Centre for Internet and Society

Goa university re-releasing Konkani encyclopaedia on Sept 26

praskrishna — 2013-09-25T05:59:07Z

The Goa University in collaboration with Centre for Internet and Societie's Access to Knowledge Programme (CIS-A2K) is re-releasing its four volume 3632 page Konkani Vishwakosh (encyclopaedia).

Click to read the original published in the Times of India on September 24, 2013.

This is being done under Creative Commons License CC-BY-SA 3.0 to support the movement of open knowledge and open access, an official statement said.

The function will be held on September 26, at 10am in the conference hall of the administrative building of the Goa university.

The re-releasing of the Konkani Vishwakosh is an initiative by the Goa University to strengthen the Konkani community and language, the statement said adding that the information from the Vishwakosh will be used to write the articles on Konkani Wikipedia.

For more details visit https://cis-india.org/news/the-times-of-india-september-24-2013-vijay-desouza-goa-university-re-releasing-konkani-encyclopaedia-on-september-26

Konkani Vishwakosh relaunch tomorrow

praskrishna — 2013-09-25T05:53:33Z

The Goa University in collaboration with Centre for Internet and Societies Access to Knowledge Programme (CIS-A2K) will relaunch its four-volume 3,632-page Konkani Vishwakosh (encyclopaedia) under Creative Commons License CC-BY-SA 3.0. to support the movement of open knowledge and open access on Thursday at 10 a.m. at a function at the conference hall of its administrative building at Taleigao plateau.

The re-release is an initiative by the Goa University to strengthen the Konkani community and language. Information from the Vishwakosh will be used to write the articles on Konkani Wikipedia.

This was originally published in the Hindu on September 25, 2013.

For more details visit https://cis-india.org/news/the-hindu-september-25-2013-konkani-vishwakosh-relaunch-tomorrow

Internet Governance Forum Poster

praskrishna — 2013-09-24T09:35:20Z

For more details visit https://cis-india.org/internet-governance/blog/internet-governance-forum.pdf

FOSS Poster

praskrishna — 2013-09-24T08:58:38Z

For more details visit https://cis-india.org/openness/blog-old/foss-poster.pdf

Open Standards Poster

praskrishna — 2013-09-24T08:30:35Z

For more details visit https://cis-india.org/openness/blog-old/open-standards-poster.pdf

Open Access to Law

praskrishna — 2013-09-24T08:27:46Z

For more details visit https://cis-india.org/openness/blog-old/open-access-to-law-poster.pdf

Open Access to Scholarly Literature Poster

praskrishna — 2013-09-24T08:18:47Z

For more details visit https://cis-india.org/openness/blog-old/open-access-to-scholarly-literature.pdf

NVDA

praskrishna — 2013-09-23T07:27:24Z

For more details visit https://cis-india.org/accessibility/blog/nvda-espeak.pdf

e - DIRAP Google+ Hangout: Open Government

Christine Apikul — 2013-09-18T10:43:30Z

The e-DIRAP Hangout on Open Government was held on Thursday, 25 July 2013. It brought together nine professionals from Australia, India, Indonesia, Japan, Malaysia and the Philippines to discuss the wide spectrum of issues surrounding open government.

See the original published in Digital Review Asia here

The idea of open government has been around for hundreds of years but the contemporary use of the term is influenced by the rapid advancement of ICTs and by the open source movement. "Just as open source software allows users to change and contribute to the source code of their software, open government now means government where citizens not only have access to information, documents and proceedings, but can also become participants in a meaningful way."[1] There is now increasing pressure for governments to be more open with their digital documents and processes, and to interact with citizens.

To assess whether your government is open, a good starting point is the Open Government Partnership minimum eligibility criteria that has four key areas:[2]

Fiscal transparency related to open budget system
Access to information, e.g. an access to information law that guarantees the public’s right to information and access to government data.
Disclosures related to elected or senior public officials, e.g. public disclosure of their income and assets.
Citizen engagement.

The panelists discussed open government initiatives in their respective countries, the challenges they face, and open source tools for open government.

Open Government Initiatives

India
The Government of India has decided to use royalty free open standards for all e-government data. The government has also shortlisted a number of open standards. India’s data portal, data.gov.in was recently launched and the number of datasets has been increasing. In January 2013 there were 89 datasets and in half a year,this has increased to over 3,000 datasets. Forty-five government departments are involved in this initiative and six apps have been created. The Planning Commission recently had a hackathon participated by about 1,900 people.

Indonesia
Indonesia is one of the founding governments of the Open Government Partnership.[3] along with the Philippines and six other countries. The emphasis of open government in Indonesia is not only the "supply side" (i.e. government providing access to data and information). It is also looking at generating demand for open government by empowering citizens to access and analyse data and information, voice their concerns and advocate for openness in government. To empower citizens, the Government of Indonesia has a number of projects such as "Satu Layanan"[4] or "One Service", a web portal where citizens can find government information and services; “One Map”, to promote collaboration between different government ministries and agencies, and also civil society in integrating datasets; and "Lapor"[5] that allow citizens to report wrongdoings in public services using SMS, Twitter or through the website.

According to a research study conducted by the World Wide Web Foundation,[6] the Government of Indonesia is working on making public data available. Public data includes social - economic data, development data and census data held by the National Statistic Bureau, as well as information on how the data is obtained and measured.

