Centre for Internet and Society

Francis Bags EPT Award for Open Access in Developing World

praskrishna — 2013-08-03T05:36:54Z

The Electronic Publishing Trust recently announced a new annual award to be made to individuals working in developed countries who have made significant contribution for the cause of open access and free exchange of research findings. There were 30 nominations from 17 countries around the world and Dr. Francis Jayakanth from the National Centre of Science Information, Indian Institute of Science, Bangalore was selected for the inaugural EPT Award for Open Access in the Developing World by a committee that went through all the nominations.

The award function organised by the Electronic Publishing Trust for Development and the Centre for Internet and Society (CIS), Bangalore was held at the Sambasivan Auditorium, M S Swaminathan Research Foundation (MSSRF) in Chennai on 14 February 2012. Leading luminaries such as Prof. M.S. Swaminathan, Prof. Subbiah Arunachalam, Prof. G Baskaran and Prof. K Mangala Sunder participated in the award felicitation ceremony.

Giving the welcome speech, Prof. Arunachalam, distinguished fellow at CIS said that Dr. Jayakanth works for the Indian Institute of Science, Bangalore, has trained many students and helped a number of institutes to set up open access repositories. Prof. Arunachalam added that the event is being celebrated in India as the winner is from India and specified that it is being held at the MS Swaminathan Foundation as this was the institution that hosted the first workshop to promote open access. Prof. Swaminathan had a vital role in arranging funds for the workshop. About 50 people had learnt what open access was, how to set up open access repositories, how to use the EPrints software, etc. For this very reason it was decided to hold the event in Chennai and not Bangalore where Dr. Jayakanth is based.

Felicitating Dr. Jayakanth, Prof. Swaminathan who presented the award added that it is important to highlight the contributions of those who really convert the concept of social inclusion to reality. He said that today every politician talks about inclusive growth. What is this inclusive growth, how do you convert exclusion to inclusion? Exclusion creates large problems, social problems, economic problems, etc. On a concluding note, Prof. Swaminathan said that the Prime Minister, Dr. Manmohan Singh has declared 2012-13 as the year of science and he hopes that there will be a new science policy and technology policy and that he hopes that a very important component of that should be methods of ensuring open access including open access to knowledge and open access to literature.

In his award acceptance speech, Dr. Jayakanth said that the atmosphere was very overwhelming and never in his two-and-a-half decade old career he had the opportunity to speak amidst such luminaries and added that it was a privilege and prestige to have received the award from Prof. Swaminathan, the father of the Green Revolution in India. He also added that no event in India or elsewhere is complete without the active participation and mentioning of the name of Prof. Arunachalam, the greatest advocate of open access that India has seen so far, and that he wouldn’t have been here at the award ceremony but for the timely intervention of Prof. Arunachalam.

Dr. Jayakanth concluded by saying that he would like to thank Prof. NV Joshi, Prof. Derek Law, Prof. Alma Swan, Prof. Balaram, Prof. N Balakrishnan, Prof. Giridhar, and Prof. TB Rajashekar, and particularly the students of the information and knowledge management programme at the National Centre of Science Information, Indian Institute of Science, who were responsible for the growth of a repository granting more visibility to the 32,000 publications that are part of the repository.

Prof. Mangala Sunder of IIT Madras and Prof. G Baskaran of the Institute of Mathematical Sciences, Chennai, also participated in the event. Prof. Sunder said that it is for the kind of information that we talk about, which we want to make public for which champions like Dr. Jayakanth have been working on the sidelines but working so efficiently to get institution after institution to convert what is known as a rigid framework into a flexible more open policy of bringing their scientific content to their intellectual information content. He said that he works in the area of content development from the point of view of education and he understands the difficulty of bringing material to the public.

There are many issues, such as issues about copyright, issues about people owning the information, issues about people feeling very rigid on what they want to say in the public, etc. Dr. Jayakanth has gone through all these exercises for the last 30 years in slowly creating the “little after little” what are called the waterways to finally see that everyone benefits. The linking of science, knowledge and sustainable development to open access to information, open access to research and open access to content completes the whole cycle of knowledge.

Prof. Baskaran said that it is a very well deserved award and Dr. Jayakanth has definitely raised the bar for future awardees. Prof. Baskaran stressed upon the aspects of open access. He said that as a theoretical physicist he understands the need for open access very well. Physicists, when they have new research results place them in arXiv, the open access repository for preprints in physics. Some people wonder what if some physicists deposit all kinds of articles in the arXiv. Experience has shown that 99 per cent of the articles appear in good journals later. He added that once it is put in the arXiv, the whole world gets access and a bad paper will be noticed and commented upon by many. No one likes to be the author of such a paper! He urged that other sciences, especially the life sciences should have a repository similar to arXiv and requested Prof. Swaminathan to take the intiative at MSSRF.

Dr. Francis Jayakanth

Dr. Francis Jayakanth is a library-trained scientific assistant based at the National Centre for Science Information (NCSI), the information centre of the Indian Institute of Science (IISc) in Bangalore. He has played a significant role in the establishment of India’s first institutional repository (IR) (http://eprints.iisc.ernet.in). He now manages the IR and has provided technical support for establishing IRs in many other universities and institutes in India. He has been the key resource person at many events to train people in setting up IRs and open access journals. He has delivered presentations on IRs, open access journals, the OAI protocol, OAI compliance, and the benefits of open access to authors and institutions and the role of libraries. He has developed a free and open source software tool (CDSOAI), which is widely used. Dr. Jayakanth can indeed be considered an open access ‘renaissance man’, an advocate and technical expert in all aspect of open access development and an inspiration to all, both at the research and policy level.

See Francis's presentation on Who Benefits from Open Access to Scholarly Literature? [Powerpoint, 1523 KB]

See the video of the award function below:

For more details visit https://cis-india.org/openness/francis-wins-ept-award

Four volumes of Kannada Encyclopaedia digitised

praskrishna — 2014-07-14T05:49:48Z

The content is available online under Creative Commons License.

The article by R. Krishna Kumar was published in the Hindu on July 12, 2014, Dr. U.B.Pavanaja is quoted.

Articles from the Kannada Encyclopaedia (Kannada Vishwakosha) of the University of Mysore can now be accessed online under the Creative Commons License. The move to make content of the Kannada Vishwakosha accessible is part of the ongoing effort to enrich Kannada content on Internet.

The University of Mysore is working with the Centre for Internet and Society (CIS) to digitise encyclopaedic publications for which the copyrights are owned by the varsity, and to re-release them under the Creative Common License.

U.B. Pavanaja of the Centre for Internet and Society, Bangalore, who is promoting Kannada content on the Internet, told The Hindu that of the 14 volumes, digitised content of the first four volumes has been uploaded.

And, the CIS is awaiting the release of the revised edition of the other two volumes. “Each volume has about 900 pages and hence over 3,600 pages of the Kannada Vishwakosha can now be accessed. What is significant is that people seeking quality information in Kannada can now access reliable content. It is also subject to editing in real time and hence will remain updated,” according to Mr. Pavanaja. The content was digitised and uploaded with the help of students who were interning with the CIS and included three boys and five girls, said Mr. Pavanaja.

The permission for digitising the content has been accorded for the first six volumes. However, the CIS has sought permission from the varsity for digitising the content of the other volumes, including Subject Encyclopaedia.

The Centre for Internet and Society signed a memorandum of understanding (MoU) with the University of Mysore in February. The varsity issued a certificate to publish the work under the Creative Common License in May.

As per the plan, the digitised content will be made available for everyone through free content distribution platforms like Wikipedia, Wikisource and this is expected to enhance digital literacy in Kannada language while helping in free dissemination of knowledge in Kannada to students, academics, researchers and the general public. As of now, the articles have been uploaded on Wikisource and will shortly be migrated to Wikipedia also.

Besides, the CIS is trying to hold talks with Kannada University, Hampi, on digitising the Janapada Vishwakosha and make it available under the Creative Common License, said Mr. Pavanaja.

Niranjan Vanalli, Director of EMMRC of the University of Mysore, said digitisation of Kannada Vishwakosha has given a new lease of life to publications. “The 14-volume Kannada Vishwakosha was not available to everyone earlier and was confined to research institutions or libraries. But now that the content is available online, it is accessible to all those who are interested. And, what it is more is that most articles, especially those pertaining to history, art and culture, will be of reference quality and that will act as a major boost to the cause of Kannada language,” he added.

Meanwhile, the University of Mysore and CIS will celebrate World Open Knowledge Festival on July 15 at the Kuvempu Institute of Kannada Studies from 11 a.m. to commemorate the event.

Those interested to access the Kannada Vishwakosha online can log on to: http://bit.ly/mysoreuniv

For more details visit https://cis-india.org/news/the-hindu-july-12-2014-r-krishna-kumar-four-volumes-of-kannada-encyclopaedia-digitised

Fostering Strategic Convergence in US-India Tech Relations: 5G and Beyond

Justin Sherman and Arindrajit Basu — 2019-07-05T02:19:09Z

The 2019 G-20 summit underscores the importance of fostering strategic convergence in U.S.-India tech relations.

The article by Justin Sherman and Arindrajit Basu was published in the Diplomat on July 3, 2019.

As world leaders gathered for the G-20 summit in Osaka, Japan this past weekend, a multitude of issues from climate to trade to technology came to the fore. Much of the focus was on U.S.-China interactions at the summit, as the two nations are locked in both a trade war and broader technological and geopolitical competition. Despite the present focus on the U.S. and China, however, it is crucial to not overlook another bilateral relationship of ever-growing importance in the process: The tech relationship between the United States and India.

Certainly, the two countries have many disagreements on some technology issues. But this is a geopolitical relationship that is both strategically important for each country, and a vital opportunity for the two largest democracies in the world to collectively combat Chinese-style digital authoritarianism.

Huawei and 5G

First, with respect to national security and 5G roll-outs, the U.S and India are not on the same page. The United States, for several months now, has been on a diplomatic messaging tour of the world to try to convince — with great resistance (some would argue failure) — allies, partners, and potential partners alike to ban Chinese firm Huawei from supplying components of 5G networks. Many officials across Europe, the Middle East, South America, and elsewhere have been reluctant to ban Huawei per the U.S. recommendation, and India is no exception. Indeed, National Security Advisory Board Chairman P.S. Raghavan told The Hindu that “5G is becoming a fault line in the technology cold war between world powers” and that India must avoid getting caught in these fault lines.

