

Logo of Shuttleworth Foundation below:

Global Accessibility Awareness Day is celebrated across the world on May 3 every year. The objective of the event is to get everyone talking, thinking and learning about digital access/inclusion and people with different disabilities.

This year the Global Accessibility Awareness Day 2017 (GAAD 2017) organized by Prakat Solutions and co-hosted by CIS and Mitra Jyoti, was held on May 18 at NIMHANS Convention Centre in Bengaluru. The event was designed to raise awareness around digital accessibility issues for persons with disabilities. The Shuttleworth Foundation also supported this event. Approximately 250 people were in attendance. The URL for the event is here. A detailed agenda can be found here. Video recordings of the event will be made available shortly.

The event ran from 2:30-7:30 PM and featured various discussions and events, including dance ceremonies, skits, and talks by various figures.

The first event was an extended presentation on coding for accessibility by Nawaz Khan of PayPal, in which he discussed how developers can integrate accessibility principles into their software from the design phase, and how persons with disabilities can productively make their issues known to developers. He encouraged developers to adopt international standards such as WAI-ARIA, and also encouraged developers to use accessible open source libraries and testing tools. He took questions about standards for other types of disabilities beyond visual impairment, joining the global conversation around accessibility standards, and accessibility design for mobile platforms.

The main event was a panel on the awareness of accessibility issues in India and how they could be improved, both in the public and private spheres. In attendance were Abhik Biswas of Prakat Solutions, Pranay Gadodia of Deutsche Bank HR, Shalini Subramaniam of PayPal, Balachandra Shetty of Intuit, Sandeep Sabat of ZingUp Life, Kameshwari from Wipro, Mahabala Shetty from NIC, and Srinivasu from Informatica. The panel was moderated by Giri Prakash of Hindu Business Line. They discussed issues including how to promote a stronger government response to accessibility issues, initiatives that can be taken from the private or civil society sector in order to address accessibility issues, the lack of awareness around accessibility in the Indian context, and the responsibilities that developers have to make accessible apps and products. Shalini from PayPal talked about the potential for government initiatives such as Make in India could be used to further the availability of accessible consumer products and services in India.

The second speaker, Kameshwari Visarapu from Wipro, talked about how persons with disabilities need to make their voices heard in society. She stressed that, while the laws are already in place, people do not demand their rights. Without this, the government and any community, even those with the necessary power, would not be able to make the changes. Mahabala Shetty from NIC pointed out that NIC is responsible for developing and updating various government websites. He said he understood that the inaccessibility of government websites and services is a serious problem, and pledged to make sure that all websites would be made accessible in the coming months.

The fifth speaker was Sandeep Sabat of ZingUp Life, also a health tech company, which seeks to help people with issues not just around physical health, but also emotional, mental and spiritual health. He drew a comparison with the beginning of the mobile revolution, when people would say that web on mobile is a small, niche space, which eventually gave way to the idea of mobile-first design. Extending this analogy, he said that design must now be accessibility-first, in order to ensure that it becomes part of the culture of product development.

The sixth speaker at the event was Balachandra Shetty from Intuit. He pointed out that design principles needed to make a product accessible and making that product easy to use for the general public are the same, and that improving the user experience for 20% of the population effectively improves it for everyone.

The seventh speaker was Pranay Gadodia from Deutsche Bank HR, who argued that accessibility was important not just for persons with disabilities, but for everyone. He gave the example of ramps on public entrances, which make access easier for everyone. He demonstrated the use of a screen reader and tried to order food through Swiggy. When he found that the app was inaccessible, he pointed out that they had just lost a customer.

The eighth speaker, Srinivasu from Informatica, talked about his work in the accessibility space for various NGOs and companies. He argued that inaccessibility was never built into a product by design, and that any problems were the result of ignorance. He also said that accessibility work was the only career with two major benefits – that of creating an immediate impact among the community and being the kind of work that not only takes advantage of a business opportunity but also directly benefits consumers.

The ninth speaker, Abhik Biswas, said that he believes that accessibility is a nonissue, because if everyone wrote good code and followed best practices, all products would be accessible anyway. He said this was not always the case with software tools. He gave the example of work that Prakat did with a provider of legal software. In large corporate lawsuits, parties would usually share terabytes of data with each other, and legal e-discovery software is used to discover patterns for evidence. An inaccessible document would be useless to such software so, of course accessibility isn’t an issue only for a certain set of people. If you’re in the innovation space and trying to solve problems, he stressed, then accessibility is an issue.

The moderator then raised the issue of the lack of progress for persons with disabilities in the past five years. He asked what progress has been made in the legal area, and whether there are any solutions that users can come up with themselves rather than waiting for government action. Shalini pointed out the inaccessibility of the Swiggy app, and added that there are automated accessibility checkers for apps, both Apple and Android. She demonstrated this for the audience.

Kameshwari said that part of the problem is that a single person may not be able or willing to make much noise. There are a lot of communities that have been formed on a corporate/state/national level, but collectively making noise is important for major changes. One process that her own company tried was creating a repository of pre-tested accessible components, which has two advantages; the developer can pick the component from a standardized repository, and the component would have been pre-tested for accessibility and responsiveness. This is another possible solution – which people collectively come up with standardized repositories of accessible components.

She then gave the example of an accessible garden in Kerala, where persons with disabilities could visit and touch different types of plants in a guided experience to help them identify and understand them. When talking about inclusivity, she asked, why create a separate garden? Integrate these features into all gardens instead, she suggested.

The third speaker said that the government drains enthusiasm from people, and insisted that it could only play the role of a facilitator. The need is to inspire the necessary passion in people to carry forward the issues themselves.

Sandeep said that the intent is already there, but the government was not capable of doing it alone. The social fabric of the country needs to change, along with the attitude of the society. To that end, they suggested making accessibility a non-issue, and looking for opportunities to integrate it into society at large. Instead of thinking of it through a usability standpoint, consider how to improve the overall user experience of a product through the lens of a user with disabilities.

Balachandra pointed out that while love is a strong emotion, fear too is very powerful. The laws in the Commonwealth are much stricter than those in the US, he pointed out, and yet apps built in those countries are far more accessible than those in Indonesia, India etc. So, he suggested that if a product proved to be inaccessible to a certain segment of the population, the employees responsible could face down the CEO, and fear would drive them to make their products accessible. In addition, he called for stricter laws and a possible amendment of the IT Act, drawing upon laws in the Commonwealth and France. Disability discrimination in the US carries a high penalty, and suggested that similar laws would enforce accessibility in local products.

The moderator asked Pranay: is it possible for app developers or mobile platform providers to make accessibility mandatory for apps that are publicly released? He answered that as a tech developer he might not be the right person to answer that, however, he know that the iOS framework is much more stringent than Android in this regard. He called on users with disabilities to call out inaccessible design wherever they saw it, in order to inform developers and to create a healthy competition to make companies disability-inclusive. He also pointed out that many corporations hold events or draft policy for persons with disabilities without involving them in the decision-making process, and that this needed to change.

Srinivasu stressed that the job of making government services accessible fell on the developers within the government, who are in-house, or the vendors, who work for NIC. There are two things the government can do, he said; when asking for a vendor, they could refuse those who make inaccessible products, thus making accessibility a requirement for procurement.

The second is to raise accessibility issues at the level of education. He gave the example of several apps like TaxiForSure and Cleartrip, all of which responded to accessibility issues raised by their users. He stressed that any user could give feedback, and not just those with disabilities, and that raising awareness is a duty for everyone. He asked the audience to share the event on WhatsApp, and to type with their non-dominant hand, as a simple way of understanding disability. The other exercise he called on the audience to do is to write a post about the event on Facebook or their blogs using only the keyboard, without touching their mouse. In this way, he drew attention to thinking about accessibility whenever one uses a website or software.

Abhik took the opportunity to add one more dimension, an area of concern for app developers in India in particular – that of linguistic accessibility. Most apps, he pointed out, are being developed in English only, and most government apps have the additional burden of considering vernacular languages, while NVDA only supports 10-12. The government can’t solve this problem by making multilingual websites, as developers also need to contribute to projects like NVDA in order to build support for other languages. Accessibility, he stressed, wasn’t anyone’s problem, but everyone’s problem.

After this, Shekhar Naik, former captain of the Indian blind cricket team, talked about his life story. He mentioned that there are over 5c0k blind cricketers in the country. He talked about his passion for cricket, how it brought him to where he was today, and thanked the government for its increased recognition and felicitation of persons with disabilities.

After that, the owner of Pothole Raja, Pratap Bhimasena Rao, spoke about the importance of the accessibility of built environments such as roads. He pointed out that 25% of vehicular accidents cause a disability, and stressed the need to address these issues to promote not just accessibility, but prevent disability.

After this, Amit Balakrishna Joshi from the state government gave a brief overview of the Karnataka government’s accessibility and e-governance initiatives. He spoke about the Karnataka Mobile One app, an initiative to consolidate and digitize several state government services. As the world’s largest Mobile One platform, it would integrate about 40 departments, with the objective of bringing equality in service delivery across socioeconomic, linguistic and literacy divides.

At 7:00, Sean Murphy from Cisco gave a talk on universal design principles. He discussed how universal design is important to maximize market access, ensuring that a company reaches 100% of its market. In Cisco, accessibility is integrated into the product lifecycle right from the design phase to testing to rollout.

He also discussed regulatory standards such as Section 508 in the US, which he stressed were critical to securing industry-wide accessibility. The event ended at 7:30 p.m.

Images:

Participants light the lamp to commemorate the start of GAAD 2017.

Prakat Solutions co-founder Abhik Biswas speaks at GAAD 2017.

Panelists discuss accessibility challenges in India.

For more details visit https://cis-india.org/accessibility/blog/report-gaad-2017

Reply comments of CIS in the matter of the WIPO draft proposal

praskrishna — 2011-08-22T13:18:38Z

Reply comments of CIS, Daisy Forum of India and Inclusive Planet to the comments filed by Steven J Metaliz in the matter of the WIPO draft proposal.

For more details visit https://cis-india.org/accessibility/publications/Reply-Comments-to-WIPO-draft-proposal

Reconceptualizing Privacy on Social Network(s) Sites

rebecca — 2011-08-18T05:07:09Z

While “privacy” on social network sites remains a highly ambiguous notion, much debate surrounding the issue to date has focused on privacy as the nonpublic-ness of personal information. However, as these social platforms become sites for diverse forms of “networking”, privacy must also be popularly conceptualized as control over personal data flows.

The perils of information exposure and the loss of privacy on social network sites (SNS) has become a talked about issue. Information once considered has private has in many instances become viewable by unintended audiences of parents, colleagues, college admission officers, employers, even the courts. The recent Facebook privacy scandal, which left sensitive personal information for millions of users open and searchable via Google, heightened privacy consciousness amongst users, public interest groups, and Facebook itself. As the free flowing nature of information on the internet has redefined practices surrounding the disclosure of information, new and multidimensional privacy challenges have arose as a result.

The much-celebrated ethos of “openness” continues to attract numerous and diverse users to SNS, and without a doubt, these platforms have enabled users to stay connected and share information with the people around them -- for better or worse. However, it is within this inherently open context that notions of privacy are continuously being challenged and redefined. While a particular user may prefer to keep certain information widely available to attract “potential friends” within a certain network or social circle, it may go without saying that the same user may not be comfortable with a family member viewing that same information, or having personal information open access to third parties. It is this iterative tension between “openness” and privacy which beckons the need to balance the openness of SNS with the privacy of its members.

Privacy as a Semi-Public Personal Space

Most commonly, privacy has been interpreted by users as a “lack of access”, or the degree to which they are able to protect their information from the public gaze. Various research examining the privacy (mal)practices of users have also, by in large, conceptualized privacy within this public/private binary. The most popular SNS today do allow users to careful define their privacy level. However, whether or not the information of a user remains open, restricted, or private will depend on the privacy preferences unique to the user, and to some degree, the architecture of a particular SNS. Inferring from privacy in practice, researchers have generally labeled users as privacy fundamentalists, pragmatics, or the marginally concerned . While making this distinction has been useful, is important to note that the diversity and complexity of relationships within a single networked space obscures the inherent simplicity of such typology. With many online social networks becoming representative of offline affiliation, the challenges inherent to maintaining a diverse number of social relations online may lead researchers to interpret uncertain privacy practices as paradoxical. Such a notion also calls into question the utility of categorizing users according to their privacy practices.

To illustrate such complexity, many users today are compelled to join sub-networks or groups within these sites, which then cluster users and relax the privacy settings between them. While a college student may wish to keep weekend outings hidden from the professors they have connected with, they may also be tempted to reveal such information with his network of peers-- to which the professors may belong. The open nature of these sub-networks are inherently valuable for maintaining offline affiliations, friendships and collegial relationship. However, this also increases the likelihood invisible audiences of unintended users may gain access to potentially unflattering information to an . By joining a network on Facebook, for example, the personal information of a users profile page becomes open to all “friends and networks”, even if the users may previously had their information set behind a more granular privacy settings.

Within these open spaces, the ability of users to make appropriate or selective disclosures of information is becoming obscured. While Facebook does allow for users to alter the settings after joining a network, such “openness by default” may catch many users off guard or only be brought to their attention once they face its negative repercussions. Because the maintenance of a wide variety of such social relationships depends on the disclosure/non-disclosure of certain types of information, privacy in praxis has become an act of balancing the utility of social network with the privacy concerns they present. Users are now faced with the challenge of classifying certain pieces of information public or non public, or determining suitable practices of disclosures amongst a diverse social graph. It is not to be expected that such decisions will become easier within a context whose architecture is built on openness to make it “easier for friends to find, identify, and learn about you”.

Privacy as Control over the Flow of Information

While the classification and coding of information vis-à-vis a diverse set of relationships forms the base of practice for most of the privacy conscious, this paradigm of privacy remains rather limited within a defined network of individuals, whether they be “friends”, within an intended audience, or not. Within this framework, information is understood as being either socially or institutionally sensitive, as its exposure may affect certain social or institutional relationships. Given the spatial and temporal context the “social profile” gives to personal information, it is reasonable to see how popular understandings of privacy have been within the public/private paradigm.

While this may be the case, it is important that users observe how the inherently “networked” nature of these spaces complicates the common privacy paradigm. When a user joins a SNS, they enter into a complex and opaque set of networked relationships beyond those with their “friends” and “friends of friends”. There exists sub-networks of third-party actors which constitute corporate entities, their partners and affiliates --may they be advertisers, third party developers, or a broad range of other service providers. Many of which are granted access to your information in varying forms and for differing reasons. With the introduction of the Open Social network, fronted by Google and various social advertising and developers networks, the ability for one to maintain the control and integrity of their information or “data” has become an increasingly complex endeavor.

While the importance of maintaining non-public social spaces online should not be diminished, in a time when collecting, storing, aggregating and disseminating information has become increasingly easy and cost-effective, users of SNS must begin to conceptualize online privacy in a way which extends past the social context popularly understood to give “information” meaning. Once information loses its contextual place of meaning, which may be the profile itself, users seem less apt to consciously consider the collection and dissemination of such data as a breach of privacy, or even a concern at all. It may be true that the socially sensitive nature of such data is reduced once it is disassociated with a particular user, or that the click stream patterns and other information collected by advertisers through cookies may not always pose a direct and potential threat to our privacy as we’ve thus far conceived it. However, a brief glance at the privacy policies, terms of use, and on-site practices of a few SNS illuminates that privacy must be seen as the control over the flows of personal information.that

Privacy vis-à-vis Third Parties

As many have illuminated, SNS are commercial enterprises with a business model based on the harvesting of personal information for marketing and other purposes. Therefore, it may be naive for a users to believe what happens on these sites stays on these sites, or that privacy settings, however granular they may be, grants them adequate control over their information. While SNS such as Bebo state that they “take your privacy very seriously”, the onus is on the user to determine whether or not the privacy standards of third party applications are up to par. The transfer of responsibility for monitoring the privacy practices of third parties is characteristic of many popular SNS. MySpace states in their privacy policy that they do not “control third parties” and cannot “dictate their actions”, while Facebook similarly states that they cannot guarantee that such third parties will “follow their rules”.

As third parties are often governed by their own privacy policies, the unmonitored and unenforced nature of these networked relationships places further responsibility on the individual users to ensure that privacy practices are adequate. This becomes quite difficult on SNS like Facebook, where third party developers are granted access to the personal information of all you and all your network members, including photos, videos, and other biographical information.

The relatively anonymous nature of these parallel sub-networks also obscures the ability of the user to take control over the accessibility of their information. Further, the privacy policies of the various SNS give no indication as to “who” their affiliates, partners, and service providers are. Most SNS also reserve the right to transfer personally identifiable information to its partners and affiliates if they have a “business reason to do so” and in all cases, advertisers are subject to their own privacy policies with regards to the information they collect -- some of it personally identifiable. To complicate matters, all of the leading SNS, including Facebook, Orkut, Myspace, and Bebo, reserve the right to collect information about you from other companies and publicly available sources. It is unclear as to what information is being collected or for what purposes, and unfortunately, such information is effectively kept “private”.

Redefining Privacy on Social Network Sites

Social network sites can be seen as open spaces which allow users to maintain diverse personal relationships. However, the somewhat anonymous parallel networks of third parties which exist on these sites threatens the “open nature” of these sites vis-à-vis our privacy. While users may maintain that the information they have provided is kept secure and private, these parallel third party networks negates the control an individual may assert over the flow of their information. It is within this context that privacy needs to be conceptually redefined in relation to both user “information” as it appears on a social profile, and “data” once it is processed by third parties. There is a need for an alternative paradigm to privacy on SNS which takes into consideration the flow, retention and use of personal information.

While it may be too early to determine whether or not the expected digital dossiers complete with complex user-specific biographical data will be developed or come to threaten our privacy in a fundamentally new way, it is also premature and erroneous to assume that traditional notions of privacy are fundamentally antithetical to the net. As communication become increasingly mediated by digital technologies, so to should our perceptions of privacy and ways of preserving it. SNS must also become responsible for ensuring greater transparency in the flows and uses of personal information, working to standardize the privacy policies in such a way that makes the user experience one which is seamless with respect to privacy practices. Initiatives such as the W3C’s P3P are a promising step towards nurturing a more nuanced understanding of privacy among internet users. Only through understanding privacy as the control over the flows of personal information can be balance the interests of SNS users with the business models of these “open” networked spaces.

Top of Form

For more details visit https://cis-india.org/openness/blog-old/reconceptualizing-privacy-on-social-network-s-sites

Recommendations for EU cyber diplomacy

basu — 2020-09-19T13:32:36Z

Written statement by Arindrajit Basu delivered at the EU Cyber Direct Civil Society Forum 2020

1.Key issues for EU cyber diplomacy

There are two key issues that the EU should take the lead on. Extra-territorial surveillance by several countries, in partnership with private actors continues with aplomb. In Schrems II, the Court of Justice of the European Union has already dealt a decisive victory for civil society actors campaigning against US law and surveillance policy, and protected the rights of EU citizens by doing so. Channelising the rich human rights jurisprudence in the European Convention on Human Rights, the court was able to highlight how existing US law and policy do not comply with the principle of proportionality in the ECHR..While the courts are an important avenue of resistance, other countries targeted by illegal and illegitimate surveillance often do not have judicial recourse or the clout to effectively counter surveillance practices.In line with the accepted principles of international law, the EU must engage in diplomatic posturing calling for reining in the use of extra-territorial surveillance,which includes surveillance enhancing technologies, mass dragnet surveillance, and surveillance by private actors.

The second key issue is that of ‘data sovereignty’-or a recognition that notwithstanding the significance of cross-border data flows, the ultimate responsibility of guaranteeing citizen rights in the digital sphere lie with the state enforcing laws in that jurisdiction. Undoubtedly, this responsibility must be discharged in conjunction with the principles of international law but the policy space itself should be sovereign, and not be dictated by other states or private actors. This sovereign space includes the right to regulate private actors such as technology companies through taxation, anti-trust laws, and impose on them key human rights obligations. It also includes an obligation to protect citizen interests against foreign adversaries.Sovereignty must not be conflated with brazen technology nationalism that involves restrictions on foreign technology or investment that harms the economic welfare or civil liberties of a state’s own citizens.

Several jurisdictions including the EU are grappling with the precise contours of ‘data sovereignty’ and what it means in today’s increasingly fractured geo-political climate. However, as it set the ball rolling with privacy enhancing diplomacy across the world, the EU has an opportunity to work with several key partners, including emerging economies such as India, Brazil and South Africa to ensure that these debates culminate in digital ecosystems that preserve the rule of law while also increasing digital accessibility and reducing inequality.

2. Multi-stakeholder coalitions

The EU has signed up for multilateral coalitions such as the Global Partnership on Artificial Intelligence and EU countries have signed onto multi-stakeholder digital agreements such as the Paris Call for Trust and Security in Cyberspace. While coalitions have been dismissed (incorrectly I believe) as talking shops, often efficient coalitions can attain key goals and promote core democratic values. Through these coalitions, the EU should look to attract as vast an array of stakeholders as possible-both states and private actors.However, that should happen once the key principles, objectives and mechanisms of engagement have been charted out by the coalition. Attracting too many stakeholders without having these clearly charted out allows for the agenda to be hijacked or limited.

3. Engagement with civil society abroad

The EU has to some extent successfully engaged civil society actors from various parts of the world. The Closing the Gap Conference held successfully by EU Cyber Direct in July showcased quality scholarship from all around the world and enabled dialogue between participants that we do not see often. The dialogue we are having today is a critical form of engagement.The EU should also consider supporting and providing resources for transnational movements such as the #Keepiton coalition that is advocating against internet shutdowns around the world and other civil society consortiums that are upholding values the EU also believes in around the world. Further, it is clear that European policy innovations-be it the GDPR or the European Data Strategy deeply impacts the future of global digital spaces. Therefore, robust consultative mechanisms should be deployed to ensure that academics and civil society participants from all over the world have a meaningful opportunity to shape these policies, keeping in mind the resources available for organisations, specially those in the global south to do the same.

17th September 2020.

(Remarks delivered via video-conferencing)

(Note: This write-up is not meant to be an exhaustive representation of all recommendations for EU cyber diplomacy but captures the statement made by Arindrajit at the Civil Society Forum)

For more details visit https://cis-india.org/internet-governance/blog/recommendations-for-eu-cyber-diplomacy

Reaping the Benefits of Gamification

dipali — 2015-10-24T14:24:55Z

As a part of the Making Change blog-post series, in this post we will identify a new technique: gamification. This technique is being used for sustainable environment conservation by modern day change-makers. We interview two out of three co-founders of Reap benefit- Kamal Raj and Gautam Prakash who believe in the adoption of more sustained environmental practices that induce social change towards conserving the environment.

CHANGE-MAKER: Kamal Raj,Gautam Prakash and Kuldeep Dantewadia
 
ORGANISATION: Reap Benefit 

METHOD OF CHANGE: Gamification and Human centric systems for consistent behavior change towards better waste-water-energy management. 

STRATEGY OF CHANGE: Building a new era of environmentally conscious youth in India through technology and an interdisciplinary approach to change.

We depend on the environment and the resources that it provides us, but surprisingly we are unaware of the effects of its depletion and the need to save these resources. A few of the problems that people now face are with resources like- water,waste and energy because we do not acknowledge the fact that we are wasting them unconsciously. This only triggers the need for more and more solutions which would change the way people perceive the resources and realize the need to conserve. While trying to start an initiative to come up with some solutions to manage these resources, we are approached by the question of the accessibility, affordability and sustainability of those solutions. The solutions and the practice of that solution is a two-way process for any sustainable making-change initiative.

