Centre for Internet and Society

Announcing the Asia Pacific Google Policy Fellows

praskrishna — 2011-05-30T09:26:19Z

Posted by Ross LaJeunesse, Head of Public Policy and Government Affairs, Asia Pacific

There are now more than 2 billion people online, with approximately 850 million of them in Asia Pacific.

Given Asia Pacific’s importance, we're excited to announce the extension of the Google Policy Fellowship program to this part of the world. The goal of the program is to assist public interest organizations at the forefront of debates on important Internet policy issues, and to support talented young advocates and scholars. Since its inception in 2007, the Google Policy Fellowship has provided a platform for students interested in technology policy to contribute to the public dialogue on these issues, and to explore future academic and professional interests.

The Asia Pacific program for 2011 includes one Fellow each in Australia, Hong Kong and India. The University of New South Wales, the City University of Hong Kong, and the Centre for Internet and Society in Bangalore will be serving as the respective host institutions.

In this region, we see many policy challenges concerning access to information online. The 2011 Asia Pacific Fellows will therefore focus on legal and policy issues related to the open Internet.

Congratulations to our first class of Asia Pacific Google Policy Fellows:

Lauren Loz, University of New South Wales, Faculty of Law Australia
Henry Hu Ling, University of Hong Kong, Faculty of Law, Hong Kong
Rishabh Dara, Indian Institute of Management, Ahmedabad, India

We extend our sincere thanks to everyone who applied. If this pilot program proves to be a success, we hope to expand the Policy Fellowship for 2012.

Cross-posted from the Google Public Policy Blog

For more details visit https://cis-india.org/news/asia-pacific-google-policy-fellows

Take charge of Facebook

praskrishna — 2011-06-06T08:16:19Z

Want to take control of your data and the way you use your Facebook account? Then try these tricks, writes Shweta Taneja.

When Tejas Pande, a 23-year-old Bangalore-based information technology professional, heard about a workshop called Facebook Resistances at the Centre for Internet and Society (www.cis-india.org) in the city, he signed up without thinking twice. "I spend almost 10 hours every day logged in to my Facebook account. Its fixed rituals were getting to me. So I wanted to find out how I can take more control of my account and make it more personal."

The workshop, which was conducted by Marc Stumpel, a new media researcher and privacy advocate from Amsterdam, the Netherlands, had the same concerns. Stumpel’s workshop, which has travelled across the world from Barcelona and Berlin to Bangalore, is a research initiative that looks at changing the rules and functionality of Facebook. "We want to change your experience of the site and make it more personal," he says, adding, “We also want you to safeguard your privacy in the Facebook world." All this, he says, is possible through add-ons to your Internet browser. “People just need to know what these cracks are."

With more than 600 million active users, Facebook has become prone to attacks from hackers. Problems such as identity theft and malicious bot messages or status update worms are becoming common. Other than that, privacy concerns which have wracked Facebook since its inception continue to be controversial despite the "controls" it now offers.

The main reason for this is that the social networking mammoth keeps on pushing new features or changes constantly and rapidly, even before we can understand the ones that already exist. "Most often we don’t get a chance to opt in to new features, and can only opt out if they get our attention," explains Stumpel. This leads to a loss of control over personal data and what Facebook can do with it.

To prevent this, it’s necessary to keep going back to those account settings and make full use of whatever control Facebook offers at any point. Here are some of the latest ways you can protect your online identity.

Log out of multiple sessions

How many times have you logged into Facebook from an Internet café or a friend’s mobile phone and forgotten to log out? Every time you do that, even though you close the browsing window or application at the end, Facebook keeps your session open, making you vulnerable to mischief. Now you can log into your account and see a list of active sessions with their details, which include the login time, device name, the approximate location of the login based on IP address, and browser and operating system. If some of them are unauthorized or you are unaware of these activities, shut them immediately and reset your password.

Take control now: In your Facebook account, go to Account > Account Settings > Account Security > Account Activity > Also Active. Facebook lists all your active, open browsers in the Also Active list. Click on End Activity on the unwanted ones. You can also take control of which gadgets you log on from with the Login Approvals feature that comes under Account Security. This feature lets you put a code alert, which can then be SMSed to your mobile phone as soon as you log in from an unrecognized computer. This will alert you in case there’s been a login from a source you don’t know about.

Avoid the unwanted photo tag

Did a friend just put your drunk as hell photograph, wearing a "I hate my boss" T-shirt and making an obscene gesture, online? And did your boss and wife see it and blast you for irresponsibility? Other than the embarrassment, you may get into trouble at home or at work because of friends tagging inane photographs they clicked somewhere you don’t remember.If it’s not photographs, it’s minor irritants such as social or festive messages that you unexpectedly get tagged in. Avoid such irritants with a simple click.

Take control now: Go to Account > Privacy Settings > Sharing on Facebook. Click on ‘Customize settings’. In the page that pops up, choose in each option who can see and comment on things you share, things on your Wall and things you’re tagged in.

Secure your account

Hacking is increasingly a problem on Facebook. The reason is that on most of the networks, Facebook (unlike email clients) works on an unsecured connection (http) and not a secure one (https). Now the social networking site gives you an option to choose a secure site for logging and browsing. You can also choose one-time passwords when logging into Facebook from a public connection.

Take control now: Go to Account > Account Settings> Account Security > Secure Browsing. Tick on Browse Facebook on a Secure Connection (https) whenever possible. In case you are using a public computer, take the option of Facebook One-time Passwords. Text "OTP" to 32665 on your mobile phone and you will get a new one-time password which expires within 20 minutes.

Stop Facebook from haunting you online

Baffled when your Facebook profile image pops up every time you are reading a news site or a travel website online asking you to "Like" a news or review since another friend from Facebook does? Or surprised when you are browsing a travel website and your friends’ photographs pop up suddenly, saying they have been there and "Recommend" a hotel or site? Facebook has partnered with some websites to, as it delicately puts it, "provide you with great, personalized experiences the moment you arrive, such as immediately playing the music you like or displaying friends’ reviews”. Basically if you are logged in to Facebook, these sites can take information from your account and display it and also tell you which of your friends have visited that particular city earlier. If you wish to stop Facebook from haunting you everywhere you go online on your browser, act now.

Take control now: To block a third party, go to Account > Privacy Settings > Apps and Websites> Instant Personalization. Deselect Enable Instant Personalization to stop getting these subtle suggestions from Facebook.

Cut off the ads

A Facebook friend, Mr-I-Like-Everything, "Likes" yet another page and it pops up as a suggestion on the right side of your profile. If you have been on Facebook long enough, chances are one of the "Sponsored" pages has been shoved under your nose at least once. These little ad blurbs which keep popping up on the right-hand side corner, or underneath your apps on the left side of your page, are a mix of advertisements as well as Facebook’s way of further profiling you. Facebook calls them “Suggestions” that add to your social personality, but they are just ads. The good news is that you can now block these permanently.

Take control now: What you need is an ad-blocking add-on for your browser. The best in the market is GreaseMonkey, which works as an add-on for Mozilla Firefox, Google Chrome, Opera and Internet Explorer. Run it and you will be able to customize the way your Facebook page is displayed or behaves by using small bits of JavaScript. On your browser, go to Tools > Add-ons > GreaseMonkey. Click install. Once the basic add-on is installed, it will direct you to http://userscripts.org, which is an open-source, online space for free scripts that can be installed into GreaseMonkey. Find Remove All Facebook Ads in the list and install it. Google Chrome has a basic extension which is called Hide Facebook Ads, which effectively blocks the ads on your Facebook page.

Customize your Facebook page

Bored to death with the classic Facebook blue and white? There’s help at hand to see your Facebook page in a new, stylized version.

Take control now: Download and install an add-on called Stylish in Mozilla Firefox. Then go to Userstyles.org and choose a theme you want to install. Click on Load Into Stylish. Once the theme is successfully loaded, choose it from a small icon on the right corner and activate the theme. Refresh and enjoy the new look.

Block unwanted applications

How does an application you haven’t given access to know your birth date? The answer is your friends. Even though your settings might be sealed and set, you are vulnerable if your friends don’t care who’s accessing their information—and most of them don’t. Applications on Facebook can harvest not only a person’s birth of date or city of residence, but also that of their friends. As Facebook writes, the applications "may access any information you have made visible to Everyone as well as your publicly available information". Publicly available information "includes your Name, Profile Picture, Gender, Current City, Networks, Friend List, and Pages". Facebook offers a way for you to control what your friends can share about you with these applications. It’s a well-hidden section under Accounts called Facebook Ads.

Take control now: To check which applications are using what from your profile, go to Account > Privacy Settings > Apps and Websites. Block any of the apps you haven’t used for a couple of months and don’t remember when you gave access to. Cut down the information accessible to other applications through your friends by unmarking under "Info accessible through your friends". If you don’t want the "suggestions" that Facebook makes about the pages that your friends "Like", go to Account > Account Settings > Facebook Ads. Choose "No one" for both “Ads shown by third Parties" as well as "Ads and friends".

Remove yourself from Facebook & Google Search

Now you can avoid unwanted attention from generic Google and Facebook name searches with a simple privacy setting to turn off your public visibility.

Take control now: Go to Account > Privacy Settings > Connecting on Facebook. Click on View Settings and under it, and in the options under "Search for you on Facebook", select Friends or Friends of Friends.

Add a dislike button

Tired of no option but to "Like" comments, links and silly photos on Facebook? Now you can install a Dislike button to show your hatred of everything inane that people put on your wall.

Take control now: The Dislike button comes with an add-on called Facebook Dislike 1.2.3 by Thomas Moquet. It works on both Google Chrome and Firefox. Remember that you are the only one who will see that button. For your friends to see what you dislike, they need to install it too.

Illustration by Raajan/Mint

Write to us at businessoflife@livemint.com

This article first appeared in the Business of Life, Mint. The copyright of this article rests with Mint and no part of can be reproduced without prior permission. Please log on to http://www.livemint.com/articles/2011/05/24210434/Take-charge-of-Facebook.html.

For more details visit https://cis-india.org/news/take-charge-of-facebook

A Network of Chains

praskrishna — 2011-05-23T06:50:28Z

New infotech rules infringe on freedom of expression, make net use near-impossible, writes Arindam Mukherjee. The article was published in the latest issue (May 30, 2011) of Outlook Magazine.

If all goes according to plan, internet users may not be able to put up a strong message or comment about, say, the Congress on the BJP’s website. A simple complaint from a Congress worker or, for that matter, any Indian citizen, can get the comment removed—it could even lead to the website being blocked by the host. Similarly, forceful comments on networking sites like Twitter and Facebook about individuals and on issues of national interest could soon also be history. If anyone wants, a simple complaint can get the comments—or even a user—removed from that network without informing him or her about it.