The research report also found that that there is a low demand from civil society and citizens for open government and open data. Moreover, cooperation between civil society and government in the implementation of open government is not strong enough. Several donors in Indonesia have provided support to develop the capacity of civil society groups that are part of the Steering Committee of the Open Government Partnership. Hivos’ Southeast Asia Technology and Transparency Initiative[7] is working with both civil society and government in Indonesia and the Philippines to promote transparency and accountability in public institutions.

Japan
In Japan, the major focus is in the creation and launch of the open data portal this year. How much impact it will make and how it can be measured is a concern, and this is a worldwide challenge.

Malaysia
The Sinar Project[8] in Malaysia promotes transparency, governance and citizen involvement, and uses open source technology to make information accessible to Malaysian citizens. The project has learned that for countries with poor democracy like Malaysia, basic information about government is available but not easily accessible to the public. The government is not familiar with interacting with citizens especially online. Unlike places with advanced statistics and open data, open government in Malaysia is at a nascent stage and is about having information about government representatives online and what bills are being passed in parliament.

Philippines
In the Philippines, President Aquino announced that the Freedom of Information Bill will be a priority bill for Congress this year, but citizens are cynical about the passing of this bill because it has been under consideration for three years. The Office of the President has received support from the World Bank last year for an Open Data Project using CKAN and the open data portal will be at http://data.gov.ph. The Philippine Government Interoperability Framework was convened last week.

PhilHealth or the Philippine Health Insurance Corporation[9] attempted to open up data, however even though there was political will to open up data, this was insufficient. A clear policy framework and change management (particularly, removing the fear of openness among employees) was needed.

Moreover, PhilHealth did not have the capacity and competency to ensure that the health data released, that includes diagnosis and treatment procedures, will not be reverse engineered to identify people. Health data is particularly sensitive due to the social stigma of certain health disorders, for example, those with tuberculosis may be assumed to have HIV/AIDS. When data is opened up, there are security and privacy implications. Developing countries need help and it is important to work together to come up with policies, protocols and algorithms to protect the health privacy of citizens.

Melbourne, Australia
In Melbourne, Australia, local government efforts to engage with citizens more fully through online and offline platforms include experimenting with wiki-based policy development, smart cities initiatives and digital strategies. Through conversations with policymakers, some key themes were identified. First, openness is not the same as participation, and encouraging effective participation is a challenge. Public spaces need to be “programmed” to support participation, and opening up data is not sufficient. It is necessary to develop strategies for outreach to a diverse group and encourage substantive participation particularly from those who are not online and not as competent in data management.

Secondly, because many telecommunications platforms that make data available are privately owned, there is a tension between commercial interest for secrecy and public demand to make data open. It is also a challenge for government to engage with citizens over an infrastructure that is privately owned, e.g. Facebook, Twitter and Google that place constraints on how citizens can be engaged.

Malaysia, Singapore and Thailand with high levels of digital broadband penetration and online users are not part of the Open Government Partnership despite the fact that most of the government departments and data are online. This is because these countries do not meet the minimum eligibility criteria for Open Government Partnership. For instance, they do not have freedom of the press and without it media and civil society cannot make use of the data for reporting for fear of prosecution.

There is also a lack of political will to disclose assets of public officials and procurement decisions.

Challenges
Open data is often associated with open government, but opening up data does not make a government open. Making data open has a set of challenges, but open government also has an important civil society component to create demand for open government and make meaningful use of the open data. There is also a private sector component that needs to be considered, particularly related to the mechanisms public participation over privately owned telecommunications infrastructure.

Challenges are faced at both the supply and demand sides. From the government side, many countries do not have the capacity to interact effectively with citizens. From the citizens’ side, many countries face the low demand for open government. Yet, in the case of Malaysia, even if public demand for open government is high, the missing component is a strong and large enough civil society base that can handle and analyse data independently and question policy. Dealing with the demand when data is open is another challenge. The challenges of opening up data If the original data is not digitized, how do we ensure that it becomes part of open data as defined by the Open Knowledge Foundation.[10] For countries such as Iraq that are simultaneously introducing e-government systems and open government, implementation is hampered by the lack of e-government data standards for specific domains such as human resources management or financial management.

Privacy

Privacy is one of the biggest concerns that the open data and open government movements faces.

Lack of exposure to privacy issues: Some open data activists are not aware that privacy should be an exception in disclosure requirement of government open data policies. If no public interest is served through disclosing personal information then there is no need to infringe upon the rights of individuals.

Privacy only for the individual: There is often a western notion of what constitutes privacy in which people worry about privacy infringement only at the level of the individual. But in India, if the open dataset showed HIV/AIDS prevalence at the village level that could result in stigma and discrimination of particular villages. The privacy problem exists not only at the individual level, but also at the level of family, community and geographical unit.

Underestimating re-identification research: Today we deal with the privacy challenge by using techniques like anonymization and obfuscation, but the problem is that re-identification research is getting more sophisticated and the more datasets that people have access to and are able to overlay upon one another, the more likely it is to re-identify anonymous or obfuscated data. This is an issue that the open data movement should take seriously.