In this post I will be introducing to you Reap Benefit and the technique of Gamification. I will bring out a comparative analysis of the various definitions by renowned gaming authorities across the world who are involved in the process of using games in non-game contexts to bring out change in the offline space. Only after this, will I be acknowledging the importance of the strategies used by Reap Benefit for making these solutions sustainable. The strategies will be- human centric solutions and gamification. Then, I will bring out the connection between these two strategies to provide you an inter-disciplinary understanding of the making change process. Next, these strategies will be coupled with the discussion on the use of technology to speed-up the process. Also, throughout this post we will be referring to the blog- Methods of Social Change written by Denisse Albornoz and we will also make an attempt to answer the questions- 'Who,Where,How' of this making change project in relation to Reap Benefit. The blog post can be accessed here.

Before the journey of the post, I would like you to read this little success story narrated by Kamal Raj in the interview that led Reap benefit a step higher in its aim for making change:

Reap benefit went to a school which received only 400 litres of water supply a day resulting in poor health and care conditions. This water would be used for washing their plates after the mid-day meal and also for sanitation systems. This would only make the place a platform for water, food and breeding mosquitoes all together. Since the students usually consumed food with their right hand, while taking the plate to wash it, they would leave the plates at one side; they would open the tap with their left hand, would take their plates again and start washing them. During this time interval, they would waste a lot of water.

As, a solution to this, Reap Benefit changed the taps which would discharge 60% less of water. They also created a clean water purification system. Now, with the same 400 litres of water, students washed their plates and adopted better sanitation practices. The challenges that they faced actually made them innovate better systems for remarkable change.

Think about these questions for a minute..

Does this story relate to physical needs?
Does this story relate to creative problem solving?
Is it a story that brings out better affordable solutions?
With this solution were the students benefited?
Was this a successful idea?

Reap Benefit

First of all, take a look at a brief introduction of Reap Benefit given by Kamal Raj:

Kamal: "Reap Benefit works to implement affordable solutions, enabling quantifiable waste-water-energy management systems, as a way to facilitate behavioural change by engaging the head, hand and heart of the user. Having worked with many people, we have realized that behaviour modification allows for more sustained adoption of environment sustainability practices. We take them through a 4-stage behavioural change process – ‘Unconsciously Wrong’, ‘Consciously Wrong’, ‘Consciously Right’ and ‘Unconsciously Right’ (we will understand this process later in the post). A link to the website is here- Reap Benefit."

Reap Benefit is bound together by the deep concern for the environment they have and the dead-lock issues that it faces. They aim for affordable solutions with maximum impact in the least time. Kamal marks that they work only with the students within the age group 10-16, because the use gamification is most effective in this age group. Also, he makes an addition to that by saying the rewards the older age groups demand are not as easy-to-meet as those of the age group they work with. It also aims to co-create experiences by working hands on with the youth: their target audience for creating change.

It is said that the more you practice the better you get. By this, I would like to introduce you to the concept of quotidian activism. Reap Benefit deeply believes in this concept. But, what does quotidian activism mean? A working definition is: the form of activism occurring everyday. This form of activism may lead to people making actions sustainable and achieve consistent behavioural change, supported by products and innovations provided by Reap Benefit (later in this post, I will introduce you to some of these innovations).

Finally, Reap Benefit highly focuses on the need to answer the ‘why’ behind the problem. This answer would provide a more personal understanding of the problem for creating change. By engaging the participant with the 'why', he will also be able to evaluate the impact and the benefits of his actions, take ownership of the problem and comprehend the need for innovation.

What is 'change' for Reap Benefit?

Presuming every organization has its own design to making change, Reap Benefit's understands it in the following way:

Gautam: “Change for us is a very sub-conscious part of your life. (It is also a) two stage process- knowledge: which will tell us we need solution and the solution. The knowledge will tell you that you are unconsciously doing the wrong thing. Then when you realize it, you go to a stage of consciously wrong. When you keep doing this you reach a stage when you know that you are consciously doing right, and soon, you are doing it every single day and then you unconsciously do it.”

I will attempt to understand their process of change by adding that this 'to be good' drive in the individual or the need for public approval is what makes them do unconsciously right everyday, and then it is only the last stage what makes it a habit. Gautam also mentions that each of these stages has an impact of its own and altogether, they become more powerful. This change process will lead to sustainable change according to him.

We have seen the change agents that are vital to create change, but how is this change executed? In the next section we will look at two strategies used for making change: gamification and human-centred design and later, we will only try to produce a connection between them.

Discovering Gamification

In this section, we will unpack the first part of the 'how' question. First of all, we will compare the various definitions of the technique given by people involved in understanding the use of game elements in the non-game contexts, to create change in the emotional and social behaviour of people. The definitions of these three people in the big list of so-called gamification authorities will be used provides us with keywords for a comparative understanding of what the technique means. These three people are:

JANE McGONIGAL: She is an American game designer and author who advocates the use of mobile and digital technology to channel positive attitudes and collaboration in a real world context.

GABE ZICHERMANN: He is an author, public speaker, and self-described "serial entrepreneur." He has worked as a proponent of leveraging game mechanics in business, education, and other non-entertainment platforms to increase user engagement through gamification.

JESSE SCHELL: He is an American video game designer an acclaimed author, CEO of Schell Games and a Distinguished Professor of the Practice of Entertainment Technology.

Definitions

JANE McCONIGAL	GABE ZICHERMANN	JESSE SCHELL
“It is a blissful productivity acquired by the flourishing feeling, that is, accomplishments in a game but only with a volunteering attribute of the participant.”	“Games are the only force in the universe that can get people to take actions against their self-interest in a predictable way without using force.”	“It is a problem solving situation that you enter into because you want to.”

I would be like to bring points of intersections between these three definitions.

VOLUNTEERING ATTRIBUTE VS. USE OF FORCE: The volunteering attribute is an efficient way to foster sustainable participation, as opposed to the use of force which makes a campaign less appealing.
PROBLEM SOLVING SKILLS: Games are a very responsive way of trying to accomplish problem solving as the person is engaged with the problem and willing to solve it.
PRODUCTIVITY: There problem solving skills leads the participant to a desired outcome.

These points also give you a clear understanding of Reap Benefit who works along the same lines with the volunteer or participant to solve the problem of conservation.
But, does the usage of games actually produce behavioral change? If so, how do games provide this function? These are some of the questions we will try and attempt to answer in the next section.

Games as a Tool to Influence Behaviour

Playing games results in obtaining rewards in some form of the other. These rewards psychologically induce a positive emotional feeling in the participant. When the participant learns something through games and when that emotional feeling arises, he tries and incorporates the same solutions in the games to solving the real life problems. This brings out an improved result and problem solving ability. But what about the affordability of that solution? We need to understand ways to make it affordable because any task once done will not induce consistency in the behavior change. But the task repeated many times will improve or change the behavior over a long period of time. So, when the question of affordability (financial fear) is answered then the emotional feeling primarily can bring out change in the behavior of the individual. (Yongwen Xu, 2011).

There are also some game mechanics that are to be kept in mind to change behavior while designing games apart from just the element of fun and affordability. So, we will now look at another authority involved in gamification in the upcoming section to explore these mechanics. We will also try and understand these mechanics in relation to Reap Benefit.

Game Mechanics

Seth Priebatsch is the creator of SCVNGR and LevelUp social gaming sites. He has provided a list of game mechanics which could be necessary to understand games and why they produce particular changes for a better environment. These are:

Appointment Dynamics: to bring players to do something at a pre-defined time and place.

Influence and status: any participant or group that is involved in the change-making process, is influenced by the presence of others because of the competition and the envy that leads them to carry forward the task

Progression Dynamics: the success of the student is measured through the tasks by giving rewards.

Communal Discovery: the entire group or community works towards making change.

Seth's model could be applied to the process of creating change that Reap Benefit uses, and this is illustrated through their experience of a student-run energy audit in the field. A set of students were assigned the task of doing an audit for the energy conservation and the energy usage of a Puma store. They were just given the base for the audit but the criteria for the audit was planned by them. The students were encouraged by the thought of getting rewards for the task. Kamal recalls that they had used games to make the children understand it.

Relating this to Seth's Model, the children were given a pre-defined time and place for doing the task and were influenced both, by the element of competition between the students and also the idea of receiving a reward once the task is completed. The task only ends by obtaining a sense of communal discovery that, all together they can make change on a personal and team level. We understood Seth's model but we will try and comprehend deeper, the use of rewards for inducing behavioral change in the next section.

Rewards Mechanism

Kamal commented on Reap Benefit's 2-3 months periodic reward mechanism. He believes that this makes students equal in position before starting every task.

Kamal: "We use a lot of things like rewards to motivate them to play a game (with us) and we personalize all these rewards based on the questionnaire that we do at the beginning where we subtly understand what they like."

This information which gives ideas of how to encourage each student to get the best performance out of them.

a) Extrinsic rewards: The extrinsic reward here, for example would be allotting points to various participants/ teams. Michael Wu, a chief scientist in subjects like digital technologies, says extrinsic rewards are like a jump start to intrinsic rewards.Once the student acknowledges them, they acquire a sense of ownership and innovation and are empowered to create new solutions. Hence, awareness is not created before the task but an output from the task.

Refer to Gabe Zichermann's video for more on the importance of gamification and the rewards mechanism.

b) Intrinsic rewards: Apart from producing behavior change, gamification's can also indicate learning. One of the elements that facilitates learning would be:

Player Control: A participant will have certain amount of control while gaming which would lead to a sense of responsibility and accomplishment. Learning could be intrinsic only if there is responsibility of gaining a reward through a task.

There are many other elements that produce learning and they could be accessed here.

Human-Centric Model

Human-centred systems aim to preserve or enhance human skills, in both manual and office work, in environments in which technology tends to undermine the skills that people use in their work.

We will now answer the second part of the 'how' question and show another strategy for making change. Human centric systems do not use machines to create solutions to the problems but rather design the game with the importance of the 'user-friendly' element. This has been explored in a past post by Denisse. Access it here.

Reap Benefit's ‘transparent dustbin’ is a great model to illustrate this. The dustbin is transparent for people to see and then throw the waste in according to different types of waste. It is kept at an eye-level so that the waste already thrown inside can help the person perceive and throw his waste in the exact dustbin and to make it easily accessible for the public.

These human-centric approaches provide a consistent change in the behaviour of the individual because the method is user-friendly and make segregation easy. The objectives is to engage in unconscious behavioural change. The transparent dustbin is better explained by this audio byte of Kamal Raj:

Another innovation of Reap Benefit, is the compose mixture

Kamal says: "The idea was to throw something with it, like the degrade compost product we innovated and the waste would compost, without smell, without taking 3 months."

This mix, by giving visual feedback could be accessible by anyone due to its low cost and easy-to-use method. So, these innovations justify and explain the benefits of human centric models and also produce many new ideas in the minds of the students( James,2010). I would like to explain this by a chain of ideas that arise while segregating plastic and non-plastic waste.

The participation in the structure (waste segregation model)

The negatives of the model (harmful effects of mixing plastic in the model)

Realizing the need for another mechanism (dustbins for different types of waste)

Another idea to support the new mechanism (dustbins should be transparent and named)

The need to spread this (start campaigning for the system)

Explaining this model in brief: the waste segregation model is the segregation of plastic and other waste. During this process the three ideas that arise are: a) the harmful effects of plastic, b) the need for a plastic waste dustbin and a non-plastic waste dustbin, and the last one, b) the transparency of the dustbin. Then the major question of spreading the model by using technology arises. This would be the model thought by the participant during the discussion of the usage of technology for sustainability.

But what is sustainability and how is it important? Complementing the technique of gamification and the human- centric approaches with technology to make it a sustainable solution is a challenge. This system may be adopted by all. But the aftermath of implementing this apparatus is a challenging question. In the next section we will comprehend the role of technology adding a more positive result to Reap benefit.

The Role of Technology and Media

This section will look at how Reap Benefit uses technology and media and then try and understand how the use of technology can make these solutions sustainable.

Kamal: "There are two aspects that are already existing- knowledge and the products. So, when someone starts the journey, technology enables us to be with them in this journey without us being there. Without the sharing of photos through digital media like facebook, keeping track of the journey would not be possible. We need technology to bridge the gap."

Information access is facilitated by the use of technology and digital media or social networking, as they share the systems with their online community. But, when this access is denied the only solution is to be a part of the in-tutor system and realize the positives of the same through experience. Technology takes Reap Benefit a step higher in its aim to make sustainable change by targeting youth, the main users of social network platforms.

Making Change

We started this post with an introduction to a very strong initiative- Reap Benefit. Techniques such as gamification and human-centric systems are used effectively by this organization to create maximum benefits. It focuses highly on the use of these strategies to induce behaviour modification in youth. We attempted to build a relationship between these techniques to answer whether they are sustainable, intelligible and accessible solutions to making change.

Summing up the 'WHO,WHERE AND HOW' question- We have only understood that, to use the opportunity and take charge before others do so, we need a 3-stage plan. We understood that the WHO means the target, the change agents who will lead the initiative and comprehend the need for change by themselves. The question of WHERE focuses on the idea of making change in the public space rather than in the private sphere which limits the extent of the change. We have summarized this only by bringing out the importance of technology to make change the largest priority of youth. The question of HOW is understood in this post by the use to affordable solutions.

The problems faced by the environment call for solutions that are affordable and accessible. These two qualities of the solution would only make it sustainable.These solutions are met by various game elements in a game and the human centric approaches that engage the individual in problem solving by disseminating knowledge to them and informing them about the problems. This makes those solutions to problem-solving evaluatable through quantity and the quality of the result of the problem. Behavior change will be only possible by solutions that break the existing schemas in the society and create new innovations. (James,2010). Now, through sustainable, innovative solutions through these techniques we can make the dream of a clear and clean environment a reality.

While this blog may help you gain a positive understanding about gamification it would certainly lead you to many more questions. In this digital age, we would surely have to ‘re-game-think’ the methodologies for change again and agai,n not only in terms of using unique techniques such as gamification but also in terms of accessibility of such techniques for change in the structural divisions in society.

Footnotes

Reward is one of the elements that drives the individual to adopt the gamification technique- the reward/feedback mechanism. You can acquire a profound reading on more of these elements that leads to further making-change here- http://www.yukaichou.com/.
A few more elements like the player control and communal discovery that indicates learning through Gamification could be found here- http://en.wikipedia.org/wiki/Gamification
More information on persuasive messages, strategies for changing behavior, rules for effective delivery, and how to manage the participants/audience in the making change initiative can be found-http://sustainability.berkeley.edu/sites/default/files/Promoting_Sustain_Behavior_Primer.pdf
To hear a talk show of Yukaichou on TEDx about Gamification- check it here- http://www.youtube.com/watch?v=v5Qjuegtiyc
To hear another talk show of Gabe Zichermann on TEDx about Gamification- check here- http://www.youtube.com/watch?v=O2N-5maKZ9Q
The process of creating sustainability through gamification and technology, according to Rachel James, goes as follows:

Attracting attention by breaking the existing schemas (mental structures of preconceived idea, Jean Piaget,1926) This can be done by creating a mystery for them and then involving the individual in complex thought processing to change the schema. Story-telling could also induce emotional reactions to inspire or simulate them.
Persuade them through gamification
Make the strategies for change very rigid which cannot be changed often and acknowledge what you deliver to your audience.

Sources

http://en.wikipedia.org/wiki/Gamification
James, Rachel. “Promoting Sustainable Behavior- a guide to successful communication”. Web. August 2010.
Xu, Yongwen. ” literature review on web application Gamification and analytics”. Web. August 2011.
http://www.yukaichou.com
Albornoz, Denisse. 'Methods for Social Change'. Web. February 2014. The link for the same is here- http://cis-india.org/digital-natives/making-change/methods-for-social-change.

*******************************************

About Dipali Sheth:

Studying in my 3rd year at Christ University gave me the opportunity to intern at Centre for Internet and Society. This post has been a result of my internship for a month under the Making Change program at CIS. My interest in Research and New Media started the journey here and has only added to making Research my zeal in the near future.

For more details visit https://cis-india.org/digital-natives/making-change/reaping-the-benefits-of-gamification

Reading from a Distance – Data as Text

sneha-pp — 2016-06-30T05:06:58Z

An extended survey of digital initiatives in arts and humanities practices in India was undertaken during the last year. Provocatively called 'mapping digital humanities in India', this enquiry began with the term 'digital humanities' itself, as a 'found' name for which one needs to excavate some meaning, context, and location in India at the present moment. Instead of importing this term to describe practices taking place in this country - especially when the term itself is relatively unstable and undefined even in the Anglo-American context - what I chose to do was to take a few steps back, and outline a few questions/conflicts that the digital practitioners in arts and humanities disciplines are grappling with. The final report of this study will be published serially. This is the third among seven sections.

Sections

01. Digital Humanities in India?

02. A Question of Digital Humanities

03. Reading from a Distance – Data as Text

04. The Infrastructure Turn in the Humanities

05. Living in the Archival Moment

06. New Modes and Sites of Humanities Practice

07. Digital Humanities in India – Concluding Thoughts

The concepts of text and textuality have been central to the discourse on language and culture, and therefore by extension to most of the humanities disciplines, which are often referred to as text-based disciplines. The advent of new digital and multimedia technologies and the internet has brought about definitive changes in the ways in which we see and interpret texts today, particularly as manifested in new practices of reading and writing facilitated by these tools and dynamic interfaces now available in the age of the digital. The ‘text’ as an object of enquiry is also central to much of the discussion and literature on DH given that many scholars, particularly in the West trace its antecedents to practices of textual criticism and scholarship that stem from efforts in humanities computing. Everything from the early attempts in character and text encoding [1] to new forms and methods of digital literary curation, either on large online archives or in the form of social media such as Storify [2] or Scoop-it [3] have been part of the development of this discourse on the text. Significant among these is the emergence of processes such as text analysis, data mining, distant reading, and not-reading, all of which essentially refer to a process of reading by recognising patterns over a large corpus of texts, often with the help of a clustering algorithm [4]. The implications of this for literary scholarship are manifold, with many scholars seeing this as a point of ‘crisis’ for the traditional practices of reading and meaning-making such as close reading, or an attempt to introduce objectivity and a certain quantitative aspect, often construed as a form of scientism, into what is essentially a domain of interpretation (Wieseltier 2013). But an equal number of advocates of the process also see the use of these tools as enabling newer forms of literary scholarship by enhancing the ability to work with and across a wide range and number of texts.

The simultaneous emergence of new kinds of digital objects, and a plethora of them, and the supposed obscuring of traditional methods in the process is perhaps the immediate source of this perceived discomfort. There are different perspectives on the nature of changes this has led to in understanding a concept that is elementary to the humanities. Apart from the fact that digitisation makes a large corpus of texts now accessible, subject to certain conditions of access of course, it also makes texts 'massively addressable at different levels of scale' as suggested by Michael Witmore (Witmore 2012: 324-327, emphasis as in the original). According to him: "[A]ddressable here means that one can query a position within the text at a certain level of abstraction" (Ibid. 325). This could be at the level of character, words, lines etc that may then be related to other texts at the same level of abstraction. The idea that the text itself is an aggregation of such ‘computational objects’ is new, but as Witmore points out in his essay, it is the nature of this computational object that requires further explanation. In fact, as he concludes in the essay, "textuality is addressability and further ... this is a condition, rather than a technology, action or event" (Ibid. 326). What this points towards is the rather flexible and somewhat ephemeral nature of the text itself, particularly the digital text, and the need to move out of a notion of textuality which has been shaped so far by the conventions of book culture, which look to ideal manifestations in provisional unities such as the book (Ibid. 327).

Of Texts and Hypertextuality

An example much closer home of such new forms of textual criticism is that of 'Bichitra' [5], an online variorum of Rabindranath Tagore’s works developed by the School of Cultural Texts and Records at Jadavpur University. The traditional variorum in itself is a work of textual criticism, where all the editions of the work of an author are collated as a corpus to trace the changes and revisions made over a period of time. The Tagore variorum, while making available an exhaustive resource on the author’s work, also offers a collation tool that helps trace such variations across different editions of works, but with much less effort otherwise needed in manually reading through these texts. Like paper variorum editions, this online archive too allows for study of a wider number and diversity of texts on a single author through cross-referencing and collation. Prof. Sukanta Chaudhuri [6], Professor Emeritus, Department of English and School of Cultural Texts and Records at Jadavpur University, Kolkata has been part of the process of setting up this variorum. According to him the most novel aspects of this platform, or as he calls it - 'integrated knowledge site' - are to do with these functions of cross-referencing and integration. The bibliography is a hyperlinked structure, which connects to all the different digital versions of a particular text (the most being 20 versions of a single poem). The notion of a bibliography has always evoked hypertextuality – the possibility to link and cross - reference texts, but with the advent of the digital, this possibility has been fully realized, as seen in the case of the hypertext [7]. For collation, the project team developed a unique software, titled 'Prabhed,' (meaning difference in Bengali) that helps to assemble text at three levels (a) chapter in novel, act/scene in drama, canto in poem; (b) para in novel or other prose, speech in drama, stanza in poem; (c) individual words.. For instance, you can choose a particular section of a book, poem or play - and compare its occurrences across different editions and versions of the work to note their matches and differences. If two paragraphs have been removed from one chapter, and put into another, that can be traced through the collation software. If a particular word has been omitted in a later edition, or if certain lines have been rearranged in a poem, these changes can be tracked [8]. What makes the search engine 'integrated' is not simply that it can search all Tagore's works in one go, but that it links up with the bibliography and thereby with the actual text of the works. It is interesting to note here the different changes that the text undergoes to become available for study on a digital platform, where it is amenable to intense searching and querying of this kind. It is now possible to search across a large corpus of texts, for minute changes in words or sentences, and ask questions of these in terms of their usage, instances and contexts of their occurrence, thus facilitating a kind of enquiry previously never undertaken in textual studies.

The project however is not without its challenges, as Prof. Chaudhuri further outlines. Working with Indic scripts is a persistent problem for digital initiatives in India. In Bengali some work has been done in the form of a scientifically designed keyboard software called Avro, which stores all the conjunct letters preserving their separate characteristics [9]. Developing Optical Character Recognition (OCR) for scanned material in Indian languages remains a crucial issue for most digitization and archival initiatives in India. Other issues include the problem of vowel markers appearing before the consonants, even if phonetically they follow and are keyed in afterwards. To get the font and keyboard software to recognize this is a big challenge. The third challenge, especially in the case of works printed from the nineteenth century to the middle of the twentieth century, is that there are vast differences in spelling; the same word can be spelt in different ways, and as there is no lexicon, one may not do any kind of general search. There is also the issue of a high degree of inflection in the language. A word may have a suffix (or, vibhakti) attached to it to indicate the case: one for the subject of the sentence, another for the object, another for the possessive case and so on. These are multiplied by the different forms of the verbs. The development of a lexicon in Bengali would be one of the ways to resolve many of these issues. However, as most people can only see and interact with the digital interface of Bichitra, and not really understand the process behind it, or the amount of work involved in making the platform work the way it does, funding for research and development, maintenance and sustainability is difficult to obtain. Backroom file management, which includes both paper and digital files remains a big but largely invisible task on such a platform. The total number of files generated from Bichitra is tens of millions or hundreds of millions, and many of these are offline files which would not even go on to the website. Hence while uploading the files, the basic groundwork for a retrieval system for different files serving different functions had already been laid, including the creation of a bibliography, which was a huge exercise in itself. The process of making text available as hypertext is labor that is invisibilized, and is rarely or never available to the end user.