The new set of rules gives any citizen the right to complain against any content on any website that they consider objectionable. The new guidelines redefine the rules of the game for online intermediaries—Internet Service Providers, a website, a blog or a blog host, or the online edition of a media company with space for letters to the editor. These intermediaries, who are protected by the government against harmful content generated by third parties, stand to lose their protection if they do not comply and take off the objectionable comments within 36 hours.

As expected, there is a huge outcry in the online community and in civil society on the implications. Pranesh Prakash, programme manager, Centre for Internet and Society, says, "We are concerned about the overreach of the IT Act. These rules are unconstitutional and violative of Article 19(1)(a) of the Constitution. It is harmful to freedom of speech and does not go by the basic principles of natural justice because only the complainant is heard and not the user."

"These rules violate the Constitution, harm freedom of speech, go against the principles of natural justice."
Pranesh Prakash
Manager, CIS

The new rules provide that anyone can complain against any online content if he thinks it is objectionable and breaches any of the keywords provided under the rules (see graphic). Chakshu Roy of prs Legislative Research, an independent group, says, "The keywords provided under the rules are rather too open to interpretation. This might lead to potential legal complications for internet companies who derive value by allowing people to interact online."

The tricky part is that the government has said that all disputes over interpretation of the keywords can only be adjudicated by a court of law and that the government or its agencies cannot interpret it. So if your website or content is blocked, the only recourse before you is to knock at the court’s doors. In sum, under the new rules, it would be absolutely impossible for any online entity to carry any comment without getting into some infringement under the new rules. "If internet platforms are held liable for third-party content, it would lead to self-censorship and reduce the free flow of information," says a spokesperson for Google.

Despite the government arguing otherwise, this is being construed as an indirect way to control the internet and online activity. The new laws will suppress public opinion at a time when the internet is developing into a primary medium to mould as well as express public opinion. Nikhil Pahwa, an avid blogger and editor of Medianama, says, "National security is one thing, but what about civil liberty? Isn’t that being violated here? This is a veiled move to block all public opinion."

In recent times, 11 websites and search results have been blocked on the government’s order, apart from over 1,400 requests to Google for removal or blocking of content. Soon, many more websites and portals could be in the firing line and face a block, censure or even closure under the new set of rules.

Online protagonists also feel that enough thinking has not gone into the framing of the rules. Subho Ray, president, Internet and Mobile Association of India (iamai), says, "The new rules are arbitrary as it is protecting the interest of one set of citizens while compromising upon that of others." Also, there is ambiguity in the rules on bulk sms carriers and telecom-based content, which should technically fall under user-generated content reaching the masses.

Perhaps the most bizarre are the rules regarding cyber cafes, which seek to define not just how the cafes conduct their business but also how a cyber cafe should look and even arrange its furniture. The new guidelines mandate that cyber cafes keep a photo ID record of all users apart from maintaining usage data of individuals—including logs of all websites surfed by them—for one year. The rules even go on to define the physical layout of the cyber cafes.

"Today a third of India’s internet usage comes from cyber cafes. If you are putting requirements of photo ID and maintenance of logs of usage of every user, the crowd going to these cafes will move away," says Ray. He also feels that cyber cafes, which are already subject to harassment by local authorities, may find it even more difficult to survive under the new rules. Also, there are serious online security concerns over the functioning of cyber cafes under the new rules. "If you require all cyber cafes to maintain history of all websites visited by a user, including bank accounts and credit card transactions, it will be naive to think that such information will not be misused," says Prakash.

Significantly, the new rules also allow the government to access personal data and intercept any conversation or communication without judicial intervention. This, at a time when telephone intercepts by government agencies are being questioned, could lead to further complications. The government asserts that the new rules have been put in place looking at the “best practices" from across the world. But looking at the discontent—and the real danger of misuse—it needs to rethink these strategies.

Read the original published in the Outlook here

For more details visit https://cis-india.org/news/network-of-chains

Bangalore-based NGO files RTI query asking list of websites blocked by Indian govt

praskrishna — 2011-05-23T08:39:58Z

The Centre for Internet & Society (CIS), a Bangalore-based NGO, recently filed an RTI query with the Department of Information Technology (DIT), asking for a list of websites blocked by the Indian government under the IT Act. This article by R Krishna was published in the Daily News & Analysis on May 18, 2011.

The department handed them a list of 11 websites. It was just one department’s list, but this was the first time such a list was being made public. "The information given was not comprehensive. For instance, we still don’t know who ordered these blocks," says Sunil Abraham, executive director, CIS, "We will file another RTI application to get those details out."

As of now, Indians enjoy considerably free access to information online, and the right to freedom of expression is protected by the Constitution. But you run into a veil of secrecy when trying to find out what sort of information is being blocked online, who is doing it, and for what reason. The list of 11 revealed by the DIT is only representative — no one can even guess the real number because, well, there is no way of knowing when a website gets blocked.

What is more disturbing is that the government has formulated a set of rules that can block content considered "disparaging", "harassing", or "blasphemous", besides a whole range of other labels that are vague and hence open to interpretation. The rules put the onus of removing such material on intermediaries such as ISPs (Internet service providers) and websites that host the content — within 36 hours of a complaint being filed. And just about anyone can request that the content be taken down — all they have to do is write a letter or an email with an electronic signature. There is no provision for the intermediary to challenge the complainant’s assessment of the content in question.

Users will be afraid

In other words, censorship will now be a free-for-all exercise. Protests, such as the one we saw during the Jan Lokpal agitation, can be nipped in the bud since anyone, including politicians, can claim that they are being "harassed". Information revealed by websites like WikiLeaks can be blocked because they may "threaten friendly relations with foreign states".

There is a sense of shock among the handful of netizens who are aware of these rules and the potential for their misuse. "What are we, Saudi Arabia? We don’t expect this from India. This is something very serious," Pushkar Raj, general secretary of the People’s Union for Civil Liberties, has been quoted as saying. MediaNama, a website reporting on the media industry, points out, "Who defines 'blasphemous'?... India doesn’t even have a blasphemy law, so who interprets what is blasphemous or not?" Media watchdog The Hoot’s Geeta Seshu says, "This is chilling. Websites will be wary of putting up content. How can one appeal? How can one have a free discussion on anything at all online?"

Vishal Anand, product manager at Burrp, an online startup that hosts user-generated reviews of restaurants, is worried about the impact it will have on the discussions happening on the website. "I hope the ecosystem is not impacted. Users may be more afraid to respond, and businesses will be afraid about the content they host."

Guilty until proven innocent

The fundamental issue is that the onus is on the carrier or host to prove that the content is inoffensive, if any objection is raised. "The regulation is placing the burden on the intermediary so that there is no need to go to court (to get content blocked). This is going to lead to a lot of private intervention. You will have to go to court to get the content back up online, rather than the other way around," says Delhi-based lawyer Apar Gupta.

In fact, intermediary liability is a contentious topic globally, and this is not the first time it has caused a controversy in India. Back in 2004, eBay India’s CEO Avinash Bajaj was arrested because a user tried to sell a pornographic CD on its website. This set off a furious debate on the issue, with the government finally agreeing to amend the IT Act. Gupta notes on his blog, "Even after the IT Act was amended, the government failed to make any rules… In the absence of rules, intermediaries continued to be dragged to court and to the police station. This includes a recent incident where an FIR was registered against Facebook."

Checks and balances exist

These developments lend credence to a recent report on Internet freedom released by US-based NGO Freedom House, which ranks India 14th out of the 37 countries surveyed. Stating that the Internet in India is only "partly free", the report notes, “Pressure on private intermediaries to remove certain information in compliance with administrative censorship orders has increased since late 2009, with the implementation of the amended IT Act.

The revised law grants (the government) the authority to block Internet material that is perceived to endanger public order or national security… and assigns up to seven years’ imprisonment for representatives of a wide range of private service providers… if they fail to comply with government blocking requests." What is even more troubling is that the current rules weren’t even in place when this report was being prepared.

The new rules could worsen India’s Internet freedom rankings. Responding to DNA, Sarah Cook, Asia research analyst and assistant editor, Freedom House, said, "We would have concerns over some of the rules and how they came about. This includes broad and vaguely worded censorship criteria, apparent initiation of the regulations "quietly" without significant consultation with key stakeholders, and absence of an appeals process for those who might disagree with censorship decisions."

Legal experts in India too are puzzled by the new restrictions when there are already reasonable restrictions on freedom of expression that the Constitution defines. "There are anti-defamation provisions in the law. Then why include 'disparaging' in the new rules? Why is impersonating being made illegal? For example, on online dating websites for gays, users may not feel comfortable revealing their identities straightaway. And if somebody is impersonating to commit fraud, there are laws that already exist that deal with it. Instead of incorporating existing offences, the scope of what may be considered illegal is being broadened," says CIS’s Abraham.

The new rules are so broad-based that anyone can claim they are offended and demand that content be taken down, even out of business rivalry.

For example, Zone-H.org, run by Italy-based Roberto Preatoni, was one of the 11 websites blocked by the Department of Information Technology. This was done after the Delhi High Court passed an ex-parte interim order (where the other party is not present) in the E2 Labs versus Zone-H case to block the website. "This seems unnecessary since it is some kind of private business battle between E2 Labs and Zone H. Where was the need for the Indian government to get involved?" asks Abraham.

Bangalore-based cyber law expert N Vijayashankar agrees. "Websites are being blocked using interim orders. There is no national interest involved in some of these cases. Plus, there is no need to block the entire website, just a particular page could be blocked."

In fact, one of the webpages blocked was an opinion piece Vijayashankar had written about the Zone-H case on BloggerNews.net. "I had no intimation that the webpage was being blocked," says Vijayashankar, who got to know about the blockage only after CIS published the DIT’s response.

Learn from the world

Globally, excessive regulation of online discussions, particularly those related to political and social issues, can kill the open exchange of information. "In many countries, we saw that new laws, prosecutions, or proactive government censorship contributed to greater self-censorship among users. This is particularly pernicious when it affects discussions that relate to public interest or that affect people’s well-being — such as an Indonesian housewife facing high fines for circulating critical comments about a local hospital, the Chinese authorities censoring content on torture in police custody, or the Korean government prosecuting a blogger who posted pessimistic predictions about the country’s economy," says Cook. Cook acknowledges that balancing the right to freedom of expression against security threats, hate speech or child pornography is quite difficult — even for nations that rank high in their study. But there are a few best practices that India could learn from.

"Examples of good practices would include no criminal defamation provisions (though criminal penalties for inciting violence would be appropriate), immunity for online content providers from being held liable for the information posted by their users (there is such a law in the United States), and multi-stakeholder consultations prior to the passing of regulations related to the Internet/digital media."

The new rules India has come up with fly in the face of such best practices. Authorities and netizens alike should be on the guard, lest we go the China way.

Read the original published by DNA here

For more details visit https://cis-india.org/news/rti-query-filed

Consumers International IP Watchlist 2011 — India Report

pranesh — 2014-05-29T05:52:28Z

Pranesh Prakash prepared the India Report for the Consumers International IP Watchlist 2011. The report was published on the A2K Network website.