Conflict with the transparency movement: The open data movement has not fully adopted principles from the transparency movement. This can be clearly seen in some countries where freedom of information activists are being killed or assaulted, but open data activists are usually safe because they are focused on analyzing the data that the governments have opened up. The provision of large quantities of data by government may be a distraction strategy that takes away what is important for civil society and democracy. Moreover, open data should not be the means to legitimize and increase the levels of surveillance occurring at the bottom of the pyramid. Instead, we need to encourage more eyes to watch the top of the pyramid because single actions there can have dramatic consequences for public interest.

For public participation in local government, FixMyStreet[11] is an open source software first developed by MySociety in the UK that allows the public to report on issues on a map. MySociety has also developed a number of other tools to help with government’s engagement with citizens.

OpenSpending[12] is used to visualize budget data and how tax money is being spent. This is a useful tool for transparency developed by the Open Knowledge Foundation.

CKAN[13] is an open source data portal platform that many countries have used for their open data portal. This is also an Open Knowledge Foundation project.

The Sunlight Foundation[14] and Code for America[15] are organizations that develop a number of open source tools that can be re-used and adapted by countries in Asia and the Pacific.

A free de-identification software for automated location and removal of protected health information in free text from medical records has been developed by PhysioNet.[16]

The Strategic Alliance Against Impoverishment (SAPA) provides poverty data on their website and maps the location of their projects.[17]

Final Words for the Way Forward

Make open government an election issue and elect officials that are open.

Demands for engagement may conflict with political goals of representatives in terms of the election cycle. Perhaps these open government issues need a third space to insulate them from political forces.

For people interested in implementing technical solutions, it is important to also look into non-technical issues raised by the Open Government Partnership and the Declaration on Parliamentary Openness.[18]

Make data available based on the needs of citizens and provide a platform for citizens’ feedback to inform the kinds of data to open up.

Open government should be relevant to citizens and result in improving the welfare of citizens.

Improve citizens’ data literacy and use open data in decision-making.

Openness is only a means and in the end we need governments that are accountable, that protect the public interest, that protect the weakest members of society, and they are not automatically guaranteed through open government. We should not fetishize the means and forget the ends.

At the top we need political leadership with strong inclination and will, and on the ground we need close coordination between civil society and government so that government does understand what is needed and sense what impact they can make by opening themselves up to their society or to their own operations. In the long term the key is how much the government can transform itself in terms of its own operations, and how much data they can produce in a reusable format and how much data they can use from other agencies to improve their operations.

The core of open government is about partnership between government, civil society and the private sector, and this is not easy.

Panelists

Danny Butt, Research Fellow in Participatory Public Space, University of Melbourne, Australia
Sunil Abraham, Executive Director, Centre for Internet and Society, India
Venkatesh Hariharan, Director, Knowledge Commons, India (previously, Head of Public Policy at Google India)
Maryati Abdullah, National Coordinator, Publish What You Pay, Indonesia (also Steering Committee Member of Open Government Partnership)
Yanuar Nugroho, Director and Expert Adviser to the Head of the President's Delivery Unit for Development Monitoring and Oversight (UKP4), Indonesia – to be confirmed
Tomoaki Watanabe, Executive Research Fellow, Centre for Global Communications, International University of Japan (also Executive Director of Common Sphere - the host of Creative Commons Japan, and Co-founder of Open Knowledge Foundation Japan)
Shita Laksmi, Program Manager, Southeast Asia Technology and Transparency Initiative, Hivos Regional Office Southeast Asia
Alvin B. Marcelo, Co-chair, Asia eHealth Information Network

Moderator: Khairil Yusof, Co-founder, Sinar Project, Malaysia (also e-DIRAP team member)

e-DIRAP Hangout Coordinator: Christine Apikul

[1]. See 20 Basics of Open Government, http://basics.open4m.org/

[2]. http://www.opengovpartnership.org/eligibility

[3]. http://www.opengovpartnership.org

[4]. http://satulayanan.net

[5]. http://lapor.ukp.go.id; See also http://www.techinasia.com/lapor-deeper-indonesias-newest-anticorruption-weapon/

[6]. “Even though the Law on Freedom of Information has been in place for five years and while some ministries and agencies have made data available online, it is often difficult to obtain and make use of the data due to bureaucratic procedures, charging requirements, copyright restrictions or a general reluctance to provide access to government data to external users.” World Wide Web Foundation, Open Government Data: Readiness Assessment Indonesia, 28 June 2013, http://www.webfoundation.org/2013/06/new-research-open-data-in-indonesia/

[7]. http://seatti.org

[8]. http://sinarproject.org

[9]. http://www.philhealth.gov.ph

[10]. http://okfn.org/opendata/

[11]. http://www.fixmystreet.com

[12]. http://openspending.org

[13]. http://ckan.org

[14]. http://sunlightfoundation.com/tools

[15]. http://codeforamerica.org/apps/

[16]. http://www.physionet.org/physiotools/deid/

[17]. http://www.sapa.or.id/

[18]. http://www.openingparliament.org/declaration

For more details visit https://cis-india.org/openness/blog-old/digital-review-asia-pacific-christine-apikul-e-dirap-google-hangout-open-government

Privacy and Surveillance in India

praskrishna — 2013-09-13T09:49:25Z

Sunil Abraham, Executive Director from the Centre for Internet and Society will give a talk on privacy and surveillance in India at this event organised by the Centre for Culture, Media and Governance, Jamia Millia Islamia on September 18, 2013. The talk will be held at Network Governance Lab, CCMG, Jamia Millia Islamia in New Delhi at 11.30 a.m.