Prof. Chaudhuri also speaks of ways in which the notion of textuality has been rendered differently through the use of the internet and digital technologies. Digital or electronic text has helped theorize better the notion of a fluid text - the fact that a text is never complete, but only bound between the covers of a book at a given point of several processes that are technological as well as social. The notion of the text itself as an object of enquiry has undergone significant change in the last several decades. Various disciplines have for long engaged with the text - as a concept, method or discursive space - and its definitions have changed over time that have added dimensions to ways of doing the humanities. With every turn in literary and cultural criticism in particular, the primacy of the written word as text has been challenged, what is understood as ‘textual’ in a very narrow sense has moved to the visual and other kinds of objects. The digital object presents a new kind of text that is difficult to grasp - the neat segregations of form, content and process seem to blur here, and there is a need to unravel these layers to understand its textuality. As Dr. Madhuja Mukherjee, with the Department of Film Studies, at Jadavpur University points out, with the opening up of the digital field, there are more possibilities to record, upload and circulate, as a result of which the very object of study has changed; the text as an object therefore has become very unstable, more so that it already is. Film is an example, where often DVDs of old films no longer exist, so one approaches the 'text' through other objects such as posters or found footage. Such texts also available through several online archives now offer possibilities of building layers of meaning through annotations and referencing. Another example she cites is of the Indian Memory project, where objects such as family photographs become available for study as texts for historiography or ethnographic work. She points out that this is not a new phenomenon, as the disciplines of literary and cultural studies, critical theory and history have explored and provided a base for these questions, but there is definitely a new found interest now due the increasing prevalence of digital methods and spaces.

Shaina Anand, artist and filmmaker, further espouses this thought when she talks about the new possibilities of textual analysis of film that are now possible, particularly in terms of temporal control, first with the DVD, then the internet and now with online archival platforms like Indiancine.ma [10] and the Public Access Digital Media Archive, or Pad.ma [11]. The first is an online archive of Indian film from the pre-copyright era (so effectively before 1955), while the second is an archive of found and archival footage, images sound clips and unfinished films [12]. Both platforms allow the user to search through an array of material, view/listen to them download or embed them as links. They make available to users not just an online database for storage and retrieval but also a space to work with a range of materials in multiple video and audio formats and themes through annotations and referencing. The annotation tool is perhaps the most innovative aspect of these platforms, wherein a user can pause, isolate a section of a sequence and annotate it using a range of options and filters. The annotations are textual, in the form of comments, commentary and marginalia (in the case of Pad.ma) and can also link to other paraphernalia around the film object, such as posters, images, advertisements and other literature. Users can also contextualize material by adding transcripts, descriptions, events, keywords, and even locating the events in the video on a map. These have brought to the fore several questions on relevance, accessibility and ownership, as in the case of raw footage from films, and opened up possibilities for such materials to be re-contextualized by the reader in different ways. This layering of annotations around the film object also creates a new research object, or text that then necessitates new methods of studying it as well. As opposed to the earlier practice of the researcher/critic having to watch the film first and then comment or analyse it, and relying on memory to generate the scholarship, it is now possible to pause, analyse or read and come back to the film and annotate the text in several ways. What does this do to the film text - the process documenting the form is new, not cinema as a form itself – is a question that comes up quite prominently here. The computational aspect also is important here, given the vast amount of footage that is now available, which then requires better lexical indexing to compute and manage large data sets. This has been a constant endeavour with Pad.ma and Indiancine.ma as well.

As in the case of film, what becomes prominent here is the move to a digital text of some sort. One such example of a digital text perhaps is the hypertext. George Landow in his book on hypertext draws upon both Barthes and Foucault’s conceptualisation of textuality in terms of nodes, links, networks, web and path, which has been posited as the 'ideal text' by Barthes (Landow 2006: 2). Landow’s analysis emphasises the multilinearity of the text, in terms of its lack of a centre, and therefore the reader being able to organise the text according to his own organising principle - possibilities that hypertext now offers which the printed book could not. While hypertext illustrates the possibilities of multilinearity of a text that can be realised in the digital, it may still be linear in terms of embodying certain ideological notions which shape its ultimate form. Hypertext, while in a pragmatic sense being the text of the digital is still at the end of a process of signification or meaning-making, often defined within the parameters set by print culture. As such it is only the narrative, and not the form itself that is multi-linear in hypertext fiction.

Textual Criticism in the Digital

But to return to what has been one of the fundamental notions of textual criticism, the 'text' is manifested through practices of reading and writing (Barthes 1977). So what have been the implications of digital technologies for these processes which have now become technologised, and by extension for our understanding of the text? While processes such as distant reading and not-reading demonstrate precisely the variability of meaning-making processes and the fluid nature of textuality, they also seem to question the premise of the method and form of criticism itself. Franco Moretti, in his book Graphs, Maps and Trees talks about the possibilities accorded by clustering algorithms and pattern recognition as a means to wade through corpora, thus attempting to create what he calls an 'abstract model of literary history' (Moretti 2005: 1). He describes this approach as "within the old territory of literary history, a new object of study." He further says, "Distant reading, I have once called this type of approach, where distance is however not an obstacle, but a specific kind of knowledge: fewer elements, hence a sharper sense of their overall interconnection. Shapes, relations, structures. Forms. Models" (Moretti 2005: 1, emphasis as in original). The emphasis for Moretti therefore is on the method of reading or meaning-making. There seem to be two questions that emerge from this perceived shift - one is the availability of the data and tools that can 'facilitate' this kind of reading, and the second is a change in the nature of the object of enquiry itself, so much so that close reading or textual analysis is not engaging or adequate any longer and calls for other methods of reading.

As is apparent in the development of new kinds of tools and resources to facilitate reading, there is a problem of abundance that follows once the problem of access has been addressed to some extent. Clustering algorithms have been used to generate and process data in different contexts, apart from their usage in statistical data analysis. The role of data is pertinent here; and particularly that of big data. But the understanding of big data is still shrouded within the conventions of computational practice, so much so that its social aspects are only slowly being explored now, particularly in the context of reading practices. Big data as not just a reference to volume but also its other aspects of data such as velocity, scope, and granularity among others significantly increases the ambit of what the term covers, with implications for new epistemologies and modes of research (Kitchin 2014). But if one were to treat data as text, as is an eventual possibility with literary criticism that uses computational methods, what becomes of the critical ability to decode the text – and does this further change the nature of the text itself as a discursive object, and the practice of reading and textual criticism as a result. Reading data as text then also presupposes a different kind of reader, one that is no longer the human subject. This would be a significant move in understanding how the processes of textuality also change to address new modes of content generation, and how much the contours of such textuality reflect the changes in the discursive practices that construct it. Most of the debate however has been framed within a narrative of loss - of criticality and a particular method of making meaning of the world. Close reading as a method too came with its own set of problems - which can be seen as part of a larger critique of the Formalists and later New Criticism, specifically in terms of its focus on the text. As such, this further contributes to canonising a certain kind of text and thereby a certain form of cultural and literary production (Wilkens 2012). Distant reading as a method, though also seen as an attempt to address this problem by working with corpora as opposed to select texts, still poses the same issues in terms of its approach, particularly as the text still serves as the primary and authoritative object of study. The emphasis therefore comes back to reading as a critical and discursive practice. The objects and tools are new; the skills to use them need to be developed. However, as much of the literature and processes demonstrate, the critical skills essentially remain the same, but now function at a meta-level of abstraction. Kathleen Fitzpatrick in her book on the rise of electronic publishing and planned technological obsolescence dwells on the manner in which much of our reading practice is still located in print or specifically book culture; the conflict arises with the shift to a digital process and interface, in terms of trying to replicate the experience of reading on paper (Fitzpatrik 2011). Add to this problem of abundance of data, and processes like curation, annotation, referencing, visualisation, abstraction etc. acquire increased valence as methods of creatively reading or making meaning of content (Ibid.). More importantly, it also points towards a change and diversity in the disciplinary method. Where close reading was once the only method by which a text became completely accessible to the reader, it is now possible to approach it through a set of processes, thus urging us to rethink the method of enquiry itself.

Whether as object, method or practice, the notion of textuality and the practice of the reading have undergone significant changes in the digital context, but whether this is a new domain of enquiry is a question we may still need to ask. Matthew G. Kirschenbaum in his essay on re-making reading (quoted earlier in this chapter) suggests that perhaps the function of these clustering algorithms, apart from serving to supplant or reiterate what we already know is to also ‘provoke’ new ideas or questions (Kirschenbaum XXXX: 3). The conflict produced between close and distant reading, the shift from print to digital interfaces would therefore emerge as a space for new questions around the given notion of text and textuality. But if one were to extend that thought, it may be pertinent to ask if DH can now provide us with a vibrant field that will help produce a better and more nuanced understanding of the notion of the text itself as an object of enquiry. This would require one to work with and in some sense against the body of meaning already generated around the text, but in essence the very conflict may be where the epistemological questions about the field are located. The digital text, owing to the possibilities of ‘massive addressability,’ mentioned earlier is now more fluid and socialized. The renewed focus on the textual is most apparent in this manner of imagining the text, using the metaphor of a highly interlinked, networked and shared text. It also puts forth important questions then of how we understand technology a certain way, especially in the context of language and representation as an important factor of understanding new textual objects. Is technology a tool for textual analysis, or is it in inherent to our understanding of the nature of the text? Is the development of these methods of enquiry shaped by certain disciplinary requirements, and do they also challenge or create new conflicts for traditional methods of enquiry? The growth in the study of different media objects, such as video and cinema, and the advent of areas such as media studies, oral history, media archaeologies has further prompted concerns regarding the study of the digital object in these disciplines, and a rethinking of how we understand the notion of the text.

Notes

[1] "The Text Encoding Initiative (TEI) is a consortium which collectively develops and maintains a standard for the representation of texts in digital form. Its chief deliverable is a set of Guidelines which specify encoding methods for machine-readable texts, chiefly in the humanities, social sciences and linguistics. Since 1994, the TEI Guidelines have been widely used by libraries, museums, publishers, and individual scholars to present texts for online research, teaching, and preservation." See: http://www.tei-c.org/.

[2] See: https://storify.com/

[3] See: http://www.scoop.it/

[4] For more on text mining see Lisa Guernsey in 'Digging for Nuggets of Wisdom,' in The New York Times, October 16, 2003 http://www.nytimes.com/2003/10/16/technology/circuits/16mine.html?pagewanted=print. For more on data mining, distant reading, and the changing nature of reading practices see Matthew Kirschenbaum in 'The Remaking of Reading,' http://www.csee.umbc.edu/~hillol/NGDM07/abstracts/talks/MKirschenbaum.pdf.

[5] See: http://bichitra.jdvu.ac.in/.

[6] Interview with author, July 30, 2015.

[7] A term coined by Theodor H. Nelson, which he describes as "a series of text chunks connected by links which offer the reader different pathways." As quoted in George Landow, Hypertext: The Convergence of Contemporary Critical Theory and Technology, Baltimore: John Hopkins University Press, 1992, 2-12.

[8] Bichitra, 'Collation Guide,' accessed on September 17, 2015, http://bichitra.jdvu.ac.in/bichitra_collation_guide.php.

[9] Omicron Lab, accessed September 17, 2015. https://www.omicronlab.com/avro-keyboard.html.

[10] See: http://pad.ma/.

[11] See: http://indiancine.ma/.

[12] For more on these platforms see the section on DH institutions in India.

References

Barthes, Roland. "From Work to Text". In Image, Music, Text. London: Fontana Press, 1977.

Fitzpatrick, Kathleen. "Texts" in Planned Obsolescence: Publishing, Technology and the Future of the Academy. New York: New York University Press, 2011.

Kirschenbaum, Matthew. "The Remaking of Reading". http://www.csee.umbc.edu/~hillol/NGDM07/abstracts/talks/MKirschenbaum.pdf.

Kitchin, Rob. 'Big Data, New Epistemologies, and Paradigm Shifts,' Big Data & Society, 2014, April–June, pp. 1–12, DOI: 10.1177/2053951714528481.

Landow, George. Hypertext: The Convergence of Contemporary Critical Theory and Technology. Baltimore: Johns Hopkins University Press, 1992.

Moretti, Franco. Graphs, Maps, Trees: Abstract Models for a Literary History, Verso, 2005.

Wieseltier, Leon, 'Crimes Against Humanities,' The New Republic, September 3, 2013, http://www.newrepublic.com/article/114548/leon-wieseltier-responds-steven-pinkers-scientism.

Wilkens, Mathew. "Canons, Close Reading and the Evolution of Method". In Debates in the Digital Humanities Ed. M.K. Gold. Minneapolis: University of Minnesota Press, 2012.

Witmore, Michael. "Text: A Massively Addressable Object". In Debates in the Digital Humanities, Ed. M.K. Gold. Minneapolis: University of Minnesota Press, 2012

For more details visit https://cis-india.org/raw/reading-from-a-distance-data-as-text

Reading For All

radha — 2011-04-02T14:26:41Z

Right To Read campaign has begun in India to voice the needs of the disabled to gain access to books - an article by Lubna Salim in Kolkata Mirror - Saturday, November 14, 2009

This year marks the beginning of the countrywide Right to Read campaign. As part of this campaign there will be road shows in the four metros and then these will be held in the different cities. Actors Nandita Das and Amir Khan and veteran journalist Rajdeep Sardesai are supporting the campaign.

The events of the campaign will include presentations, debates as well as demonstrations. There will be book reading sessions along with stalls whereby different accessibility tools shall be demonstrated. After the success of the first road show of this campaign in Loyola College, Chennai, the second one road was held in Kolkata. The venue for the Kolkata chapter of the Right To Read campaign was NUJS.

“As a visually impaired person I can identify with the goals of the campaign. I have suffered a lot having no access to books and other reading materials. Lack of access tends to make you so dependent on others,” says Moiz Tundawala, 5th year law student, NUJS.

Innumerable Indians are not able to read various printed materials due to their disabilities. Today there are technologies which can help such people to read print, once the materials are converted into alternate formats. These formats could be big print, audio and Braille or any sort of electronic format.

“Just try imagining life without books, without anything to read! Making reading materials available in accessible formats may go a long way in improving the life conditions of the print disabled and also help to make our society more accommodative, more inclusive. It is unfair to deprive some people of such a basic entitlement for no fault of theirs,” adds Moiz.

Our Indian Constitution guarantees its citizens “Right to read” as one fundamental right. But the copyright system does not allow us to convert books into accessible formats for the advantage of people who have print impairment. This leads to the creation of a “book famine”.

The international conventions to which India happens to be a party require it to revise its copyright laws. This will enable persons with the disabilities to avail of information plus material on the same basis as they are available to the others.

Moiz says, “People must endorse this campaign because it will give some people who have to struggle everyday for print access some hope that there are others who understand their concerns and think the same way as they do.”

Link to the original article

For more details visit https://cis-india.org/news/reading-for-all

Read Our Annual Reports and Audit Reports

Admin — 2025-12-29T14:02:33Z

Click on the links below to access our annual and audit reports.

Centre for Internet & Society Audit Reports 2024-2025 Quarterly receipt of Foreign contribution - Q1 (April - June 2024) Quarterly receipt of Foreign contribution - Q2 (July - September 2024) Quarterly receipt of Foreign contribution - Q3 (October - December 2024) Consolidated Audited Financials (FY 2024 - 2025) Centre for Internet & Society Audit Reports 2023-2024 Quarterly receipt of Foreign contribution - Q1 (April - June 2023) Quarterly receipt of Foreign contribution - Q2 (July - September 2023) Quarterly receipt of Foreign contribution - Q3 (October - December 2023) Quarterly receipt of Foreign contribution - Q4 (January - March 2024) Consolidated Audited Financials (FY 2023 - 2024) Centre for Internet & Society Audit Reports 2022-2023 Consolidated Financials (FY 2022 - 2023 + Audit Report) Quarterly receipt of Foreign contribution - Q1 (April - June 2022) Quarterly receipt of Foreign contribution - Q2 (July - September 2022) Quarterly receipt of Foreign contribution - Q3 (October - December 2022) Quarterly receipt of Foreign contribution - Q4 (January - March 2023) Centre for Internet & Society Audit Reports 2021-2022 Quarterly receipt of Foreign contribution - Q1 (April - June 2021) Quarterly receipt of Foreign contribution - Q2 (July - September 2021) Quarterly receipt of Foreign contribution - Q3 (October - December 2021) Quarterly receipt of Foreign contribution - Q4 (January - March 2022) CIS Signed Consolidated Audited Financials (FY 2021-22 + Audit Report) Centre for Internet & Society Audit Report 2020-2021 Download Audit Report (2020-21), (PDF, 926 KB) Quarterly receipt of Foreign contribution - Q1 (April - June 2020) Quarterly receipt of Foreign contribution - Q2 (July - September 2020) Quarterly receipt of Foreign contribution - Q3 (October - December 2020) Quarterly receipt of Foreign contribution - Q4 (January - March 2021) Centre for Internet & Society Annual Report 2020-21 Download Programmatic Annual Report (April 2020 - March 2021) Centre for Internet & Society Audit Reports 2019-2020 Download Audit Report (2019-20), (PDF, 1060 KB) Quarterly receipt of Foreign contribution - Q1 (April - June 2019) Quarterly receipt of Foreign Contributions - Q3 (October - December 2019) Quarterly receipt of Foreign Contributions - Q4 (January - March 2020)
Centre for Internet & Society Audit Report 2018-19 Download Annual Report Download Audit Report Quarterly receipt of Foreign contribution - Q3(Oct - Dec) 2018
Centre for Internet & Society Annual Report 2019-20 Download Annual Report (2019-20)
Centre for Internet & Society Annual Report 2017-18 Download Annual Report (2017-18), (PDF, 4809 Kb) Download Consolidated Financial Statements (2017-18)
Centre for Internet & Society Annual Report 2016-17 Download Annual Report (2016-17), (PDF, 1327 Kb) Download Consolidated Financial Statements (2016-17)
Centre for Internet & Society Annual Report 2015-16 Download Annual Report (2015-16) (PDF, 3559 Kb) Download Audit Report (2015-16), (PDF, 1907 Kb)
Centre for Internet & Society Annual Report 2014-15 CIS in partnership with the Office of the Chief Commissioner for Persons with Disabilities and the Centre for Law and Policy Research compiled the National Compendium of Laws, Policies, Programmes for Persons with Disabilities. During the year CIS signed memorandum of understandings with Mysore University (for converting to Unicode and re-releasing their encyclopaedia under Creative Commons License); Shri Dharmasthala Manjunatheshwara College (to introduce Indian Language Wikipedias in the Indian Under-Graduate and Post Graduate Classroom); Andhra Loyola College (for 5 years to enhance Telugu Wikipedia through increased contributions to Wikipedia and make it available under free license); and Nirmala Institute of Education, Goa (to enhance digital literacy in Konkani in the education sector across Goa). CIS also conducted an empirical study of five separate and diverse banks (State Bank of India, Central Bank of India, ICICI Bank, IndusInd Bank, and Standard Chartered Bank) to gain a practical perspective on the existing banking practices and policies in India, and published a Banking Policy Guide. Further CIS took part in the WIPO-SCCR meetings. India became the first country to ratify the Marrakesh Treaty and the Accessible Books Consortium was launched. Download Annual Report (2014-15) (PDF, 1 Mb) Download Audit Report (2014-15) (PDF, 527 Kb)
Centre for Internet & Society Annual Report 2013-14 CIS celebrated five years of existence with an exhibition showcasing its works and accomplishments since it was founded in 2008. Along with CLPR, CIS published a report on making the General Elections of 2014 participatory and accessible for voters with disablities. CIS signed a memorandum of understanding with Christ University, Bangalore, Tata Institute of Social Sciences, Mumbai, KIIT University and Kalinga Institute of Social Sciences for furthering the growth of Indian languages on Wikipedia. CIS is working with Privacy International on the Surveillance and Freedom: Global Understandings and Rights Development (SAFEGUARD) project and as part of the work drafted the Privacy Protection Bill. CIS hosted the second Institute on Internet and Society at Pune from February 11 to 17, 2014. The Knowledge Repository was compiled and presented to the participants. Download Annual Report (2013-14) (PDF, 1.3 Mb) Download Audit Report (2013-14) (PDF, 7174 Kb)
Centre for Internet & Society Annual Report 2012-13 CIS is working on two projects: Creating a National Kit of Laws, Policies and Programmes for Persons with Disabilities and Developing an open source screen reading software solution “NVDA” to handle Indian languages and text-to-speech software in 15 Indian languages with the Hans Foundation. CIS published a report on Accessibility of Government Websites in India with the Hans Foundation and the Consumers International IP Watchlist 2012 — India Report with Consumers International. Wikimedia Foundation awarded a two-year grant to support and develop free knowledge in India and consequently, CIS got a new office in Delhi. Pranesh Prakash's preliminary analysis on blocked websites was featured in leading publications like Wall Street Journal, Hindu, Outlook, etc., and as part of the Google Policy Fellowship, brought out a report on Intermediary Liability in India, and initiated a project on The Internet Institute with the Ford Foundation. Download Annual Report (2012-13) (PDF, 2211 Kb) Download Audit Report (2012-13) (PDF, 2813 Kb)
Centre for Internet & Society Annual Report 2011-12 CIS published a new improved edition of the Web Accessibility Policy Making: An International Perspective with G3ict and Hans Foundation, prepared a report on Making Mobile Phones and Services Accessible for Persons with Disabilities with ITU and G3ict, negotiated meetings at WIPO and with the Third World Network conducted an Analysis of WIPO Treaty for the Print Disabled, published a report on the state of Open Government Data in India with the Transparency & Accountability Initiative, published outputs on IT Act, Limitations, Copyright, Internet Protocol, Media, Sexual Minorities, and UID with Privacy International, UK and Society in Action Group, Gurgaon, produced a report titled Intermediary Liability in India: Chilling Effects on Free Expression on the Internet 2011 with Google and released five monographs: Archives and Access, Porn: Law, Video & Technology, The Last Cultural Mile, Re:Wiring Bodies and Internet, Society and Space in Indian Cities. Download Annual Report (2011-12) (PDF, 1956 Kb) Download Audit Report (2011-12) (PDF, 21,313 Kb)
Centre for Internet & Society Annual Report 2010-11 CIS distributed for peer five monographs titled Re: Wiring Bodies, Pornography and the Law, Archive and Access, The Last Cultural Mile and Internet, Society and Space in Indian Cities for peer review, published a Position Paper in collaboration with Hivos and organised workshops on Digital Natives with a Cause in Taipei, Johannesburg, and Santiago, the e-Accessibility Policy Handbook for Persons with Disabilities with G3ict and ITU, a report on Open Government Data with Transparency & Accountability Initiative, a report on Online Video Environment in India with iCommons and Open Video Alliance and two workshops on Privacy Matters in Kolkata and Bangalore in partnership with Privacy India and Society in Action Group. Download Annual Report (2010-11) (PDF, 1872 Kb) Download Audit Report (2010-11) (PDF, 14823 Kb)
Centre for Internet & Society Annual Report 2009-10 CIS and the Institute of Network Cultures entered into a collaboration to produce a Reader on the Wikipedia, in partnership with Hivos published a report, Digital Natives with a Cause?, entered into research collaborations with the Centre for Study of Culture and Society for the Networked Higher Education Initiative, taught courses at Centre for Media and Cultural Studies, the Tata Institute of Social Sciences, Mumbai, Women’s Studies Centre, Pune University, Christ University, Bangalore, Mudra Institute of Communications, Ahmedabad, Shanghai University and the New Media Lab, Jadavpur University, co-organised a nationwide Right to Read Campaign in Chennai, Kolkata, Delhi and Mumbai, prepared the India Country Report for Consumers International and organised the Maps for Making Change workshops in Delhi and Ahmedabad. Download Annual Report for 2009-10 (PDF, 1952 Kb) Download Audit Report for 2009-10 (PDF, 9.5 Mb)
Centre for Internet & Society Annual Report 2008-09 CIS drafted a policy on web accessibility for the National Informatics Centre, worked on a comparative study of major international web and ATM accessibility policies for the Ministry of Communication and Information Technology, worked with the Council for Scientific and Industrial Research to formulate recommendations to make research publications open access.entered into partnership with LexUM for the Free Access to Law project and signed contracts with researchers for producing monographs on Re: Wiring Bodies, Archive and Access, Pornography and the Law, and The Last Cultural Mile. Download Annual Report (2008-09) (PDF, 561 Kb) Download Audit Report (2008-09) (PDF, 7.05 Mb)

For more details visit https://cis-india.org/about/reports/annual-reports

RBI and Regulation of Digital Financial Services in India, 2012-2016

Shivalik Chandan — 2016-07-11T06:27:23Z

The Reserve Bank of India (RBI) published its first guideline on mobile banking in 2008, and the conversation on integrating Aadhaar numbers with bank account numbers on one hand and mobile numbers on the other started as soon as UIDAI was established. However, it is the post-2010 period, with rapid growth of the e-commerce sector in India, that saw rise of digital financial services and intermediaries, and hence the demand for regulatory intervention in the sector. This essay by Shivalik Chandan tracks RBI policies and guidelines responding to and shaping the regulatory framework of the digital financial sector in India, including both mobile banking and online transactions.