The report says:

India's Copyright Act is a relatively balanced instrument that recognises the interests of consumers through its broad private use exception, and by facilitating the compulsory licensing of works that would otherwise be unavailable. However, the compulsory licensing provision have not been utilized so far, because of both a lack of knowledge and more importantly because of the stringent conditions attached to them. Currently, the Indian law is also a bit out of sync with general practices as the exceptions and limitations allowed for literary, artistic and musical works are often not available with sound recordings and cinematograph films. There are numerous other such inconsistencies.

While India has not acceded to the WIPO [23] Copyright Treaty or the WIPO Performers and Phonograms Treaty, yet a set of amendments have been proposed which would bring the Indian law in compliance with both the WCT and the WPPT. These amendments would expose India's consumers to the same problems experienced in other jurisdictions which have prohibited the use of circumvention devices to gain access to legally-acquired copyright material. These amendments also propose a substantial increase in the copyright term for photographs (from 50 years to life plus 60 years), and a conditional increase of ten years for cinematograph films to 70 years if a special agreement is entered into by the producer with the director. It is true that copyright infringement, particularly in the form of physical media, is widespread in India. However this must be taken in the context that India, although fast-growing, remains one of the poorest countries in the world. Although India's knowledge and cultural productivity over the centuries and to the present day has been rich and prodigious, its citizens are economically disadvantaged as consumers of that same knowledge and culture. Indeed, most students, even in the so-called elite institutions, need to employ photocopying and other such means to be able to afford the requisite study materials. Physically challenged persons have no option but to disobey the law that does not grant them equal access to copyrighted works.

Legitimate operating systems (with the notable exception of most free and open source OSes) add a very high overhead to the purchase of cheap computers, thus driving users to pirated software. Thus, these phenomena need to be addressed not at the level of enforcement, but at the level of supply of affordable works in a suitable format.

Over the last year, the Standing Committee tasked with review of the Copyright Amendment Bill has held hearings and presented its findings and recommendations to the HRD Ministry. However, not a single consumer rights organization was called by the Standing Committee, and no civil society engagement was sought except for the issue of access for persons with disabilities. This was despite a number of civil society organizations sending in written submissions to the Standing Committee. The government is going to re-table the Bill in this session of Parliament (February-April).

Click to download the full report [PDF, 150 kb]
Read the report published by A2K Network here

For more details visit https://cis-india.org/a2k/blogs/ip-watch-list-2011

IT Act if enforced will leave internet use in India no freer than in China

praskrishna — 2011-05-18T02:28:38Z

The Centre for Internet & Societies (CIS), a Bangalore-based NGO, recently filed an RTI query with the Department of Information Technology (DIT), asking for a list of websites blocked by the Indian government under the IT Act. The department handed them a list of 11 websites. It was just one department’s list, but this was the first time such a list was being made public. This news written by R Krishna was published by the Daily News & Analysis on May 15, 2011.

"The information given was not comprehensive. For instance, we still don’t know who ordered these blocks," says Sunil Abraham, executive director, CIS, "We will file another RTI application to get those details out."

What is more disturbing is that the government has formulated a set of rules that can block content considered "disparaging", "harassing", or "blasphemous", besides a whole range of other labels that are vague and hence open to interpretation. The rules put the onus of removing such material on intermediaries such as ISPs (internet service providers) and websites that host the content — within 36 hours of a complaint being filed. And just about anyone can request that the content be taken down — all they have to do is write a letter or an email with an electronic signature. There is no provision for the intermediary to challenge the complainant’s assessment of the content in question.

Users will be afraid

Guilty until proven innocent

In fact, intermediary liability is a contentious topic globally, and this is not the first time it has caused a controversy in India. Back in 2004, Ebay India’s CEO Avinash Bajaj was arrested because a user tried to sell a pornographic CD on its website. This set off a furious debate on the issue, with the government finally agreeing to amend the IT Act. Gupta notes on his blog, "Even after the IT Act was amended, the government failed to make any rules… In the absence of rules, intermediaries continued to be dragged to court and to the police station. This includes a recent incident where an FIR was registered against Facebook."

Checks and balances exist

These developments lend credence to a recent report on internet freedom released by US-based NGO Freedom House, which ranks India 14th out of the 37 countries surveyed. Stating that the internet in India is only "partly free", the report notes, “Pressure on private intermediaries to remove certain information in compliance with administrative censorship orders has increased since late 2009, with the implementation of the amended IT Act. The revised law grants (the government) the authority to block internet material that is perceived to endanger public order or national security… and assigns up to seven years' imprisonment for representatives of a wide range of private service providers… if they fail to comply with government blocking requests." What is even more troubling is that the current rules weren’t even in place when this report was being prepared.

The new rules could worsen India’s internet freedom rankings. Responding to DNA, Sarah Cook, Asia research analyst and assistant editor, Freedom House, said, “We would have concerns over some of the rules and how they came about. This includes broad and vaguely worded censorship criteria, apparent initiation of the regulations "quietly" without significant consultation with key stakeholders, and absence of an appeals process for those who might disagree with censorship decisions."

Legal experts in India too are puzzled by the new restrictions when there are already reasonable restrictions on freedom of expression that the Constitution defines.

"There are anti-defamation provisions in the law. Then why include 'disparaging' in the new rules? Why is impersonating being made illegal? For example, on online dating websites for gays, users may not feel comfortable revealing their identities straightaway. And if somebody is impersonating to commit fraud, there are laws that already exist that deal with it. Instead of incorporating existing offences, the scope of what may be considered illegal is being broadened," says CIS’s Abraham.

The new rules are so broad-based that anyone can claim they are offended and demand that content be taken down, even out of business rivalry.

"This seems unnecessary since it is some kind of private business battle between E2 Labs and Zone H. Where was the need for the Indian government to get involved?" asks Abraham.

Learn from the world

Globally, excessive regulation of online discussions, particularly those related to political and social issues, can kill the open exchange of information. "In many countries, we saw that new laws, prosecutions, or proactive government censorship contributed to greater self-censorship among users. This is particularly pernicious when it affects discussions that relate to public interest or that affect people's well-being — such as an Indonesian housewife facing high fines for circulating critical comments about a local hospital, the Chinese authorities censoring content on torture in police custody, or the Korean government prosecuting a blogger who posted pessimistic predictions about the country’s economy," says Cook.

Cook acknowledges that balancing the right to freedom of expression against security threats, hate speech or child pornography is quite difficult — even for nations that rank high in their study. But there are a few best practices that India could learn from. "Examples of good practices would include no criminal defamation provisions (though criminal penalties for inciting violence would be appropriate), immunity for online content providers from being held liable for the information posted by their users (there is such a law in the United States), and multi-stakeholder consultations prior to the passing of regulations related to the internet/digital media."

The new rules India has come up with fly in the face of such best practices. Authorities and netizens alike should be on the guard, lest we go the China way.

Read the original story published by DNA here

For more details visit https://cis-india.org/news/it-act-internet-use

Limits to Privacy

Prashant Iyengar — 2012-12-14T10:28:55Z

In his research article, Prashant Iyengar examines the limits to privacy for individuals in light of the provisions of the Constitution of India, public interest, security of state and maintenance of law and order. The article attempts to build a catalogue of all these justifications and arrive at a classification of all such frequently used terms invoked in statutes and upheld by courts to deprive persons of their privacy.

Introduction

In 1965, the Supreme Court of India heard and decided State of UP v. Kaushaliya[1], a case which involved the question of whether women who are engaged in prostitution can be forcibly removed from their residences and places of occupation, or whether they were entitled, along with other citizens of India, to the fundamental right to move freely throughout the territory of India, and to reside and settle in any part of the territory of India [under Article 19(1)(d) and (e) of the Constitution of India]. In other words, did these women possess an absolute right of privacy over their decisions in respect to their occupation and place of residence? In its decision, the Supreme Court denied them this right holding that "the activities of a prostitute in a particular area... are so subversive of public morals and so destructive of public health that it is necessary in public interest to deport her from that place." In view of their 'subversiveness', the statutory restrictions imposed by the Suppression of Immoral Traffic Act on prostitutes, were upheld by the court as constitutionally-permissible “reasonable restrictions” on their movements.

The legal alibis that the State employs to justify its infringement of our privacy are numerous, and range from ‘public interest’ to 'security of the state' to the 'maintenance of law and order'. In this chapter we attempt to build a catalogue of these various justifications, without attempting to be exhaustive, with the objective of arriving at a rough taxonomy of such frequently invoked terms. In addition we also examine some the more important justifications such as 'public interest' and 'security of the state' that have been invoked in statutes and upheld by courts to deprive persons of their privacy.

The statutory venues of deprivation of privacy by the state being many – strictly, any statute that imposes any restriction on movement, or authorizes the search or examination of any residence or book, or the interception of communication may be read as a violation of a privacy right — tracking each of these down would not only be an impossible exercise, but also contribute little to the analytical exercise we are attempting here. Instead, in this chapter we only list provisions from a few statutes that are the familiar instruments by which the state impinges on our privacy. This is done with the limited object of arriving at a rough inventory of the common technologies which the state employs to impinge on our privacy.

Even if intrusions into our privacy are statutorily authorised, these statutes must withstand constitutional scrutiny. We therefore, begin this chapter with a discussion of the constitutional framework within which these statutes operate, and against which the severity of their incursions must be measured.

Constitutional Jurisprudence on Privacy

The 'right to privacy' has been canvassed by litigants before the higher judiciary in India by including it within the fold of two fundamental rights: the right to freedom under Article 19 and the right to life and personal liberty under Article 21.

It would be instructive to provide a brief background to each of these Articles before delving deeper into the privacy jurisprudence expounded by the courts under them.

Part III of the Constitution of India (Articles 12 through 35) is titled ‘fundamental rights’ and lists out several rights which are regarded as fundamental to all citizens of India (some apply all persons in India whether citizens or not). Article 13 forbids the State from making “any law which takes away or abridges the rights conferred by this Part”.

Thus, Article 19(1) (a) stipulates that "all citizens shall have the right to freedom of speech and expression". However this is qualified by Article 19(2) which states that this will not "affect the operation of any existing law, or prevent the State from making any law, in so far as such law imposes reasonable restrictions on the exercise of the right … in the interests of the sovereignty and integrity of India, the security of the State, friendly relations with foreign States, public order, decency or morality, or in relation to contempt of court, defamation or incitement to an offence".

Thus, the freedom of expression guaranteed by Article 19(1) (a) is not absolute, but a qualified right that is susceptible, under the Constitutional scheme, to being curtailed under specified conditions.

The other important fundamental right from the perspective of privacy jurisprudence is Article 21 which reads "No person shall be deprived of his life or personal liberty except according to procedure established by law."