Click to read the brochure

Abstract

The talk will cover the development of privacy policy in India over the last 3 years, particularly in relation to projects such as NATGRID, CMS and UID. Special attention will be paid to the Justice A.P. Shah committee report, the last leak of the privacy bill from the DoPT and also the citizen draft of the privacy bill developed by the Centre for Internet and Society. International experiences such as Snowden's disclosures and the development of communication surveillance principles developed by EFF and others will be compared and contrasted with the Indian context.

About the Speaker

Sunil is the executive director of the Centre for Internet and Society (CIS), Bangalore. CIS is a 4 year old policy and academic research organisation that focuses on accessibility by the disabled, intellectual property rights policy reform, openness [Free/Open Source Software, Open Standards, Open Content, Open Access and Open Educational Resources], internet governance, telecom, digital natives and digital humanities.

He is also the founder of Mahiti, a social enterprise aiming to reduce the cost and complexity of information and communication technology for the voluntary sector by using free software. Sunil continues to serve on the board of Mahiti. He is an Ashoka fellow and was elected for a Sarai FLOSS Fellowship. For three years, Sunil also managed the International Open Source Network, a project of United Nations Development Programme's Asia-Pacific Development Information Programme, serving 42 countries in the Asia-Pacific region.

Sunil currently serves on the advisory boards of Open Society Foundations - Information Programme, Mahiti, Samvada and International Centre for Free/Open Source Software.

For more details visit https://cis-india.org/news/jamia-millia-islamia-new-delhi-september-18-2013-privacy-and-surveillance-in-india

Privacy and Surveillance Talk by Sunil Abraham

praskrishna — 2013-09-13T09:47:09Z

For more details visit https://cis-india.org/internet-governance/blog/privacy-surveillance.pdf

Recap on Konkani Wikipedia Workshop

subha — 2013-09-12T10:22:44Z

Konkani as a language has seen geographical, political and religious conflicts. Being the official language of Goa and spoken widely in the Indian states of Karnataka, Kerala and Maharashtra it is still trying to strengthen its base. Recently CIS-A2K in collaboration with Goa University organized a four-day workshop for MA, Konkani language students.

Subhashish Panigrahi's blog post was published in Startup Goa Blog on September 9, 2013.

This workshop involved 38 students creating 43 new articles on Konkani Wikipedia which is in incubation. We’re hoping that these efforts will contribute towards bringing this 7 year old project out of incubation to a live Wikipedia project.

Before any language, Wikipedia shapes up as a live project where an incubation process is involved. A community of volunteers (known as Wikipedians) gradually grow to sustain this Wikipedia in incubation with active contribution.The Konkani Wikipedia incubator started way back in 2006. But because of many reasons it could not take off and is still in incubation. One of the major reasons has been the issue with multiple script usage. Because of the political and religious reasons Konkani has multiple writing and verbal standards and also written in multiple scripts; Devanagari and Roman (known as Romi as well) in Goa where Devanagari is the official script, Kannada in the Konkani speaking regions of Karnataka (Mangalore region primarily), Malayalam in Kerala (Kochin region) and in Perso-Arabic script by part of the Konkani speaking population. The largest script usage for Konkani is in Devanagari. Goa University is world’s first University to have a masters program in Konkani language where the writing standard is in Goan Konkani (Language code: Gom) which is written in Devanagari. During the interaction with the faculty members; Prof. Madhavi Sardesai and Head of the department Dr. Priyadarshini Tadkodar, it was found that the students were very enthusiastic to contribute to their language. The students were introduced to Konkani Wikipedia and they showed interest in taking part in a workshop to learn Wikipedia editing. This was the beginning of something new after a long time. Four out of thirty eight students volunteered to coordinate the workshop on the ground. They discussed about the workshop and the prerequisites; going through the list of articles on Konkani Wikipedia, writing a unique article by collecting resources and creating their usernames on Wikipedia before attending the workshop. All of the students including four coordinators came with at least 2 pages of written content before the workshop.

Day 1: Building the Blocks

It was 10 in the morning, a big LED panel in the audio visual room of the Krishnadas Shama State Central Library, Goa was displaying the word cloud containing words like Wikipedia, Openness, Education, Open Knowledge, Global Collaboration. Soon the room was filled with 20 MA students from the Konkani department of Goa University. Prior to the workshop there was an interaction with the students in the presence of the Head of the department Dr. Priyadarshini and Prof. Dr. Madhavi Sardesai and from the Konkani department. Four of the students Supriya Kankumbikar, Fr. Luis Gomes, Vaishali Parab and John Noronha volunteered to coordinate the workshop. With their help, a majority of students signed up and created their user accounts before the first workshop. Some roughwork went on to plan for a whole day workshop.

Introduce Yourself

To start with the first day, there was an “Adjective Name” activity. It was fun to know how people judge themselves with adjective. Then there was a discussion about articles students planned to write. Few of them were not sure if the articles like social issues and biography of a writer could fit into the Wikipedia framework.

Editing time

Article titles were decided and everyone was ready with their homework write ups and books for adding sources. The next big thing was typing in Devanagari. Only four to five of them knew typing. Students came forward to try out typing. There was a glow of triumph after they typed correctly using “Transliteration” layout. The editing session began. It worked well. Students managed to type with only a little typos.