1. Introduction

2. Mobile Banking in India

2.1. Customer Enrolment Issues identified by the RBI

2.2. Technical Issues identified by the RBI

2.3. The Way Forward

3. Online Payments in India

3.1. Regulatory Response to Online Payment Instruments

3.2. Infrastructure for Online Payments between Private Parties

3.3. Infrastructure for Online Payments involving the Government

3.4. The Way Forward

4. Peer-to-Peer (P2P) Lending

5. Conclusion

6. Endnotes

7. Author Profile

1. Introduction

The advent of new technology usually leads to innovation in industry. Regardless of the sector, new technology is almost always adopted to make tasks easier and more efficient, and this applies to the financial sector as well. Advancements such as credit cards and ATMs have fundamentally changed the process of banking and finance. The past few years have seen some major innovation in the sector, leading to a shift in the way people interact with the financial system of the country. Pursuant to the same, the Reserve Bank of India has responded to these advancements to make sure that they do not go unchecked.

The e-commerce industry in India has seen unprecedented growth over the last few years, largely because of a higher level of internet penetration among the population. From a worth of $3.9 billion in 2009, the worth of the Indian e-commerce market went up to $12.6 billion in 2013 [1]. The number of online shoppers was 35 billion in 2014, and is now expected to cross 100 million by the end of this year [2]. The newfound presence of the e-commerce industry in the country has led to a new form of payment: the online wallet. A more convenient method than using a credit card for every transaction, it is expected to achieve a compound annual growth rate of 68% this year [3].

A priority of the RBI since the mid-2000s has been financial inclusion. The term is usually defined with respect to financial exclusion, which is construed as the inability to access necessary financial services in an appropriate form due to problems associated with access, conditions, prices, markets, or self-exclusion. In contrast, financial inclusion is the delivery of financial services at affordable costs to disadvantaged sections of society. There is no single metric that can determine the amount of financial inclusion, and specific indicators such as number of bank accounts and number of bank branches only provide a partial picture [4].

In 2013, CRISIL launched an index (Inclusix) to measure the status of financial inclusion in India. The index combines branch penetration, deposit penetration, and credit penetration into one metric. The report was the first regional, state-wise, and district-wise assessments of financial inclusion ever measured, and the first analysis of inclusion trends over a three-year period. Some key conclusions found in the report were [5]:

The all-India CRISIL Inclusix score of 40.1 is low, though there were clear signs of progress – this score had improved from 35.4 in 2009.
Deposit penetration is the key driver of financial inclusion – the number of savings accounts (624 million), is almost four times the number of loan accounts (160 million).

2. Mobile Banking in India

Perhaps the biggest change in banking in recent times has been the introduction of mobile banking. The RBI issued its first set of regulatory guidelines to do with mobile banking in 2008, where banks were permitted to transfer funds from one bank account to another through the mobile platform. From 2010 to 2012, the number of users of mobile banking services grew 277.68% (from 5.96 million to 22.51 million) and the value grew a whopping 875.6% (from Rs. 6.14 billion to Rs. 59.90 billion). These figures clearly indicate that mobile banking in the country is growing at a very high rate. Yet, as of 2014, there were 350 to 500 million unique mobile subscribers and only 22 million mobile banking customers [6].

The RBI clearly recognised the potential for a widespread increase in mobile banking as well as the opportunity of increasing financial inclusion in the country, and made recommendations for “addressing the consumer acquisition challenges as well as the technical aspects” [7]. Recommendations such as alternate channels for mobile registration such as ATMs, uniformity in the mobile registration process across banks, and standardisation and simplification of the MPIN generation process were made by the RBI. Despite the potential in mobile banking as a channel for financial services, and financial inclusion, the RBI identified several challenges with the platform, which were of two types – customer enrolment related issues, and technical issues.

2.1. Customer Enrolment Issues identified by the RBI

The following customer enrolment issues were identified by the RBI:

Mobile Number Registration: In order to avail mobile banking services, the customer needs to go to a branch of the bank or an ATM of that bank to register their mobile number. The RBI recommended that registration be made possible through other channels as well, and that registration forms be made uniform to ease the customer experience.
MPIN Generation: The process for MPIN generation is different across banks, and requires a visit to the bank branch in some cases. The RBI recommended that the process be standardised and that the MPIN be intimated to the customer through their handset without necessitating a visit to the bank.

These recommendations were implemented by the RBI in its Master Circular issued in December 2014 [8].

2.2. Technical Issues identified by the RBI

One of the major technical issues identified by the RBI was the fact that there is a large disparity in the type of mobile handset, and consequentially, the technology most customers have. The majority of handsets in the country are GSM or CDMA enabled, and a comparatively small number have GPRS technology. The RBI identified three major ways of mobile banking utilised by most banks as SMS, USSD, and application based banking. The problems the RBI identified with the SMS method were that the service is not encrypted, and that it may become inconvenient for customers to remember the syntax required for the commands. The USSD system solves the complexity issue, as it presents an interactive menu and is much faster than SMS. However, it is still not a secure means of communication. A big step forward for the USSD system has been the implementation of the National Unified USSD Platform by the National Payments Corporation of India with a single short code (*99#) to utilise the common USSD channel for mobile banking for all banks [9].

The RBI conceded that application based mobile banking is the best way to offer the service both in terms of user friendliness as well as security, but stated that developing these applications requires a large amount of research and development due to the extremely high number of permutations and combinations of handsets and operating systems available on the market, and that smartphones are in the minority as far as type of handsets go. To resolve these issues, the RBI suggested that banks continue offering all three services, so that the largest number of people can take advantage of mobile banking services. The RBI also recommended that all banks implement a uniform mobile banking system across all three architectures (SMS, USSD, and applications) for the ease of consumers [10].

2.3. The Way Forward

In the two years since these recommendations were published, smartphones and GPRS connections (both required for application-based mobile banking) have become a lot cheaper and have permeated a larger section of the Indian society. Hopefully, this trend will gradually reflect in the banking sector and lead to a boom in application-based mobile banking. The next challenge that the RBI will face in the coming years in the field of mobile banking is the replacement of credit cards with smartphones. Both Apple and Google (with Apple Pay and Android Pay) are utilising NFC technology in smartphones to enable customers to store their credit card information on their smartphone and simply tap it onto a terminal to complete the transaction, and even though it is available in a small number of countries presently, it is only a matter of time before it is introduced in India, and this development has been addressed by the RBI in the ‘Vision 2012-2015’ document, where they have addressed the requirement of updating all PoS terminals at the merchant ends, as well as developing an open standard for all NFC transactions, regardless of the payment system operators [11].

The RBI has announced its intention to review the guidelines for mobile banking to address issues relating to customer registration, safety and security of transactions, risk mitigation, and customer grievance redressal measures, with the intention of promoting mobile phones as access channels to payment and banking services. The policy efforts will also focus on ensuing that mobile banking services are provided to non-smartphone users across the country as well [12].

3. Online Payments in India

The National Payments Corporation of India was set up in 2009 as an umbrella organisation for all retail payment systems (under section 25 of the Companies Act) with the core objective of consolidating and integrating the multiple systems with varying service levels into a nation-wide, uniform, and standard business process for all retail systems [13, 14]. In 2012, the RBI, in its Vision 2012-2015 document, recognised the development of new e-payment systems and the increasing proportion of transactions taking place through these systems. The introduction of technology such as cloud computing, mobile telephony, service oriented architecture, and an increasing popularity of the virtual world would, according to the RBI, lead to significant changes in the way payments would be processed in the future. The document elucidated the possibility of the movement away from cash transactions to electronic transactions, leading to their goal of a ‘less-cash economy’ [15]. The RBI set the objective of innovating towards the convergence of products and services which should be available across all delivery channels to all, in a low-cost, safe, and efficient manner. The RBI held that its regulatory stance would be to promote innovation to achieve the goals of inclusion, accessibility, and affordability, while remaining technology neutral [16].

3.1. Regulatory Response to Online Payment Instruments

The introduction of online wallets has provided consumers with a simpler and more efficient method to complete online transactions across a wide variety of merchants, and is growing at a considerable rate. A master circular was issued by the RBI in December 2014, outlining the guidelines that these wallets (which are considered a part of ‘pre-paid payment instruments’) must follow. In the circular, RBI defined three types of payment instruments or wallets.

Closed wallets can be issued by a company to a consumer for buying goods exclusively from that company, such as Flipkart or Amazon. They do not need any sort of permission or regulation from the RBI as they do not permit cash withdrawal or redemption, and hence are not classified as payment systems.
Semi-closed wallets can be used to purchase goods and services at clearly identified merchant locations which have a specific contract with the issuer to accept the payment instrument. NBFCs can issue semi-closed wallets which need to be authorised by the RBI. The most commonly known online wallets (such as Paytm and Mobikwik) fall under this category.
Open wallets can be used for the purchase of goods and services (including financial services) at any card accepting merchant terminal and can also be used for cash withdrawal at ATMs. However, these can only be issued by banks with approval from the RBI [17].

The RBI has classified three categories of pre-paid payment instruments that can be issued:

Up to Rs. 10,000, by accepting the minimum details of the customer, provided that the amount outstanding at any time does not exceed Rs. 10,000 and the total value of reloads per month does not exceed Rs. 10,000. These can only be issued in electronic form.
From Rs. 10,001 to Rs. 50,000, by accepting any ‘officially valid document’ defined under rule 2(d) of the PML Rules, 2005, which are amended from time to time. These are to be non-reloadable in nature.
Up to Rs. 1,00,000 with full KYC, and these can be reloadable in nature. The balance in the PPI should not exceed this amount at any time [18].

3.2. Infrastructure for Online Payments between Private Parties

Pursuant to the goal of enabling infrastructure for financial transactions between private parties, the NPCI implemented the Immediate Payment Service (IMPS) in 2010. The service offers an instantaneous, 24x7 interbank electronic fund transfer service, which can be utilised through mobile, internet, or an ATM. This service is superior to the previously used NEFT service, as NEFT transactions are settled in batches and hence are not in real time. Also, the NEFT service is only available during the working hours of the RTGS system, while the IMPS can be used at any time [19].

Building on the IMPS service, the NPCI has developed the Unified Payments Interface (UPI), which will allow customers to transfer money and make payments almost as easily as they send messages. Multiple bank accounts can be linked to one application, and the need for sharing sensitive information such as bank account numbers, OTPs, or mobile numbers has been eliminated. This interface has been touted to have a large impact on the payment space, and help the economy move closer to a ‘less-cash’ economy [20]. On launch of the Interface in April of this year, 29 banks concurred to provide UPI services to their customers, and 21 of those banks have already joined the UPI as payment service providers.

On downloading the UPI application of a bank, a ‘virtual identifier’ is generated by the application which works as a payment identifier for sending and collecting money, and is protected by a single click two-factor authentication. The virtual ID is an email ID-like format: for example, if a customer named ABC had an account in HDFC bank, his virtual ID would be ABC@hdfc. However, the customer has the choice to use his/her mobile number or Aadhar number in place of the name. In order to protect the customer’s privacy, there is no account number mapper anywhere except the customer’s bank. When a customer selects UPI as the payment mode for an online transaction and the request reaches the merchant’s server, it is immediately passed onto the acquiring bank’s server where a UPI collection transaction is initiated on the customer’s virtual identifier. This request reaches the customer’s phone through the UPI server on the basis of the virtual identifier, and the customer authenticates it using the MPIN to complete the transaction [21].

The UPI can be utilised for real-world transactions as well. Instead of handing over cash, the customer can simply tell the cashier his/her virtual ID. The cashier can then initiate a pay request through the UPI, and the customer can authenticate it on his/her phone, leading to the completion of the transaction [22].

3.3. Infrastructure for Online Payments involving the Government

In the ‘Vision 2012-2015’ document, the RBI outlined an opportunity of developing a bill payment system for payments toward insurance premiums, utility payments, taxes, school fees, etc. To this end, a committee was set up to analyse the potential for an electronic GIRO (General Interbank Recurring Order) payment system in India. Under the recommendation of the Committee, a Giro Advisory Group (GAG) was set up with the objective of defining a framework which enables the creation of pan India touch points for bill payments, which submitted its report in March 2014. The GAG recommended a tiered system for bill systems in the country – a central unit which would set the standards, and various operating bodies which would work in accordance with the standards set by the central body. Draft guidelines for the Bharat Bill Payment System (BBPS) were published on the RBI website in August 2014 for public comments. Based on recommendations, the RBI published guidelines for the implementation of the BBPS in November 2014.

The BBPS will consist of two types of bodies, which will carry out distinct functions:

Bharat Bill Payment Central Unit (BBPCU): The single authorised body which will set the necessary technical, operational, and technical standards for the entire system and its participants, and will also undertake clearing and settlement activities. The NPCI will serve as the BBPCU.
Bharat Bill Payment Operating Units (BBPOU): The authorised operational units, which will work in adherence to the standards set by the BBPCU.

The objective of the BBPS is to implement an integrated bill payment system which offers interoperable and accessible bill payment systems to customers through a network of agents, enabling multiple payment modes, and providing instant confirmations of the payments. Hence, the RBI decided that all existing players (both banks and non-banks) catering to the requirement of bill payments as well as the aggregation of payment services will be a part of the BBPS [23]. Initially, the BBPS is expected to cover repetitive payments for everyday utility services such as electricity, water, gas, telephone, and DTH. The plan is to gradually expand the scope to include other types of repetitive payments like school/university fees, municipal taxes, etc.

On 20 October, 2015, the RBI issued a press release inviting applications from entities engaged in bill payments, for authorisation to operate as BBPOUs, stating the function as “facilitating collection of repetitive payments for everyday utility services, such as, electricity, water, gas, telephone and Direct-to-Home (DTH)” [24].

As of May 2016, 33 companies were reportedly approved by the RBI to function as BBPOUs. PayU India, PayTm, Oxigen, SBI, ICICI bank, HDFC bank, Kotak Mahindra Bank, Bank of Baroda, Axis Bank and RBL Bank and TechProcess have confirmed their BBPOU license [25]. The system is expected to launch in July this year [26].

3.4. The Way Forward

The RBI, in its ‘Vision 2018’ document, has outlined the future plans relating to pre-paid instruments. With an increase in the number of entities authorised to issue PPIs, there has been a growth in their usage for the purchase of goods and services as well as transfer of funds. The RBI plans to review the provisions relating to PPIs about KYC requirements, customer-facing aspects such as safety and security, risk mitigation measures, complaint redressal mechanisms, forfeiture of unutilised balances, and fraud monitoring. The RBI also plans to monitor developments in technology which impact the financial services industry, such as distributed ledgers, blockchain, etc. and develop regulatory frameworks as required [27].

4. Peer-to-Peer (P2P) Lending

Another new development in the banking and finance sector is the introduction of peer to peer lending (hereinafter referred to as P2P lending). P2P lending is a form of crowdfunding which is essentially an online platform designed to bring together lenders and borrowers. A fee is charged from both and this fee goes to providing services such as collecting loan repayments and doing a preliminary assessment on the trustworthiness of the borrower. The RBI issued a consultation paper on this in April 2016 and invited responses from the various stakeholders.

The RBI identified that even though there is no credible data on the total lending through P2P platforms, close to 20 P2P lending platforms were launched in the last year, and there are presently around 30 such platforms in the country. After looking at the operational business model of these companies, the RBI found that the major regulatory concerns would relate to KYC and recovery practices.

After holding that regulation might lend credibility to P2P lending and therefore cause low-awareness lenders to make high-risk investments, and might stifle the growth of an innovative and efficient avenue for borrowers who either do not have access to or have been rejected by traditional loan mechanisms, the RBI argued for regulation in the following ways. Firstly, they held that in its nascent stage, the industry might disrupt the financial sector and it would be better to avoid such disruption. Secondly, the lower operational costs might lead to a softening of lending rates, and the RBI feels that it would benefit the P2P lending platforms if they were regulated. Thirdly, they identified the potential for unethical practices being adopted by any of the players in the market in the absence of regulation. Finally, the RBI held that borrows and lenders which are brought together by the P2P platform might be perpetrating an illegality under Section 45S of the RBI Act if they are unregulated.

Based on these considerations, the RBI recommended regulations on the P2P platforms in order to “facilitate the orderly growth of this sector so that its ability to provide an alternative avenue for credit for the right kind of borrowers is harnessed.” Some of the regulations proposed by the RBI were the limiting of P2P lending platforms to the role of an intermediary between lenders and borrowers, a requirement of a minimum capital of Rs. 2 crore and prudential limits on the maximum contribution by a lender (since they may include uninformed individuals), and the enforcement of adequate risk management systems to ensure smooth operations [28].

5. Conclusion

The RBI, setting out a goal of financial inclusion and a less-cash economy, has kept up with developing technology in the financial sector, in order to ensure that consumers can glean the benefits of these advancements, and the goals it set out can be achieved.

Mobile banking is one of the largest opportunities for financial inclusion in countries, and the RBI, through its policy efforts, is trying to ensure that it reaches maximum penetration in the country. E-commerce is growing in the country, leading to a new financial space being created, which the RBI is privy to. The NPCI has been a boon in this sector, achieving a considerable amount since it was launched. P2P lending, a new and relatively untested development is gaining momentum in the country, and the RBI has begun to take concrete steps to make sure it does not get out of hand.

Technological advancements will continue to change all industries, including the financial services industry, and it is the task of the RBI to make sure that these advancements are utilised to the best of their abilities, so as to benefit the customers in the country as best as possible.

6. Endnotes

[1] PwC, (2014). Evolution of E-commerce in India. [online] Available at: http://www.pwc.in/assets/pdfs/publications/2014/evolution-of-e-commerce-in-india.pdf [Accessed 6 Jul. 2016].

[2] The Times of India. (2014). "Online shoppers in India to cross 100 million by 2016: Study."[online] Available at: http://timesofindia.indiatimes.com/tech/tech-news/Online-shoppers-in-India-to-cross-100-million-by-2016-Study/articleshow/45217773.cms [Accessed 6 Jul. 2016].

[3] Singh, A. (n.d.). "Mobile Wallets – Market, Opportunities and Challenges." [online] Altimetrik.com. Available at: http://www.altimetrik.com/wisdometrik/mobile-wallets-market-opportunities-and-challenges/ [Accessed 6 Jul. 2016].

[4] Thorat, Usha. (2008). "Financial Inclusion and Information Technology". Keynote address by Deputy Governor of the Reserve Bank of India, at the "Vision 2020 – Indian Financial Services Sector" event hosted by NDTV, in Mumbai, September 12. Available at: http://www.bis.org/review/r080917d.pdf [Accessed 6 Jul. 2016].

[5] CRISIL, (2013). "Finance Minister launches ‘CRISIL Inclusix’." [online] Available at: http://www.crisil.com/Ratings/Brochureware/News/CRISIL-Inclusix-launch-pr_250613.pdf [Accessed 8 Jul. 2016].

[6] Reserve Bank of India, (2014). Mobile Banking - Report of the Technical Committee. [online] Available at: https://rbi.org.in/scripts/PublicationReportDetails.aspx?UrlPage=&ID=760 [Accessed 6 Jul. 2016].

[7] Ibid.

[8] Reserve Bank of India, (2014). Master Circular - Mobile Banking Transactions in India - Operative Guidelines. [online] Available at: https://rbidocs.rbi.org.in/rdocs/notification/PDFs/65MNF052B434ED3C4CE391590891B8F3BE66.PDF [Accessed 8 Jul. 2016].

[9] National Payments Corporation of India. (n.d.). "Overview of *99# Service." [online] Available at: http://www.npci.org.in/Product-Overview-NUUP.aspx [Accessed 8 Jul. 2016].

[10] Supra note [6].

[11] Reserve Bank of India, (2012). Payment Systems in India: Vision 2012-15. [online] Available at: https://www.rbi.org.in/Scripts/PublicationVisionDocuments.aspx?Id=678 [Accessed 6 Jul. 2016].

[12] Reserve Bank of India, (2015). Payment and Settlement Systems in India: Vision 2018. [online] Available at: https://rbidocs.rbi.org.in/rdocs/PublicationReport/Pdfs/VISION20181A8972F5582F4B2B8B46C5B669CE396A.PDF [Accessed 6 Jul. 2016].

[13] National Payments Corporation of India. (n.d.). "About Us - National Payments Corporation of India." [online] Available at: http://www.npci.org.in/aboutus.aspx. [Accessed 6 Jul. 2016].

[14] See also: Bihari, D. and Chandra, S. (2015). "The Electronic Banking Revolution in India." Journal of Internet Banking and Commerce, [online] (20), p.110. Available at: http://www.icommercecentral.com/open-access/the-electronic-banking-revolution-in-india.php?aid=59261#corr [Accessed 8 Jul. 2016].

[15] The term ‘less-cash economy’ was possibly first used in the context of national regulatory framework by the Bank Indonesia in 2006, and was implemented through the ‘Ayo ke Bank’ program [http://www.adb.org/sites/default/files/publication/156004/adbi-wp149.pdf]. Its usage by the European Payments Council in 2009 [http://www.sepaitalia.eu/uploads/making_sepa_a_reality_v.3.pdf], and the Aite Group in context of the USA [http://aitegroup.com/report/less-cash-society-forecasting-cash-usage-united-states] gave it international attention. RBI first used the term in its 'Payment Systems in India: Vision 2012-15' document.

[16] Supra note [8].

[17] Reserve Bank of India, (2014). Master Circular – Policy Guidelines on Issuance and Operation of Pre-paid Payment Instruments in India. [online] Available at: https://rbidocs.rbi.org.in/rdocs/notification/PDFs/116MCPPI20062014FL.pdf [Accessed 6 Jul. 2016].

[18] Supra note [9].

[19] National Payments Corporation of India. (n.d.). "IMPS - Background." [online] Available at: http://www.npci.org.in/aboutimps.aspx [Accessed 6 Jul. 2016].