Where Article 19 contains a detailed list of conditions under which freedom of expression may be curtailed, by contrast Article 21 is thinly-worded and only requires a "procedure established by law" as a pre-condition for the deprivation of life and liberty. However, the Supreme Court has held in a celebrated case Maneka Gandhi vs. Union of India [2] that any procedure "which deals with the modalities of regulating, restricting or even rejection of a fundamental right falling within Article 21 has to be fair, not foolish, carefully designed to effectuate, not to subvert, the substantive right itself. Thus, understood, 'procedure' must rule out anything arbitrary, freakish or bizarre."

Four decisions by the Supreme Court have established the right to privacy in India as flowing from Articles 19 and 21.

The first was a seven-judge bench judgment in Kharak Singh vs The State of U.P.[3] The question for consideration before this court was whether 'surveillance' under Chapter XX of the U.P. Police Regulations constituted an infringement of any of the fundamental rights guaranteed by Part III of the Constitution. Regulation 236(b) which permitted surveillance by 'domiciliary visits at night' was held to be violative of Article 21.The word ‘life’ and the expression ‘personal liberty’ in Article 21 were elaborately considered by this court in Kharak Singh`s case. Although the majority found that the Constitution contained no explicit guarantee of a ‘right to privacy’, it read the right to personal liberty expansively to include a right to dignity. It held that "an unauthorised intrusion into a person's home and the disturbance caused to him thereby, is as it were the violation of a common law right of a man —an ultimate essential of ordered liberty, if not of the very concept of civilization."

In a minority judgment in this case, Justice Subba Rao held that "the right to personal liberty takes is not only a right to be free from restrictions placed on his movements, but also free from encroachments on his private life. It is true our Constitution does not expressly declare a right to privacy as a fundamental right but the said right is an essential ingredient of personal liberty. Every democratic country sanctifies domestic life; it is expected to give him rest, physical happiness, peace of mind and security. In the last resort, a person's house, where he lives with his family, is his 'castle' it is his rampart against encroachment on his personal liberty." This case, especially Justice Subba Rao’s observations, paved the way for later elaborations on the right to privacy using Article 21.

In 1972, the Supreme Court decided a case — one of the first of its kind — on wiretapping. In R. M. Malkani vs State of Maharashtra [4] the petitioner’s voice had been recorded in the course of a telephonic conversation where he was attempting blackmail. He asserted in his defence that his right to privacy under Article 21 had been violated. The Supreme Court declined his plea holding that “the telephonic conversation of an innocent citizen will be protected by courts against wrongful or high handed interference by tapping the conversation. The protection is not for the guilty citizen against the efforts of the police to vindicate the law and prevent corruption of public servants.”

The third case, Govind vs. State of Madhya Pradesh [5] , by a three-judge bench of the Supreme Court is regarded as being a setback to the right to privacy jurisprudence. Here, the court was evaluating the constitutional validity of Regulations 855 and 856 of the Madhya Pradesh Police Regulation which provided for police surveillance of habitual offenders including domiciliary visits and picketing. The Supreme Court desisted from striking down these invasive provisions holding that "It cannot be said that surveillance by domiciliary visit, would always be an unreasonable restriction upon the right of privacy. It is only persons who are suspected to be habitual criminals and those who are determined to lead criminal lives that are subjected to surveillance."

The court went on to make some observations on the right to privacy under the Constitution:

"Too broad a definition of privacy will raise serious questions about the propriety of judicial reliance on a right that is not explicit in the Constitution. The right to privacy will, therefore, necessarily, have to go through a process of case by case development. Hence, assuming that the right to personal liberty, the right to move freely throughout India and the freedom of speech create an independent fundamental right of privacy as an emanation from them it could not he absolute. It must be subject to restriction on the basis of compelling public interest. But the law infringing it must satisfy the compelling state interest test. It could not be that under these freedoms that the Constitution-makers intended to protect or protected mere personal sensitiveness."

The next case in the series was R. Rajagopal vs. State of Tamil Nadu [6] which involved a balancing of the right of privacy of citizens against the right of the press to criticize and comment on acts and conduct of public officials. The case related to the alleged autobiography of Auto Shankar who was convicted and sentenced to death for committing six murders. In the autobiography, he had commented on his contact and relations with various police officials. The right of privacy of citizens was dealt with by the Supreme Court in the following terms: -

The right to privacy is implicit in the right to life and liberty guaranteed to the citizens of this country by Article 21. It is a "right to be let alone". A citizen has a right to safeguard the privacy of his own, his family, marriage, procreation, motherhood, childbearing and education among other matters. None can publish anything concerning the above matters without his consent — whether truthful or otherwise and whether laudatory or critical. If he does so, he would be violating the right to privacy of the person concerned and would be liable in an action for damages. Position may, however, be different, if a person voluntarily thrusts himself into controversy or voluntarily invites or raises a controversy.
The rule aforesaid is subject to the exception, that any publication concerning the aforesaid aspects becomes unobjectionable if such publication is based upon public records including court records. This is for the reason that once a matter becomes a matter of public record, the right to privacy no longer subsists and it becomes a legitimate subject for comment by press and media among others. We are, however, of the opinion that in the interests of decency [Article 19(2)] an exception must be carved out to this rule, viz., a female who is the victim of a sexual assault, kidnap, abduction or a like offence should not further be subjected to the indignity of her name and the incident being publicised in press/media.

Elsewhere in the same decision, the court took a cautionary stance and held that "the right to privacy...will necessarily have to go through a process of case-by-case development."

The final case that makes up the 'privacy quintet' in India was the case of PUCL v. Union of India [7] in which the court was called upon to consider whether wiretapping was an unconstitutional infringement of a citizen’s right to privacy. The court held:

The right privacy — by itself — has not been identified under the Constitution. As a concept it may be too broad and moralistic to define it judicially. Whether right to privacy can be claimed or has been infringed in a given case would depend on the facts of the said case. But the right to hold a telephone conversation in the privacy of one’s home or office without interference can certainly be claimed as a ‘right to privacy’. Conversations on the telephone are often of an intimate and confidential character. Telephone conversation is a part of modern man's life. It is considered so important that more and more people are carrying mobile telephone instruments in their pockets. Telephone conversation is an important facet of a man's private life. Right to privacy would certainly include telephone-conversation in the privacy of one's home or office. Telephone-tapping would, thus, infract Article 21 of the Constitution of India unless it is permitted under the procedure established by law.

The court also read this right to privacy as simultaneously deriving from Article 19. "When a person is talking on telephone, he is exercising his right to freedom of speech and expression", the court observed, and therefore "telephone-tapping unless it comes within the grounds of restrictions under Article 19(2) would infract Article 19(1) (a) of the Constitution."

However, the court in this case made two observations which would have a lasting impact on privacy jurisprudence in India –firstly, it rejected the contention that 'prior judicial scrutiny' should be mandated before any wiretapping could take place and accepted the contention that administrative safeguards would be sufficient.

Thus, to conclude this section of this chapter, it may be observed that the right to privacy in India is, at its foundations a limited right rather than an absolute one. In the sections that follow, it will become apparent that this limited nature of the right provides a somewhat unstable assurance of privacy since it is frequently made to yield to all manners of competing interests which happen to have a more pronounced legal standing.

Vocabularies of Privacy Limitation

Article 12 of the Universal Declaration of Human Rights (1948) defines privacy in the following terms:

"No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks."

Similarly, Article 17 of the International Covenant of Civil and Political Rights (to which India is a party) declares that:

"No one shall be subjected to arbitrary or unlawful interference with his privacy, family, home and correspondence, nor to unlawful attacks on his honour and reputation."

In this section, we look briefly at sections in some statutes that authorize the deprivation of privacy. These statutes have been classified under three headings, following the aforementioned international covenants, each dealing with a) our communications, b) our homes and c) bodily privacy.

Privacy of Communications

Communications laws

All laws dealing with mediums of inter-personal communication — post, telegraph and telephony and email – contain similarly worded provisions permitting interception under specified conditions.

Thus, section 26 of the India Post Office Act 1898 confers powers of interception of postal articles for the 'public good'. According to this section, this power may be invoked "On the occurrence of any public emergency, or in the interest of the public safety or tranquillity". The section further clarifies that “a certificate from the State or Central Government” would be conclusive proof as to the existence of a public emergency or interest of public safety or tranquillity.

Similarly, section 5(2) of the Telegraph Act authorizes the interception of any message

on the occurrence of any public emergency, or in the interest of the public safety; and
if satisfied that it is necessary or expedient so to do in the interests of the sovereignty and integrity of India, the security of the State, friendly relations with foreign States or public order or for preventing incitement to the commission of an offence,

Thus, the events that trigger an action of interception are the occurrence of any ‘public emergency’ or in the interests of ‘public safety’.

Most recently, section 69 of the Information Technology Act 2008 contains a more expanded power of interception which may be exercised "when they [the authorised officers] are satisfied that it is necessary or expedient" to do so in the interest of:

sovereignty or integrity of India,
defence of India,
security of the State,
friendly relations with foreign States or
public order or
preventing incitement to the commission of any cognizable offence relating to above or
for investigation of any offence,

[More details of the occasions and the mandatory procedural safeguards before these powers may be exercised are contained in our briefing notes on Privacy and Telecommunications and Privacy and the IT Act]

From a plain reading of these sections, there appears to be a gradual loosening of standards from the Post Office Act to the latest Information Technology Act. The Post Office Act requires the existence of a ‘state of public emergency’ or a ‘threat to public safety and tranquillity’ as a precursor to the exercise of the power of interception. This requirement is continued in the Telegraph Act with the addition of a few more conditions, such as expediency in the interests of sovereignty, etc. Under the most recent IT Act, the requirement of a public emergency or a threat to public safety is dispensed with entirely – here, the government may intercept merely if it feels it ‘necessary or expedient’.

How much of a difference does it make?

In Hukam Chand Shyam Lal v. Union of India and ors [8] , the Supreme Court was required to interpret the meaning of ‘public emergency’. Here, the court was required to consider whether disconnection of a telephone could be ordered due to an ‘economic emergency’. The Government of Delhi had ordered the disconnection of the petitioner’s telephones due to their alleged involvement, through the use of telephones, in (then forbidden) forward trading in agricultural commodities. According to the government, this constituted an ‘economic emergency’ due to the escalating prices of food. Declining this contention, the Supreme Court held that:

a 'public emergency' within the contemplation of this section is one which raises problems concerning the interest of the public safety, the sovereignty and integrity of India, the security of the State, friendly relations with foreign States or public order or the prevention of incitement to the commission of an offence.

Economic emergency is not one of those matters expressly mentioned in the statute. Mere 'economic emergency'— as the high court calls it—may not necessarily amount to a 'public emergency' and justify action under this section unless it raises problems relating to the matters indicated in the section.

In addition the other qualifying term, 'public safety' was interpreted in an early case by the Supreme Court to mean "security of the public or their freedom from danger. In that sense, anything which tends to prevent dangers to public health may also be regarded as securing public safety. The meaning of the expression must, however, vary according to the context."[9]

Thus, the words ‘public emergency’ and 'public safety' does provide some legal buffer before the government may impinge on our privacy in the case of post and telecommunications. In a sense, they operate both as limits on our privacy as well as limits on the government’s ability to impinge on our privacy — since the government must demonstrate their existence to the satisfaction of the court, failing which their actions would be illegal.