Photo: Subhashish Panigrahi, CC-BY-SA 3.0

There was an activity break with a game called “Tumi Kashi Asat” (means How are you doing in Konkani). According to the game rules, the host has to make some body movements and ask “Tumi Kashi Asat” and bending forward. The participants have to move their body in the reverse way and answer “Ami bari ashat” (I’m doing good). This replaced the caffeine intake for the four days and kept all of us alive.

Rat and frog game

“Rat race” is a game where participants sit on chairs and one of them is made to stand in the center. The rat makes others run and replace each others seats and one among the participants becomes a rat. This rat race brought back the old childhood memories and for a moment everyone forgot their age. At the end of it students sat down to take a deep breath and were taught some of the basic wiki-codes (bold, Italics and adding references). Editing session went on until the rest of the day.

Day 2: Climbing Up the Ladder

The agenda for the day was to tell the students about the advanced options and ensure addition of more citations. Citations on Wikipedia are very essential for readers to validate the facts. But bringing this to the students who just had started typing in their language a day before was not that easy. The second day was spent giving small breaks during the editing session for small activities. Running, jumping and shouting fueled the students to be happy editors and not burdened. By the end of the first two days 22 students created 24 articles (About 42 pages of written content). Everyone clapped for their friends, they were welcomed into the Konkani Wikipedia community and were shown the facebook group they could join and be more connected before thanking and saying bye for the day with the promise of more fun for the next workshop.

Day 3: Fresh Batch, New Start


Photo: Subhashish Panigrahi, CC-BY-SA 3.0

16 new students from the MA course were welcomed. Four student-coordinators and one from the first batch of students joined the funday. The entire day was spent with lots of fun, creating articles and basic know how about Wiki-codes. Half the students in this batch knew typing in Devanagari Inscript. The students were then paired with those who knew Inscript and thanks to the Fedora Devanagari keyboard layout. All of the students created their first articles.

Day 4: No Need to Say Good Bye!

Seeing the newspaper coverage about the workshop featuring some of their friends was a delight for the new wikipedians after two long days. Few of them came forward to share their experience about the workshop and their vision for the Konkani language.

At the end of four days all of them bid farewell. These were the foundation days and the biggest editing rally Konkani Wikipedia Incubator has seen in the last seven years with this milestone that the students had created.

For more details visit https://cis-india.org/openness/blog-old/start-up-goa-blog-september-10-2013-subhashish-panigrahi-recap-on-konkani-wikipedia-workshop

Selection of Programme Officer — Pilot Projects, CIS-A2K

nitika — 2013-10-30T06:07:24Z

The Centre for Internet & Society (CIS) opened applications for the post of Programme Officer, Pilot Projects for its Access to Knowledge (A2K) Programme on 17th April 2013. The vacancy and call for applications was shared on all Indian language mailing lists, city mailing lists as well as Village Pumps.

Last date of submitting applications was 30th April which was later extended for another week. By the first week of May we had received 35 applications.

First level of shortlisting
Applicants were given an assignment where they had to write at least one new article on their respective language Wikipedia projects (though we encouraged them to write more than one article if they liked). Asking them to write new articles on Wikipedia was a way to assess their seriousness and level of commitment towards this job. Applicants who failed to submit their written assignment were outright rejected in this level. Amongst the ones that did complete the assignment were assessed on the basis of their relevant work experience and skills that matched requirements of the job profile. CIS-A2K assessed these applicants on different parameters such as:

Exposure to digital domain
Exposure in community driven projects
Exposure of working with schools of performing arts or cultural departments
Prior experience of working in multi-cultural environment
Prior experience in program design and management
Exposure to Wikimedia projects and community
Technical work experience

In this level, 9 applicants were rejected due to failure of completing the assignment and 1 applicant pulled out. Out of the remaining 25 applicants, CIS-A2K shortlisted 15.

Second level of shortlisting
Vishnu and Nitika conducted one hour Skype interviews with each of the shortlisted candidates. CIS-A2K tried to assess candidates on their:

Understanding and passion for Wikimedia movement and projects

Level of understanding of the job profile

Level of understanding of open source, open access, open standards.

Clarity of thinking and communication skills

Ability to work with teams and communities

Experience / understanding of community mobilisation & outreach

Skills in project management

Comfort with working in unstructured environments

Ability to learn new things and approach unfamiliar situations

Personal passions and interests

On the basis of Skype conversations, CIS-A2K shortlisted 6 candidates out of 15 for the next level.

Third level of shortlisting
At this stage one more applicant pulled out and remaining 5 were called for personal interviews to our Bangalore office. All participants were requested to come prepared to present on the topic of 'Performing Arts and Wikipedia' for 10 mins. Each interview lasted for approximately an hour. Towards the closure of the day all participants were requested to gather where each one of them showcased their presentations. This further led to an interesting group discussion.

CIS-A2K had requested Wikimedia India to select someone from the Chapter who could be involved in the selection process and we're glad that Sowmyan Tirumurti, Executive Manager of Wikimedia Chapter could join us for a little while on the day of personal interviews.

Final Selection
Based on all the parameters and levels of interviews, CIS-A2K decided to extend the offer to Syed Muzammiluddin for the position of Programme Officer - Pilot Projects. Muzammil's experience, skills and interest matched our requirements the best and we look forward to a long and successful relationship with him.