[20] Nair, V. (2016). "NPCI’s unified payment interface to start in April." [online] Available at: http://www.livemint.com/Industry/ZA9pPkeGdY9wrChh1BDQhN/NPCIs-unified-payment-interface-to-start-in-April.html [Accessed 6 Jul. 2016].

[21] Mathew, G. (2016). "Unified Payments Interface system: Faster, easier and smoother."[online] The Indian Express. Available at: http://indianexpress.com/article/technology/tech-news-technology/unified-payments-interface-upi-payment-system-faster-easier-and-smoother-2754125/ [Accessed 7 Jul. 2016].

[22] The Hindu. (2016). "RBI's Unified Payments Interface makes payments easier than ever." [online] Available at: http://www.thehindu.com/business/Economy/unified-payments-interface/article8470746.ece [Accessed 7 Jul. 2016].

[23] Lakshminarasimhan, P. (2016). "Bharat Bill Payment System likely to be launched in July." [online] The Financial Express. Available at: http://www.financialexpress.com/article/industry/companies/bharat-bill-payment-system-likely-to-be-launched-in-july/257040/ [Accessed 7 Jul. 2016].

[24] Reserve Bank of India, (2015). "RBI invites Applications for authorising Bharat Bill Payment System Operating Units (BBPOUs)." [online] Available at: https://www.rbi.org.in/Scripts/FS_PressRelease.aspx?prid=35274&fn=9 [Accessed 7 Jul. 2016].

[25] Srivastava, V. (2016). "RBI Grants License to 33 Companies For Bharat Bill Payment System." [online] Thetechportal.com. Available at: http://thetechportal.com/2016/05/17/rbi-grants-license-33-companies-operate-bharat-bill-payment-system/ [Accessed 7 Jul. 2016].

[26] Supra note [23].

[27] Supra note [10].

[28] Reserve Bank of India, (2016). Consultation Paper on Peer to Peer Lending. [online] Available at: https://rbidocs.rbi.org.in/rdocs/Content/PDFs/CPERR280420162D5F13C3A2204F4FB6A2BEA7363D0031.PDF [Accessed 6 Jul. 2016].

7. Author Profile

Shivalik Chandan is a student at National Law University, Delhi, who has completed two years of the B.A. LLB course. He enjoys watching movies, playing the drums, and listening to (almost all genres of) music in his spare time.

For more details visit https://cis-india.org/raw/rbi-regulation-digital-financial-services-in-india-2012-2016

Ranking Digital Rights in India

Divij Joshi and Aditya Chawla — 2017-02-12T07:22:31Z

This report is a study of five Indian telecommunication companies (Tata Communications Ltd., Reliance Communications Limited, Aircel Limited, Vodafone India Private Limited and Reliance Jio Infocomm Limited) and three Indian online service providers (Hike Messenger, Shaadi.com and Rediff.com). The report is an attempt to evaluate the practices and policies of companies which provide internet infrastructure or internet services, and are integral intermediaries to the everyday experience of the internet in India.

Download the PDF

The report draws upon the methodology of Ranking Digital Rights project, which analysed 16 of the world’s major internet companies, including internet services and telecommunications providers based on their commitment towards upholding human rights through their services – in particular towards their commitment to users’ freedom of expression and privacy. The report comprehensively assessed the performance of companies on various indicators related to these human rights, as per information which was made publicly available by these companies or was otherwise in the public domain. This report follows the methodology of the proposed 2017 Ranking Digital Rights index, updated as of October 2016.

This report studied Indian companies which have, or have had, a major impact on the use and experience of the Internet in India. The companies range from online social media and micro-blogging platforms to major telecommunications companies providing critical national communications infrastructure. While some of the companies have operations outside of India as well, our study was aimed at how these companies have impacted users in India. This allowed us to study the impact of the specific legal and social context in India upon the behaviour of these firms, and conversely also the impact of these companies on the Indian internet and its users.

VSNL, the company later to be acquired by and merged into TATA Communications, was the first company to provide public Internet connections to India, in 1996. In 2015, India surpassed the United States of America, as the jurisdiction with the worlds second-largest internet user base, with an estimated 338 million users. With the diminishing costs of wireless broadband internet and the proliferation of cheaper internet-enabled mobile devices, India is expected to house a significant number of the next billion internet users.

Concomitantly, the internet service industry in India has grown by leaps and bounds, particularly the telecommunications sector, a large part of whose growth can be attributed to the rising use of wireless internet across India. The telecom/ISP industry in India remains concentrated among a few firms. As of early 2016 just three of the last mile ISPs which are studied in this report, are responsible for providing end-user connectivity to close to 40% of mobile internet subscribers in India. However, the market seems to be highly responsive to new entrants, as can be seem from the example of Reliance Jio, a new telecom provider, which has built its brand specifically around affordable broadband services, and is also one of the companies analysed in this report. As the gateway service providers of the internet to millions of Indian users, these corporations remain the focal point of most regulatory concerns around the Internet in India, as well as the intermediaries whose policies and actions have the largest impact on internet freedoms and user experiences.

Besides the telecommunications companies, India has a thriving internet services industry – by some estimates, the Indian e-commerce industry will be worth 119 Billion USD by 2020. While the major players in the e-commerce industry are shipping and food aggregation services, other companies have emerged which provide social networking services or mass-communication platforms including micro-blogging platforms, matrimonial websites, messaging applications, social video streaming services, etc. While localised services, including major e-commerce websites (Flipkart, Snapdeal), payment gateways (Paytm, Freecharge) and taxi aggregators (Ola), remain the most widely utilized internet services among Indians, the services analysed in this report have been chosen for their potential impact they have upon the user rights analysed in this report – namely freedom of speech and privacy. These services provide important alternative spaces of localised social media and communication, as alternatives to the currently dominant services such as Facebook, Twitter and Google, as well as specialised services used mostly within the Indian social context, such as Shaadi.com, a matrimonial match-making website which is widely used in India. The online service providers in this report have been chosen on the basis of the potential impact that these services may have on online freedoms, based on the information they collect and the communications they make possible.

Legal and regulatory framework

Corporate Accountability in India

In the last decade, there has been a major push towards corporate social responsibility (“CSR”) in policy. In 2009, the Securities Exchange Board of India mandated all listed public companies to publish ‘Business Responsibility Reports’ disclosing efforts taken towards, among other things, human rights compliances by the company. The new Indian Companies Act, 2013 introduced a ‘mandatory’ CSR policy which enjoins certain classes of corporations to maintain a CSR policy and to spend a minimum percentage of their net profits towards activities mentioned in the Act. However, these provisions do not do much in terms of assessing the impact of corporate activities upon human rights or enforcing human rights compliance.

Privacy and Data Protection in India

There is no explicit right to privacy under the Constitution of India. However, such as right has been judicially recognized as being a component of the fundamental right to life and liberty under Article 21 of the Constitution of India. However, there have been varying interpretations of the scope of such a right, including who and what it is meant to protect. The precise scope of the right to privacy, or whether a general right to privacy exists at all under the Indian Constitution, is currently being adjudicated by the Supreme Court. Although the Indian Supreme Court has had the opportunity to adjudicate upon telephonic surveillance conducted by the Government, there has been no determination of the constitutionality of government interception of online communications, or to carry out bulk surveillance.

As per Section 69 of the Information Technology Act, the primary legislation dealing with online communications in India, the government is empowered to monitor, surveil and decrypt information, “in the interest of the sovereignty or integrity of India, defense of India, security of the State, friendly relations with foreign States or public order or for preventing incitement to the commission of any cognizable offence relating to above or for investigation of any offence.” Moreover, intermediaries, as defined under the act, are required to provide facilities to enable the government to carry out such monitoring. The specific procedure to be followed during lawful interception of information is given under the Information Technology (Procedure and Safeguards for Interception, Monitoring and Decryption of Information) Rules, 2009, (“Interception Rules”) which provides a detailed procedure for government agencies to issue monitoring directions as well as the obligations of intermediaries to facilitate the same. The Interception Rules require intermediaries who are enlisted for facilitating monitoring of information to maintain strict confidentiality regarding such directions for lawful interception or decryption, as well as to destroy any records of such directions every six (6) months. Intermediaries are required to designate specific authorities (the designated authority) to receive and handle any of the above government directions and also to maintain records and provide proper facilities to the government agencies. The designated authority is also responsible for maintaining the security and confidentiality of all information which ‘affects the privacy’ of individuals. Further, the rules prescribe that no person may intercept any online communication or information, except the intermediary for the limited purposes specified in the rules, which include for tracing persons who may have contravened any provision of the IT Act or rules.

With respect to decryption, besides the government’s power to order decryption of content as described above, the statutory license between the telecommunications providers and the Department of Telecommunications (“DoT”), prescribes, among other things, that only encryption “up to 40 bit key length in the symmetric algorithms or its equivalent in others” may be utilized by any person, including an intermediary. In the case that any person utilizes encryption stronger than what is prescribed, the decryption key must be stored with the DoT. At the same time, the license prescribes that ISP’s must not utlilize any hardware or software which makes the network vulnerable to security breaches, placing intermediaries in a difficult position regarding communications privacy.. Moreover, the license (as well as the Unified Access Service License) prohibit the use of bulk encryption by the ISP for their network, effectively proscribing efforts towards user privacy by the ISP’s own initiative.

There is no statute in India generally governing data protection or for the protection of privacy. However, statutory rules address privacy concerns across different sectors, such as banking and healthcare. A more general regulation for data protection was enacted under Section 43A of the Information Technology Act, 2000 (“IT Act”) and the rules made thereunder, in particular, the Information Technology (Reasonable Security Practices and Procedures and sensitive personal data or information) Rules, 2011 (“Rules”). Section 43A requires body corporates (defined as any company) handling sensitive personal information, (as defined under the IT Act and Rules), to maintain reasonable security practices regarding handling such information, and penalises failure to maintain such practices, in case it causes ‘wrongful loss or wrongful gain to any person.’ The Rules prescribed under Section 43A detail the general obligations of body corporates that handle sensitive personal information more comprehensively.

The Rules specify that all body corporates which “collects, receives, possess, stores, deals or handle information”, directly from the holder of such information through a lawful contract, shall provide a privacy policy, which must – (a) be clearly accessible; (b) specify the data collected; (c) specify the purpose for collection and the disclosure of such information and; (d) specify the reasonable security practices for the protection of such data. There are also specific requirements for body corporates which handle sensitive personal information, which includes obtaining consent from the data subject, and permitting data collection for a specified and limited purpose as well as a limited time. The body corporate is also supposed to ensure the data subject is aware of: (a) the fact that the information is being collected; (b) the purpose for which the information is being collected; (c) the intended recipients of the information; and (d) the name and address of he agency that is collecting the information as well as the agency that will retain the information. The rules also require the body corporate to provide an explicit option for users to opt-out of having their personal information collected, which permission can also be withdrawn at any time.

Apart from the above, the IT (Intermediary Guidelines) Rules, 2011, (“Guidelines) also contain a prescription for providing information to government agencies, although the rules have been enacted under the provisions of the safe-harbour conditions of the IT Act. Rule 3(7) of the Guidelines states that “…When required by lawful order, the intermediary shall provide information or any such assistance to Government Agencies who are lawfully authorised for investigative, protective, cyber security activity. The information or any such assistance shall be provided for the purpose of verification of identity, or for prevention, detection, investigation, prosecution, cyber security incidents and punishment of offences under any law for the time being in force, on a request in writing staling clearly the purpose of seeking such information or any such assistance.” While this regulation outside the scope of the rule-making power under Section 79 of the IT Act, it continues to remain in force, although the extent to which it is utilized to obtain information is unknown.

Content Restriction, Website blocking and Intermediary Liability in India

Section 79 of the IT Act contains the safe harbor provision for intermediaries, sheltering them from liability, under specific circumstances, against information, data, or communication links made available by any third party. For the safe harbor to apply, the role of the intermediaries must be limited to (a) providing access to a communication system over which information made available by third parties is transmitted or temporarily stored or hosted; or (b) a platform which does not initiate the transmission, modify it or select the receiver of the transmission. Moreover, the safe-harbour does not apply when the ISP has received actual knowledge, or been notified by the appropriate government agency, about potentially unlawful material which the intermediary has control over, fails to act on such knowledge by disabling access to the material.

The Central Government has further prescribed guidelines under Section 79 of the IT Act, which intermediaries must comply with to have the shelter of the safe harbor provisions. The guidelines contain prescriptions for all intermediaries to inform their users, through terms of service and user agreements, of information and content which is restricted, including vague prescriptions against content which is “…grossly harmful, harassing, blasphemous defamatory, obscene, pornographic, paedophilic, libellous, invasive of another's privacy, hateful, or racially, ethnically objectionable, disparaging, relating or encouraging money laundering or gambling, or otherwise unlawful in any manner whatever;” or that infringes any proprietary rights (including Intellectual Property rights).

Rule 3(4) is particularly important, and provides the procedure to be followed for content removal by intermediaries. This rule provides that any intermediary, who hosts, publishes or stores information belonging to the above specified categories, shall remove such information within 36 hours of receiving ‘actual knowledge’ about such information by any ‘affected person’. Further, any such flagged content must be retained by the intermediary itself for a period of 90 days. The scope of this rule led to frequent misuse of the provision for removal of content. As non-compliance would make the intermediaries liable for potentially illegal conduct, intermediaries were found to be eager to remove any content which was flagged as objectionable by any individual. However, the scope of the rule received some clarification from the Supreme Court judgement in Shreya Singhal v Union of India. While the Supreme Court upheld the validity of Section 79 and the Guidelines framed under that section, it interpreted the requirement of ‘actual knowledge’ to mean the knowledge obtained through the order of a court asking the intermediary to remove specific content. Further, the Supreme Court held that any such court order for removal of restriction must conform Article 19(2) of the Constitution of India, detailing permissible restrictions to the freedom of speech and expression.

For the enforcement of the above rules, Rule 11 directs intermediaries to appoint a Grievance Officer to redress any complaints for violation of Rule 3, which must be redressed within one month. However, there is no specific mention of any remedies against wrongful removal of content or mechanisms to address such concerns.

Apart from the above, there is a parallel mechanism for imposing liability on intermediaries under the Copyright Act, 1957. According to various High Courts in India, online intermediaries fall under the definition of Section 51(a)(ii), which includes as an infringer, “…any person who permits for profit any place to be used for the communication of the work to the public where such communication constitutes an infringement of the copyright in the work, unless he was not aware and had no reasonable ground for believing that such communication to the public would be an infringement of copyright.”

Section 52(1) provides for exemptions from liability for infringement. The relevant part of S.52 states –

“(1) The following acts shall not constitute an infringement of copyright, namely:

(b) the transient or incidental storage of a work or performance purely in the technical process of electronic transmission or communication to the public;

(c) transient or incidental storage of a work or performance for the purpose of providing electronic links, access or integration, where such links, access or integration has not been expressly prohibited by the right holder, unless the person responsible is aware or has reasonable grounds for believing that such storage is of an infringing copy:

Provided that if the person responsible for the storage of the copy has received a written complaint from the owner of copyright in the work, complaining that such transient or incidental storage is an infringement, such person responsible for the storage shall refrain from facilitating such access for a period of twenty-one days or till he receives an order from the competent court refraining from facilitating access and in case no such order is received before the expiry of such period of twenty-one days, he may continue to provide the facility of such access;”

While Section 52 of the Act provides for safe harbour for certain kinds of online intermediaries, this does not apply where the intermediary has ‘reasonable grounds for believing’ that storage is an infringing copy, similar to language used in 51(a)(ii), which has been broadly interpreted by high courts. The procedure for notifying the intermediary for taking down infringing content is given in the Rules prescribed under the Copyright Act, which requires that the holder of the Copyright must give written notice to the intermediary, including details about the description of work for identification, proof of ownership of original work, proof of infringement by work sought to be removed, the location of the work, and details of the person who is responsible for uploading the potentially infringing work. Upon receipt of such a notice, the intermediary must disable access to such content within 36 hours. Further, intermediaries are required to display reasons for disabling access to anyone trying to access the content. However, the intermediary may restore the content after 21 days if no court order is received to endorse its removal, although this is not a requirement. After this notice period, the intermediary may choose not to respond to further notices from the same complainant about the same content at the same location.

Besides the safe harbour provisions, which require intermediaries to meet certain conditions to avoid liability for content hosted by them, intermediaries are also required to comply with government blocking orders for removal of content, as per Section 69A of the IT Act. This section specifies that the government may, according to the prescribed procedure, order any intermediary to block access to any information “in the interest of sovereignty and integrity of India, defense of India, security of the State, friendly relations with foreign states or public order or for preventing incitement to the commission of any cognizable offence relating to above.” Failure to comply by the intermediary results in criminal penalties for the personnel of the intermediary.

The procedure for blocking has been prescribed in the Information Technology (Procedure and Safeguards for Blocking for Access of Information by Public) Rules, 2009. The Rules under Section 69A allow any Central Government or State Government ministry or department to issue blocking requests, which may be made by any person to specific departmental representatives known as ‘nodal officers’, may request the blocking of access to content by any intermediary. The nodal officers forward such requests for blocking of access to the ‘designated officer’, who is an officer of the Central Government not below the rank of the joint secretary, as nominated by the Central Government. The blocking request is then considered by a committee which recommends whether the designated officer should approve such request or not. Once approved, the request is forwarded to the intermediary, who must nominate at least one person to handle all such requests. In case of non-compliance, the designated officer may initiate action under Section 69A against the intermediary.

The rules contain some safeguards to ensure due process before blocking orders are made. The designated officer is required to make ‘reasonable efforts’ to locate the user or intermediary who has hosted the content and allow for such person or intermediary to appear before the committee to submit their reply and clarifications. Rule 9 lays down the emergency procedure for blocking in which case the above detailed procedural safeguards such as the committee deliberation or providing a hearing are dispensed with. However, Rule 16 requires the confidentiality of all such requests and actions taken under the rules, which defeats any attempts at the transparency or fairness of the process.

Finally, the ISP and Unified Services License (USL) issued by the DoT prescribe further obligations to block content. Under Clause 38 of the USL, for example, ISP’s must take measures to prevent the “flow of obscene, objectionable, unauthorised or any other content infringing copy-rights, intellectual property right and international & domestic Cyber laws in any form” over their network. Moreover, as per Clause 7 of the USL, the licensee is obliged to block subscribers as well as content, as identified by the Licensor (DoT). Failure to comply with license conditions can lead to the cancellation of the telecommunication operators license with the DoT, without which they are not permitted to operate in India.

Findings and Recommendations

General

Most companies’ policies are only tailored towards minimum compliance with national regulations;

As detailed in the above sections, companies are mandated by law to comply with certain procedures including data protection and content restriction policies. While compliance with these regulations also varies from company to company, there are barely any instances of companies taking initiative to ensure better privacy procedures than mandated by law, or to go beyond human rights reporting requirements as detailed in corporate social responsibility regulations. For example, Vodafone was the only company in this index to disclose (even in a limited manner) government requests for user information or for content restriction.
While compliance with regulations is an understandable threshold for companies to maintain, companies should make efforts to at least explain the import of the regulations to their users and explain how their policies are likely to affect their users’ rights.

Company policies are usually tailored towards regulations in specific regulations;

Jurisdiction is a major issue in regulating internet services. Internet service providers may operate and have users in several jurisdictions, but their policies do not always meet the requirements of each jurisdiction in which they operate, where there services are accessed. Even in cases of large ISPs which operate across jurisdictions, the policies may be tailored to specific jurisdictions. Tata Communications Ltd. for example, specifically references the law of the United States of America in its policies, though the same policies may operate for users in other jurisdictions. This is problematic since most company policies have accession to the terms as a condition of service, which means that restrictions (or protections, as the case may be) on user rights placed in one jurisdiction can be responsible for similar restrictions across the board in several jurisdictions.

Companies do not seek meaningful consent from their users before subjecting them to their policies;

The study highlights the importance of company policies to users rights. These policies define the relationship between the service provider and the user, including delimiting the rights available to users and their control over the information collected from them (often automatically). However, most companies take very little effort in obtaining meaningful user consent towards their policies, including efforts towards educating users about the import of their policies. In many cases, mere use of the service is mentioned as a sufficient condition for making the policies binding upon the users. Even in other cases, where notice of policies is more prominent, few efforts are made to ensure that users fully understand the scope and effect of the policies.
Further, while most companies have committed to informing users of changes to their policies in some form, only Reliance Jio disclosed that it directly informed users of changes to policies, subject to its discretion; while others did not maintain any clear standard for notice to changes to policies. None of the companies provided access to any archives where changes to the company policies could be reviewed.
It is apparent that most companies do not take much effort in maintaining robust or meaningful terms and conditions or privacy policies, which include an explanation of how the service could potentially affect a user’s privacy or freedom of expression. Nor do most companies attempt to take safeguards for protecting such freedoms beyond complying with regulations. Only Shaadi.com commits to informing users about data protection and how to take reasonable steps for ensuring their online privacy, above and beyond the regulations.
Finally, a study of TCL’s policy indicates that in some cases, the actions or policies of upstream providers (backbone internet providers such as TCL), can affect users’ experience of the internet without their consent or even notice, since these terms must be complied with by the last-mile provider to whom the users may connect.
The formalistic manner in which these policies are framed and worded effectively prevents many users from understanding their import upon online freedoms. Companies which are serious about committing to human rights should take steps towards making their policies easily accessible, and to clearly explain the scope of their policies and their impact on users’ online human rights in an easy and understandable manner instead of a formalistic, legal statement which is not accessible to lay users. Companies should also take steps towards educating users about how to protect their online freedoms while utilizing the services of the company.

Indian regulations hinder transparency and prevent companies from being accountable to their users;

The regulations outlined in Part – I of this report are telling in the broad restrictions they place on company transparency, in particular for disclosing any information about government requests for user information, or government or third party requests for content restriction. The policies are vaguely worded and broad in their confidentiality requirements, which potentially causes a chilling effect around the release of even aggregate or depersonalized information by companies.
Government regulations often provide the framework around which company policies operate. Regulators must include principles for safeguarding online freedom of expression and privacy as a fundamental part of their regulations. This includes clearly specifying the scope of confidentiality requirements as a response to government requests and to enable some form of transparency and oversight.

Commitment

Most companies do not adequately disclose efforts towards assessing their impact on online freedoms or compliance with the same;

Except Vodafone India (through Vodafone plc, its parent company), none of the companies surveyed in this report have disclosed any assessments of the impact of their services on online freedom of speech or privacy. The lack of such disclosures indicates companies’ lack of concern over ensuring transparency in such issues.
Although no legal framework exists for such assessment, companies must independently assess the impact of their services upon basic online freedoms as the first step towards committing to protecting those freedoms, possibly through a third party such as the Global Network Initiative. The findings from these assessments should, to the extent possible, be made public.

Some companies have implemented internal policies for training on and to monitor compliance with online freedoms;

Some companies have disclosed internal mechanisms which emphasise on protecting online freedoms, for example, through employee training on such issues. These internal policies are an important aspect of accountability for company processes which are generally outside of public oversight. Four of the eight companies surveyed, for example, have whistle-blower policies protecting the internal reporting of violations of ‘ethical conduct’. In addition, some companies, for example Tata Communications and Aircel disclose an internal code of ethics and measures for ensuring compliance with the same. Similarly, Vodafone discloses the existence of a Privacy Management System for training employees on the importance of customer privacy.
While some companies have robust internal processes for accountability, companies should also specify that these processes explicitly deal with concerns about user privacy or censorship, above and beyond general requirements for ethical conduct.