However, as mentioned, even these requirements have been dispensed with in the case of electronic communications falling under the purview of the Information Technology Act where sweeping powers of interception have been provided extending from matters affecting the sovereignty of the nation, to the more mundane 'investigation of any offence'.

Privileged Communications

In addition to laying down procedural safeguards which restrict the conditions under which our communication may be intercepted, the law also safeguards our privacy in certain contexts by taking away the evidentiary value of certain communications.

Thus, for instance, under the Evidence Act, communications between spouses and communications with legal advisors are accorded a special privilege.

Section 122 of the Evidence Act forbids married couples from disclosing any communications made between them during marriage without the consent of the person who made it. This however, does not apply in suits “between married persons, or proceedings in which one married person is prosecuted for any crime committed against the other.”

This rule was applied in a case before the Kerala High Court, T.J. Ponnen vs M.C. Varghese [10] where a man sued his son-in-law for defamation based on statements about him written in a letter addressed to his daughter. The trial court held that the prosecution was invalid since it was based on privileged communications between the couple. This was upheld by the high court. The petitioner had attempted to argue that it was immaterial how he gained possession of the letter. The high court disagreed with this contention holding that this would defeat the purpose of section 122.

Similarly section 126 forbids “barristers, attorneys, pleaders or vakils” from disclosing, without their client’s express consent “any communication made to him in the course and for the purpose of his employment as such barrister, pleader, attorney or vakil... or to state the contents or condition of any document with which he has become acquainted in the course and for the purpose of his professional employment or to disclose any advice given by him to his client in the course and for the purpose of such employment.”

As with section 122, this privilege also comes with exceptions. Thus, the following kinds of communications are exempted from the privilege:

any communication made in furtherance of any illegal purpose,
any fact observed by any barrister, pleader, attorney or vakil, in the course of his employment as such showing that any crime or fraud has been committed since the commencement of his employment.

Section 127 extends the scope attorney-client privilege to include any interpreters, clerks and servants of the attorney or barrister. They are also not permitted to disclose the contents of any communication between the attorney and her client.

Section 129 enacts a reciprocal protection and provides that clients shall not be compelled to disclose to the court any "confidential communication which has taken place between him and his legal professional adviser."

Section 131 of the Evidence Act further cements the legal protection afforded to married couples, attorneys and their clients by providing that "No one shall be compelled to produce documents in his possession, which any other person would be entitled to refuse to produce if they were in his possession" unless that person consents to the production of such documents.

Note that these privileges do not limit the ability of the state to intercept communications – they merely negate the evidentiary value of any communications so intercepted.

Privacy of the Home: Search and Seizure Provisions

Under what circumstances may the State invade the privacy of our homes? What are the limits of these powers? Technically, any law that authorizes “search and seizure” can be said to authorize an invasion of our privacy. Many laws permit searches, for various grounds — ranging from the Income Tax Act which authorizes searches to recover undisclosed income, to the Narcotics Act which prescribes a procedure to search and sieze drugs, to the Excise Act and the Customs Act which do so in order to discover goods that are manufactured or imported in violation of those respective statutes. In this section we deal only with the general provisions for search and seizure under the Code of Criminal Procedure.

The Code of Criminal Procedure (CrPC) provides that a house or premises may be searched either under a search warrant issued by a court, or, in the absence of a court-issued-warrant, by a police officer in the course of investigation of offences.

Thus, a court may issue a search warrant where

it has reason to believe that a person to whom a summons has been, or might be, addressed, will not or would not produce the document or thing as required by such summons; or
where such document or thing is not known to the court to be in the possession of any person, or
where the court considers that the purposes of any inquiry, trial or other proceeding under this Code will be served by a general search or inspection,

Similarly, section 165 of the Code of Criminal Procedure permits for searches to be conducted by “police officers in charge of police station or a police officer making an investigation” without first obtaining a warrant. Such a search may be conducted if he has “reasonable grounds for believing that anything necessary for the purposes of an investigation into any offence which he is authorised to investigate may be found in any place within the limits of the police station of which he is in charge, or to which he is attached”, and if, in his opinion, such thing cannot “be otherwise obtained without undue delay”.

Such officer must record in writing the grounds of his belief and specify “so far as possible” the thing for which search is to be made.

In both cases, the Code of Criminal Procedure requires the search to conform to procedures including the presence of "two or more independent and respectable inhabitants of the locality”. The preparation, in their presence, of “a list of all things seized in the course of such search, and of the places in which they are respectively found", the delivery of this list to the occupant of the place being searched.

However, in reality, these requirements are observed more in the breach. Courts have consistently held that not following these provisions would not make evidence obtained inadmissible — it would make the search irregular, not unlawful. Thus, in State of Maharashtra v. Natwarlal Damodardas Soni [11], where a search was conducted under the Customs Act to recover smuggled gold, the Supreme Court held that

Assuming that the search was illegal it would not affect either the validity of the seizure and further investigation by the customs authorities or the validity of the trial which followed on the complaint of the Assistant Collector of Customs.

In a different case, Radhakrishan v. State of U.P. [12] which involved an illegal search in contravention of the Code of Criminal Procedure , the Supreme Court held that:

"So far as the alleged illegality of the search is concerned, it is sufficient to say that even assuming that the search was illegal the seizure of the Articles is not vitiated. It may be that where the provisions of ... Code of Criminal Procedure, are contravened the search could be resisted by the person whose premises are sought to be searched. It may also be that because of the illegality of the search the Court may be inclined to examine carefully the evidence regarding the seizure. But beyond these two consequences no further consequence ensues."

India inherits the common law notion that a man’s house is his castle. In the light of the cases discussed above, this claim certainly appears to be lofty. However, there is still hope. In a recent case, the Supreme Court struck down provisions of a legislation on grounds that it was too intrusive of citizens’ right to privacy. The case involved an evaluation of the Andhra Pradesh Stamp Act which authorized the collector to delegate “any person” to enter any premises in order to search for and impound any document that was found to be improperly stamped. Thus, for instance, banks could be compelled to cede all documents in their custody, including clients documents, for inspection on the mere chance that some of them may be improperly stamped. These banks were then compelled under law to pay the deficit stamp duty on the documents, even if they themselves were not party to the transactions recorded in the documents.

After an exhaustive analysis of privacy laws across the world, and in India, the Supreme Court held that in the absence of any safeguards as to probable or reasonable cause or reasonable basis, this provision was violative of the constitutionally guaranteed right to privacy, both of the house and of the person. [13]

The case marks a welcome redrawing of the boundaries of the right to privacy against state intrusion.

Privacy of the Body

To what extent do we have a right to privacy that protects what we may do with our own bodies and may be done to them? This section deals with this question in the context of four issues that have arisen before courts:

the ability of the state to order persons to undergo medical-examination,
to undergo a range of 'truth technologies' including narco analysis, brain mapping, etc.,
to submit to DNA testing and d) to abortion. In most cases, as we shall see, the right to privacy cedes ground to any available competing interest.

Court-ordered Medical Examinations

Can courts compel persons to undergo medical examinations against their will? In the case of Sharda v. Dharmpal[14], decided in 2003, the Supreme Court held that they could. Here a man filed for divorce on that grounds that his wife suffered from a mental illness. In order to establish his case, he requested the court to direct his wife to submit herself to a medical examination. The trial court and the high court both granted his application. On appeal to the Supreme Court, the woman contested the order on grounds firstly, that compelling a person to undergo a medical examination by an order of the court would be violative of her right to 'personal liberty' guaranteed under Article 21 of the Constitution of India. Secondly, in absence of a specific empowering provision, a court dealing with matrimonial cases cannot subject a party to undergo medical examination against his her volition. The court could merely draw an adverse inference.

The Supreme Court rejected these contentions holding that the right to privacy in India was not absolute. If the "respondent avoids such medical examination on the ground that it violates his/her right to privacy or for a matter right to personal liberty as enshrined under Article 21 of the Constitution of India, then it may in most of such cases become impossible to arrive at a conclusion. It may render the very grounds on which divorce is permissible nugatory."

The court upheld the rights of matrimonial courts to order a person to undergo medical test. Such an order, the court held, would not be in violation of the right to personal liberty under Article 21 of the Constitution of India. However, this power could only be exercised if the applicant had a strong prima facie case, and there was sufficient material before the court. Crucially, the court held that if, despite the order of the court, the respondent refused to submit herself to medical examination, the court would be entitled to draw an adverse inference against him.

Thus, oddly, one limitation on the right to privacy appears to be the statutory rights of others. One is entitled to the privacy of one’s body, to the extent that another person is not, thereby, deprived of a statutory right – as in this case, to divorce.

Reproductive Rights

Ahmedabad: A 13-year-old girl, who conceived after being repeatedly raped, has moved the Gujarat High Court and sought permission to medically terminate her pregnancy after a sessions court rejected her plea.

Express India(April 2010) [15]

To what extent do pregnant women enjoy a right to privacy over their bodies and their reproductive decisions? Are there circumstances when the State can intervene and either order or forbid an abortion?

According to the Medical Termination of Pregnancy Act, 1971 a pregnancy may be terminated before the twentieth week if:

the continuance of the pregnancy would involve a risk to the life of the pregnant woman or of grave injury to her physical or mental health; or
there is a substantial risk that if the child were born, it would suffer from such physical or mental abnormalities to be seriously handicapped.
where any pregnancy is alleged by the pregnant woman to have been caused by rape,
where any pregnancy occurs as a result of failure of any device or method used by any married woman or her husband for the purpose of limiting the number of children.

Consent for termination needs to be obtained from the guardian in cases of minors or women who are mentally ill. In all other cases, the woman herself must consent.

Beyond the period of 20 weeks, the pregnancy may only be terminated if there is immediate danger to the life of the woman.