In large part, U.S. diplomatic messaging here has fallen short due to heavy conflations of national security- and trade-related risks; and Trump only contributed further to this fact with his latest reference to Huawei, during the G-20, as a potential trade war bargaining chip. The sheer population of India, however, combined with its fast growing technology sectors and desire to digitize, makes the country an important market player when it comes to the 5G revolution. U.S.-India engagement on 5G issues must be managed effectively through robust articulation of each country’s national interests underscored by a clean segregation of trade and security questions in the discussion. This partnership has the potential to wield great influence in the global market, including in ways that could prioritize or deprioritize certain 5G equipment suppliers (like Huawei).

Data Sovereignty and Data Privacy

Data sovereignty is another hot area in which the U.S.-India tech relationship demands careful negotiation. Over the past year, the Indian government has introduced a range of policy instruments which dictate that certain kinds of data must be stored in servers located physically within India — termed “data localization.” While there are a number of policy objectives this gambit ostensibly seeks to serve, the two which stand out are (1) the presently cumbersome process for Indian law enforcement agencies to access data stored in the U.S. during criminal investigations, and (2) extractive economic models used by U.S. companies operating in India.

A range of conflicting developments emerging from the G-20 summit underscore this fact. India, along with the BRICS grouping, focused on the development dimensions of data governance and re-emphasized the need for data sovereignty — broadly understood as the sovereign right of nations to govern data in their national interest for the welfare of their citizens. President Trump reigned in his focus on the need for cross-border data flows and, in direct opposition to some proposals that have emerged from India, explicitly opposed data localization. While India did not sign the Osaka Declaration on the Digital Economy that promoted cross-border data flows, the importance of cross-border data flows in spurring the global economy did find its way into the Final G-20 Leaders Declaration — which, of course, both countries signed.

Geopolitically, the importance of India’s data governance stance cannot be overstated as it could pave the way for the approach adopted by other emerging economies — most notably the BRICS countries. Likewise, the U.S. has important thinking to do around such questions as what shape a national data privacy law could take. Even though the two countries’ views on data may be quite different from one another, the seats that India and the U.S. have at the table for global data governance discussions — alongside others like Japan, China, and the European Union — underscore the value of meaningful interactions and mutual trust and respect on this issue.

Norms for a Democratic Digital Future

Finally, as the United Nations Group of Governmental Experts and the Open-Ended Working Group meet to resurrect the norm-formulation process for fostering responsible state behavior in cyberspace, India has some homework to do. Even though it has been a member of five out of the six Group of Governmental Experts set up thus far, India is yet to come out with a public statement delineating its views on the applicability of International Law applies in cyberspace. Further, India has also failed to articulate a cohesive digital strategy — instead relying on a patchwork of hastily rolled out and often ill-conceived regulatory policies, some of which commentators in the West have hastily labeled as digital authoritarianism. The U.S., for its part, amidst a cutback to diplomatic cyber engagement (as part of cutbacks to diplomacy writ large), could also up its support of international engagement on these issues. Its recent repeal of net neutrality protections could also be argued as a step back from long-time international norm promotion around internet openness.

Through a combination of domestic policy gambits and foreign policy maneuvers, both states need to draw lines in the sand that safeguard human rights, international law, and democracy online, while arriving at some balance with each other’s national interests.

A primary example lies with artificial intelligence (AI). AI has found increasing use in digital authoritarianism, as dictators use automated, intelligent systems to boost their surveillance capabilities. The Chinese government has arguably been at the forefront of this enhanced level of authoritarian rule for the digital age.

In addition to focusing on AI applications for everything from natural language processing to self-driving cars — through investments, strategies, policy documents, and so on — Beijing has also been deploying AI in the service of large-scale human-rights abuses. Chinese strategy papers on AI, while similarly emphasizing many commercial or benign applications and raising attention to such issues as algorithmic fairness, concurrently have discussed using AI for “social governance,” censorship, and surveillance. To combat the rising intersection of AI and digital authoritarianism, the U.S. and India could wield enormous leverage — as the two largest democracies in the world — in governing these technologies in a democratic fashion that counters dangerous arms-race narratives and uses of AI for surveillance and repression.

The same goes for paying attention to technology exports and diffusion to human-rights abusers. For instance, companies incorporated in China, among those incorporated elsewhere, have been heavily involved in exports of dual-use surveillance technologies to other countries, including those with questionable or outright poor human-rights records. Although companies incorporated in democracies may engage in such practices as well, most democracies take steps to curtail these practices as much as possible, such as through the multilateral Wassenaar Arrangement — which lays out export controls around conventional weapons and dual-use goods and technologies. The U.S. has long been a party to this agreement, and India officially joined in 2018. Arguments persist about the extent to which Beijing is involved in these dual-use surveillance technology exports, but these exports may only increase going forward as companies increasingly sell not just internet surveillance tools but also dual-use AI tools. In this way, too, India and the U.S. could play an important role in countering the spread of such capabilities to human-rights abusers and standing against the spread of digital authoritarianism in the process.

The relationship here is, therefore, one that requires careful navigation for its significant geopolitical, economic, and ideological consequences. For the future of the technological relationship between the world’s largest democracies—and the extent to which they respect each other’s strategic autonomy while converging on issues of mutual interest—could determine the future of global digital governance.

For more details visit https://cis-india.org/telecom/blog/the-diplomat-justin-sherman-and-arindrajit-basu-july-3-2019-fostering-strategic-convergence-in-us-india-tech-relations-5g-and-beyond

FOSS: Smart Choice for Developing Countries

praskrishna — 2013-10-21T05:28:06Z

This workshop is being organised by TechNation and Open Source Alliance of Central Asia on October 23. Sunil Abraham is participating as a panelist and will speak on FOSS and IT Growth Policies in South Asia.

Read the original published on the IGF website

The Internet Governance Forum 2013 is being held at Bali from October 22 to 25. The overarching theme for the 2013 IGF meeting is: "Building Bridges"- Enhancing Multistakeholder Cooperation for Growth and Sustainable Development".

Theme: The Internet as an Engine for Growth and Advancement

Free and Open Source Software (FOSS), once limited to advanced users, now attracts average users. Countries have adopted FOSS for its social, economic and political benefits. Russia has started to shift government to Linux by 2015 and plans to build a national repository of Open Source Software. China is teaming up with Canonical to develop an open source operating system for Chinese users called Ubuntu Kylin. According to Black Duck Software and North Bridge Venture Partners Open-Source Survey, Open Source Software is helping improve enterprise networking, smartcars, and academia. InformationWeek’s survey “Open Source Software Use Joins The Mix,” confirms that FOSS “is believed to create more opportunities for innovation than commercial or proprietary software.”

This workshop emphasizes three main issues: 1) Innovative FOSS technologies, 2) Capacity building in FOSS, and 3) Women as FOSS users and developers. It will discuss benefits, costs and implications of choosing FOSS; highlight the representation, role and achievements of women from the Central and South Asian region; and, guide recommendations to build capacity of women in utilizing FOSS for education, health, governance, and civil society.

Why FOSS? FOSS fosters education for the persons contributing to it and for those using it. In addition to learning new skills, FOSS developers can help solve real-life problems. Irrespective of geographic location, volunteers work collaboratively to develop software. This creates a sense of community ownership of their technology and enhances employment, employability and increases local innovation. FOSS reduces deployment costs making it a smart choice by developing countries. FOSS is affordable, stable, reliable, and free of virus.

What are innovative FOSS technologies? This workshop will showcase some of the most innovative Open Source Software technologies. It will highlight the fact that most servers are based on open source, and now common users, governments and businesses around the world are transitioning to FOSS.

Why Capacity Building? Capacity building in computer education should teach students concepts, ensure that students learn through hands on experience using a variety of tools, and leave students the choice of which tool to use to create virtual worlds. Students should be given responsibilities, including helping run IT systems. For example, students of higher classes could build or modify software for lower classes.

Organized by Open Source Alliance of Central Asia (OSACA), this workshop will explore whether the requirements to be a FOSS contributor prevent women from doing so and what it will take for women in Central and South Asia, to become valuable contributors.

Has the proponent organised a workshop with a similar subject during past IGF meetings?

No.

Co-organisers

Mr. Omar Mansoor Ansari, TechNation, Private Sector, AFGHANISTAN, Asia-Pacific Group
Mr. Sufyan Kakakhel, Open Source Alliance of Central Asia (OSACA), Civil Society, PAKISTAN, Asia-Pacific Group

Have the Proponent or any of the co-organisers organised an IGF workshop before?

No.

Panelists

H.E. Baryalai Hassam, Ministry of Communications and Information Technology, Male, Government, AFGHANISTAN, Asia-Pacific Group
Maria Beebe, Telecom Advisory Team (Afghanistan) Deloitte, Female, Private Sector, UNITED STATES, Western Europe and Others Group - WEOG
Sunil Abraham, Center for Internet and Society, Male, Civil Society, INDIA, Asia-Pacific Group
Roxana Radu, Graduate Institute of International and Development Studies, Female, Technical Community, ROMANIA, Eastern European Group
Matthias Stürmer, Open Source Switzerland, Male, Technical Community, SWITZERLAND, Western Europe and Others Group - WEOG
Asomiddin Atoev, ISP Association of Tajikistan, Male, Private Sector, TAJIKISTAN, Asia-Pacific Group
Prof. Dr. rer. pol. Wolfgang F. Finke, Ernst-Abbe University of Applied Sciences, Male, Civil Society, GERMANY, Western Europe and Others Group - WEOG
Dominique Lazankski, The TaxPayers' Alliance, Civil Society, UNITED KINGDOM, Western Europe and Others Group - WEOG

Moderator

Omar Mansoor Ansari

Remote Moderator

Ana Perdigao

Agenda

FOSS: FOSS Smart Choice for Developing Countries

This high-level thematic workshop discusses the most up-to-dated advancements in Free and Open Source Software (FOSS) technologies. With some of the best minds from the government, industry, civil society and academia learn about innovative FOSS technologies, policy and regulatory environments, project and initiatives, and how Open Source Software technologies can help enhance governance, business, education and the society. The panel will discuss implications for capacity building for women and girls in FOSS.

Workshop Agenda

0900 - 0910
Welcome and Introduction
Welcome and introduction by Session Chairman
Mr. Omar Mansoor Ansari, President at TechNation, Cofounder/ Board Director, Open Source Alliance of Central Asia (OSACA)

0910 - 0920
State of FOSS and Government Policies in Afghanistan.
H.E. Eng. Baryalai Hassam, Deputy Minister (Technical), Ministry of Communications and IT, Afghanistan

0920 - 0930
MOOCs, M-learning and other Resources Online: Implications for Capacity Building
Dr. Maria Beebe, Sr. ICT Advisor (Education), Telecom Advisory Team (Afghanistan) Deloitte, United States

0930 - 0940
Kick-Starting the Utilization of FOSS in the Public Sector in Afghanistan – Afghan Center of Open Source Systems
Prof. Dr. rer. pol. Wolfgang F. Finke, Ernst-Abbe University of Applied Sciences, Germany

0940 - 0950
Women Creating Their Spaces Online

0950 - 1000
Technology transfer and North-South partnerships through open source communities
Dr. Matthias Stürmer, Swiss Open Systems User Group /ch/open, Switzerland

1000 - 1010
FOSS and the Internet in Central Asia
Asomiddin Atoev, Cofounder/ Board Director, Open Source Alliance of Central Asia (OSACA), Chairman, ISP Association of Tajikistan.