Companies do not disclose direct efforts to lobby against regulatory policies which negatively impact online freedoms;

None of the companies disclosed efforts towards directly lobbying for clearer regulations on government censorship of online privacy. However, the lack of transparency could possibly be attributed to the nature of the public consultancy process by Indian regulators. In fact, where the consultancy process is made public and transparent, companies have shown efforts at engaging with regulators. For example, several of the companies studied in this report have responded to the TRAI’s call for public comments on the network neutrality framework for the Indian internet, including TCL, Airtel, Aircel and Vodafone India.
The obvious implication for regulators is to improve the public consultancy process and attempt to engage stakeholders in a more transparent manner. Companies should also put regulatory pressure against regulations which stifle free speech or user privacy, if not through legal challenges, through public statements against regulatory overreach or oversight in these areas.

However, companies are making efforts towards better regulation through industry groups, particularly for privacy and data protection;

Most telecommunication companies surveyed in this report are members of some industry body which advocates in favour of protecting online freedoms. In particular, the companies are members of associations such as the Data Security Council of India or the Internet Service Providers Association of India, which commit to protecting different aspects of users rights. The DSCI, for example, is an influential industry association which lobbies for better regulations for data protection. However, there are few such associations actively committed towards tackling private or governmental censorship online.
While industry bodies are a growing voice in lobbying efforts towards better regulation, companies should also participate in civil society forums which advocate for protecting online freedoms.

All companies disclose some forum for grievance redressal, however, none of these specifically address freedom of speech and privacy issues;

All the companies surveyed have disclosed some forum for grievance redressal. As indicated above, this forum is also a statutory requirement under both the Reasonable Security Practices Rules and the Intermediaries Guidelines Rules under the IT Act. In most cases, however, these policies do not specify whether and to what extent the grievance redressal forum addresses issues of online censorship or privacy concerns, although some companies, such as Vodafone, have specifically designated Privacy Officers. Only Aircel, TCL and RCL disclosed an appellate process or timelines for resolution of complaints. Further, Aircel is the only company in this report which disclosed aggregate data of complaints received and dealt with.
Companies must take steps towards improving customer protection, particularly in cases involving violations of online freedoms. Grievance redressal by the company is generally the first step towards addressing rights violations and can also prevent future legal problems which the company may face. Further, companies should be transparent in their approach towards resolving customer grievances, and should publish aggregate data including complaints received and resolved, and to the extent possible, classifying the nature of the complaints received.

Freedom of Speech

Most companies do not disclose processes or safeguards in case of content restriction requests by private third parties or by the government;

Few of the companies surveyed have any form of checking misuse by government or third parties of blocking procedures prescribed under their terms and conditions. Some policies, such as TCL’s acceptable use policy, specifies that the company shall attempt to contact the owner of the content upon notice of private requests for content restriction, however, this requirement is entirely discretionary.
Some companies, such are Rediff, have a well-defined procedure for content restriction on intellectual property claims, but not in case of general content restriction measures.
However, there is evidence that at least some of the companies do provide some notice to users when the information they attempt to access has been removed or blocked by court order. TCL, for example, redirects users to a notice stating that the information has been blocked as per the provisions of a specific law. However, this does not reflect in its policies.
Companies must have internal procedural safeguards to ensure the authenticity of content restriction claims and their compliance with regulations. Companies must commit to objecting against overbroad requests for restriction. One important step in this regard is to clarify the scope of companies liabilities as intermediaries, for actions taken in good faith.
Companies must also provide clear and detailed notice to both users attempting to access blocked content as well as to the person whose content has been restricted. Such notice must specify whether the removal was due to a judicial, executive or privacy order, and to the extent possible, should specify the law, regulation or company policy under which the content has been restricted.

Companies do not disclose internal processes on content restriction or termination of services taken independently of third party requests;

None of the companies disclosed their process for removal of content independently of third party requests, for the enforcement of their terms. None of the company policies disclose processes for identification or investigation of any violation of their terms. In fact, many companies, including Rediff, Hike Messenger and Vodafone expressly state that services may be terminated without notice and entirely at the discretion of the service provider.
Further, none of the companies surveyed disclose their network management principles or make any public commitments against throttling of blocking of specific content or differential pricing, although, some of the telecommunications companies did vouch for some form of network neutrality, in their response to the TRAI’s public consultation on network neutrality regulations. As an outcome of those consultations, regulations now effectively prevent telecoms from discriminatory tariffs based on the nature of content.
Company processes for enforcement of their terms of use must be disclosed. Further, companies should commit to transparency in the enforcement of the terms of use, to the extent possible.

Privacy

Company practices on data protection vary widely – most companies show some commitment towards users’ privacy, but fall short on many grounds

Despite the existence of a privacy regulation (the Reasonable Security Practices Rules), company practices on data collection vary. Some companies, such as TCL, have robust commitments towards important privacy principles including user consent and collection limitation, however, on the other end of the spectrum, RCL does not have a publicly available privacy policy governing the use of its internet services. In fact, none of the companies have data collection policies which contain the minimum safeguards as expected from such policies, such as compliance with the OECD Privacy Principles, or the National Privacy Principles as laid out in the A.P. Shah Committee Report on Privacy.
Most of the companies surveyed make some form of commitment to notifying users of the collection and use of their data, including specifying the purposes for which information would be used and specifying the third parties with whom such information may be shared, and the option to opt-out of sharing their data with third parties. However, none of the policies explicitly commit to limiting collection of data to that which is necessary for the service. Further, while companies generally specify that data may be shared with ‘third parties’, usually for commercial purposes, theses parties are usually not explicitly mentioned in the policies.
Some of the companies, including TCL and Reliance Jio also explicitly allow individual participation to access, amend or delete the information companies have stored about them. However, in other cases, users can only delete specific information upon account termination. Moreover, other companies do not specify if they continue to hold user information beyond the period for which services are provided. In fact, none of the companies except Hike Messenger disclose that they limit the storage of information to a specified time period.
Companies must follow acceptable standards for data protection and user privacy, which, at the very least, require them to commit to collection and use limitations, specify time periods for retaining the data, allowing users to access, amend and delete data and to ensure that data stored is not out-dated or wrong. These policies must clearly specify the third parties with whom information may be shared, and should specify whether and how user consent is to be obtained before sharing of this information.

Companies’ processes for sharing of user information upon request by private third parties or governments are not transparent

With the exception of the Vodafone Transparency Report (undertaken by Vodafone India’s holding company), none of the companies studied attempt to disclose any information about their processes for sharing user information with governments. Even in the case of private third parties, only some companies expressly commit to user notification before sharing of information.
Companies should be more transparent about third-party requests for user data. While regulations regarding confidentiality could be clearer, companies should at least indicate that governments have requested user data and present this information in aggregate form.

Some companies disclose specific measures taken to secure information collected through the use of their services, including the use of encryption

While all companies collecting sensitive personal information are requested to comply with the reasonable security standards laid down under the Rules, companies’ disclosures about measures taken to secure data are generally vague. Rediff, for example, merely specifies that it uses the SSL encryption standard for securing financial data and ‘accepted industry standards’ for securing other data and Vodafone discloses that it takes ‘reasonable steps’ to secure data.
None of the companies surveyed disclose the existence of security audits by independent professionals, or the procedure followed in case of a breach of security. Further none of the companies commit to encrypting communications with or between the users end-to-end.
Companies should specify the safety standards utilized for the handling, transmission and storage of personal information. They must specify that the security used is in compliance with acceptable industry standards or legally prescribed standards. Further, they should ensure, wherever possible, that end-to-end encryption is used to secure the information of their users.

RDR Company Reports

Tata Communications Limited
www.tatacommunications.com
Industry: Telecommunications
Services evaluated: Tier-1 Internet Backbone Services, VSNL Mail
Market Capitalization: INR 194 Billion

TATA Communications Ltd. (TCL) is a global telecommunications company, headquartered in Mumbai and Singapore. A part of the TATA group of companies, TCL was founded as Videsh Sanchar Nigam Limited (VSNL), which was the first public-access gateway internet provider in India. VSNL was later acquired by the TATA group, and entirely merged with TATA Communications in 2008. TATA continues to retain the VSNL domain for its personal and enterprise email service.

According to its latest annual report, TCL provides backbone connectivity to over 240 countries and territories and carries close to 24% of the world’s Internet routes. TCL also owns three of the ten submarine cable landing stations in India, responsible for India’s connectivity to the global internet.

Commitment
TCL scores averagely on disclosure of its commitment to human rights on the internet, including on disclosures relating to freedom of expression and privacy. Although TCL maintains a corporate social responsibility policy as well as business responsibility report, which include policy commitments to protecting human rights, (which are mandated by Indian law), none of its publicly available policies make a reference to its commitments to freedom of expression of its users.

The TATA group maintains a code of conduct, applicable to all of its group companies, including TCL. The code makes an explicit reference to data security and privacy of TATA’s customers. As per that code, the Managing Director and Group CEO is the Chief Ethics Officer, responsible for the implementation of the Code of Conduct.

TCL’s internal policies concerning internal implementation of human rights, as well as grievance redressal, are more robust than their public policy commitments to the same. As per in the TATA group code of conduct, which is applicable to its group companies, TCL provides employee training and conducts ethics awareness workshops at frequent intervals, and also takes other initiatives to ensure compliance with the code of conduct, which includes a commitment to customer privacy and data protection. Further, TCL has a well articulated whistleblower policy which states the processes to be followed in case any employee observes any unethical conduct within the company, including violations of the TATA code of conduct. The whistleblower policy commits to protecting any employee who reports unethical conduct under the policy, but contains no explicit references to freedom of speech or censorship issues, or issues of user privacy.

Concerning stakeholder engagement, TCL seems to be somewhat involved in engaging with issues of privacy, but makes no commitments on issues of freedom of expression. TCL is a member of the Data Security Council of India, an industry body which makes public commitments towards user privacy and data security, which includes guiding the Indian IT industry on self-regulation on issues of privacy and data security.

TCL maintains various grievance redressal forums, evidenced through different policies. For example, their consumer charter provides a general forum for addressing grievances, which include complaints regarding service outages. However, this does not refer specifically to complaints about censorship or privacy-related concerns. TCL’s Acceptable Use Policy and privacy policy also guide users to specific grievance redressal forums, for complaints under those policies. Besides this, there are recorded instances where TCL has advertised grievance redressal mechanisms relating to cases of private or judicial requests for blocking of content. However, TCL does not make any public disclosures about the inputs to or outcomes of its grievance redressal mechanisms.

Freedom of Expression
General
TCL’s Acceptable Use Policy (“AUP”) governs the use of TCL services by its customers, which includes downstream providers, which TCL is responsible for interconnection with, as a backbone internet provider. VSNL mail maintains its own terms and conditions for users, which are available on its website. Both TCL’s AUP and VSNL’s terms and conditions are easily locatable through their websites, are presented in a clear and understandable manner and are available in English.

TCL does not commit to notifying users of important changes to their terms of use, stating that it may chose to notify its customers of changes to the AUP, either directly, or by posting such modifications on its website. VSNLs policy states that the terms and conditions of the use of the webmail service may change without any notice to users.Although TCL is an Indian company and its terms are applicable to its customers worldwide, the AUP contains several references are to laws and procedures of the United States of America, such as the US PATRIOT Act, ostensibly due to TATA’s heavy presence in the US market coupled with stricter disclosure requirements in that jurisdiction.

Content Restrictions and Termination of Services
The AUP does not place any obligations on TCL to ensure a fair judgement before sanctions such as removal of content, termination or suspension for violations of terms of use. Although the AUP identifies categories of content which is prohibited by the service, the AUP also states that TCL may suspend or terminate a users account, for any action they may deem to be inappropriate or abusive, whether or not stated in their policies. The AUP clearly states that TCL may remove of edit content in violation of the AUP or content which is harmful or offensive. Although it states that TCL shall attempt to first contact a user who is suspected of violations, they may suspend or terminate the services of the customer at their sole discretion. There is evidence, although not stated explicitly in its policies, that TCL provides general notice when content is taken down on its network through judicial order. However, there is no disclosure of any requirement to contact the relevant user, in case of takedown of user-generated content in compliance with judicial order.Although TCL has voiced its opinion on network neutrality, for example, by issuing public comments to the Telecom Regulatory Authority of India, it does not disclose its policies regarding throttling or degrading of content over its network, or its network management principles.As a backbone connection provider, TCL’s major customers include downstream ISP’s who connect through TCL’s network. Therefore, the AUP states that the downstream provider shall ensure that its customers comply with the AUP, failing which TCL may terminate the services of the downstream provider. Further, importantly, TCL treats violations of the AUP by the end-user as violations by the downstream ISP, making them directly liable for the violations of the terms and subject to any actions TCL may take in that regard. The AUP further expressly states that TCL shall co-operate with appropriate law enforcement agencies and other parties investigating claims of illegal or inappropriate conduct, but does not mention whether this involves taking down content or disconnecting users.

Technical observations on TCL’s blocking practices in 2015 showed that TCL appeared to be using a proxy server to inspect and modify traffic to certain IP addresses.

Privacy
General
TCL has one privacy policy which covers all services provided by the company with the exception of VSNL mail, which has its own privacy policy. The policy is easily accessible and available in English. The policy partially discloses that users are updated of any changes to the policy, however, any notification of the changes is only on the website and not done directly. In addition to the above, TCL also has a separate cookie policy, which contains information about its use of cookies for the collection of user information on its websites. Use of TCL’s services entails acceptance of its privacy policy.

Disclosure of Collection, Use and Sharing of Personal Information
TCL, as well as VSNL mail, discloses that it collects users’ personal information, based on the service utilized by them, both as solicited information and as automatically collected information through the use of technologies such as cookies, or through third parties. TCL’s privacy policy states the various purposes to which such personal collection might be used, including for the investigation of fraud or unlawful activity, and for the provision of services, including for marketing. TCL discloses that it may combine this information prior to use. VSNL does not clearly state the purpose for which information may be collected, nor how it is shared.

TCL discloses that it may share personal information with affiliates, marketing partners, service providers as well as in response to legal processes including court orders or subpoena’s or in any other case which TCL deems necessary or appropriate. Where personal information is shared with third parties, TCL commits to ensure that third parties (which include third party downstream carriers) also have appropriate data protection policies. TCL does not disclose its process for responding to orders for interception or for user information from private parties or from governmental agencies, nor does it provide any specific or aggregate data regarding the same.

User control over information
The policy discloses that TCL explicitly seeks user consent before it transfers data across legal jurisdictions. Although the policy states that TCL may share user information with law enforcement agencies in compliance with legal requests, it does not disclose any process for vetting such requests, nor does it disclose any data (specific or aggregate) about any such requests received. With the exception of California, USA, TCL does not permit users to access data about any requests for their personal information which may have been received or granted by TCL to private third parties. Further, in contrast to most companies studied in this index, TCL discloses that it permits users to access, amend or delete information which the company stores about them. VSNL does not disclose that it allows users to access, amend or delete their personal information collected by VSNL.

Security
TCL does not disclose that it uses or permits the use of encryption for any communications transmitted through its network, nor does it provide users any training or disclaimers to consumers on data protection.

Rediff.com India Ltd.
www.rediff.com
Industry: Internet Software Services and Media
Services evaluated: Rediff.com, Rediff Mail, Rediff iShare, Rediff Shopping
Market Capitalization: USD 6.07 Million

Rediff.com is a company, operating several internet services, including personal and enterprise email services, news services, a media-sharing platform and a shopping platform. It has its headquarters in Mumbai, India. According to the Alexa Index, Rediff.com is the 47^th most visited website in India, and the 407^th overall. Approximately 87% of its traffic originates from Indian users.

Commitment
Of the companies studied in this survey, Rediff.com (“Rediff”) received the lowest scores on commitment indicators. None of Rediff’s publicly available policies, including government mandated filings, disclose efforts towards protecting online freedoms. Rediff also does not disclose that it maintains a whistleblower policy or a company ethics policy. As a major online media and internet services provider in India, Rediff makes no public commitment towards freedom of speech and user privacy, and has not disclosed any efforts at engaging with stakeholders in this regard. Although the terms of use for various services provided by Rediff disclose the existence of a grievance redressal mechanism, it is only within the bounds of Rule 3 of the Intermediary Guidelines Rules, 2011. The terms of use do not explicitly make mention of grievances related to online freedoms, nor is any specific or aggregate data about the complaints mechanism released by the company. Rediff does not disclose that it undertakes any impact assessment of how its services may impact online freedoms.

Freedom of expression
General
Rediff has an umbrella policy covering the use of all services offered by Rediff.com, as well as separate policies governing the use of its video sharing platform, its blogging platform and messaging boards. The use of any Rediff services is construed as acceptance of their terms of use. Rediff discloses that it may change any of its terms of use without prior notification to its users. Rediff’s services are accessible through a Rediffmail account, which does not require verification through any government issued license to link online users to their offline identity. The existence of various disparate policies and the manner and format of the policies somewhat decrease their accessibility.

Content Restriction and Termination of Services
Rediff’s General Terms of Use specify content which is prohibited on its various services, which is materially similar to the content prohibited under the guidelines issued under the Information Technology Act. Further, Rediff’s messaging board policy lists a number of vague and broad categories which are prohibited and may be restricted on the forums, including “negatively affecting other participants, disrupt the normal flow of the posting.”

As per the General Terms of Use, Rediff reserves the right to remove any content posted by users, solely at its own discretion. Rediff’s General Terms of Use do not disclose any process for responding to requests by law enforcement or judicial or other government bodies for the takedown of content. However, the terms of Rediff’s video sharing platform specifies that written substantiation of any complaint from the complaining party is required. Rediff’s process for responding to complaints regarding intellectual property infringement are well detailed in this policy, although it does not substantiate the process for responding to other requests for restriction of content from private parties or law enforcement agencies.

Rediff further reserves the right to terminate the services offered to its users, with or without cause and without notice of the same. Similar to most companies surveyed, Rediff does not disclose its process for responding to requests for restriction of content or services by private parties or by government agencies, nor does it publish specific or aggregate data about restriction of content, the number of requests for takedown received or the number complied with.

Privacy
General
Rediff’s performance on privacy indicators is marginally better than those on freedom of expression. A single privacy policy is applicable to all of Rediff’s services, which is easily accessible through its various websites, including on its homepage. Rediff discloses that any material changes of its privacy policy will be notified prominently. Use of Rediff’s services entails acceptance of its privacy policy.

Disclosure of Collection, Use and Sharing of Personal Information
Rediff specifies that it collects both anonymous and personally identifiable information, automatically as well as what is solicited through their services, including financial information and ‘user preferences and interests’. Rediff does not disclose if any information so collected is combined for any purpose. It also specifies the purpose to which such information may be used, which includes its use ‘to preserve social history as governed by existing law or policy’, or to investigate violations of Rediff’s terms of use. The policy further specifies that Rediff may share information with third parties including law enforcement agencies or in compliance of court orders or legal process. Rediff discloses that it notifies users in case any personal information is being used for commercial purposes, and gives users the option to opt-out of such use. Rediff does not disclose its process for responding to orders for interception or for user information from private parties or from governmental agencies, nor does it provide any specific or aggregate data regarding the same.

User Control over Information
Rediff discloses that its users may chose to correct, update or delete their information stored with Rediff if they chose to discontinue the use of its services. However, unless users specifically chose to do so, Rediff continues to store user information even after termination of their account.

Security
Rediff discloses that it encrypts sensitive information (including financial information) through SSL encryption, and uses ‘accepted industry standards’ to protect other personal information submitted by users, although it does not define what these standards are.

Vodafone India Limited
www.vodafone.in
Industry: Telecommunications
Services evaluated: Broadband and Narrowband mobile internet services

Vodafone India Limited is a wholly owned subsidiary of the Vodafone Group Plc., the world’s second largest telecommunications provider. As of March 2016, Vodafone India was the second largest telecommunications provider in India, with a market share of 19.71% of internet subscribers (broadband and narrowband). Vodafone entered the Indian market after acquiring Hutchison Telecom in 2007.

This survey has only examined the policies of Vodafone India and those policies of Vodafone plc. which may be applicable specifically to Vodafone India.

Commitment
Vodafone India Limited (“Vodafone”) scores the highest on the commitment indicators of the companies examined in this survey. While the Vodafone Group, (the Group/holding company) examined as part of the global Ranking Digital Rights Index, discloses its compliance with the UN Guiding Principles on Business and Human Rights, Vodafone India does not specifically make any such disclosures independently. The companies annual report, corporate responsibility policies or business responsibility reports do not disclose any commitments towards online freedoms. However, Vodafone India does disclose the existence of a Privacy Management Framework, under which employees are provided training regarding data privacy of users. Moreover, Vodafone’s public statements disclose the existence of a privacy impact assessment procedure to ensure ‘data minimisation’ and reduce the risk of breach of privacy. Vodafone is also a member of the Data Security Council of India, an industry body which makes public commitments towards user privacy and data security, which includes guiding the Indian IT industry on self-regulation on issues of privacy and data security, as well as the Cellular Operators Association of India, another industry organization which also commits to protecting consumer rights, including consumers right to privacy.

Vodafone also discloses a multi-tiered grievance redressal mechanism, which includes an appellate authority as well as a timeline of 39 days for the resolution of the complaint. However, the mechanism does not specify if grievances related to online freedoms may be reported or resolved. In addition, Vodafone has designated a Privacy Officer for redressing concerns under its privacy policy.

Freedom of Expression
General
Vodafone scored the lowest on disclosures under this head of the companies surveyed. The terms of use for Vodafone India’s services are not available on their homepage or site-map nor are they presented in a clear or easily accessible manner. They may be accessed through the Vodafone Telecom Consumers Charter, with different terms of use for pre-paid and post-paid customers. There is no policy specific to the use of internet services through the use of the Vodafone network, nor do these policies make reference to the use of internet services by Vodafone users. Vodafone does not disclose that it provides any notification of changes to the policies to its users.

Content Restriction and Termination of Services
While the Terms of Use do not specifically refer to online content, Vodafone’s Terms of Use prohibit users from “sending messages” under various categories, which include messages which infringe upon or affect “national or social interest”. Vodafone reserves the right to terminate, suspend or limit the service upon any breach of its Terms of Use or for any reason which Vodafone believes warrants such termination, suspension or limitation. Vodafone does not disclose its process for responding to violations of its terms of use.

Vodafone does not disclose its process for responding to requests for restriction of content or services by private parties or by government agencies, nor does it publish specific or aggregate data about restriction of content, the number of requests for takedown received or the number complied with. Although the Vodafone group internationally publishes a comprehensive law enforcement disclosure report (making it one of few major internet companies to do so), the report does not contain information on orders for blocking or restricting services or content.

Vodafone has made public statements of its commitment to network neutrality and against any kind of blocking or throttling of traffic, although it does not have any policies in place for the same.

As with all telecommunications companies in India, users must be authenticated by a valid government issued identification in order to use Vodafone’s telecommunication services.

Privacy
General
Vodafone India’s privacy policy which is applicable to all users of its services is not as comprehensive as some other policies surveyed. It is accessibly through the Vodafone India website, and available in English. Vodafone merely discloses that the policy may change from time to time and does not disclose that it provides users any notice of these changes. Use of Vodafone’s services entails acceptance of its privacy policy.

Collection, Use and Sharing of Personal Information
Vodafone’s policy discloses the personal information collected, as well as the purpose and use of such information, and the purpose for which such information may be shared with third parties, including law enforcement agencies. However, Vodafone does not disclose how such information may be collected or for what duration.

Vodafone India’s privacy policy does not disclose its process for responding to government requests for user information, including for monitoring or surveillance. However, the Vodafone law enforcement disclosure report elaborates upon the same, including the principles followed by Vodafone upon requests for user information or for monitoring their network in compliance with legal orders. However, as per the applicable laws in India, Vodafone does not publish any aggregate or specific data about such requests, although it states that the Indian government has made such requests.