In August 2009, the Supreme Court heard an expedited appeal that was filed on behalf of a destitute mentally retarded woman who had become pregnant consequent to having been raped at a government run shelter. The government had approached the high court seeking permission to terminate her pregnancy, which had been granted by that court despite the finding by an ‘expert body’ of medical practitioners that she was keen on continuing the pregnancy. On appeal the Supreme Court held, very curiously, that the woman was not ‘mentally ill’, but ‘mentally retarded’, and consequently her consent was imperative under the Act. [16] However, not content to stop there, the court made several puzzling and contradictory observations:

Firstly, the court took the opportunity to affirm, generally, women’s rights to make reproductive choices as a dimension of their `personal liberty' as guaranteed by Article 21 (Right to Life and Personal Liberty) of the Constitution of India. The court observed:

“It is important to recognise that reproductive choices can be exercised to procreate as well as to abstain from procreating. The crucial consideration is that a woman's right to privacy, dignity and bodily integrity should be respected. This means that there should be no restriction whatsoever on the exercise of reproductive choices such as a woman's right to refuse participation in sexual activity or alternatively the insistence on use of contraceptive methods. Furthermore, women are also free to choose birth-control methods such as undergoing sterilisation procedures. Taken to their logical conclusion, reproductive rights include a woman's entitlement to carry a pregnancy to its full term, to give birth and to subsequently raise children. (emphasis mine) [17]

However, the court went on to affirm, in language that curiously imitates Roe v Wade,[18] that there was “a `compelling state interest' in protecting the life of the prospective child.[19]

Secondly, the Supreme Court upheld the woman’s consent as determinative and in doing so, categorically rejected the high court approach. The court held that since she suffered from `mild mental retardation' this did not render her "incapable of making decisions for herself". Simultaneously, however, the Supreme Court proceeded gratuitously to apply the common law doctrine of `parens patriae' to resume jurisdiction over the woman in her “best interests”. According to a court-appointed expert committee, her mental age was “close to that of a nine-year old child” and she was capable of “learning through rote memorisation and imitation” and of performing “basic bodily functions”.[20] In this light, the court deemed in her ‘best interests’, as defined by an expert committee, to defer to her wishes.

The findings recorded by the expert body indicate that her mental age is close to that of a nine-year old child and that she is capable of learning through rote-memorisation and imitation. Even the preliminary medical opinion indicated that she had learnt to perform basic bodily functions and was capable of simple communications. In light of these findings, it is the `best interests' test alone which should govern the inquiry in the present case and not the `substituted judgment' test. [21]

If one disregards the liberalism of its outcome, there are various problems with this decision. Chiefly, the Supreme Court relied on the woman’s expressed consent to deny the legitimacy of the high court’s decision in favour of abortion. Inexplicably, however, in the same move, the Supreme Court reserved to itself the right to adjudicate the ‘best interests’ of the woman. Thus, in relation to abortion, mentally retarded women are more autonomous than minor girls (since their own consent is determinative, rather than their guardians) but they are still less autonomous than ‘normal’ women (since their decisions are subject to adjudication based on what the court thinks is in their best interests)!

DNA Tests in Civil Suits

Do we have a right to privacy over the interiors of our body – our blood, our tissue, our DNA? There is, by now, a strong line of cases decided by the Supreme Court in which our right to ‘bodily integrity’ has been held to not be absolute, and may be interfered with in order to settle many terrestrial issues. In most cases, this question has arisen in the context of the determination of paternity – either in divorce or maintenance proceedings. Central in the determination of these issues is section 112 of the Evidence Act which stipulates that birth of a child during the continuance of a valid marriage (or within 280 days of its dissolution) would be conclusive proof of legitimacy of that child, “unless it can be shown that the parties to the marriage had no access to each other at any time when he could have been begotten.”

As is evident, this section creates a strong legal presumption of legitimacy that leaves no room for a scientific rebuttal. Various litigants have, nevertheless, sought the courts’ indulgence in accepting medical evidence to displace this formidable legal presumption. These efforts have yielded a measure of success, and a steady line of precedents since the early 1990s now affirms the right of courts to direct medical evidence in cases they consider fit. In these cases, the court has frequently invoked privacy rights as an important consideration to be weighed before ordering a person to submit to any test.

In one of the earliest and most frequently invoked cases, Goutam Kundu vs State of West Bengal and Anr (1993) [22] the Supreme Court laid down guidelines governing the power of courts to order blood tests. The court held:

courts in India cannot order blood test as matter of course;

wherever applications are made for such prayers in order to have roving inquiry, the prayer for blood test cannot be entertained.

There must be a strong prima facie case in that the husband must establish non-access in order to dispel the presumption arising under section 112 of the Evidence Act.

The court must carefully examine as to what would be the consequence of ordering the blood test; whether it will have the effect of branding a child as a bastard and the mother as an unchaste woman.

No one can be compelled to give sample of blood for analysis.

On the particular facts of this case, the Supreme Court refused to order the respondent to submit to the test, since in its view, there was no prima facie case made out that cast doubts on the legal presumption of legitimacy.

These guidelines have been frequently invoked in subsequent cases. In a complex set of facts, in Ms. X vs Mr. Z and Anr (2001), [23] the Delhi High Court was called to consider whether a foetus had a ‘right to privacy’ – or whether the mother of the foetus could assert a right to privacy on it’s behalf. A woman had given birth to a still-born child and tissues from the foetus had been stored at the All India Institute of Medical Sciences. Her husband approached to obtain an order permitting a DNA test to be carried out to determine if he was the father. In her defence, the woman claimed that this would offend her right to privacy. The high court reaffirmed the guidelines laid down in the Gautam Kundu case (supra), and also upheld the petitioner’s right to privacy over her own body. However, the court took the stance that she did not have a right of privacy over the foetus once it had been discharged from her body:

"The petitioner indeed has a right of privacy but is being not an absolute right, therefore, when a foetus has been preserved in All India Institute of Medical Science, the petitioner, who has already discharged the same cannot claim that it affects her right of privacy.

However, if the petitioner was being compelled to subject herself to blood test or otherwise, she indeed could raise a defense that she cannot be compelled to be a witness against herself in a criminal case or compelled to give evidence against her own even in a civil case but the position herein is different. The petitioner is not being compelled to do any such act. Something that she herself has discharged, probably with her consent, is claimed to be subjected to DNA test. In that view of the matter, in the peculiar facts, it cannot be termed that the petitioner has any right of privacy."

The decision has wide-ranging implications since it virtually divests control and ownership over any material that has been discarded from the body – from nails to hair to tissue samples. In an interesting case in the US, Moore v. Regents of the University of California [24], the Supreme Court of California was faced with a suit to determine whether a man retained ownership over cells that had been removed from his body through a surgical procedure. In this case, cells from a patient’s spleen were used to conduct research which resulted in the patenting of a cell-line by the defendant. The patient sued for a share in the profits, but this was rejected by the court which held that he had no property rights to his discarded cells or any profits made from them. The court specifically rejected the argument that his spleen should be protected as property as an aspect of his privacy and dignity. The court held these interests were already protected by informed consent.

In a sense the Ms. X vs Mr. Z case arrives at identical conclusions without as much deliberation on its implications. It would be interesting to see how subsequent courts interpret and apply this precedent.

One of the most critical factors, consistently weighed by courts alongside the privacy rights implicated, is the ‘best interests’ of the child. Thus, in Bhabani Prasad Jena v. Convenor Secretary, Orissa State Commission for Women & Anr.[25], the Supreme Court quashed a high court-mandated DNA test to determine the paternity of an unborn child in a woman’s womb. In doing so, the SC observed:

“In a matter where paternity of a child is in issue before the court, the use of DNA is an extremely delicate and sensitive aspect. One view is that when modern science gives means of ascertaining the paternity of a child, there should not be any hesitation to use those means whenever the occasion requires. The other view is that the court must be reluctant in use of such scientific advances and tools which result in invasion of right to privacy of an individual and may not only be prejudicial to the rights of the parties but may have devastating effect on the child. Sometimes the result of such scientific test may bastardise an innocent child even though his mother and her spouse were living together during the time of conception. In our view, when there is apparent conflict between the right to privacy of a person not to submit himself forcibly to medical examination and duty of the court to reach the truth, the court must exercise its discretion only after balancing the interests of the parties and on due consideration whether, for a just decision in the matter, DNA is eminently needed. (emphasis added)

A strong trend, evident in this case, is the bussing of the interests of the child (in not being declared illegitimate), along with the privacy rights of the mother. The two create a composite interest opposed to that of the putative father, which the courts have been reluctant to interfere with except for the most compelling reasons. But what happens when then the interests of the child conflict with the privacy rights of either parent?

In a high profile case in 2010, Shri Rohit Shekhar vs Shri Narayan Dutt Tiwari[26], the Delhi High was called upon to determine whether a man had a right to subject the person he named as his biological father to a DNA test. Contrary to the trend in the preceding cases, it was the biological father who pleaded his right to privacy in this case. The court relied on international covenants to affirm the “right of the child to know of her (or his) biological antecedents” irrespective of her (or his) legitimacy. The court ruled:

There is of course the vital interest of child to not be branded illegitimate; yet the conclusiveness of the presumption created by the law in this regard must not act detriment to the interests of the child. If the interests of the child are best sub-served by establishing paternity of someone who is not the husband of her (or his) mother, the court should not shut that consideration altogether.

The protective cocoon of legitimacy, in such case, should not entomb the child’s aspiration to learn the truth of her or his paternity.

The court went on to draw a distinction between legitimacy and paternity that may both "be accorded recognition under Indian law without prejudice to each other. While legitimacy may be established by a legal presumption [under section 112 of the Evidence Act], paternity has to be established by science and other reliable evidence"[27] The court, however, reaffirmed that the same considerations would apply as was laid down in previous cases – i.e., the plaintiff would have to establish a prima facie case and weigh the competing interests of privacy and justice before it could order a DNA test. In this case, the petitioner was able to produce DNA evidence that excluded the possibility that his legal father was his biological father. In addition, photographic and testimonial evidence suggested that the respondent could be his biological father. On these grounds the Delhi High Court ordered the respondent to undergo a DNA test. This was upheld in an appeal to the Supreme Court.

So from the foregoing cases, it appears that it is the ‘best interests of the child’ that undergrids the right to privacy of either parent. When the two are in conflict it is the former that will, the case law suggests, invariably prevail.

Bodily Effects — Fingerprints, handwriting samples, photographs, Irises, narco-analysis, brain maps and DNA

The human body easily betrays itself. We are incessantly dropping residues of our existence wherever we go – from shedding hair and fingernails, to fingerprints and footprints, handwriting – which, through use of modern technology, can implicate our bodies, and identify us against our will. Not even our thoughts are immune as new technologies like brain mapping pretend to be able to harvest psychic clues from our physiology.

In this section we explore occasions when the state may compel us to 'perform' our existence for instance, by submitting to photography, providing finger impressions or handwriting samples, submit to narco-analysis and truth tests, and more recently to provide iris scan data or our DNA.

Section 73 of the Evidence Act stipulates that the court "may direct any person present in the court to write any words or figures for the purpose of enabling the court to compare the words or figures so written with any words or figures alleged to have been written by such person."

This section was interpreted by the Supreme Court in State of U.P. v. Ram Babu Misra [28] where it was held that there must be “some proceeding before the court in which...it might be necessary... to compare such writings”. This specifically excludes, say, a situation where the case is still under investigation and there is no present proceeding before the court. “The language of section 73 does not permit a court to give a direction to the accused to give specimen writings for anticipated necessity for comparison in a proceeding which may later be instituted in the court.”