1010 -1020
FOSS and IT Growth Policies in South Asia
Mr. Sunil Abraham, Executive Director, Center for Internet and Society, India

1020 - 1030
Open Data
Dominique Lazanski
The TaxPayers' Alliance, UK

1030 -1100
Q&A and Open Discussion

Inclusiveness of the Session

This will be a panel workshop, it will allow considerable time for an Open Discussion and Q&A. We will be making the meeting highly interactive and participatory by engaging the speakers and participants to exchange ideas, knowledge and experience.

Suitability for Remote Participation

We will be providing remote participation through video conferencing, creating social media, Twitter and Facebook, accounts that are interlinked and can communicate real time updates with the remote participants. A team of volunteers will be engaged to manage the communication with remote participants.

For more details visit https://cis-india.org/news/igf-2013-workshop-287-foss-smart-choice-for-developing-countries

FOSS, Wikimedia and Mozilla Under One Roof at GNUnify 2013, Pune

subha — 2013-07-17T06:55:43Z

GNUnify 2013 organized in the campus in Pune from February 15 to 17, 2013. The event was organized by Pune Linux/Unix User Group (PLUG) and Symbiosis Institute of Computer Studies & Research (SICSR). Subhashish Panigrahi reports the outcomes in this blog post.

GNUnify is an annual gathering consisting of Free and Open Source software workshops, talks, seminars and BOFs (Birds of a feather). This was hosted by the Pune Linux User Group and the Symbiosis Institute of Computer Studies and Research in Pune, India.

Day 1: February 15, 2013
The first day of the event had many parallel tracks including talks on KDE, Firefox OS, FUEL Project, Wikimedia Localization, OpenSSL, Discussions on Creative Commons, OpenStack and few technical workshops.

Day 2: February 16, 2013
Few of the full day events includes several talks and discussions about Mozilla and Firefox, Internationalization, Localization and Indic language input method related talks and workshops by the Wikimedia Foundation Engineering team (More details on mediawiki.org), Drupal and workshop and talks on Python. Wikipedians, translators from various languages, A2K team members Vishnu Vardhan and Subhashish had an open conversation with the Wikimedia Foundation Engineering team.

Day 3: February 17, 2013
The final day of GNUnify had 3 major parallel day long events; Mozilla India community meetup, Wikipedia translation sprint and Wikipedia gadget workshop. At the end of all the events participants gathered for a group photo and socialized.

Videos

Podcasts

For more details visit https://cis-india.org/openness/blog-old/foss-wikimedia-under-one-roof-gnunify

FOSS Poster

praskrishna — 2013-09-24T08:58:38Z

For more details visit https://cis-india.org/openness/blog-old/foss-poster.pdf

Foreign Media on Zuckerberg's India Backlash

praskrishna — 2016-01-03T09:20:41Z

When Facebook's co-founder proposed bringing free Web services to India, his stated aim was to help connect millions of impoverished people to unlimited opportunity. Instead, critics have accused him of making a poorly disguised land grab in India's burgeoning Internet sector. The growing backlash could threaten the very premise of Internet.org, his ambitious, two-year-old effort to connect the planet.

The blog post was published in NDTV on December 30, 2015. Pranesh Prakash was quoted.

Indian authorities are circumspect because the Facebook initiative provides access to only a limited set of websites -- undermining the equal-access precepts of net neutrality. The telecommunications regulator is calling for initial comments by Jan 7, extending the deadline from today, on whether wireless carriers can charge differently for data usage across websites, applications and platforms.

Losing this fight could imperil Facebook's Free Basics, which allows customers to access the social network and select services such as Messenger and Microsoft's Bing without a data plan.

"The India fight is helping shape debates elsewhere," said Pranesh Prakash, policy director at the Centre for Internet and Society, a Bangalore-based non-profit advocacy group. "Activists in other countries such as Brazil, Venezuela and Colombia are watching this debate and will seize the momentum created in India."

Zuckerberg's argument for free Web access is based in part on Deloitte research showing that for every 10 people who are connected to the Web, one is lifted out of poverty and one job is created.

Facebook argues that by giving people free access to a small slice of the Internet, they will quickly see the value in paying for the whole thing. Zuckerberg has said his biggest challenge in connecting people to the Web isn't access to cellular networks, but a social hurdle: he needs to prove to people who have never been online that the Internet is useful.

"Who could possibly be against this?" Zuckerberg wrote in an impassioned op-ed in the Times of India this week. "Surprisingly, over the last year there's been a big debate about this in India."

Zuckerberg's pleas underscore what's at stake. Facebook already attracts 1.55 billion people monthly, or about half of the Internet-connected global population. To keep growing, the world's largest social network needs to get more people online. Hence the billions of dollars Facebook is spending on projects to deliver the Web to under-served areas via drones, satellites and lasers. And Internet.org, which now spans 37 nations.

India, as the world's second most populous nation, is arguably the most important piece of Zuckerberg's Free Basics strategy. But the opposition is fierce. Critics note that the Facebook service doesn't offer Web favorites such as Google's search. Facebook has said it would be open to adding more features from competitors, but critics are skeptical of giving the social-networking giant such influence on the Internet.

Critics also say that by offering a limited swath of the Internet at comparatively slow speeds, the company is creating a diluted version of the Web. That could stifle innovation by causing disadvantages for Indian startups building rival apps, or allow Facebook and its telecommunications carrier-partners to act as Internet gatekeepers.

In a sign of the importance he attaches to the issue, Zuckerberg on Tuesday called one of India's most prominent entrepreneurs to make his case.

One97 Communications, the mobile payments startup backed by Alibaba Group Holding, is one of several tech companies that have come out against Facebook's plans.

"We are totally against telcos preferring one developer over another," One97 founder Vijay Shekhar Sharma said in a phone interview before that call. "We are asking for access neutrality. We are hoping that all startups will be treated equally."

Sonia Dhawan, a spokeswoman for One97's payment website Paytm, said the call took place but didn't describe the conversation further. Sharma wasn't available for further comment.

Facebook is now scrambling to drum up support. It's started a "Save Free Basics In India" campaign, asking Indian users to support "digital equality" by filling out a form that shoots an e-mail to regulators. That also has the effect of sending notifications to user's friends unless they opt out.
Facebook has also taken out full-page advertisements, including one featuring a smiling Indian farmer and his family who the ads say used new techniques to double his crop yield.

While countries such as the Philippines have embraced Free Basics, India has been "the outlier and more challenging," Chris Daniels, vice president of Internet.org, said in a Dec. 26 chat on Reddit.

For more details visit https://cis-india.org/internet-governance/news/ndtv-bhuma-shrivastava-december-30-2015-foreign-media-on-zukerberg-india-backlash

For a Truly Inclusive Consultative Process

salelkar — 2014-07-02T04:44:14Z

At Inclusive Planet we attempt to engage as many people with disabilities as possible with the consultative process which precedes the enactment of legislation and policy, and we are very happy with the NDA Government’s positive steps in putting out all proposed amendments to the public at large for feedback.

Some of the areas on which public comment has been sought is the proposed repeal and reenactment of the Juvenile Justice Act, the amendments of three labour laws viz. the Factories Act, the Minimum Wages Act, and the Prevention of Child Labour Act, and the Railways Ministry has asked for comments towards the formulation of the Rail Budget. All of these are extremely key legislations and in fact there is a lot to contribute in terms of suggesting enabling provisions towards accessibility and recognizing potential discrimination against persons with disabilities.

Unfortunately, the disabilities sector is faced with two major problems when it comes to this process. One is that the material which is uploaded onto the respective government websites is inaccessible for screen readers. Many of these are large documents which are essentially scanned copies of the printed notifications – for example, the Factories Act press release is now available in an easier format than the original version which had been uploaded. The websites themselves are not easy to navigate and are not screen reader friendly. Efforts are on by the newly launched India Access Hub to convert these documents into an accessible format for contributors and discussions on their forum, however, the process seems tedious and there is no reason why the Government bodies cannot ensure that the best possible document, screen reader compatibility wise, is not made available to the public. This would ensure that precious time is not consumed in the process of making the document accessible.

Which is closely linked to the second issue – the comments and suggestions which have been called for are required within a short period of time – between 15 days (Juvenile Justice Act) to 30 days (all three labour legislations) and while the advertisement for the Railway Budget appears to have been put out on the weekend of the 21^st of June, since the budget itself is slated to be tabled on the 8^th of July by recent media reports, feedback is realistically required within this week itself. The process becomes exclusionary on account of these narrow deadlines – the presumption being made is that specialized agencies with able-bodied representatives can revert speedily with their feedback. The disability sector is quite keen on responding to all proposed legislation, as the provisions of the United Nations Convention on the Rights of Persons with Disabilities demand compliance in terms of non discrimination and access across all sectors. It is also difficult to respond with such momentum considering that many stakeholders are not online, and for some, processing and expressing viewpoints may take longer than the average person, not to mention the importance of making this information available in a simplified format. Ideally, any person with impairment should be able to express their views and be considered as a stakeholder; however, with the barriers in place which prevent effective access and accommodation to the expression of views, 15% of the population may effectively be disabled to that extent.

This is by no means a new complaint – the lack of accessibility of government documentation has been rampant and raised before previous Governments as well – however, the hope is that with the NDA Government’s manifesto focus on using information technology to alleviate the concerns of persons with disabilities, that the mandate for all Government Websites to be compliant with the Web Content Accessibility Guidelines (WCAG) 2.0 will be implemented with immediate effect, and in the meantime that Government Officials be instructed to upload fully accessible documents to their websites. It would also not be out of place to institute a common information portal for all documents open for public consultation to make such access easier for all.

There should never be any bar on access to information: particularly that which affords an opportunity to the public to be heard and considered. It is sincerely hoped that the new Government takes a much needed positive step in this direction.

For more details visit https://cis-india.org/accessibility/blog/for-a-truly-inclusive-consultative-process

Font problem hits Odia

praskrishna — 2014-07-25T08:04:20Z

Focus on search for solution to lack of compatibility.