For more details visit https://cis-india.org/openness/blog-old/selection-of-programme-officer-pilot-projects-a2k

An Interview with Suresh Ramasubramanian

elonnai — 2013-09-06T09:37:47Z

Suresh Ramasubramanian is the ICS Quality Representative - IBM SmartCloud at IBM. We from the Centre for Internet and Society conducted an interview on cybersecurity and issues in the Cloud.

You have done a lot of work around cybersecurity and issues in the Cloud. Could you please tell us of your experience in these areas and the challenges facing them?
a. I have been involved in antispam activism from the late 1990s and have worked in ISP / messaging provider antispam teams since 2001. Since 2005, I expanded my focus to include general cyber security and privacy, having written white papers on spam and botnets for the OECD, ITU and UNDP/APDIP. More recently, have become a M3AAWG special advisor for capacity building and outreach in India.

In fact capacity building and outreach has been the focus of my career for a long time now. I have been putting relevant stakeholders from ISPs, government and civil society in India in touch with their counterparts around the world, and, at a small level, enabling an international exchange of ideas and information around antispam and security.

This was a challenge over a decade back when I was a newbie to antispam and it still is. People in India and other emerging economies, with some notable exceptions, are not part of the international communities that have grown in the area of cyber security and privacy.

There is a prevalent lack of knowledge in this area, which combined with gaps in local law and its enforcement. There is a tendency on the part of online criminals to target emerging and fast growing economies as a rich source of potential victims for various forms of online crime, and sometimes as a safe haven against prosecution.
In a recent public statement Google said "Cloud users have no legitimate expectation of privacy. Do you agree with this statement?
a. Let us put it this way. All email received by a cloud or other Internet service provider for its customers is automatically processed and data mined in one form or the other. At one level, this can be done for spam filtering and other security measures that are essential to maintain the security and stability of the service, and to protect users from being targeted by spam, malware and potential account compromises.

The actual intent of automated data mining and processing should be transparently provided to customers of a service, with a clearly defined privacy policy, and the deployment of such processing, and the “end use” to which data mined from this processing is put, are key to agreeing or disagreeing with such a statement.

It goes without saying that such processing must stay within the letter, scope and spirit of a company’s privacy policy, and must actually be structured to be respectful of user privacy.

Especially where mined data is used to provide user advertising or for any other commercial purpose (such as being aggregated and resold), strict adherence to a well written privacy policy and periodic review of this policy and its implementation to examine its compliance to laws in all countries that the company operates in are essential.

There is way too much noise in the media for me to usefully add any more to this issue and so I will restrict myself to the purely general comments above.
What ways can be privacy of an individual be compromised on the cloud? What can be done to prevent such instances of compromise?
a. All the recent headlines about companies mining their own users’ data, and yet more headlines about different countries deploying nationwide or even international lawful intercept and wiretap programs, aside, the single largest threat to individual privacy on the cloud is, and has been for years before the word “cloud” came into general use, the constant targeting of online users by online criminals with a variety of threats including scams, phish campaigns and data / account credential stealing malware.

Poor device security is another threat – one that becomes even more of a serious problem when the long talked about “internet of things” seems set to become reality, with cars, baby monitors, even Bluetooth enabled toilets, and more dangerously, critical national infrastructure such as power plants and water utilities becoming accessible over the Internet but still running software that is basically insecure and architected with assumptions that date back to an era when there was no conception or need to connect these to the Internet.

Someone in Bluetooth range with the appropriate android application being able to automatically flush your toilet and even download a list of the dates and times when you last used it is personally embarrassing. Having your bank account broken into because your computer got infected with a virus is even more damaging. Someone able to access a dam’s control panel over the internet and remotely trigger the dam’s gates to open can cause far more catastrophic damage.

The line between security and privacy, between normal business practice and unacceptable, even illegal behaviour, is sometimes quite thin and in a grey area that may be leveraged to the hilt for commercial and/or national security interests. However, scams, malware, exploits of insecure systems and similar threats are well on the wrong side of the “criminal” spectrum, and are a clear and present danger that cause far more than an embarrassing or personally damaging loss of privacy.
How is the jurisdiction of the data on the cloud determined?
This is a surprisingly thorny question. Normally, a company is based in a particular country and has an end user agreement / terms of service that makes its customers / users accept that country’s jurisdiction.

However, a cloud based provider that does business around the world may, in practice, have to comply to some extent at least, with that country’s local laws – at any rate, in respect to its users who are citizens of that country. And any cloud product sold to a local business or individual by a salesman from the vendor’s branch in the country would possibly fall under a contract executed in the country and therefore, subject to local law.

The level of compliance for data retention and disclosure in response to legal processes will possibly vary from country to country – ranging from flat refusals to cooperate (especially where any law enforcement request for data are for something that is quite legal in the country the cloud provider is based in) to actual compliance.

In practice this may also depend on what is at stake for the cloud vendor in complying or refusing to comply with local laws – regardless of what the terms of use policies or contract assert about jurisdiction. The number of users the cloud vendor has in the country, the extent of its local presence in the country, how vulnerable its resident employees and executives are to legal sanctions or punishment.