The pre-independence Identification of Prisoners Act, 1920 provides for the mandatory taking, by police officers, of 'measurements' and photograph of persons arrested or convicted for any offence punishable with rigorous imprisonment for a term of one year of upwards or ordered to give security for his good behaviour under section 118 of the Code of Criminal Procedure. [29] The Act also empowers a magistrate to order a person to be measured or photographed if he is satisfied that it is required for the purposes of any investigation or proceeding under the Code of Criminal Procedure, 1898. [30]

The Act also provides for the destruction of all photographs and records of measurements on discharge or acquittal. [31]

In addition, the Code of Criminal Procedure was amended in 2005 to enable the collection of a host of medical details from accused persons upon their arrest. Section 53 of the Code of Criminal Procedure provides that upon arrest, an accused person may be subjected to a medical examination if there are “reasonable grounds for believing” that such examination will afford evidence as to the crime. The scope of this examination was expanded in 2005 to include “the examination of blood, blood-stains, semen, swabs in case of sexual offences, sputum and sweat, hair samples and finger nail clippings by the use of modern and scientific techniques including DNA profiling and such other tests which the registered medical practitioner thinks necessary in a particular case.”

In a case in 2004, the Orissa High Court affirmed the legality of ordering a DNA test in criminal cases to ascertain the involvement of persons accused. Refusal to co-operate would result in an adverse inference drawn against the accused.

After weighing the privacy concerns involved, the court laid down the following considerations as relevant before the DNA test could be ordered:

the extent to which the accused may have participated in the commission of the crime;
the gravity of the offence and the circumstances in which it is committed;
age, physical and mental health of the accused to the extent they are known;
whether there is less intrusive and practical way of collecting evidence tending to confirm or disprove the involvement of the accused in the crime;
the reasons, if any, for the accused for refusing consent [32]

Most recently the draft DNA Profiling Bill pending before the Parliament attempts to create an ambitious centralized DNA bank that would store DNA records of virtually anyone who comes within any proximity to the criminal justice system. Specifically, records are maintained of suspects, offenders, missing persons and “volunteers”. The schedule to the Bill contains an expansive list of both civil and criminal cases where DNA data will be collected including cases of abortion, paternity suits and organ transplant. Provisions exist in the bill that limit access to and use of information contained in the records, and provide for their deletion on acquittal. These are welcome minimal guarantors of privacy.

It is evident that the utility of this mass of information – fingerprints, handwriting samples and photographs, DNA data – in solving crimes is immense. Without saying a word, it is possible for a person to be convicted based on these various bodily affects – the human body constantly bears witness and self-incriminates itself. Both handwriting and finger impressions beg the question of whether these would offend the protection against self-incrimination contained in Article 20(3) of our Constitution which provides that “No person accused of any offence shall be compelled to be a witness against himself.” This argument was considered by the Supreme Court in the State of Bombay vs Kathi Kalu Oghad and Ors. [33] The petitioner contended that the obtaining of evidence through legislations such as the Identification of Prisoners Act amounted to compelling the person accused of an offence "to be a witness against himself" in contravention of Article 20(3) of the Constitution. The court held that “there was no infringement of Article 20(3) of the Constitution in compelling an accused person to give his specimen handwriting or signature, or impressions of his thumb, fingers, palm or foot to the investigating officer or under orders of a court for the purposes of comparison. ...Compulsion was not inherent in the receipt of information from an accused person in the custody of a police officer; it will be a question of fact in each case to be determined by the court on the evidence before it whether compulsion had been used in obtaining the information.” [34]

Over the past two decades, forensics has shifted from trying to track down a criminal by following the trail left by her bodily traces, to attempting to apply a host of invasive technologies upon suspects in an attempt to ‘exorcise’ truth and lies directly from their body. One statement by Dr M.S. Rao, Chief Forensic Scientist, Government of India captures this shift:

Forensic psychology plays a vital role in detecting terrorist cases. Narco-analysis and brainwave fingerprinting can reveal future plans of terrorists and can be deciphered to prevent terror activities⁄ Preventive forensics will play a key role in countering terror acts. Forensic potentials must be harnessed to detect and nullify their plans. Traditional methods have proved to be a failure to handle them. Forensic facilities should be brought to the doorstep of the common man⁄ Forensic activism is the solution for better crime management. [35]

Although there are several such 'technologies' which operate on principles ranging from changes in respiration, to mapping the electrical activity in different areas of the brain, what is common to them all, in Lawrence Liang’s words is that they “maintain that there is a connection between body and mind; that physiological changes are indicative of mental states and emotions; and that information about an individual’s subjectivity and identity can be derived from these physiological and physiological measures of deception” [36]

So, how legal are these technologies, in view of the constitutional protections against self-incrimination? In a case in 2004 the Bombay High Court upheld these technologies by applying the logic of the Kathi Kalu Oghad case discussed above. The court drew a distinction between ‘statements’ and ‘testimonies’ and held that what was prohibited under Article 20(3) were only ‘statements’ that were made under compulsion by an accused. In the court’s opinion, “the tests of Brain Mapping and Lie Detector in which the map of the brain is the result, or polygraph, then either cannot be said to be a statement”. At the most, the court held, “it can be called the information received or taken out from the witness.” [37]

This position was however overturned recently by the Supreme Court in Selvi v. State of Karnataka (2010)[38]. In contrast with the Bombay High Court, the Supreme Court expressly invoked the right of privacy to hold these technologies unconstitutional.

“Even though these are non- invasive techniques the concern is not so much with the manner in which they are conducted but the consequences for the individuals who undergo the same. The use of techniques such as 'Brain Fingerprinting' and 'FMRI-based Lie-Detection' raise numerous concerns such as those of protecting mental privacy and the harms that may arise from inferences made about the subject's truthfulness or familiarity with the facts of a crime.”

Further down, the court held that such techniques invaded the accused’s mental privacy which was an integral aspect of their personal liberty.

“There are several ways in which the involuntary administration of either of the impugned tests could be viewed as a restraint on 'personal liberty' ... the drug-induced revelations or the substantive inferences drawn from the measurement of the subject's physiological responses can be described as an intrusion into the subject's mental privacy”

Following a thorough-going examination of the issue, the Supreme Court directed that “no individual should be forcibly subjected to any of the techniques in question, whether in the context of investigation in criminal cases or otherwise. Doing so would amount to an unwarranted intrusion into personal liberty.” The court however, left open the option of voluntary submission to such techniques and endorsed the following guidelines framed by the National Human Rights Commission:

No Lie Detector Tests should be administered except on the basis of consent of the accused. An option should be given to the accused whether he wishes to avail such test.
If the accused volunteers for a Lie Detector Test, he should be given access to a lawyer and the physical, emotional and legal implication of such a test should be explained to him by the police and his lawyer.
The consent should be recorded before a judicial magistrate.
During the hearing before the magistrate, the person alleged to have agreed should be duly represented by a lawyer.
At the hearing, the person in question should also be told in clear terms that the statement that is made shall not be a `confessional' statement to the magistrate but will have the status of a statement made to the police.
The magistrate shall consider all factors relating to the detention including the length of detention and the nature of the interrogation.
The actual recording of the lie detector test shall be done by an independent agency (such as a hospital) and conducted in the presence of a lawyer. 250
A full medical and factual narration of the manner of the information received must be taken on record.

Although the right against self-incrimination and the inherent fallaciousness of the technologies were the main ground on which decision ultimately rested, this case is valuable for the court’s articulation of a right of ‘mental privacy’ grounded on the fundamental right to life and personal liberty. It remains to be seen whether this articulation will find resonance in other determinations in domains such as, say, communications.

Privacy of Records

Since at least the mid-nineteenth century, we have been living in what Nicholas Dirks has termed an 'ethnographic state' — engaged relentlessly and fetishistically in the production and accumulation of facts about us. From records of birth and death, to our academic records, most of our important transactions, our income tax filings, our food entitlements and our citizenship, most of us have assuredly been documented and lead a shadow existence somewhere on the files. Not only does the government keep records about us, but a host of private service providers including banks, hospitals, insurance and telecommunications companies maintain volumes of records about us. In this last section of this paper, we look at the privacy expectation of records both maintained by the government and the private sector.

Various statutes require records to be maintained of activities conducted under their authority and entire bureaucracies exist solely in service of these documents. Thus, for instance, the Registration Act requires various registers to be kept which record documents which have been registered under the Act. [39]; Once registered under this Act, all documents become public documents and State Rules typically contain provisions enabling the public to obtain copies of all documents for a fee. Similarly, a number of legislation – typically dealing with land records at the state level contain enabling provisions that allow the public to access them upon payment of a fee.

Where no provisions are provided within the statute itself that enable the public to obtain records, two recourses are still available.

Firstly, the Evidence Act enables courts to access records maintained by any government body. Secondly, private citizens may access records kept in public offices through the Right to Information Act. Each of these avenues is described in some details below:

Section 74 of the Evidence Act defines 'public documents' as including the following

Documents forming the acts, or records of the acts

Of the sovereign authority,
Of Official bodies and the Tribunals, and
Of public officers, legislative, judicial and executive, of any part of India or of the Commonwealth, or of a foreign country.

Public records kept in any state of private documents

It is clear from this definition that most records maintained by any government body are regarded as public documents. Section 76 mandates that every public officer "having custody of a public document, which any person has a right to inspect, shall give that person on demand a copy of it on payment of the legal fees therefor together with a certificate written at the foot of such copy that it is a true copy of such document or part thereof".

Since there is no legislative guidance within the Evidence Act to indicate who may be said to possess "a right to inspect", this has been interpreted to mean that where the right to inspect and take a copy is not expressly conferred by a statute (as in the Registration Act mentioned above), “the extent of such right depends on the interest which the applicant has in what he wants to copy, and what is reasonably necessary for the protection of such interest". So it isn’t any officious meddler who may access such records – only persons with genuine interests in the matter, either personal or pecuniary, may obtain copies through this route.

In addition to the Evidence Act, copies of documents may also be obtained under the Right to Information Act 2005 which confers on citizens the right to inspect and take copies of any information held by or under the control of any public authority. Information is defined widely to include "any material in any form, including records, documents, memos, e-mails, opinions, advices, press releases, circulars, orders, logbooks, contracts, reports, papers, samples, models, data material held in any electronic form and information relating to any private body which can be accessed by a public authority under any other law for the time being in force".

Section 8 (j) of the Act exempts "disclosure of personal information the disclosure of which has no relationship to any public activity or interest, or which would cause unwarranted invasion of the privacy of the individual” unless the relevant authority “is satisfied that the larger public interest justifies the disclosure of such information".

In an interesting case Mr. Ansari Masud A.K vs Ministry of External Affairs (2008)[40] , the Central Information Commission has held that “details of a passport are readily made available by any individual in a number of instances, example to travel agents, at airline counters, and whenever proof of residence for telephone connections etc. is required. For this reason, disclosure of details of a passport cannot be considered as causing unwarranted invasion of the privacy of an individual and, therefore, is not exempted from disclosure under Section 8(1)(j) of the RTI Act.” This is despite the fact that nothing in the Passport Act itself authorizes disclosure of any documents under any circumstances.