User Control over Personal Information
Vodafone does not disclose that it allows users to access, amend, correct or delete any information it stores about its users. It does not disclose if user information is automatically deleted after account termination.

Security
Vodafone only discloses that it takes ‘reasonable steps’ to secure user information. Vodafone does not disclose that it employs encryption over its network, or if it allows users to encrypt communications over their network. Vodafone also does not disclose that it provides any guidance to users on securing their communications over their network.

Reliance Communications Limited

www.rcom.co.in

Industry: Telecommunications

Services evaluated: Broadband and Narrowband mobile internet services

Market Capitalization: INR 118.35 Billion

Reliance Communications Limited (“RCL”) is an Indian telecommunication services provider, and a part of the Reliance Anil Dhirubai Ambani group of companies. RCL is the fourth largest telecommunications provider in India, with a market share of 11.20% of Indian internet subscribers. Reliance also owns one of ten submarine cable landing stations in India, responsible for India’s connectivity to the global internet.

Commitment
RCL does not disclose any policy commitment towards the protection of online freedoms. Although RCL has filed business responsibility reports which include a report on the company’s commitment towards human rights, the same do not make a reference to privacy or freedom of expression of its users either. RCL does not disclose that it undertakes any impact assessment of how its services may impact online freedoms.

While RCL does maintain a whistle-blower policy for reporting any unethical conduct within the company, the policy too does not expressly mention that it covers any conduct in violation of user privacy or freedom of expression. RCL is a member of at least three industry bodies which work towards stakeholder engagement on the issues of privacy and consumer protection and welfare, namely, the Data Security Council of India, the Internet Service Providers Association of India and the Association of Unified Telecom Service Providers of India (although none of these bodies expressly mention that they advocate for freedom of expression).

RCL maintains a comprehensive manual of practice for the redressing consumer complaints. The manual of practice specifies the procedure for grievance redressal as well the timelines within which grievances should be resolved and the appellate authorities which can be approached, however, it does not specify whether complaints regarding privacy or freedom of expression are covered under this policy.

Freedom of Expression
General
RCL’s terms of use for its internet services are part of its Telecom Consumer’s Charter, its Acceptable Use Policy (“AUP”) and its Consumer Application Form, which are not easily accessible through the RCL website. The charter contains the terms for its post-paid and pre-paid services as well the terms for broadband internet access. RCL discloses that it may change the terms of use of its services without any prior notification to its users.

Content Restriction and Termination of Services
RCL’s AUP lists certain categories of content which is not permitted, which includes vague categories such as ‘offensive’, ‘abusive’ or ‘indecent’, which are not clearly defined. In the event that a user fails to comply with its terms of use, RCL discloses that their services may be terminated or suspended. Further, as per the CAF, RCL reserves the right to terminate, suspend or vary its services at its sole discretion and without notice to users. The terms of use also require the subscriber/user to indemnify RCL in case of any costs or damages arising out of breach of the terms by any person with or without the consent of the subscriber.

RCL discloses that upon receiving any complaints or upon any intimation of violation of its terms of use, RCL shall investigate the same, which may also entail suspension of the services of the user. RCL does not disclose that it provides users any notice of such investigation or reasons for suspension or termination of the services. RCL does not disclose specific or aggregate data regarding restriction of content upon requests by private parties or governmental authorities.

RCL does not disclose its network practices relating to throttling or prioritization of any content or services on its network. However, RCL has published an opinion to the Telecom Regulatory Authority of India, wherein it supported regulation prohibiting throttling or prioritization of traffic. However, RCL was the network partner for Facebook’s Free Basics platform which was supposed to provide certain services free of cost through the RCL network. The Free Basics initiative was abandoned after the TRAI prescribed regulations prohibiting price discrimination by ISPs.

Privacy
RCL scores the lowest on this indicator of the companies surveyed. RCL does not disclose that it has a privacy policy which governs the use of its internet services. RCL’s AUP only discloses that it may access and use personal information which is collected through its services in connection with any investigation of violation of its AUP, and may share such information with third parties for this purpose, as it deems fit. Further, RCL’s terms of use further disclose that it may provide user information to third parties including security agencies, subject to statutory or regulatory factors, without any intimation to the user.

Security
RCL does not disclose any information on the security mechanisms in place in its network, including whether communications over the network are encrypted or whether end-to-end encrypted communications are allowed.

Shaadi.Com

www.shaadi.com

Industry: Internet Marriage Arrangement

Services evaluated: Online Wedding Service

Shaadi.com, a subsidiary of the People group, is an online marriage arrangement service launched in 1996. While India is its primary market, the service also operates in the USA, UK, Canada, Singapore, Australia and the UAE. As of 2017, it was reported to have a user base of 35 million.

Governance
Shaadi.com makes no explicit commitment to freedom of expression and privacy, and does not disclose whether it has any oversight mechanisms in place. The company also does not disclose whether it has any internal mechanisms such as employee training on freedom of expression and privacy issues, or a whistleblower policy. Further, there are no disclosures as to any process of impact assessment for privacy and freedom of expression related concerns. The company does not disclose if it is part of any multi-stakeholder initiatives, or other organizations that engage with freedom of expression and privacy issues, or groups that are impacted by the company’s business. While details of a Grievance Officer are provided in the company’s Privacy Policy, it is not clearly disclosed if the mechanism may be used for freedom of expression or privacy related complaints. The company makes no public report of the complaints that it receives, and provides no clear evidence that it responds to them.

Freedom Of Expression
General
The Terms of Service are easily locatable on the website, and are available in English. The Terms are presented in an understandable manner, with section headers, but provide no additional guidance such as summaries, tips or graphics to explain the terms. Shaadi.com makes no disclosure about whether it notifies users to changes in the Terms, and how it may do so. Shaadi.com also does not maintain any public archives or change log.

Content Restriction and Termination of Services
Shaadi.com discloses an indicative list of prohibited activities and content, but states that it may terminate services for any reason. Shaadi.com makes no disclosures about the process it uses to identify violations and enforce rules, or whether any government or private entity receives priority consideration in flagging content. Shaadi.com does not disclose data about the volume and nature of content and accounts it restricts. Shaadi.com makes no disclosures about its process for responding to requests from any third parties to restrict any content or users. The Terms do not disclose the basis under which it may comply with government or private party requests, nor whether any due diligence is conducted before responding to the requests. Shaadi.com makes no commitment to pushback on inappropriate or overbroad requests from the government, or private entities. Shaadi.com discloses that it notifies users via email when restricting their accounts.

Shaadi.com also does not publish any data about the requests it receives, and how it responds to them. This could include, for instance, the number of requests received, the number of requests complied with, the the number of accounts or URLs affected, the types of subject matter associated with the requests, etc. Registration for the service requires a Mobile Number, which may be tied to offline identity.

Privacy
General
The Privacy Policy is easily locatable on the website, and is available in English. The Policy is presented in an understandable manner, with section headers, but provides no additional guidance such as summaries, tips or graphics to explain the terms.

Shaadi.com discloses that material changes to the Privacy Policy will be notified by posting a prominent link on the Homepage. Further, if personally identified information is used in a materially different manner from that stated at the time of collection, Shaadi.com commits to notify users by email. However, Shaadi.com does not disclose a time frame within which it notifies users prior to the changes coming into effect. Shaadi.com also does not maintain any public archives or change log.

Collection, Use and Sharing of Personal Information
Shaadi.com clearly discloses the types of personal and non personal information it may collect, but does not explicitly disclose how it collects the information. There is no commitment to limit collection only to information that is relevant and necessary to accomplish the purpose of the service.

While the Privacy Policy states the terms of sharing information, it makes no type-specific discloses about how different types of user information may be shared or the purpose for which it may be shared. Shaadi.com also does not disclose the types of third parties with which information may be shared. Shaadi.com clearly discloses that it may share user information with government or legal authorities.

The Privacy Policy discloses the purposes for which the information is collected, but does not disclose if user information is combined from different services. Shaadi.com makes no commitment to limit the use of information to the purpose for which it was collected. Shaadi.com makes no disclosures about how long it retains user information. It does not disclose whether it retains de-identified information, or its process for de-identification.

Shaadi.com does not disclose whether it collects information from third parties through technical means, how it does so, or its policies about use, sharing, retention etc. Shaadi.com does not make any disclosures about its processes for responding to third party requests for user information. The Privacy Policy does not disclose the basis under which it may comply with government or private party requests, nor whether any due diligence is conducted before responding to the requests. Shaadi.com makes no commitment to pushback on inappropriate or overbroad requests from the government, or private entities.

Shaadi.com also does not publish any data about the requests it receives, and how it responds to them. This could include, for instance, the number of requests received, the number of requests complied with, the number of accounts affected, the type of authority or legal process through which the request was made, etc.

User Control over Information

Shaadi.com does not disclose the time frame within which it may delete user information, if at all, after users terminate their account. Shaadi.com does not disclose whether users can control the collection of information by Shaadi.com. The Policy states that users are allowed to remove both public or private information from the database. However, certain (unspecified) financial information and account related information submitted at the time of registration may not be removed or changed.

Shaadi.com does not disclose if users are provided options to control how their information is used for targeted advertising, or if targeted advertising is off by default.

Shaadi.com does not disclose whether users may access a copy of their information, or what information may be available. Shaadi.com does not disclose whether it notifies users when their information is sought by government entities or private parties.

Security
Shaadi.com discloses that it follows generally accepted industry standards to protect personal information. Employees are granted access on a need to know basis. Shaadi.com does not disclose whether it has a security team that audits the service for security risk, or whether it commissions third party audits.

Shaadi.com does not disclose whether it has any process, policy or mechanism in place for researchers to submit security vulnerabilities, and how it would respond to them. Shaadi.com does not explicitly commit to notify the relevant authorities without undue delay in case of a data breach. Shaadi.com does not disclose whether it notifies affected users about breaches, and any steps it may take to minimize impact.

Shaadi.com discloses that sensitive information, such as card numbers, are transmitted using the Secure Socket Layer protocol, but not whether all user communications are encrypted by default. Shaadi.com does not disclose whether it uses advanced authentication methods to prevent unlawful access. Shaadi.com does not disclose whether users can view their recent account activity, or if notifies users about unusual activity and possibly unauthorized access.

Shaadi.com publishes privacy and security tips on its website which provide guidance about risks associated with the service, and how they may be avoided.

Hike Messenger
www.get.hike.in
Industry: Internet Instant Messaging
Services evaluated: Instant Messaging and VoIP application

Hike messenger is an Indian cross platform messaging application for smartphones. Users can exchange text messages, communicate over voice and video calls, and exchange pictures, audio, video and other files. Hike launched in November 2012 and, as of January 2016 Hike became the first Indian internet company to have crossed 100 million users in India. It logs a monthly messaging volume of 40 billion messages. Hike’s parent Bharti SoftBank is a joint venture between Bharti Enterprises and SoftBank, a Japanese telecom firm. As of August 2016, hike was valued at $1.4 billion.

Governance

Hike makes no explicit commitment to freedom of expression and privacy, and does not disclose whether it has any oversight mechanisms in place. Hike also does not disclose whether it has any internal mechanisms such as employee training on freedom of expression and privacy issues, or a whistleblower policy. Further, there are no disclosures as to any process of impact assessment for privacy and freedom of expression related concerns. Hike does not disclose if it is part of any multi stakeholder initiatives, or other organizations that engage with freedom of expression and privacy issues, or groups that are impacted by Hike’s business.

Hike’s Terms of Use provide contact details for submitting queries and complaints about the usage of the application. It notes that the complaints will be addressed in the manner prescribed by the Information Technology Act, 2000 and rules framed thereunder. The Terms do not disclose if the mechanism may be used for freedom of expression or privacy related issues. Hike makes no public report of the complaints that it receives, and provides no clear evidence that it responds to them.

Freedom Of Expression

General

The Terms of Service are easily locatable on the website, and are available in English. The terms are presented in an understandable manner, with section headers, and often provide examples to explain the terms. Hike may make changes to the Terms at its discretion without any prior notice to the users. Hike does not disclose whether users are notified after changes have been made, or whether it maintains a public archive or change log.

Though the Terms disclose a range of content and activities prohibited by the service, Hike may delete content, for any reason at its sole discretion. Further, Hike may terminate or suspend the use of the Application at anytime without notice to the user.

Content Restriction and Termination of Services
Hike makes no disclosures about the process it uses to identify violations and enforce its rules, or whether any government or private entity receives priority consideration in flagging content. Hike does not disclose data about the volume and nature of content and accounts it restricts.

Hike makes no disclosures about its process for responding to requests from any third parties to restrict any content or users. The Terms do not disclose the basis under which it may comply with government or private party requests, nor whether any due diligence is conducted before responding to the requests. Hike makes no commitment to pushback on inappropriate or overbroad requests from the government, or private entities.

Hike also does not publish any data about the requests it receives, and how it responds to them. This could include, for instance, the number of requests received, the number of requests complied with, the the number of accounts, etc.

Identity Policy

Mobile Numbers would be required to sign up for the service, which could potentially be connected to offline identity.

Privacy

General
The Privacy Policy is easily locatable on the website, and are available in English. The terms are presented in an understandable manner, with section headers, and often provide examples to explain the terms.

Hike discloses that changes to the Privacy Policy will be posted on Hike website, and does not commit to directly notifying users of changes. Users are advised to review the website from time to time to remain aware of the terms. Hike does not disclose a time frame within which it may notify changes prior to them coming into effect. Hike also does not disclose whether it maintains a public archive or change log.

Collection, Use and Sharing of Information
Hike clearly discloses the types of user information it collects. However, Hike makes no explicit commitment to limit collection only to information that is relevant and necessary to accomplish the purpose of the service.

Hike discloses that user information may be shared for a variety of purposes, but does not disclose the type, or names of third parties that may be given access to the information. Hike discloses that it may share user information with government entities and legal authorities.

The Privacy Policy states the purposes for which user information is collected and shared, but makes no commitment to limit the use of information to the purpose for which it was collected.

Hike discloses that undelivered messages are stored with Hike’s servers till they are delivered, or for 30 days, whichever is earlier. Messages or files sent through the service also reside on Hike’s servers for a short (unspecified) period of time till the delivery of the messages or files is complete. Hike does not disclose the duration for which it retains information such as profile pictures and status updates. Hike does not disclose whether it retains de-identified information, or its process for de-identification. Hike discloses that, subject to any applicable data retention laws, it does not retain user information beyond 30 days from deletion of the account.

Hike does not disclose whether it collects information from third parties through technical means, and how it does so, or its policies about use, sharing, retention etc.

Hike does not make any disclosures about its processes for responding to third party requests for user information. The Privacy Policy does not disclose the basis under which it may comply with government or private party requests, nor whether any due diligence is conducted before responding to the requests. Hike makes no commitment to pushback on inappropriate or overbroad requests from the government, or private entities.

Hike does not disclose whether it notifies users when their information is sought by government entities or private parties.

User Control over Information

Hike discloses that the user may chose to not submit certain user information, but also notes that this may hinder use of the application. Hike makes no disclosure about whether users may request deletion of their user information.

Hike discloses that users may opt out or opt in for specific services or products which may allow user information to be used for marketing or advertising purposes. Hike does not disclose if targeted advertising is on by default.

Hike does not disclose whether users may obtain a copy of their user information.

Security

Hike discloses that it has security practices and procedures to limit employee access to user information on a need to know basis only. Hike does not disclose whether it has a security team that audits the service for security risk, or whether it commissions third party audits. Hike does not disclose whether it has any process, policy or mechanism in place for researchers to submit security vulnerabilities, and how it would respond to them.

Hike does not explicitly commit to notify the relevant authorities without undue delay in case of a data breach, but discloses that it may attempt to notify the user electronically. However, company does not the types of steps it would take to minimize impact of a data breach.

Hike does not disclose if transmission of user information is encrypted by default, or whether it uses advanced authentication methods to prevent unlawful access. Hike does not disclose whether users can view their recent account activity, or if notifies users about unusual activity and possibly unauthorized access.

Hike does not publish and materials that educate users about cyber risks relevant to their service.

Aircel
www.aircel.com
Industry: Telecommunications
Services evaluated: Broadband and Narrowband Mobile Internet Services

The Aircel group is a joint venture between Maxis Communications Berhad of Malaysia and Sindya Securities & Investments Private Limited. It is a GSM mobile service provider with a subscriber base of 65.1 million users. The company commenced operations in 1999 and has since become a pan India operator providing a host of mobile voice and data telecommunications services.

Governance

Aircel’s Terms and Conditions state that it is a duty of all service providers to assure that the privacy of their subscribers (not affecting national security) shall be scrupulously guarded. However, the company makes no similar commitment to freedom of expression.

Aircel also does not disclose whether it has any oversight mechanisms in place. However, Aircel does disclose that it has established a Whistleblower Policy and an Ethics Hotline. Further, the Privacy Policy states that employees are expected to follow a Code of Conduct and Confidentiality Policies in their handling of user information. There are no disclosures as to any process of impact assessment for privacy and freedom of expression related concerns. Aircel does not disclose if it is part of any multi stakeholder initiatives, or any other organizations that engage with freedom of expression and privacy issues, or groups that are impacted by Aircel’s business.

Aircel has a process for receiving complaints on its website under the section of Customer Grievance. However, it is not clearly disclosed whether this process may be applicable for freedom of expression and privacy related issues. Though Aircel does disclose information such as the number of complaints received and redressed, the number of appeals filed, it makes no disclosure if any complaints were specifically related to freedom of expression and privacy.

Freedom Of Expression
General
The Terms and Conditions are not easily locatable, and are found as part of a larger document titled Telecom Consumers Charter, which is itself posted as an inconspicuous link on the Customer Grievance page. The Terms are provided only in English, but it is likely that Aircel has a large Hindi speaking user base. The Terms are presented in an understandable manner, with section headers, but provide no additional guidance such as summaries, tips or graphics to explain the terms.

Aircel discloses that it may make changes to the Terms without notice to users, or with written notice addressed to the last provided address, at its sole discretion. Aircel does not disclose if it maintains a public archive or change log.

Content Restriction and Termination of Services
The Terms prohibit certain activities, but Aircel discloses that it may terminate services for a user at its sole discretion for any reason, including a violation of its Terms.

Aircel makes no disclosures about its process it uses to identify violations and enforce its rules, or whether any government or private entity receives priority consideration in flagging content. Aircel does not disclose data about the volume and nature of content and accounts it restricts.

Aircel makes no disclosures about its process for responding to requests from third parties to restrict content or users. The Terms do not disclose the basis under which Aircel may comply with government or private party requests, nor whether any due diligence is conducted before responding to the requests. Aircel makes no commitment to pushback on inappropriate or overbroad requests from the government, or private entities. Aircel does not disclose if it notifies users when they try to access content that has been restricted, and the terms expressly waive users’ right to notice if their services are suspended/terminated.

Aircel does not disclose its policy on network management, or whether it prioritizes, blocks, or delays certain types of traffic, applications, protocols, or content for reasons beyond assuring quality of service and reliability. Notably, in its comments to the Telecom Regulatory Authority of India on the issue of regulation of Over-The-Top Services, it argued for the right of Telecom Service Providers to negotiate commercial agreements with OTT providers, as well as the right to employ non price differentiation and network management practices.

Aircel discloses that it may terminate its services in wholly or in part, at its sole discretion, and for any reasons, including directions from the government. Aircel does not disclose its process for responding to requests for network shutdowns, or the legal authority that makes the requests, nor does it commit to push back on such requests. The terms waive the users’ right to notice when services are suspended. Aircel also provides no data about the number of request received or complied with.

Aircel discloses that it requires government approved identification in order to perform verifications.

Privacy
General

The Privacy Policy is easily locatable on the website, and is available in English. It is likely that Aircel has a large Hindi and vernacular speaking user base. However, the website does not provide any other language versions of the Privacy Policy. The Policy is presented in an understandable manner, with section headers, but provides no additional guidance such as summaries, tips or graphics to explain the terms.

The Privacy Policy states that changes will be reflected on the website, and makes no disclosure about whether it will directly notify users. Aircel does not disclose a time frame within which it may notify users prior to the changes coming into effect. Aircel also does not maintain any public archives or change log.

Collection, Use and Sharing of Information

Though Aircel discloses the types of user information it may collect, it does not explicitly disclose how it collects the information. Aircel makes no commitment to limit collection only to information that is relevant and necessary to accomplish the purpose of the service.

While the Privacy Policy states the terms of sharing information, it makes no type-specific disclosures about how different types of user information may be shared. Further, while Aircel broadly discloses the type of third parties with which it may share information, it does not provide a specific list of names. Aircel clearly discloses that it may share user information with government or legal authorities.

The Privacy Policy broadly states the purposes for which the information is collected, but does not disclose in more specific terms the purposes for which various types of user information may be collected. Aircel also does not disclose if user information is combined from different services. Aircel makes no commitment to limit the use of information to the purpose for which it was collected.

Aircel makes no disclosures about how long it retains user information, and the Privacy Policy states that it may retain information for as long as it requires. Aircel does not disclose whether it retains de-identified information, or its process for de-identification. Aircel does not disclose the time frame within which it may delete user information, if at all, after users terminate their account.

Aircel does not disclose whether it collects information from third parties through technical means, how it does so, or its policies about use, sharing, retention etc. Aircel does not make any disclosures about its processes for responding to third party requests for user information. The Privacy Policy does not disclose the basis under which it may comply with government or private party requests, nor whether any due diligence is conducted before responding to the requests. Aircel makes no commitment to pushback on inappropriate or overbroad requests from the government, or private entities.

Aircel also does not publish any data about the requests it receives, and how it responds to them. This could include, for instance, the number of requests received, the number of requests complied with, the number of accounts affected, the type of authority or legal process through which the request was made, etc.

Aircel does not disclose whether it notifies users when their information is sought by government entities or private parties.

User Control over Information

Aircel does not disclose whether users can control the collection of information by Aircel. The Privacy Policy discloses that if information is not provided, or consent for usage is withdrawn, Aircel reserves the right to discontinue the service for which the information is sought. Aircel does not disclose if users can request the deletion of information.

Aircel discloses that users can opt in or opt out of receiving telemarketing communications, and discloses that they must be specifically opted in for. However, Aircel does not disclose any options with respect to the usage of use information for such purposes. Users may only choose to opt in or opt out of receiving commercial communications, and have no control over whether user information is used in the first place.

Aircel does not disclose whether users may access a copy of their information, or what information may be available.

Security

Aircel discloses that it has adopted measures to protect information from unauthorized access and to ensure that personal information is accessible to employees or partners employees strictly on a need to know basis. Aircel discloses that its employees are bound by a Code of Conduct and Confidentiality Policies. Aircel does not disclose whether it has a security team that audits the service for security risk, or whether it commissions third party audits.

Aircel does not disclose whether it has any process, policy or mechanism in place for researchers to submit security vulnerabilities, or how it would respond to them.

Aircel does not explicitly commit to notify the relevant authorities without undue delay in case of a data breach. Aircel does not disclose whether it notifies affected users about breaches, or any steps it may take to minimize impact.

Aircel discloses that highly confidential information such as passwords and credit card numbers are transmitted using the Secure Socket Layer protocol. However, Aircel does not disclose if all user communications are encrypted by default. Aircel also does not disclose whether it uses advanced authentication methods to prevent unlawful access. Aircel does not disclose whether users can view their recent account activity, or if it notifies users about unusual activity and possibly unauthorized access.