The article by Bibhuti Barik was published in the Telegraph on July 7, 2014. Subhashish Panigrahi gave his inputs.

The available Odia fonts that could be used for digital publications have compatibility problems. The fonts, which number around 10, have been developed for specific purposes and cannot be used in all applications.

Computer application researchers, linguistics, information technology experts and educationists, who met at a workshop here today, urged the state government and the IT industry to ensure the smooth use of Odia fonts.

These fonts are available on different software tools, but if one purchases one of them to install on his or her computer, it fails to open in another system. Since this happens due to lack of compatibility, it also discourages users to use Odia fonts in official work and day-to-day life.

“I think the use of Odia language in computers is restricted only to desktop publication (DTP). As the compatibility factor has come as a major handicap, the use is becoming more restricted in day-to-day life. The state government should come forward to facilitate a software so that the fonts can be used through a uniform system,’’ said linguist and founding director of the Mysore-based Central Institute of Indian Languages, Debi Prasanna Pattanayak.

Subhashish Panigrahi, a Bangalore-based IT professional who is now working on a project for Wikipedia Foundation, said: “Different fonts in Odia came to existence quite late and all were based on the skeleton of Latin fonts so that when one types an English font on the keyboard, the screen shows an Odia font. Later, unicode fonts were developed, which were not only compatible to the Internet, but had elements common with other Indian languages as well.”

Odia publishers did not agree to use the unicode fonts as they were using customised softwares. For this reason, the published books and literature fails to reach the Internet.

In 2011, Srujanika, a city-based organisation, developed a converter to use fonts from other categories to unicode type.

Sujata Patel, chief operating officer of Pune -based Tech Z Solution, said: “The affordability of Odia tools and fonts is a major concern. As they are developed by non-Odia professionals, the aesthetic aspect of Odia fonts and characters are not being taken into consideration.”

Subrat Prusty, member secretary Institute of Odia Studies and Research, said: “Odia is yet to come to the computer screen on different software tools which are used for tables, Internet applications, medical, engineering and business applications.”

“Despite having hundreds of engineering colleges, two technical universities and 10 universities we are yet to use Odia in computers,” Prusty added.

Researchers from US, Singapore, IITs, central universities, IT professionals, linguists, artistes, educationists and students of computer applications took part in the workshop that was organised at the computer science department of the Institute of Technical and Education and Research of Sikhya O Anusandhan University.

For more details visit https://cis-india.org/news/the-telegraph-july-7-2014-bibhuti-barik-font-problem-hits-odia

Focus on India—WikiConference produces new apps; state government adopts free licenses

praskrishna — 2016-08-22T03:15:22Z

WikiConference India and its productive hackathon

The second WikiConference India, held August 5–7 in the northern Indian city of Chandigarh, drew hundreds of new and experienced members from 20 language communities of various Wikimedia projects from India, Bangladesh, Sri Lanka, and Nepal. This event was more thematic than the first WikiConference India (held in 2011), with numerous presentations, panel discussions and workshops on the gender gap, Wikipedia in education, Mediawiki, and state of the movement in India. The event was organized by the Community of Wikimedians in India, supported by Wikimedia India and the Centre for Internet and Society, and funded by the Wikimedia Foundation. The newly formed user group Punjabi Wikimedians hosted the event. WikiConference India's main goal was to build community and increase participation among Wikimedians in India. Interest in the event was strong: 452 Wikimedians from more than six countries applied for ~100 scholarships. Wikipedia's well known gender gap was evident: only 55 scholarship applicants were women, but a strong focus on diversity resulted in ~25% of scholarship recipients going to women, and the inclusion of speakers of ~20 languages. In all, about 250 people attended the conference. Several Foundation staff spoke at the event, including executive director Katherine Maher, Asaf Bartov, and Tighe Flanagan.

A highlight of the conference was the hackathon track, which spanned all three days of the conference. It proved highly productive, yielding seven apps that are expected to help Wikimedians in a variety of ways. I spoke with Santosh Shingare (Cherishsantosh), the Bangalore-based Wikimedian who organized the hackathon. Santosh had previously served as an organizer of the 2011 WikiConference, and has run hackathons annually since then. Santosh's primary motivation for holding such events is learning; he spoke of limited opportunities to learn about new areas of technology beyond his core skills in WebRTC and Android. He enjoys collaborating with other Wikimedians and sharing technical skills. This event was his first with an international draw, and he looks forward to opportunities to collaborate beyond India's borders in the future.

As Santosh outlined in a message to the Wikimania email list, the hackathon's 35 participants made substantial progress with the following projects:

WikiSpeak with native language (web and Android): Speaking the text of Wikipedia articles
Edit Tamil Wiktionary (Android)
Audio file upload to Wikidata (Android): Assists users in uploading small files that demonstrate the pronunciation of lexical items
A layer that shows local Wikipedia articles on a Google Map
Optical character recognition for Hindi and Malayalam
Communication platform [WebRTC] (Web Application): Santosh wrote this app himself; hackathon participants used it to communicate
Notifications: browser notifications for Wikipedia functions such as recent changes

Santosh highlights that the projects grew out of advance communication. To identify problems and generate ideas, the hackathon organizing team posted a survey ahead of the event. Requests from various language communities, including Hindi, Tamil, Punjabi, and Malayalam, drove several of the projects. The software is all freely licensed, and there are no plans to generate revenue.

Santosh is not a prolific Wikipedia writer or editor, but rather sees value in his ability to communicate among Wikimedians who seek features from various language communities, including his native Marathi and other Indic languages in which he has varying degrees of fluency.

He plans to update the Wikimedia community shortly with further details on each of the seven projects. He is already planning the next of India's annual hackathons. Hackathon organizers worldwide might be interested in learning more about Indian Wikimedians' efforts, and Wikimedians around the world can expect to benefit from their projects.

The conference generated a number of media reports. P

Indian state of Tamil Nadu adopts Creative Commons license

The state of Tamil Nadu on the subcontinent

Last week brought a rare piece of good news in the world's uncertain progress towards the widespread free licensing of information on the Internet. Ravidreams announced on the Wikimedia India mailing list that the government of one of India's largest and most populous states—Tamil Nadu—has issued an instruction to Tamil University and "all other government departments and institutions to release all their publications, archives and collections under Creative Commons by Share-Alike license".

The move comes one year after the collaboration between the Global Tamil Wikimedia Community and the Tamil Virtual Academy, an independent institution set up by the state government in 2001 to provide online resources for Tamil-language communities around the world. TVA and the Tamil-language Wikimedia community collaborated to persuade the government to make the order. Wikimedia India (one of three Creative Commons affiliates in the country) served as an institutional partner, signing the initial agreement on behalf of the Indian Wikimedia community, and funding a Wikimedian in Residence at TVA.

Ravi, who also serves on the TVA committee for outreach, told the Signpost that the TVA is very keen to share its collection of encyclopedic resources with Tamil Wikimedia projects. The community contributed strategic knowledge of free-content licensing, providing precedents for free content release by other governments in India and other countries, and helped in the drafting of the actual order. "But it takes a lot of time, effort, high-profile connections to change how government institutions work", he said.

An example of the distinctive Tamil script

“

Almost 99% of the time it's about the right officer/minister who cares for our mission being in charge of the right department at the right time. It's very hard to bring change through a bottom-up approach. These precedents help when someone at the top gets interested in changing things. So, any community that expects to influence public policy should be prepared to do a lot of groundwork.

”

Tamil-language Wikipedian Thamizhpparithi Maari serves as Assistant Director, TVA and state coordinator of its computing outreach unit, which the government is funding to encourage students in the state to use open-source media and software; this program includes the development of mobile apps and the running of contests to enhance students' computing skills. He described to the Signpost the elaborate process of finally gaining legal and administrative approval for the CC-by-SA release order. Thamizhpparithi has already started a process of digitising books from the universities to share with the Tamil wiki community, involving between 400,000 and 500,000 pages in some 200 books, using Google optical character recognition (OCR).

"This is just the beginning; we expect millions of pages to be uploaded to Tamil Wikisource", Ravi said. Most of the content that will become available for uploading is in Tamil, although some will be in English and other Indian languages; this will present significant opportunities for the Tamil Wikimedia community.

A rare Tamil-language book in an archival exhibition

There are about 70 million native speakers of Tamil, and another eight million second-language speakers. It is an official language in Tamil Nadu, Sri Lanka (with which the state shares a maritime border), and Singapore, and is also used in Malaysia and the African island of Mauritius. The language, written in a distinctive curvilinear script, has a rich literature of poetry reaching back thousands of years, and of novels over the past few centuries; this is attested by a related category on the English Wikipedia that is already of impressive size.

The Open Policy Network, a project of Creative Commons, published an overview of the value of this kind of work in 2014; the Network advocates for governments around the world to adopt free content licenses. T

In brief

Mobile app provides offline access to 8,000 medical articles in Arabic, Chinese, Persian, and Spanish: The apps, which supplement a popular English language app, were announced by the WikiProject Med Foundation and Wikimedia Switzerland. More language editions are planned.
Wikimedia Foundation appoints five volunteers to its Board Governance Committee: Newly appointed trustee Nataliia Tymkiv announced the selection of the advisory group. Board governance issues have been the subject of much discussion since the tumultuous events at the WMF over the last year. The four members of the BGC are Tymkiv (chair), Kelly Battles, Christophe Henner, and Dariusz Jemielniak.
WikiConference North America will take place October 7–10, 2016 in San Diego. Scholarship applications are open until August 23; conference submissions until August 31.
WikiConvention Francophone will take place in Paris August 19–21.
New help page takes aim at common newbie obstacle: Many articles carry banners, to flag problems with the articles. New contributors often lack an understanding of how to go about removing the banners, if they address the underlying issues. In recent months, Fuhghettaboutit created a help page to explain the process, and advocated for linking to the page from the templates. The help page now gets several thousand views per day, suggesting that it is filling a significant gap.
Machine-assisted translation of Wikipedia articles, which has increased with the introduction of the Wikimedia Foundation's Content Translation Tool (covered by the Signpost in a June 2015 op-ed, in June 2016, and in various other pieces), has sparked a controversy in recent weeks. See here: Wikipedia:Administrators' noticeboard/CXT.
Wikidata RfC on defining data quality underway: Alessandro Piscopo, a guest of Wikimedia Germany, asserts that: "to achieve high quality, it is important to define first what data quality is on this knowledge base." Join the discussion: Wikidata:Requests for comment/Data quality framework for Wikidata. P

Read the original here

For more details visit https://cis-india.org/a2k/news/the-signpost-august-18-2016-pete-forsyth-and-tony-focus-on-india

First Round-table on Innovation, IP and Competition

praskrishna — 2016-04-25T07:42:45Z

The First Annual Roundtable on Innovation, Intellectual Property and Competition was organized by the recently established Centre for Innovation, Intellectual Property & Competition (CIIPC) at the National Law University, Delhi. Dr. Arul George Scaria and Prof. Yogesh Pai are the co-directors of this Centre. The event was held on April 1 and 2, 2016 at India Habitat Centre, New Delhi. Nehaa Chaudhari and Anubha Sinha participated in the event.