In the past, it has been observed that a practical balance [which may be based on business economics as much as it is based on a privacy assessment] may be struck by certain cloud vendors with a global presence, based on the critical mass of users it stands to gain or lose by complying with local law, and the risks it faces if it complies, or conversely, does not comply with local laws – so the decision may be to fight lawsuits or prosecutions on charges of breaking local data privacy laws or not complying with local law enforcement requests for handover of user data in court, or worst case, pulling out of the country altogether.
Currently, big cloud owners are US corps, yet US courts do not extend the same privacy rights to non US citizens. Is it possible for countries to use the cloud and still protect citizen data from being accessed by foreign governments? Do you think a "National Cloud" is a practical solution?
a. The “cloud” in this context is just “the internet”, and keeping local data local and within local jurisdiction is possible in theory at any rate. Peering can be used to keep local traffic local instead of having it do a roundtrip through a foreign country and back [where it might or might not be subject to another country’s intercept activities, no comment on that].

A national cloud demands local infrastructure including bandwidth, datacenters etc. that meet the international standards of most global cloud providers. It then requires cloud based sites that provide an equivalent level of service, functionality and quality to that provided by an international cloud vendor. And then after that, it has to have usable privacy policies and the country needs to have a privacy law and a sizeable amount of practical regulation to bolster the law, a well-defined path for reporting and redress of data breaches. There are a whole lot of other technical and process issues before having a national cloud becomes a reality, and even more before such a reality makes a palpable positive difference to user privacy.
What audit mechanisms of security and standards exist for Cloud Service Providers and Cloud Data Providers?
a. Plenty – some specific to the country and the industry sector / kind of data the cloud handles. The Cloud Security Alliance has been working for quite a while on CloudAudit, a framework developed as part of a cross industry effort to unify and automate Assertion, Assessment and Assurance of their infrastructure and service.

Different standards bodies and government agencies have all come out with their own sets of standards and best practices in this area (this article has a reasonable list - http://www.esecurityplanet.com/network-security/cloud-security-standards-what-youshould-know.html). Some standards you absolutely have to comply with for legal reasons.

Compliance reasons aside, a judicious mix of standards, and considerable amounts of adaptation in your process to make those standards work for you and play well together.

The standards all exist – what varies considerably, and is a major cause of data privacy breaches, are incomplete or ham handed implementations of existing standards, any attempt at “checkbox compliance” to simply implement a set of steps that lead to a required certification, and a lack of continuing initiative to keep the data privacy and securitymomentum going once these standards have been “achieved”, till it is time for the next audit at any rate.
What do you see as the big challenges for privacy in the cloud in the coming years?
a. Not very much more than the exact same challenges for privacy in the cloud over the past decade or more. The only difference is that any threat that existed before has always amplified itself because the complexity of systems and the level of technology and computing power available to implement security, and to attempt to breach security, is exponentially higher than ever before – and set to increase as we go further down the line.
Do you think encryption the answer to the private and public institutions snooping?
a. Encryption of data at rest and in transit is a key recommendation of any data privacy standard and cloud / enterprise security policy. Companies and users are strongly encouraged to deploy and use strong cryptography for personal protection. But to call it “the answer” is sort of like the tale of the blind men and the elephant.

There are multiple ways to circumvent encryption – social engineering to trick people into revealing data (which can be mitigated to some extent, or detected if it is tried on a large cross section of your userbase – it is something that security teams do have to watch for), or just plain coercion, which is much tougher to defend against.

As a very popular XKCD cartoon that has been shared around social media and has been cited in multiple security papers says -

“A crypto nerd’s imagination”

“His laptop’s encrypted. Let us build a million dollar cluster to crack it”
“No good! It is 4096 bit RSA”
“Blast, our evil plan is foiled”

“What would actually happen”
“His laptop’s encrypted. Drug him and hit him with this $5 wrench till he tells us the password”
“Got it”
Spam is now consistently used to get people to divulge their personal data or otherwise compromise a persons financial information and perpetuate illegal activity. Can spam be regulated? If so, how?
a. Spam has been regulated in several countries around the world. The USA has had laws against spam since 2003. So has Australia. Several other countries have laws that specifically target spam or use other statutes in their books to deal with crime (fraud, the sale of counterfeit goods, theft..) that happens to be carried out through the medium of spam.

The problems here are the usual problems that plague international enforcement of any law at all. Spammers (and worse online criminals including those that actively employ malware) tend to pick jurisdictions to operate in where there are no existing laws on their activities, and generally take the precaution not to target residents of the country that they live in. Others send spam but attempt to, in several cases successfully, skate around loopholes in their country’s antispam laws.

Still others fully exploit the anonymity that the Internet provides, with privately registered domain names, anonymizing proxy servers (when they are not using botnets of compromised machines), as well as a string of shell companies and complex international routing of revenue from their spam campaigns, to quickly take money offshore to a more permissible jurisdiction.

Their other advantage is that law enforcement and regulatory bodies are generally short staffed and heavily tasked, so that even a spammer who operates in the open may continue his activities for a very long time before someone manages to prosecute him.

Some antispam laws allow recipients of spam to sue the spammer in small claims courts – which, like regulatory action, has also previously led to judgements being handed out against spammers and their being fined or possibly imprisoned in case their spam has criminal aspects to it, attracting local computer crime laws rather than being mere violations of civil antispam laws.
There has been a lot of talk about the use of malware like FinFisher and its ability to compromise national security and individual security. Do you think regulation is needed for this type of malware - and if so what type - export controls? privacy regulation? Use control?
a. Malware used by nation states as a part of their surveillance activities is a problem. It is further a problem if such malware is used by nation states that are not even nominally democratic and that have long standing records of human rights violations.