Aircel publishes information about Security Awareness and Alerts that details various threats on the internet, and how they may be countered.

Reliance Jio
www.jio.com
Industry: Telecommunications
Services evaluated: Broadband and Narrowband mobile internet services

Reliance Jio Infocomm Ltd. is a wholly owned subsidiary of Reliance Industries Ltd., and provides wireless 4G LTE service network across all 22 telecom circles in India. It does not offer 2G/3G based services, making it India’s only 100% VoLTE network. Jio began a massive rollout of its service in September 2016, as was reported to have reached 5 million subscribers in its first week. As of October 25, 2016, Jio is reported to have reached 24 million subscribers.

Governance
Jio does not score well in the Governance metrics. It makes no explicit commitment to freedom of expression and privacy, and does not disclose whether it has any oversight mechanisms in place. The company also does not disclose whether it has any internal mechanisms in place such as employee training on freedom of expression and privacy issues, or a whistleblower policy. Further, there are no disclosures as to any process of impact assessment for privacy and freedom of expression related concerns. The company does not disclose if it is part of any multi-stakeholder initiatives, or other organizations that engage with freedom of expression and privacy issues, or groups that are impacted by the company’s business.

Jio’s website discloses a process for grievance redressal, along with the contact details of for their Grievance Officer. The Regulatory Policy also lays down a Web Based Complaint Monitoring System for customer care. However, neither mechanism clearly discloses that the process may be for freedom of expression and privacy issues. In fact, the Grievance Redressal process under the Terms and Conditions process seems primarily meant for copyright owners alleging infringement. Jio makes no public report of the complaints it receives, and provides no clear evidence that it responds to them.

Freedom Of Expression

General
The Terms of Service are easily locatable on the website, and are available in English. It is likely that Jio has a large Hindi and vernacular speaking user base. However, the website does not have any other language versions of the Terms of Service.

The Terms are presented in an understandable manner, with section headers, but provide no additional guidance such as summaries, tips or graphics to explain the terms.

Jio discloses that changes to the Terms of Service may be communicated through a written notice to the last address given by the Customer, or through a public notice in print media. However, this may be at Jio’s sole discretion. Further, Jio does not disclose a time frame within which it notifies users prior to the changes coming into effect. Jio also does not maintain any public archives or change log.

The Terms of Service disclose a range of proscribed activities, and states that any violation of the Terms may be grounds to suspend or terminate services. However, Jio makes no disclosures about its process of identifying violations and enforcing rules, or whether any government or private entity receives priority consideration in flagging content. There are no clear examples provided to help users understand the provisions.

Jio does not disclose data about the volume and nature of content and accounts it restricts.

Content Restriction and Termination of Services
Jio makes no disclosures about its process for responding to requests from third parties to restrict content or users. The Terms do not disclose the basis under which it may comply with government or private party requests, nor whether any due diligence is conducted before responding to requests. Jio makes no commitment to pushback on inappropriate or overbroad requests from the government, or private entities. Jio does not disclose if it notifies users when they try to access content that has been restricted, or if it notifies users when their account has been restricted.

Jio also does not publish any data about the requests it receives, and how it responds to them. This could include, for instance, the number of requests received, the number of requests complied with, the the number of accounts or URLs affected, the types of subject matter associated with the requests, etc.

Jio does not disclose its policy on network management, or whether it prioritizes, blocks, or delays certain types of traffic, applications, protocols, or content for reasons beyond assuring quality of service and reliability.

Jio makes no disclosures about its policy on network shutdowns, or why it may shut down service to a particular area or group of users. Jio does not disclose its process for responding to such requests, or the legal authority that makes the requests, or whether it notifies users directly when it restricts access to the service. It also provides no data about the number of request received or complied with.

Jio requires that users verify their identity with government issued identification such as Passport, Driver’s License or Aadhaar.

Privacy

General
The Privacy Policy is easily locatable on the website, and is available in English. It is likely that Jio has a large Hindi and vernacular speaking user base. However, the website does not have any other language versions of the Privacy Policy

The Policy is presented in an understandable manner, with section headers, but provides no additional guidance such as summaries, tips or graphics to explain the terms.

Jio commits to make all efforts to communicate significant changes to the policy, but does not disclose its process for doing so. The policy recommends that users periodically review the website for any changes. Jio does not disclose a time frame within which it notifies users prior to the changes coming into effect. Jio also does not maintain any public archives or change log.

Collection, Use and Sharing of Information
Jio clearly discloses the types of personal and non personal information it may collect, but does not explicitly disclose how it collects the information. There is no commitment to limit collection only to information that is relevant and necessary to accomplish the purpose of the service.

Jio commits to not sell or rent user information to third parties, but discloses that it may use and share non personal information at its discretion.

Jio discloses the broad circumstances in which it may share personal information with third parties and the types of entities it may disclose such information to. The policy states that such partners operate under contract and strict confidentiality and security restrictions. However, it does not specifically disclose the names of third parties it shares information with. Jio clearly discloses that it may share user information with government or legal authorities.

Jio discloses that it may share user information with third party websites or applications at the behest of the user (for instance, when logging into services with a Jio account). It discloses that Jio will provide notice to the user, and obtain consent regarding the details of the information that will be shared. In such a situation, the third party’s privacy policy would be applicable to the information shared.

The Privacy Policy broadly states the purposes for which the information is collected, but does not disclose if user information is combined from different services. In detailing the types of third parties that Jio may share user information with, Jio also discloses the respective purposes for sharing. However, Jio makes no commitment to limit the use of information to the purpose for which it was collected.

Jio does not disclose whether it collects information from third parties through technical means, and how it does so, or its policies about use, sharing, retention etc.

Jio does not make any disclosures about its processes for responding to third party requests for user information. The Privacy Policy does not disclose the basis under which it may comply with government or private party requests, nor whether any due diligence is conducted before responding to the requests. Jio makes no commitment to pushback on inappropriate or overbroad requests from the government, or private entities.

Jio also does not publish any data about the requests it receives, and how it responds to them. This could include, for instance, the number of requests received, the number of requests complied with, the number of accounts affected, the type of authority or legal process through which the request was made, etc.

Jio does not disclose whether it notifies users when their information is sought by government entities or private parties.

User Control over Information

Jio makes no disclosures about how long it retains user information. It does not disclose whether it retains de-identified information, or its process for de-identification. Jio does not disclose the time frame within which it may delete user information, if at all, after users terminate their account.

Jio does not disclose whether users can control the collection of information by Jio. The Privacy Policy does allow requests for access, correction or deletion of user information, but also notes that deletion of certain (unspecified) information may lead to termination of the service. However, deletion of information would be subject to any applicable data retention laws, law enforcement requests, or judicial proceedings. Further, the request may be rejected if there is extreme technical difficulty in implementing it, or may risk the privacy of others.

Though the Privacy Policy allows for access requests, it does not disclose what user information may be obtained, or whether it may be made available in a structured data format. Jio does not disclose if targeted advertising is on by default, or whether users can control how their information is used for these purposes.

Jio discloses that it has adopted measures to protect information from unauthorized access and to ensure that personal information is accessible to employees or partners employees strictly on a need to know basis. Jio does not disclose whether it has a security team that audits the service for security risk, or whether it commissions third party audits.

Jio discloses that it has reasonable security practices and procedures in place in line with international standard IS/ISO/IEC 27001, to protect data and information. Jio does not disclose whether it has any process, policy or mechanism in place for researchers to submit security vulnerabilities, and how it would respond to them. Jio does not explicitly commit to notify the relevant authorities without undue delay in case of a data breach. Jio does not disclose whether it notifies affected users about breaches, and any steps it may take to minimize impact.

Jio does not disclose if transmission of user information is encrypted by default, or whether it uses advanced authentication methods to prevent unlawful access. Jio does not disclose whether users can view their recent account activity, or if notifies users about unusual activity and possibly unauthorized access.

Jio does not publish and materials that educate users about cyber risks relevant to their service.

For more information about the detailed methodology followed, please see - https://rankingdigitalrights.org/wp-content/uploads/2016/07/RDR-revised-methodology-clean-version.pdf.

Internet Users Per 100 People, World Bank, available at http://data.worldbank.org/indicator/IT.NET.USER.P2.

Telecommunications Indicator Report, Telecom Regulatory Authority of India, available at http://www.trai.gov.in/WriteReadData/PIRReport/Documents/Indicator_Reports.pdf.

The upstaging of extant telecos did, however, lead to allegations of anti-competitive practices by both Jio as well as existing telecos such as Vodafone and Airtel. See http://thewire.in/64966/telecom-regulator-calls-time-out-as-reliance-jio-coai-battle-turns-anti-consumer/.

Get Ready for India’s Internet Boom, Morgan Stanley, available at http://www.morganstanley.com/ideas/rise-of-internet-in-india.

Circular on Business Responsibility Reports, Securites Exchange Board of India, (August 13, 2012), available at http://www.sebi.gov.in/cms/sebi_data/attachdocs/1344915990072.pdf.

FAQ on Corporate Social Responsibility, Ministry of Coporate Affairs, available at https://www.mca.gov.in/Ministry/pdf/FAQ_CSR.pdf.

Govind vs. State of Madhya Pradesh, (1975) 2 SCC 148; R. Rajagopal vs. State of Tamil Nadu

(1994) 6 S.C.C. 632; PUCL v. Union of India, AIR 1997 SC 568; Distt. Registrar & Collector vs Canara Bank, AIR 2005 SC 186.

Justice K.S. Puttaswamy (Retd.) & Another Versus Union of India & Others, available at

http://judis.nic.in/supremecourt/imgs1.aspx?filename=42841

PUCL v Union of India, AIR 1997 SC 568.

According to Section 2(w) of the IT Act, “Intermediary” with respect to any particular electronic records, means “…any person who on behalf of another person receives, stores or transmits that record or provides any service with respect to that record and includes telecom service providers, network service providers, internet service providers, web hosting service providers, search engines, online payment sites, online-auction sites, online market places and cyber cafes.”

See http://cis-india.org/internet-governance/resources/it-procedure-and-safeguards-for-interception-monitoring-and-decryption-of-information-rules-2009

Rule 23, Interception Rules.

Rule 19 & 20, Interception Rules.

Rule 24, Interception Rules.

See http://tikona.in/sites/default/files/pdf_using_mpdf/1-ISP%20Agreement%20Document.pdf.

Pranesh Prakash and Jarpreet Grewal, How India Regulates Encryption, Centre for Internet and Society, (October 30, 2015) available at http://cis-india.org/internet-governance/blog/how-india-regulates-encryption.

See http://www.wipo.int/edocs/lexdocs/laws/en/in/in098en.pdf.

As clarified in a Central Governemnt Press Note, this does not apply to corporates collecting data from other corporations, but only those handling data directly from natural persons, See http://meity.gov.in/sites/upload_files/dit/files/PressNote_25811.pdf.

Section 79 – ‘Exemption from liability of intermediary in certain cases - (1) Notwithstanding anything contained in any law for the time being in force but subject to the provisions of sub-sections (2) and (3), an intermediary shall not be liable for any third party information, data, or communication link hosted by him.

(2) The provisions of sub-section (1) shall apply if-

(a) the function of the intermediary is limited to providing access to a communication

system over which information made available by third parties is transmitted or

temporarily stored; or

(b) the intermediary does not-

(i) initiate the transmission,

(ii) select the receiver of the transmission, and

(iii) select or modify the information contained in the transmission

and also observes such other guidelines as the Central Government may prescribe in

this behalf

(3) The provisions of sub-section (1) shall not apply if-

(a) the intermediary has conspired or abetted or aided or induced whether by threats or

promise or otherwise in the commission of the unlawful act (ITAA 2008)

(b) upon receiving actual knowledge, or on being notified by the appropriate Government or its agency that any information, data or communication link residing in orconnected to a computer resource controlled by the intermediary is being used to

commit the unlawful act, the intermediary fails to expeditiously remove or disable

access to that material on that resource without vitiating the evidence in any manner.

Explanation:- For the purpose of this section, the expression "third party information" means

any information dealt with by an intermediary in his capacity as an intermediary.

Information Technology (Intermediaries guidelines) Rules, 2011, available at http://dispur.nic.in/itact/it-intermediaries-guidelines-rules-2011.pdf.

AIR 2015 SC 1523.

See http://cis-india.org/internet-governance/resources/information-technology-procedure-and-safeguards-for-blocking-for-access-of-information-by-public-rules-2009.

License Agreement For Unified License, available at http://www.dot.gov.in/sites/default/files/Amended%20UL%20Agreement_0_1.pdf?download=1.

http://www.trai.gov.in/WriteReadData/WhatsNew/Documents/Regulation_Data_Service.pdf.

OECD Privacy Principles, available at http://oecdprivacy.org/; Report of the Group of Experts on Privacy, Planning Commission of India, available at http://planningcommission.nic.in/reports/genrep/rep_privacy.pdf.

TATA Communications Annual Report 2016, available at https://www.tatacommunications.com/sites/default/files/FIN-AnnualReport2015-16-AR-20160711.pdf.

Submarine Cable Networks Data, available at http://www.submarinenetworks.com/stations/asia/india.

National Voluntary Guidelines on Social, Environmental and Economic Responsibilities of Business, Ministry of Corporate Affairs, Government of India; SEBI Amendment to Listing Agreement, (August 13, 2012) available at http://www.sebi.gov.in/cms/sebi_data/attachdocs/1344915990072.pdf.

Employee Code of Conduct, TATA Group, available at http://www.tata.com/pdf/tcoc-booklet-2015.pdf.

TATA Communications Busines Responsibility Policies, available at http://www.tatacommunications.com/sites/default/files/Business_Responsibility_Policies.pdf.

Supra Note 4 , at page 18.

TATA Communications Whistleblower Policy, available at https://www.tatacommunications.com/sites/default/files/Whistleblower%20Policy%20-%20Designed%20Version.pdf.

Kamlesh Bajaj, DSCI: A self-regulatory organization, available at https://www.dsci.in/sites/default/files/DSCI%20Privacy%20SRO.pdf.

Customer Charter, TATA Communications, available at https://www.tatacommunications.com/legal/customer-charter.

AUP Violations Grievances Portal, available at http://www.tatacommunications.com/reporting-aup-violations; Privacy Policy, TATA Communications, available at https://www.tatacommunications.com/policies/privacy-policy.

Shamnad Basheer, Busting a Baloney: Merely Viewing Blocked Websites Will Not Land You in Jail, Spicy IP, (August 23, 2016), available at http://spicyip.com/2016/08/busting-a-baloney-merely-viewing-blocked-websites-will-not-land-you-in-jail.html.

Acceptable Use Policy, TATA Communications, available at https://www.tatacommunications.com/policies.

See http://login.vsnl.com/terms_n_conditions.html.

This includes inappropriate content, which may be threatening, hateful or abusive content; content that infringes any intellectual property right; transfer of viruses or harmful content, fraudulent content (such as credit card fraud) and spam or unsolicited email.

Basheer, Supra note 11.

Response to Consultation Paper on Regulatory Framework for Over-the-top (OTT) Services, TATA Communications, available at http://trai.gov.in/Comments/Service-Providers/TCL.pdf.

Kaustabh Srikanth, Technical Observations about Recent Internet Censorship in India, Huffington Post, (January 6, 2015) available at http://www.huffingtonpost.in/kaustubh-srikanth/technical-observations-about-recent-internet-censorship-in-india/

See https://www.tatacommunications.com/policies/privacy-policy; http://login.vsnl.com/privacy_policy.html (VSNL); However, there are other documents available on the TCL website purpoting to be the Privacy Policy. Since the policies are not dated, it is not entirely clear which is applicable. (See http://www.tatacommunications.com/downloads/Privacy-Policy-for-TCL-and-Indian-Subs.pdf).

The disclosure of governmental requests may be affected by laws which require such information to remain confidential, as explained in detail in Section I of this report.

See http://www.alexa.com/siteinfo/rediff.com.

See http://www.rediff.com/terms.html.

Id.

See http://ishare.rediff.com/templates/tc.html.

See http://blogs.rediff.com/terms/.

See http://www.rediff.com/news/disclaim.htm.

See http://blogs.rediff.com/terms/.

Performance Indicator Report, Telecom Regulatory Authority of India, (August, 2016) available at (http://www.trai.gov.in/WriteReadData/PIRReport/Documents/Indicator_Report_05_August_2016.pdf.

See https://www.vodafone.com/content/sustainabilityreport/2015/index/operating-responsibly/human-rights.html.

Vodafone Sustainability Report, See http://static.globalreporting.org/report-pdfs/2015/ffaa6e1f645aa009c2af71ab9505b6b0.pdf.

Amit Pradhan, CISO, on Data Privacy at Vodafone, DSCI Blog, (July 15, 2015), available at https://blogs.dsci.in/interview-amit-pradhan-vodafone-india-on-privacy/.

See http://www.coai.com/about-us/members/core-members.

Process for registration of a complaint, Vodafone India Telecom Consumers’ Charter, available at https://www.vodafone.in/documents/pdfs/IndiaCitizensCharter.pdf.

Vodafone India: We are Pro Ne Neutrality, Gadgets Now, (May 20, 2015), available at http://www.gadgetsnow.com/tech-news/vodafone-wont-toe-zero-rating-plan-of-airtel/articleshow/47349710.cms; Vodafone Response to TRAI Consultation Paper on Regulatory Framework for Over-the-Top (OTT) services, Vodafone India, (March 27, 2015) available at http://trai.gov.in/Comments/Service-Providers/Vodafone.pdf.

See http://www.vodafone.in/privacy-policy.

Vodafone Law Enforcement Disclosure Report, available at https://www.vodafone.com/content/sustainabilityreport/2014/index/operating_responsibly/privacy_and_security/law_enforcement.html.

Performance Indicator Report, Telecom Regulatory Authority of India, (August, 2016) available at (http://www.trai.gov.in/WriteReadData/PIRReport/Documents/Indicator_Report_05_August_2016.pdf.

Business Responsibility Reports, Reliance Communications Ltd., available at http://www.rcom.co.in/Rcom/aboutus/ir/pdf/Business-Responsibility-Report-2015-16.pdf.

Manual of Practice, Reliance Communications Ltd., available at http://www.rcom.co.in/Rcom/personal/customercare/pdf/Manual_of_Practice.pdf.

See http://www.rcom.co.in/Rcom/personal/home/pdf/1716-Telecom-Consumer-Charter_TRAI-180412.pdf.

See http://www.rcom.co.in/Rcom/personal/pdf/AUP.pdf.

See http://myservices.relianceada.com/ImplNewServiceAction.do#.

Prohibition Of Discriminatory Tariffs For Data Services Regulations, Telecom Regulatory Authority of India, February 8, 2016), available at http://www.trai.gov.in/WriteReadData/WhatsNew/Documents/Regulation_Data_Service.pdf.

Shaadi.com Terms of Use/Service Agreement, available at http://www.shaadi.com/shaadi-info/index/terms (Last visited on November 10, 2016).

Shaadi.com Privacy Policy, available at http://www.shaadi.com/shaadi-info/index/privacy (Last visited on November 10, 2016).

Shaadi.com Privacy Tips, available at http://www.shaadi.com/customer-relations/faq/privacy-tips (Last visited on November 10, 2016).

https://blog.hike.in/hike-unveils-its-incredible-new-workplace-3068f070af08#.zagtgq5lk

http://economictimes.indiatimes.com/small-biz/money/hike-messaging-app-raises-175-million-from-tencent-foxconn-and-others-joins-unicorn-club/articleshow/53730336.cms

https://medium.com/@kavinbm/175-million-tencent-foxconn-d9cc8686821f#.7w6yljaii

[75] Hike Terms of Use, available at http://get.hike.in/terms.html (Last visited on November 10, 2016).

Hike Privacy Policy, available at http://get.hike.in/terms.html (Last visited on November 10, 2016).

Aircel Whistle Blower Policy, available at http://www.aircel.com/AircelWar/appmanager/aircel/karnataka?_nfpb=true&_pageLabel=P35400442051324996434644 (Last visited on November 10, 2016).

Aircel National Customer Preference Registry, available at http://www.aircel.com/AircelWar/appmanager/aircel/karnataka?_nfpb=true&_pageLabel=customercare_ndnc_page (Last visited on November 10, 2016).

http://www.counterpointresearch.com/reliancejio/

http://economictimes.indiatimes.com/tech/internet/gujarat-andhra-top-circles-for-jio-subscribers-cross-24mn-mark/articleshow/55040351.cms

Jio Terms and Conditions, available at https://www.jio.com/en-in/terms-conditions (Last visited on November 10, 2016).

For more details visit https://cis-india.org/internet-governance/blog/ranking-digital-rights-in-india

Centre for Internet and Society

Report on 15 days Training in Basic Computing with use of NVDA and eSpeak in Oriya

Newspaper Report

Post News Network

Report on 15 days Training in Basic Computing with use of NVDA and eSpeak in Hindi

Story

The Training in Brief (As Provided by the Trainer)

Report on 15 days Training in Basic Computing with use of NVDA and eSpeak in Gujarati

Training Schedule

List of Students for Gujarati Training

Report on 15 days Training in Basic Computing at RNKS

Report from Master Trainer: Mritunjay Kumar

Report on 5 day TOT for Training in Use of Espeak Kannada with NVDA

Report of the Global Accessibility Awareness Day 2017

Reply comments of CIS in the matter of the WIPO draft proposal

Reconceptualizing Privacy on Social Network(s) Sites

Recommendations for EU cyber diplomacy

Reaping the Benefits of Gamification

Reap Benefit

What is 'change' for Reap Benefit?

Discovering Gamification

Definitions

Games as a Tool to Influence Behaviour

Game Mechanics

Rewards Mechanism

Human-Centric Model

The Role of Technology and Media

Making Change

Footnotes

Sources

Reading from a Distance – Data as Text

Sections

Of Texts and Hypertextuality

Textual Criticism in the Digital

Notes

References

Reading For All

Read Our Annual Reports and Audit Reports

Centre for Internet & Society Audit Reports 2024-2025

Centre for Internet & Society Audit Reports 2023-2024

Centre for Internet & Society Audit Reports 2022-2023

Centre for Internet & Society Audit Reports 2021-2022

Centre for Internet & Society Audit Report 2020-2021

Centre for Internet & Society Annual Report 2020-21

Centre for Internet & Society Audit Reports 2019-2020

Centre for Internet & Society Audit Report 2018-19

Centre for Internet & Society Annual Report 2019-20

Centre for Internet & Society Annual Report 2017-18

Centre for Internet & Society Annual Report 2016-17

Centre for Internet & Society Annual Report 2015-16

Centre for Internet & Society Annual Report 2014-15

Centre for Internet & Society Annual Report 2013-14

Centre for Internet & Society Annual Report 2012-13

Centre for Internet & Society Annual Report 2011-12

Centre for Internet & Society Annual Report 2010-11

Centre for Internet & Society Annual Report 2009-10

Centre for Internet & Society Annual Report 2008-09

RBI and Regulation of Digital Financial Services in India, 2012-2016

1. Introduction

2. Mobile Banking in India

2.1. Customer Enrolment Issues identified by the RBI

2.2. Technical Issues identified by the RBI

2.3. The Way Forward

3. Online Payments in India

3.1. Regulatory Response to Online Payment Instruments

3.2. Infrastructure for Online Payments between Private Parties

3.3. Infrastructure for Online Payments involving the Government

3.4. The Way Forward

4. Peer-to-Peer (P2P) Lending

5. Conclusion

6. Endnotes

7. Author Profile

Ranking Digital Rights in India

Legal and regulatory framework

Findings and Recommendations

RDR Company Reports