The round-table offered a unique forum for academia, policy makers, industry stakeholders and academically-minded practitioners on emerging issues at the interface of innovation, intellectual property & competition law and policy. The attempt is to create a balanced and open discussion on some of the intensely debated issues across the world, while taking particular note of recent developments in India.

The full day round-table on April 2 deliberated on the following sub-themes in four different sessions:

Innovation Economics: What can it Teach IP Policy-making in India?
Assessing the Role of Patents and Competition Policy in Technology Markets: Perspectives from Business and Regulation
Intellectual Property and Competition Law in India: Issues of Jurisdiction & Role of Courts
DIPP Discussion Paper on SEPs: FRAND in India from a Comparative Perspective

Download the Programme Schedule

For more details visit https://cis-india.org/a2k/news/first-round-table-on-innovation-ip-and-competition

First Meeting on a National Policy for Web Accessibility

nirmita — 2011-08-25T08:38:03Z

The first meeting to discuss having a national policy for web accessibility to ensure universal and inclusive participation was held at the Centre for Internet and Society's office on 7 November 2008. It was aimed at formulating an action plan to work with the government and other private and public bodies to ensure conformity to accessibility standards for web sites.

The first meeting to discuss making compliance with web accessibility standards a part of the national policy agenda was held today (7 November 2008) at the CIS office. Fifteen participants representing organizations from the disability sector, media and law firms came together to discuss the why, what and how of mandatory compliance with web accessibility standards for Indian government web sites.

The meeting started off with brief introductions of the participants, followed by a presentation by Rahul Gonsalves introducing the concept of and need for web accessibility standards amongst web developers. In his presentation, Rahul gave some examples of the kinds of problems faced by different users of the net and simple solutions to solve these problems. Speaking from the perspective of a web designer, he pointed out that while the total cost of creating an accessible web site is merely about 2-3% more than a normal web site, revamping an existing web site to make it conform to accessibility standards is a more complicated and expensive task. He further clarified that for a website to be accessible, it is not merely enough that it is created in accordance with accessibility standards; all future additions and modifications must be made with accessibility in mind. Hence, persons working on the web site should be initiated into creating accessible web pages.

The second presentation of the day was by Jayna Kothari of Ashira Law Services. Jayna, a lawyer who is well known for taking up disability related cases in Bangalore, talked about the Persons with Disabilities (Equal Opportunities, Protection of Rights and Full Participation) Act 1995 (PWD Act) and highlighted provisions of the United Nations Convention on the Rights of Persons with Disabilities which came into force in May 2008. She began by talking about the right to access information being a fundamental right guaranteed by Article 19 of our constitution and gave references to various sections in the PWD Act. The Act calls for the setting up of Central and State Co-ordination Committees to ensure that action is taken to give effect to the provisions of the PWD Act and that an accessible, barrier free and inclusive environment is created for persons with disabilities in all spheres such as health, education, employment, transportation, etc. Jayna also highlighted that article 9 of the UNCRPD called for persons with disabilities to have an equal right to access to information and communication. Hence the mandate was not restricted to government web sites only. She opined that we could potentially work with the State and Central Co-ordination Committees to include web accessibility on their agenda of urgent requirements.

Mr Ganesh of Samarthanam Trust for the Disabled talked about intervention at the level of educational organizations and training institutes. He said that instead of merely discussing strategies which are designed to target the Government and get its attention, we also need to work on building awareness amongst the coming generation of web site developers and appeal to schools, training institutes like the NIIT and other educational organizations and centres of learning to disseminate awareness about accessibility right from the beginning. The approach, in other words, has to be both top-down and bottom-up. Ushajee Peri from the Alternative Law Forum (ALF) talked briefly about the Right to Information Act (2005) and said that since the right to information is a fundamental right, we need to carefully analyse provisions of the Act under which we could push for web accessibility.

Mr. L. Subramani from the Deccan Herald talked in brief about media strategy and about how publications could help in creating awareness and pressure. Finally, Meenu Bambani from MPhasiS talked about the 11th Five Year Plan and cited various provisions from it which called for specific measures for disabled persons. After an entire chapter devoted to disability, nothing has as yet been achieved in the year since the plan came into force, even though India has ratified the UNCRPD. Meenu called for immediate action to push the Government for implementation of the chapter on disability in the 11th Five Year Plan. As per the plan, each Government department was to allocate 3% of its funds for supporting disabled persons; this has not been done so far. Meenu believes that 3 December, which is usually celebrated as the World Disabilities Day, should this year be spent in introspection on what we have not achieved and on how we can push the state and government authorities to take their international and national commitments with respect to disabled persons seriously.

There was also a brief discussion on how laws in different countries accommodated web accessibility. For instance in the USA, Section 508 requires web sites of all federal agencies to comply with web accessibility guidelines. In the UK, the Code of Conduct which was brought out by the Disabilities Rights Commission (DRC) under the Disabilities Discrimination Act 2002 (DDA) mandates that persons with disabilities should have the right to access goods, services, facilities and premises on an equal basis as others. Section 2.14 lists the different kinds of services and 2.17 specifically says that a website is a provision of service and hence should be accessible. PAS 78 lays down guidelines for web developers for creating accessible web sites. While some participants expressed curiosity about the actual number of disabled persons using the internet in India, it was generally understood that only by making web sites more accessible could we widen the net of disabled users and enhance universal access and participation.

Another area for intervention was presented by Sunil Abraham in the form of a discussion on the national policy for Open Standards. Sunil said that CIS had given an addendum to the response to the draft national policy on open standards which specifically dealt with web accessibility for disabled and elderly persons. By ensuring that WCAG compliance is inserted in the presentation layer of the Government Interoperability Framework (GIF), which the Government is shortly expected to release, we could make a definite and substantial intervention.

The final conclusions of the meeting were that there were different areas and scopes for intervention and they all had to be simultaneously pursued by different groups. Everyone agreed that we should try and work with the National Informatics Centre (NIC) to make all government web sites accessible. Almost all participants felt that while it was not possible to impose web accessibility standards on private entities, we need not restrict ourselves to government web sites in our recommendations and should include at least public listed companies as well. Mr. Subramani felt that working with NASSCOM might be useful for that. Finally it was also decided that an appeal for web accessibility would be put out by CIS at the Walkathon to be organized by Samarthanam on 6 December, since it would be a good platform for spreading awareness and gaining support amongst disabled users, public authorities, organizations and the public at large.

For more details visit https://cis-india.org/accessibility/blog/first-meeting-on-a-national-policy-for-web-access-for-all

First Asia Pacific Workshop on Empirical Methods in Innovation, Intellectual Property and Competition

praskrishna — 2017-03-14T14:14:12Z

Rohini Lakshané took part in a workshop organized by Centre for Innovation Intellectual Property & Competition in New Delhi from March 9 to 11, 2017.

The workshop was open for legal academicians (who are working in the areas of intellectual property law and/or competition law) and regulators working with intellectual property law and competition law issues in the Asia-Pacific region. Click here for the Agenda. More details on Spicy IP Blog here

For more details visit https://cis-india.org/a2k/news/first-asia-pacific-workshop-on-empirical-methods-in-innovation-intellectual-property-and-competition

FinFisher in India and the Myth of Harmless Metadata

maria — 2013-08-13T11:30:15Z

In this article, Maria Xynou argues that metadata is anything but harmless, especially since FinFisher — one of the world's most controversial types of spyware — uses metadata to target individuals.

In light of PRISM, the Central Monitoring System (CMS) and other such surveillance projects in India and around the world, the question of whether the collection of metadata is “harmless” has arisen.[1] In order to examine this question, FinFisher[2] — surveillance spyware — has been chosen as a case study to briefly examine to what extent the collection and surveillance of metadata can potentially violate the right to privacy and other human rights. FinFisher has been selected as a case study not only because its servers have been recently found in India[3] but also because its “remote monitoring solutions” appear to be very pervasive even on the mere grounds of metadata.

FinFisher in India

FinFisher is spyware which has the ability to take control of target computers and capture even encrypted data and communications. The software is designed to evade detection by anti-virus software and has versions which work on mobile phones of all major brands.[4] In many cases, the surveillance suite is installed after the target accepts installation of a fake update to commonly used software.[5] Citizen Lab researchers have found three samples of FinSpy that masquerades as Firefox.[6]

FinFisher is a line of remote intrusion and surveillance software developed by Munich-based Gamma International. FinFisher products are sold exclusively to law enforcement and intelligence agencies by the UK-based Gamma Group.[7] A few months ago, it was reported that command and control servers for FinSpy backdoors, part of Gamma International´s FinFisher “remote monitoring solutions”, were found in a total of 25 countries, including India.[8]

The following map, published by the Citizen Lab, shows the 25 countries in which FinFisher servers have been found.[9]


The above map shows the results of scanning for characteristics of FinFisher command and control servers.