Regulating or embargoing their sale is not going to help in such cases. One problem is that export controls on such software are not going to be particularly easy and countries that are on software export blacklists routinely manage to find newer and more creative ways to attempt to get around these and try to purchase embargoed software and computing equipment of all kinds.

Another problem is that such software is not produced just by legitimate vendors of lawful intercept gear. Criminals who write malware that is capable of, say, stealing personal data such as bank account credentials are perfectly capable of writing such software, and there is a thriving underground economy in the sale of malware and of “take” from malware such as personal data, credit cards and bank accounts where any rogue nation state can easily acquire products with an equivalent functionality.

This is going to apply even if legitimate vendors of such products are subject to strict regulations governing their sale and national laws exist regulating the use of such products. So while there is no reason not to regulate / provide judicial and regulatory oversight of their sale and intended use, it should not be seen as any kind of a solution to this problem.

User education in privacy and access to secure computing resources is probably going to be the bedrock of any initiative that looks to protect user privacy – a final backstop to any technical / legal or other measure that is taken to protect them.

For more details visit https://cis-india.org/internet-governance/blog/interview-with-suresh-ramasubramanian

Wikipedia Training in Telugu for Dr. B.R. Ambedkar Open University, Hyderabad

praskrishna — 2013-09-06T05:51:49Z

CIS-A2K is conducting a Wikipedia training programme in Telugu for the faculty of Dr. B.R.Ambedkar Open University (Dr. BRAOU) in Hyderabad on September 5 and 6, 2013.

This is done as part of the "ICT and eContent" workshop organized by the Centre for Staff Training and Development of Dr. BRAOU for their faculty. T. Vishnu Vardhan Program Director, CIS-A2K has been invited to teach a module on "Knowledge and Openness in the Digital Era" as part of which this Wikipedia training programme was also organized.

Details in Telugu originally published in the metapage on Wikipedia is reproduced below:

వికీపీడియా:శిక్షణ శిబిరం/హైదరాబాద్/హైదరాబాద్2

--14.139.86.130 05:32, 6 సెప్టెంబర్ 2013 (UTC)పరాంకుశం వెంకట రమణ==తేదీ - స్థలం== సెప్టెంబరు, 5 2013; డాక్టర్ బి.ఆర్. అంబేద్కర్ సార్వత్రిక విశ్వవిద్యాలయం

సమయం
పొ. 10.00 నుండి మ. 1.00 వరకు

నిర్వహణ సంస్థ/లు

CISA2K డాక్టర్ బి.ఆర్. అంబేద్కర్ సార్వత్రిక విశ్వవిద్యాలయం, హైదరబాద్ వారి సంస్థాగత భాగస్వామ్యంతో. ఈ శిబిరం Centre for Staff Training and Development (Dr. BRAOU) వారు 10 రోజులపాటు విశ్వవిద్యాలయం యొక్క ఉపాధ్యాయుల కొరకు నిర్వహించిన ‘ICT and e-Content Development’ Workshop లో భాగంగా నిర్వహించబడినది.

నిర్వాహకులు

విష్ణు (చర్చ)

--Elkasudharani (చర్చ) 05:37, 6 సెప్టెంబర్ 2013 (UTC)==Dr.BRAOU లోని కార్యక్రమ సంధానకర్తలు==

ఘంటా చక్రపాణి (డైరెక్టర్, Centre for Staff Training and Development, డాక్టర్ బి.ఆర్. అంబేద్కర్ సార్వత్రిక విశ్వవిద్యాలయం)

--14.139.86.130 05:35, 6 సెప్టెంబర్ 2013 (UTC)

శిక్షణ శిబిరానికి హజరైన సభ్యులు

--Pallavisudheer (చర్చ) 05:31, 6 సెప్టెంబర్ 2013 (UTC)

సరోజ --Drgsaroja (చర్చ) 05:27, 6 సెప్టెంబర్ 2013 (UTC)
--Rajani nellutla (చర్చ) 05:29, 6 సెప్టెంబర్ 2013 (UTC)
--Kiranmayi.ys (చర్చ) 05:30, 6 సెప్టెంబర్ 2013 (UTC)
--Vasuvaddanam (చర్చ) 05:31, 6 సెప్టెంబర్ 2013 (UTC)

--Gpushpa (చర్చ) 05:32, 6 సెప్టెంబర్ 2013 (UTC) --Drgsaroja (చర్చ) 05:34, 6 సెప్టెంబర్ 2013 (UTC)

--Boju srinivas (చర్చ) 05:36, 6 సెప్టెంబర్ 2013 (UTC)
--Shridhevie (చర్చ) 05:37, 6 సెప్టెంబర్ 2013 (UTC)

పై వరసలో పేరు చేర్చండి లేక సంతకం చేయండి>

--[[--14.139.86.130 05:35, 6 సెప్టెంబర్ 2013 (UTC)]]
--Elkasudharani (చర్చ) 05:37, 6 సెప్టెంబర్ 2013 (UTC)
--Pvramana24 (చర్చ) 05:37, 6 సెప్టెంబర్ 2013 (UTC)

నివేదిక

చిత్రమాలిక

For more details visit https://cis-india.org/openness/events/wikipedia-training-in-telugu-for-b-r-ambedkar-open-university