FinFisher spyware was not found in the countries coloured blue, while the colour green is used for countries not responding. The countries using FinFisher range from shades of orange to shades of red, with the lightest shade of orange ranging to the darkest shade of red on a scale of 1-6, and with 1 representing the least active servers and 6 representing the most active servers in regards to the use of FinFisher. On a scale of 1-6, India is marked a 3 in terms of actively using FinFisher.[10]

Research published by the Citizen Lab reveals that FinSpy servers were recently found in India, which indicates that Indian law enforcement agencies may have bought this spyware from Gamma Group and might be using it to target individuals in India.[11] According to the Citizen Lab, FinSpy servers in India have been detected through the HostGator operator and the first digits of the IP address are: 119.18.xxx.xxx. Releasing complete IP addresses in the past has not proven useful, as the servers are quickly shut down and relocated, which is why only the first two octets of the IP address are revealed.[12]

The Citizen Lab's research reveals that FinFisher “remote monitoring solutions” were found in India, which, according to Gamma Group's brochures, include the following:

FinSpy: hardware or software which monitors targets that regularly change location, use encrypted and anonymous communications channels and reside in foreign countries. FinSpy can remotely monitor computers and encrypted communications, regardless of where in the world the target is based. FinSpy is capable of bypassing 40 regularly tested antivirus systems, of monitoring the calls, chats, file transfers, videos and contact lists on Skype, of conducting live surveillance through a webcam and microphone, of silently extracting files from a hard disk, and of conducting a live remote forensics on target systems. FinSpy is hidden from the public through anonymous proxies.[13]

FinSpy Mobile: hardware or software which remotely monitors mobile phones. FinSpy Mobile enables the interception of mobile communications in areas without a network, and offers access to encrypted communications, as well as to data stored on the devices that is not transmitted. Some key features of FinSpy Mobile include the recording of common communications like voice calls, SMS/MMS and emails, the live surveillance through silent calls, the download of files, the country tracing of targets and the full recording of all BlackBerry Messenger communications. FinSpy Mobile is hidden from the public through anonymous proxies.[14]

FinFly USB: hardware which is inserted into a computer and which can automatically install the configured software with little or no user-interaction and does not require IT-trained agents when being used in operations. The FinFly USB can be used against multiple systems before being returned to the headquarters and its functionality can be concealed by placing regular files like music, video and office documents on the device. As the hardware is a common, non-suspicious USB device, it can also be used to infect a target system even if it is switched off.[15]

FinFly LAN: software which can deploy a remote monitoring solution on a target system in a local area network (LAN). Some of the major challenges law enforcement faces are mobile targets, as well as targets who do not open any infected files that have been sent via email to their accounts. FinFly LAN is not only able to deploy a remote monitoring solution on a target´s system in local area networks, but it is also able to infect files that are downloaded by the target, by sending fake software updates for popular software or to infect the target by injecting the payload into visited websites. Some key features of the FinFly LAN include: discovering all computer systems connected to LANs, working in both wired and wireless networks, and remotely installing monitoring solutions through websites visited by the target. FinFly LAN has been used in public hotspots, such as coffee shops, and in the hotels of targets.[16]

FinFly Web: software which can deploy remote monitoring solutions on a target system through websites. FinFly Web is designed to provide remote and covert infection of a target system by using a wide range of web-based attacks. FinFly Web provides a point-and-click interface, enabling the agent to easily create a custom infection code according to selected modules. It provides fully-customizable web modules, it can be covertly installed into every website and it can install the remote monitoring system even if only the email address is known.[17]

FinFly ISP: hardware or software which deploys a remote monitoring solution on a target system through an ISP network. FinFly ISP can be installed inside the Internet Service Provider Network, it can handle all common protocols and it can select targets based on their IP address or Radius Logon Name. Furthermore, it can hide remote monitoring solutions in downloads by targets, it can inject remote monitoring solutions as software updates and it can remotely install monitoring solutions through websites visited by the target.[18]

Although FinFisher is supposed to be used for “lawful interception”, it has gained notoriety for targeting human rights activists.[19] According to Morgan Marquis-Boire, a security researcher and technical advisor at the Munk School and a security engineer at Google, FinSpy has been used in Ethiopia to target an opposition group called Ginbot.[20] Researchers have argued that FinFisher has been sold to Bahrain's government to target activists, and such allegations were based on an examination of malicious software which was emailed to Bahraini activists.[21] Privacy International has argued that FinFisher has been deployed in Turkmenistan, possibly to target activists and political dissidents.[22]

Many questions revolving around the use of FinFisher and its “remote monitoring solutions” remain vague, as there is currently inadquate proof of whether this spyware is being used to target individuals by law enforcement agencies in the countries where command and control servers have been found, such as India.[23] However, FinFisher's brochures which were circulated in the ISS world trade shows and leaked by WikiLeaks do reveal some confirmed facts: Gamma International claims that its FinFisher products are capable of taking control of target computers, of capturing encrypted data and of evading mainstream anti-virus software.[24] Such products are exhibited in the world's largest surveillance trade show and probably sold to law enforcement agencies around the world.[25] This alone unveils a concerning fact: spyware which is so sofisticated that it even evades encryption and anti-virus software is currently in the market and law enforcement agencies can potentially use it to target activists and anyone who does not comply with social conventions.[26] A few months ago, two Indian women were arrested after having questioned the shutdown of Mumbai for Shiv Sena patriarch Bal Thackeray's funeral.[27] Thus, it remains unclear what type of behaviour is targeted by law enforcement agencies and whether spyware, such as FinFisher, would be used in India to track individuals without a legally specified purpose.

Furthermore, India lacks privacy legislation which could safeguard individuals from potential abuse, while sections 66A and 69 of the Information Technology (Amendment) Act, 2008, empower Indian authorities with extensive surveillance capabilites.[28] While it remains unclear if Indian law enforcement agencies are using FinFisher spy products to unlawfully target individuals, it is a fact that FinFisher control and command servers have been found in India and that, if used, they could potentially have severe consequences on individuals' right to privacy and other human rights.[29]

The Myth of Harmless Metadata

Over the last months, it has been reported that the Central Monitoring System (CMS) is being implemented in India, through which all telecommunications and Internet communications in the country are being centrally intercepted by Indian authorities. This mass surveillance of communications in India is enabled by the omission of privacy legislation and Indian authorities are currently capturing the metadata of communications.[30]

Last month, Edward Snowden leaked confidential U.S documents on PRISM, the top-secret National Security Agency (NSA) surveillance programme that collects metadata through telecommunications and Intenet communications. It has been reported that through PRISM, the NSA has tapped into the servers of nine leading Internet companies: Microsoft, Google, Yahoo, Skype, Facebook, YouTube, PalTalk, AOL and Apple.[31] While the extent to which the NSA is actually tapping into these servers remains unclear, it is certain that the NSA has collected metadata on a global level.[32] Yet, the question of whether the collection of metadata is “harmful” remains ambiguous.

According to the National Information Standards Organization (NISO), the term “metadata” is defined as “structured information that describes, explains, locates or otherwise makes it easier to retrieve, use or manage an information resource”. NISO claims that metadata is “data about data” or “information about information”.[33] Furthermore, metadata is considered valuable due to its following functions:

Resource discovery
Organizing electronic resources
Interoperability
Digital Identification
Archiving and preservation

Metadata can be used to find resources by relevant criteria, to identify resources, to bring similar resources together, to distinguish dissimilar resources and to give location information. Electronic resources can be organized through the use of various software tools which can automatically extract and reformat information for Web applications. Interoperability is promoted through metadata, as describing a resource with metadata allows it to be understood by both humans and machines, which means that data can automatically be processed more effectively. Digital identification is enabled through metadata, as most metadata schemes include standard numbers for unique identification. Moreover, metadata enables the archival and preservation of large volumes of digital data.[34]

Surveillance projects, such as PRISM and India's CMS, collect large volumes of metadata, which include the numbers of both parties on a call, location data, call duration, unique identifiers, the International Mobile Subscriber Identity (IMSI) number, email addresses, IP addresses and browsed webpages.[35] However, the fact that such surveillance projects may not have access to content data might potentially create a false sense of security.[36] When Microsoft released its report on data requests by law enforcement agencies around the world in March 2013, it revealed that most of the disclosed data was metadata, while relatively very little content data was allegedly disclosed.[37]

imilarily, Google's transparency report reveals that the company disclosed large volumes of metadata to law enforcement agencies, while restricting its disclosure of content data.[38]

Such reports may potentially provide a sense of security to the public, as they reassure that the content of personal emails, for example, has not been shared with the government, but merely email addresses – which might be publicly available online anyway. However, is content data actually more “harmful” than metadata? Is metadata “harmless”? How much data does metadata actually reveal?

The Guardian recently published an article which includes an example of how individuals can be tracked through their metadata. In particular, the example explains how an individual is tracked – despite using an anonymous email account – by logging in from various hotels' public Wi-Fi and by leaving trails of metadata that include times and locations. This example illustrates how an individual can be tracked through metadata alone, even when anonymous accounts are being used.[39]

Wired published an article which states that metadata can potentially be more harmful than content data because “unlike our words, metadata doesn't lie”. In particular, content data shows what an individual says – which may be true or false – whereas metadata includes what an individual does. While the validity of the content within an email may potentially be debateable, it is undeniable that an individual logged into specific websites – if that is what that individuals' IP address shows. Metadata, such as the browsing habits of an individual, may potentially provide a more thorough and accurate profile of an individual than that individuals' email content, which is why metadata can potentially be more harmful than content data.[40]

Furthermore, voice content is hard to process and written content in an email or chat communication may not always be valid. Metadata, on the other hand, provides concrete patterns of an individuals' behaviour, interests and interactions. For example, metadata can potentially map out an individuals' political affiliation, interests, economic background, institution, location, habits and the people that individual interacts with. Such data can potentially be more valuable than content data, because while the validity of email content is debateable, metadata usually provides undeniable facts. Not only is metadata more accurate than content data, but it is also ideally suited to automated analysis by a computer. As most metadata includes numeric figures, it can easily be analysed by data mining software, whereas content data is more complicated.[41]

FinFisher products, such as FinFly LAN, FinFly Web and FinFly ISP, provide solid proof that the collection of metadata can potentially be “harmful”. In particular, FinFly LAN can be deployed in a target system in a local area network (LAN) by infecting files that are downloaded by the target, by sending fake software updates for popular software or by infecting the payload into visited websites. The fact that FinFly LAN can remotely install monitoring solutions through websites visited by the target indicates that metadata alone can be used to acquire other sensitive data.[42]

FinFly Web can deploy remote monitoring solutions on a target system through websites. Additionally, FinFly Web can be covertly installed into every website and it can install the remote monitoring system even if only the email address is known.[43] FinFly ISP can select targets based on their IP address or Radius Logon Name. Furthermore, FinFly ISP can remotely install monitoring solutions through websites visited by the target, as well as inject remote monitoring solutions as software updates.[44] In other words, FinFisher products, such as FinFly LAN, FinFly Web and FinFly ISP, can target individuals, take control of their computers and their data, and capture even encrypted data and communications with the help of metadata alone.

The example of FinFisher products illustrates that metadata can potentially be as “harmful” as content data, if acquired unlawfully and without individual consent.[45] Thus, surveillance schemes, such as PRISM and India's CMS, which capture metadata without individuals' consent can potentially pose a major threat to the right to privacy and other human rights.[46] Privacy can be defined as the claim of individuals, groups or institutions to determine when, how and to what extent information about them is communicated to others.[47] Furthermore, privacy is at the core of human rights because it protects individuals from abuse by those in power.[48] The unlawful collection of metadata exposes individuals to the potential violation of their human rights, as it is not transparent who has access to their data, whether it is being shared with third parties or for how long it is being retained.

It is not clear if Indian law enforcement agencies are actually using FinFisher products, but the Citizen Lab did find FinFisher command and control servers in the country which indicates that there is a high probability that such spyware is being used.[49] This probability is highly concerning not only because the specific spy products have such advanced capabilities that they are even capable of capturing encrypted data, but also because India currently lacks privacy legislation which could safeguard individuals.

Thus, it is recommended that Indian law enforcement agencies are transparent and accountable if they are using spyware which can potentially breach their citizens' human rights and that privacy legislation is enacted into law. Lastly, it is recommended that all surveillance technologies are strictly regulated with regards to the protection of human rights and that Indian authorities adopt the principles on communication surveillance formulated by the Electronic Frontier Foundation and Privacy International.[50] The above could provide a decisive first step in ensuring that India is the democracy it claims to be.

[1]. Robert Anderson (2013), “Wondering What Harmless 'Metadata' Can Actually Reveal? Using Own Data, German Politician Shows Us”, The CSIA Foundation, http://bit.ly/1cIhu7G

[2]. Gamma Group, FinFisher IT Intrusion, http://bit.ly/fnkGF3

[3]. Morgan Marquis-Boire, Bill Marczak, Claudio Guarnieri & John Scott-Railton, “You Only Click Twice: FinFisher's Global Proliferation”, The Citizen Lab, 13 March 2013, http://bit.ly/YmeB7I

[4]. Michael Lewis, “FinFisher Surveillance Spyware Spreads to Smartphones”, The Star: Business, 30 August 2012, http://bit.ly/14sF2IQ

[5]. Marcel Rosenbach, “Troublesome Trojans: Firm Sought to Install Spyware Via Faked iTunes Updates”, Der Spiegel, 22 November 2011, http://bit.ly/14sETVV

[6]. Intercept Review, Mozilla to Gamma: stop disguising your FinSpy as Firefox, 02 May 2013, http://bit.ly/131aakT

[7]. Intercept Review, LI Companies Review (3) – Gamma, 05 April 2012, http://bit.ly/Hof9CL

[8]. Morgan Marquis-Boire, Bill Marczak, Claudio Guarnieri & John Scott-Railton, For Their Eyes Only: The Commercialization of Digital Spying, Citizen Lab and Canada Centre for Global Security Studies, Munk School of Global Affairs, University of Toronto, 01 May 2013, http://bit.ly/ZVVnrb

[9]. Morgan Marquis-Boire, Bill Marczak, Claudio Guarnieri & John Scott-Railton, “You Only Click Twice: FinFisher's Global Proliferation”, The Citizen Lab, 13 March 2013, http://bit.ly/YmeB7I

[10]. Ibid.

[11]. Morgan Marquis-Boire, Bill Marczak, Claudio Guarnieri & John Scott-Railton, For Their Eyes Only: The Commercialization of Digital Spying, Citizen Lab and Canada Centre for Global Security Studies, Munk School of Global Affairs, University of Toronto, 01 May 2013, http://bit.ly/ZVVnrb

[12]. Morgan Marquis-Boire, Bill Marczak, Claudio Guarnieri & John Scott-Railton, “You Only Click Twice: FinFisher's Global Proliferation”, The Citizen Lab, 13 March 2013, http://bit.ly/YmeB7I

[13]. Gamma Group, FinFisher IT Intrusion, FinSpy: Remote Monitoring & Infection Solutions, WikiLeaks: The Spy Files, http://bit.ly/zaknq5

[14]. Gamma Group, FinFisher IT Intrusion, FinSpy Mobile: Remote Monitoring & Infection Solutions, WikiLeaks: The Spy Files, http://bit.ly/19pPObx

[15]. Gamma Group, FinFisher IT Intrusion, FinFly USB: Remote Monitoring & Infection Solutions, WikiLeaks: The Spy Files, http://bit.ly/1cJSu4h

[16]. Gamma Group, FinFisher IT Intrusion, FinFly LAN: Remote Monitoring & Infection Solutions, WikiLeaks: The Spy Files, http://bit.ly/14J70Hi

[17]. Gamma Group, FinFisher IT Intrusion, FinFly Web: Remote Monitoring & Intrusion Solutions, WikiLeaks: The Spy Files, http://bit.ly/19fn9m0

[18]. Gamma Group, FinFisher IT Intrusion, FinFly ISP: Remote Monitoring & Intrusion Solutions, WikiLeaks: The Spy Files, http://bit.ly/13gMblF

[19]. Gerry Smith, “FinSpy Software Used To Surveil Activists Around The World, Reports Says”, The Huffington Post, 13 March 2013, http://huff.to/YmmhXI

[20]. Jeremy Kirk, “FinFisher Spyware seen Targeting Victims in Vietnam, Ethiopia”, Computerworld: IDG News, 14 March 2013, http://bit.ly/14J8BwW

[21]. Reporters without Borders: For Freedom of Information (2012), The Enemies of the Internet: Special Edition: Surveillance, http://bit.ly/10FoTnq

[22]. Privacy International, FinFisher Report, http://bit.ly/QlxYL0

[23]. Morgan Marquis-Boire, Bill Marczak, Claudio Guarnieri & John Scott-Railton, “You Only Click Twice: FinFisher's Global Proliferation”, The Citizen Lab, 13 March 2013, http://bit.ly/YmeB7I

[24]. Gamma Group, FinFisher IT Intrusion, FinSpy: Remote Monitoring & Infection Solutions, WikiLeaks: The Spy Files, http://bit.ly/zaknq5

[25]. Adi Robertson, “Paranoia Thrives at the ISS World Cybersurveillance Trade Show”, The Verge, 28 December 2011, http://bit.ly/tZvFhw

[26]. Gerry Smith, “FinSpy Software Used To Surveil Activists Around The World, Reports Says”, The Huffington Post, 13 March 2013, http://huff.to/YmmhXI

[27]. BBC News, “India arrests over Facebook post criticising Mumbai shutdown”, 19 November 2012, http://bbc.in/WoSXkA

[28]. Indian Ministry of Law, Justice and Company Affairs, The Information Technology (Amendment) Act, 2008, http://bit.ly/19pOO7t

[29]. Morgan Marquis-Boire, Bill Marczak, Claudio Guarnieri & John Scott-Railton, For Their Eyes Only: The Commercialization of Digital Spying, Citizen Lab and Canada Centre for Global Security Studies, Munk School of Global Affairs, University of Toronto, 01 May 2013, http://bit.ly/ZVVnrb

[30]. Phil Muncaster, “India introduces Central Monitoring System”, The Register, 08 May 2013, http://bit.ly/ZOvxpP

[31]. Glenn Greenwald & Ewen MacAskill, “NSA PRISM program taps in to user data of Apple, Google and others”, The Guardian, 07 June 2013, http://bit.ly/1baaUGj

[32]. BBC News, “Google, Facebook and Microsoft seek data request transparency”, 12 June 2013, http://bbc.in/14UZCCm

[33]. National Information Standards Organization (2004), Understanding Metadata, NISO Press, http://bit.ly/LCSbZ

[34]. Ibid.

[35]. The Hindu, “In the dark about 'India's PRISM'”, 16 June 2013, http://bit.ly/1bJCXg3 ; Glenn Greenwald, “NSA collecting phone records of millions of Verizon customers daily”, The Guardian, 06 June 2013, http://bit.ly/16L89yo

[36]. Robert Anderson, “Wondering What Harmless 'Metadata' Can Actually Reveal? Using Own Data, German Politician Shows Us”, The CSIA Foundation, 01 July 2013, http://bit.ly/1cIhu7G

[37]. Microsoft: Corporate Citizenship, 2012 Law Enforcement Requests Report,http://bit.ly/Xs2y6D

[38]. Google, Transparency Report, http://bit.ly/14J7hKp

[39]. Guardian US Interactive Team, A Guardian Guide to your Metadata, The Guardian, 12 June 2013, http://bit.ly/ZJLkpy

[40]. Matt Blaze, “Phew, NSA is Just Collecting Metadata. (You Should Still Worry)”, Wired, 19 June 2013, http://bit.ly/1bVyTJF

[41]. Ibid.

[42]. Gamma Group, FinFisher IT Intrusion, FinFly LAN: Remote Monitoring & Infection Solutions, WikiLeaks: The Spy Files, http://bit.ly/14J70Hi

[43]. Gamma Group, FinFisher IT Intrusion, FinFly Web: Remote Monitoring & Intrusion Solutions, WikiLeaks: The Spy Files, http://bit.ly/19fn9m0

[44]. Gamma Group, FinFisher IT Intrusion, FinFly ISP: Remote Monitoring & Intrusion Solutions, WikiLeaks: The Spy Files, http://bit.ly/13gMblF

[45]. Robert Anderson, “Wondering What Harmless 'Metadata' Can Actually Reveal? Using Own Data, German Politician Shows Us”, The CSIA Foundation, 01 July 2013, http://bit.ly/1cIhu7G

[46]. Shalini Singh, “India's surveillance project may be as lethal as PRISM”, The Hindu, 21 June 2013, http://bit.ly/15oa05N

[47]. Cyberspace Law and Policy Centre, Privacy, http://bit.ly/14J5u7W

[48]. Bruce Schneier, “Privacy and Power”, Schneier on Security, 11 March 2008, http://bit.ly/i2I6Ez

[49]. Morgan Marquis-Boire, Bill Marczak, Claudio Guarnieri & John Scott-Railton, For Their Eyes Only: The Commercialization of Digital Spying, Citizen Lab and Canada Centre for Global Security Studies, Munk School of Global Affairs, University of Toronto, 01 May 2013, http://bit.ly/ZVVnrb

[50]. Elonnai Hickok, “Draft International Principles on Communications Surveillance and Human Rights”, The Centre for Internet and Society, 16 January 2013, http://bit.ly/XCsk9b

For more details visit https://cis-india.org/internet-governance/blog/fin-fisher-in-india-and-myth-of-harmless-metadata

Financial Inclusion and the UID

elonnai hickok — 2011-08-23T10:36:31Z

Since 2009, when Nandan Nilekani began to envision and implement the Unique Identification Project, the UID authority has promoted the UID/Aadhaar scheme as a tool of development for India - arguing that an identity will assist in bringing benefits to the poor, promote financial inclusion in India, and allow for economic and social development. In this blog entry I will focus on the challenges and possibilities of the UID number providing the residents of India a viable method of access to financial services across the country.

Why the UID could bring financial inclusion

In their strategy document “Exclusion to Inclusion with Micro payments” the UIDAI argues that a few of many challenges to successful financial inclusion in India for the poor have been: lack of identity, lack of accessibility of financial outlets, unreliability of infrastructure, high costs of banking, and the common presence of a middle man. For Indian banks the UID sites challenges such as: the high cost of transactions for banks servicing clients in rural areas, lack of infrastructure, costly processes of cash management, and high costs of IT.(UIDAI, 2010)The UID's solution to these obstacles is a system of financial services and micro payments based off of an individuals UID number, in which an individual with a UID number would be able to: open a bank account, make a payment, withdraw money, deposit money, and send remittances. The hope is that this system will allow banks to scale up their branch less banking, and reach out to larger populations. Residents having a bank account linked to their UID number is also key to the UID's larger scheme for subsidy delivery to the poor. Until all consumers who rely on government subsidies have a bank account linked to their UID number, the UID will not be able to implement a system of direct transfer of cash subsidies.(CNBC-TV18, 2011) For example, the UIDAI has started conducting a pilot disbursement of funds under the Mahatma Gandhi National Rural Employment Guarantee Scheme (MNREGS) to Jharkhand through Union Bank, ICICI Bank and Bank of India branches.(IBN-Live, 2011)

How the UID will bring financial inclusion

In their vision, the UIDAI has designed a system that involves bank branches enrolling individuals, bank branches establishing relationships with BC organizations, the use of Micro ATM's, and the use of the UID numbers for authentication in all financial transactions. In short the system of financial inclusion would work as follows:

Step 1. Enroll and obtain UID number

An individual enrolls for a UID number. During enrollment an individual shares his/her KYC information with the UIDAI. The UIDAI verifies the individuals KYC information, along with their other information, and issues the individual a UID number. If an individual already has a bank account at the time of enrollment they have the option to link their UID number to their bank account [1]

In India every bank must verify and confirm an individuals KYC information. This is to help reduce tax evasion and fraud. In December 2011, India's Ministry of Finance recognized the Aadhaar number has an officially valid identification to satisfy the KYC norms for opening bank accounts. By verifying an individuals KYC information at the enrollment stage the UIDAI is hoping reduce the amount of paperwork and time needed for an individual to open a bank account. In addition to satisfying KYC norms, the Government of India has also recognized the Aadhaar number as an acceptable form of identity for the purpose of obtaining a mobile connection. By having the UID number accepted for establishing both mobile connections and bank accounts, financial inclusion through mobile banking is encouraged as it allows for individuals who previously had no identity, to join the financial system and mobile network – thus allowing bank accounts to be more accessible than before, and aiding banks by simplifying the process of account opening.(Akhand Tiawari, Anurodh Giri, 2011)

Step 2. Open UID Enabled Bank Account
Now that the individual has a UID number they can open a bank account by presenting their UID number and thumb print to the bank branch for authentication. Currently the one bank enrolling citizens and issuing UID numbers and UID based ATM cards is the Bank of India.(Aggarwal, 2011) Bank of Maharashtra, State Bank of India and Indian Overseas Bank are currently waiting for approval from the UIDAI.(Chavan, 2011) In this scenario the UID number will be the only form of identification needed to open a bank account.

3.Make financial transactions with UID number
Once a UID Enabled Bank Account (UEBA) is opened, individuals can begin making financial transactions using their UID number and fingerprint. Individuals can access their UEBA through BC institutions. With a UEBA individuals have the option of using four basic banking services:

Store cash for savings through electronic deposits and withdraw only small amounts of cash
Make payments
Send and receive remittances
Acquire balance and transaction history

Transactions completed through the UID-enabled bank account work similarly to a prepaid mobile system. BC organizations, or Bank Correspondents, are organizations such as SHGs, kirana stores, dairy agents that larger banks develop a business relationship with. The BC organizations handle all transactions at the local level. Using BC organizations as financial outlets is meant to increase the penetration of financial outlets and make financial services more accessible in rural areas. How the process works is: a BC institution begins by depositing a certain amount of money with a larger banking institution. This ‘ prepaid balance’ paid by the BC institution changes with every transaction the BC institution makes. For example, when an individual makes a deposit it decreases as that money is then transferred into an individuals account, and increases when an individual withdraws money, because of the transaction fee that is charged to the individual. When the individual is making a deposit, he pays physical cash to the BC, who in turn makes an electronic transfer from the BC account to the individual's account. When making a withdrawal, the electronic transfer is made from the individual's account to the BC account, and the BC hands out physical cash to the customer, (UIDAI, 2010).

The micro ATM that is to be used at BC institutions is a hand held device, in this case a mobile phone, attached to a finger print reader. The micro ATM is meant to replace larger ATM’s and reduce the cost that banks incur when establishing full fledged ATM machines. The hand held device will be remotely accessed to the central server of the bank. Currently Italian tech company Telit Communication SpA, is hoping to provide the GSM wireless M2M modules that will allow the wireless device and the wired server to communicate with each other. (Kanth, 2011) The most significant difference between the micro ATM system and the traditional ATM system is that the BC employee executes the transaction.

Though having BC employees carry out financial transactions might eliminate the possibility of a fraudulent ATM being set up, it opens many possibly corrupt doors. How will it be ensured that the transaction is completed without fraud, and how can it be ensured that the Micro-ATM is not fraudulent, or that the BC organization itself is not fraudulent. Though this scenario might sound unlikely, the UID has already experienced difficulties with fake enrollment centers being set up, such as in Pune. (Gadkari, 2011), fake UID papers being issued, as was done in Patna(Tripathi, 2011) and enrollment centers illegally outsourcing work, as the IT company Tera Software was found doing (Prajakta, 2011). If these scenarios have all been tried, it is not unreasonable to see the same being tried with financial institutions.

Challenges to a system of authentication for financial transactions with the biometric based UID number

Not withstanding the fact that financial inclusion cannot be achieved only through an identity, focusing on the identity component of financial inclusion - in the report Low Cost Secure Transaction Model for Financial Services, published by Nitin Munjal, Ashish Paliwal, and Rajat Moona, from the Indian Institute of Technology, the authors note that present challenges in India to financial inclusion through access to financial institutions include(Munjal, Nitin Paliwal, Ashish Moona, 2011):

Currently financial transactions require network connectivity to take place. For financial transactions made in rural areas this has lead to both high costs for each transaction and to high fixed IT costs.
Current financial schemes such as mobile banking depend on network connectivity, making the network indispensable, yet 70% of the Indian population is rurally located with limited or no network connectivity.
Current financial service outlets are densely located in urban areas and not rural areas. Rural populations are financially excluded, as in most cases the completion of financial transaction require the presence of financial outlets.
Currently there are no easy safeguards to protect against fake ATMS or fraud, because the current Financial Service Model is based on blind trust of the service outlet – this allows for high rates of fake ATM’s being installed and fraud.
For an individual to access financial services, an identity is required. In most cases the poor lack an identity.

Clearly there are many obstacles that the UID identity card must overcome to successfully authenticate individuals in financial transactions and facilitate financial inclusion. For the system to be successful the UID must at the minimum do the following:

Accurately generate unique numbers
Capture accurate personal information
Ensure security of the database
Ensure that the technology is secure and accurate
Ensure that only necessary information is collected
Verify BC centers
Provide a secure network that can handle large numbers of transactions

Possible ways in which the system can go wrong include:

Inaccurate authentication
Delays in authentication
Fraud at the level of the BC institution
Over collection of personal information by banks
Linking of databases by banks, or other agencies
Network failure
Down time of the database

Though UID enabled bank accounts have yet to be officially established the UID is already experiencing many of the listed difficulties. For instance, in an Indian Express article published on June 15th, it was reported that banks are issuing additional UID forms that ask if individuals have credit cards, operate mobile or internet banking accounts, own a two wheeler or four wheeler, or live in a rented or personally owned accommodation. (Indian Express, 2011) Even more alarming is a recent news item from the Deccan Herald, which details the efforts that have been taken by NATGRID to access banking clients personal information, and NATGRID's proposal to tie banking information to a linked database containing information from bank accounts, railways, airlines, stock exchanges, income tax, credit card, immigration records, and telecom service providers. (Arun, 2011)The banks
have refused to give NATGRID access to clients personal information, but the ease at which NATGRID could track and collect information about individuals with the UID is chilling – especially if the UID is linked to almost every bank account in India. Several news reports have also shared experiences of confusion, inconsistent requirements, and unorganized enrollment centers, which place doubt in the accuracy of the information collected and the accuracy of the UID numbers issued.(Tripathi, 2011).

Looking at the technology and operational design of the UEBA system, though the scheme relies on mobile networks, it fails to eliminate the need for connectivity to the central server, because authentication of individuals biometric must be done through comparison of one fingerprint to the central server of all fingerprints. This will not only complicate the effectiveness of delivery of services, as it is possible for connectivity to be limited and slow, but it will also incur large network overhead costs for each transaction that is verified. Furthermore, even though the use of BC institutions as financial service outlets is meant to increases the availability of financial outlets, a dependency is created on BC institutions – as they must be present for any financial transaction to take place.
Additionally, individuals have no way of authenticating and verifying BC institutions. As mentioned earlier this allows for possible scenarios of fraud. Additionally, the UID has not provided any alternative method of identification in the case that the network or technology fails, or if an individuals biometrics are incorrectly rejected.

Could the SCOSTA standard be an option?

Many developing countries, like Kenya and Brazil, that face similar challenges to financial inclusion have looked towards smart cards as secure methods for authenticating individuals. In 2003 India also implemented a smart card approach to identity management. The SCOSTA standard smart card was introduced with the MNIC national identification scheme. Though the scheme was eventually dropped by the Indian Government, the SCOSTA smart card standard is still a valid option for authentication of individuals in financial transactions. A SCOSTA standard based approach for financial inclusion would include:

Authentication of an individuals key, pass-phrase, and pin. This is known as public keyinfrastructure. This will allow a person to protect their password and easily replace it if stolen.
Authentication through public key infrastructure would not depend on connectivity to thenetwork. This would allow for financial inclusion of populations not connected to networks and not be fully dependent on working networks.
Authentication through public key infrastructure establishes mutual trust of user and institution. This would lower the presence of fraudulent institutions and corrupt transactions.
Connection to a central server is not required for the authentication of an individual in a financial transaction. This will lower the cost of transactions and lower IT overhead costs (ibid Munjal, Nitin Paliwal, Ashish Moona, 2011)

Conclusion

Though it is hard to say that a fool proof system of authentication can easily be made, and that system will indeed promote financial inclusion, when comparing the biometric UID number with the SCOSTA standard smart card, there are many benefits to the SCOSTA standard such as ability of individuals to verify banking institutions, no need for connectivity to the central server, and the ability to easily replace lost or stolen pins and passwords. No matter what standard is implemented though, it is important to clearly look at the current implementation, technological, and operational challenges that identification schemes face and the possible ramifications of such challenges before adapting it as a ubiquitous system.

For more details visit https://cis-india.org/internet-governance/privacy_uidfinancialinclusion