However, the Right to Information Act isn’t as convenient a vehicle for privacy abuse as this case may suggest. The RTI adjudicatory apparatus has on several occasions upheld the denial of information on grounds of privacy violation – most famously in a case where an applicant sought information from the Census Department on the ‘religion and faith’ of Sonia Gandhi – the President of the largest party currently in power in India. Both the Central Information Commission – the apex body adjudicating RTI appeals as well as the Punjab and Haryana High Court upheld the denial of information as it would otherwise lead to an unwarranted incursion into her privacy.[41]

A similar concept of 'public interest' would seem to apply when private companies disclose personal information without a person’s consent. Without delving into the issue in too much detail, it would suffice here to mention one of the most important cases to have come up on the issue. In Mr. X vs Hospital Z[42] , a person sued a hospital for having disclosed his HIV status to his fiancé without his knowledge resulting in their wedding being called off. The Supreme Court held that the hospital was not guilty of a violation of privacy since the disclosure was made to protect the public interest. While affirming the duty of confidentiality owed to patients, the court ruled that the right to privacy was not absolute and was "subject to such action as may be lawfully taken for the prevention of crime or disorder or protection of health or morals or protection of rights and freedom of others."

Conclusion

Reflecting on the volume of case law that we have in India on privacy, one is struck at once, both by the elasticity of the concept of privacy — spanning, as it does, diverse fields from criminal law to paternity suits to wiretapping —as well as its fragility — the flag of privacy is constantly being raised only to be ultimately overridden on pretexts that range from security of state, to a competing private interest.

On the one hand, one marvels at the success of the concept, only a few decades old in Indian law, in insinuating itself into legal arguments across diverse contexts. On the other hand, one is dismayed by the fact that rarely does the concept seem to score a victory. There is an almost ritual quality to the way in which the “right to privacy” is invoked in these cases - always named as a relevant factor; it never seems to substantially influence the outcome of the case at hand.

The right to privacy in India was an Oops baby, born on the ventilator of a minority decision of the Supreme Court, and nourished in the decades that followed by sympathetic judges, who never failed to point out that this right was contingent — not absolute, not meant to be under the Constitution, but carved out anyway. Some five decades after its first invocation by the Supreme Court, one gets the feeling that the right to privacy, conceptually, hasn’t moved, and is still what it was then. We don’t, today, for the many times it has been invoked by courts, have a thicker, more robust concept of privacy than we started out with. So the question, that one is stuck with is, what work does this concept of privacy do?

One of the failings of the concept of privacy in India is that it doesn’t exist as a positive right, but is merely a resistive right against targeted intrusion. So for instance, the right to privacy would be useless as a concept to resist something like generalized street video surveillance – as long as a citizen is not singled out for a disadvantage, this right would be of no use. So this right to privacy is a negative right to not be interfered with. Under it one does not have the right to be as private as one wishes, but only no less than the next person. Still, even this limited concept could be useful, if it were applied more rigorously.

Unfortunately, as the case law indicates, the right to privacy cedes too quickly to competing interests. An incomplete rough catalog of these competing rights, drawn from the case law surveyed in this paper include:

public emergency and public safety (communications)
criminal investigation (search and seizure/communications)
competing private interests (divorce proceedings)
best interests of the child (paternity suits)
public interest (Right to Information)
competing fundamental rights (HIV status)

One may perhaps add judicial inactivity as one of the limiting factors on privacy. By holding that violations of procedure by investigating agencies would not vitiate trials, the judiciary has been complicit in perhaps some of the more damaging incursions into privacy. Once a person is implicated in any manner in the criminal justice system – either as a victim, a witness or an offender, investigating agencies are immediately invested with plenary powers. They can search his house without warrant. They can place him arrest. Subject him to ‘medical examinations’, take his fingerprints and DNA and hold it in a bank and there is nothing you can do. In this context, perhaps the strongest privacy safeguard can come from a reform in criminal procedure alone.

Notes

[1].The State of Uttar Pradesh V. Kaushaliya and Others AIR 1964 SC 416

[2].(1978) 2 SCR 621

[3]. 1 SCR 332

[4].AIR 1973 SC 157, 1973 SCR (2) 417

[5].(1975) 2 SCC 148

[6].(1994) 6 S.C.C. 632

[7].AIR 1997 SC 568

[8].AIR 1976 SC 789,1976 SCR (2)1060, (1976) 2 SCC 128

[9].Romesh Thappar vs The State Of Madras AIR 1950 SC 124 , 1950 SCR 594

[10].1966 AIR 1967 Ker 228, 1967 CriLJ 1511

[11].AIR 1980 SC 593 , 1980 SCR (2) 340

[12].[1963] Supp. 1 S.C.R. 408

[13].Distt. Registrar & Collector, Hyderabad v. Canara bank etc. AIR 2005 SC 186

[14].(2003) 4 SCC 493

[15].13-yr-old rape victim to HC: let me abort -, EXPRESS INDIA, April 21, 2010, http://tinyurl.com/13yrindian (last visited May 2, 2010).

[16].Suchita Srivastava v. Chandigarh Administration, (2009) 9 SCC 1. http://courtnic.nic.in/supremecourt/temp/dc%201798509p.txt (last visited May 2, 2010).

[17].Ibid

[18].410 U.S. 113 (1973)

[19].Article 21 does not limit the abridgement of the right to life by the state to only cases where the state has compelling state interest. The Article reads “No person shall be deprived of his life or personal librty except according to procedure established by law”

[20].Ibid

[21].Ibid

[22].AIR 1993 SC 2295, 1993 SCR (3) 917 <http://indiankanoon.org/doc/1259126/>

[23].AIR 2002 Delhi 217 <http://indiankanoon.org/doc/627683/>

[24].51 Cal. 3d 120; 271 Cal. Rptr. 146; 793 P.2d 479

[25].AIR 2010 SC 2851 <http://indiankanoon.org/doc/486945/>

[26].23 December, 2010 <http://indiankanoon.org/doc/504408/>

[27].Ibid

[28].AIR 1980 SC 791 , 1980 SCR (2)1067 , (1980) 2 SCC 343

[29].Sections 3 & 4 of the Identification of Prisoners Act, 1920

[30].Ibid, Section 5

[31].Section 7

[32].Thogorani Alias K. Damayanti vs State Of Orissa And Ors 2004 Cri L J 4003 (Ori) < http://indiankanoon.org/doc/860378/>

[33].AIR 1961 SC 1808 < http://indiankanoon.org/doc/1626264/>

[34].Ibid

[35].Keynote address given to the 93rd Indian Science Congress. See http://mindjustice.org/india2-06.htm, cited in Liang, L., 2007. And nothing but the truth, so help me science. In Sarai Reader 07 - Frontiers. Delhi: CSDS, Delhi, pp. 100-110. Available at: http://www.sarai.net/publications/readers/07-frontiers/100-110_lawrence.pdf [Accessed April 11, 2011].

[36].Ibid

[37].Ramchandra Ram Reddy v. State of Maharashtra [1 (2205) CCR 355 (DB)

[38].(2010) 7 SCC 263 http://indiankanoon.org/doc/338008/

[39].See Section 52 of the Registration Act 1908

[40].CIC/OK/A/2008/987/AD dated December 22, 2008 <http://indiankanoon.org/doc/1479476/>

[41].Anon, 2010. High Court dismisses appeal seeking information on Sonia Gandhi’s religion. NDTV Online. Available at: http://www.ndtv.com/article/india/high-court-dismisses-appeal-seeking-information-on-sonia-gandhi-s-religion-69356 [Accessed April 12, 2011].

[42].(2003) 1 SCC 500 40

Download file here [PDF, 312kb]

For more details visit https://cis-india.org/internet-governance/blog/privacy/limits-to-privacy

Q&A on open access with Subbiah Arunachalam of the Centre for Internet and Society (Bangalore)

subbiah — 2023-11-01T12:41:47Z

Amrit Dhir, a 1L at Harvard Law School, has been working with the Harvard Law School Library on open access activities. He recently had an opportunity to interview Subbiah Arunachalam of the Centre for Internet and Society (CIS) in India. The interview was published by the Berkman Center for Internet & Society at Harvard University on May 5, 2011.

Thanks to the HLS Library for permitting us to share this Q&A!

Amrit Dhir: What is your association with the Bangalore-based Centre for Internet and Society (CIS)?

Subbiah Arunachalam: I am one of the founding members of the Board of the Centre for Internet and Society. Mr Sunil Abraham invited me to join and I agreed as I found the group to be a talented bunch of people much younger to me and interested in questions, the answers to which would be of interest to me.

AD: What has been your involvement with the Open Access (OA) movement for the past ten years?

SA: For the past ten years, I have been literally breathing OA! I always believed that knowledge should be free and open, but my formal engagement with OA began in 2000. That was the year when Eugene Garfield, the well-known information scientist, turned 75. He has been a great influence in my life and so I wanted to celebrate his 75th birthday with a conference. Gene had written hundreds of essays and he had put all of them together in fifteen volumes (Essays of an Information Scientist). What is more, long before the formal movement for OA began, Gene had put all his essays - in fact, all his writings - up on the University of Pennsylvania website.

For the conference, I invited another friend of mine, Alan Gilchrist, Editor of Journal of Information Science, and a world leader in advancing knowledge about thesauri. For the second speaker I invited Stevan Harnad, as I had read his article on scholarly skywriting (which was included in Garfield's Essays). I was working as a volunteer at the M. S. Swaminathan Research Foundation whose main thrust was development, but my chairman Prof. M. S. Swaminathan helped me raise some funds. From then on I started dividing my time between development and promoting OA in India and the developing world. My prior experience as editor and publisher of science journals (at the Council of Scientific and Industrial Research (CSIR) and the Indian Academy of Sciences) was a great help. For one thing, I knew a large number of scientists and academics. For another, as I had no big official position I was free to make statements freely. And I took advantage of both.

In 2001, I persuaded the Indian Academy of Sciences to convene a meeting of editors of Indian S&T journals and convince them of the advantage of their journals going electronic. About 50 editors were trained in two three-day workshops. One of them, Dr. D. K. Sahu is today the world's leading OA publisher who neither charges the authors nor the readers [http://www.medknow.com].

In 2005, the Open Society Institute (OSI) invited me to Toronto to plan a conference. I had proposed to bring scientists from India, Brazil and China and to promote OA in these three countries. I believed then, and continue to believe now, that if OA takes roots in these three countries then it would be easy to promote it in the rest of the developing world. The conference itself was held at the Indian Institute of Science in November 2006, with support from OSI and the Indian Academy of Sciences. It was at this conference, with the help of Barbara Kirsop and Alma Swan, that we produced the Bangalore Declaration, which could be used by governments and funding agencies in developing countries to mandate OA.

In January 2006, I organized a full session on OA as part of the Annual Science Congress held at Hyderabad. In 2008, I spoke to Prof. Samir Brahmachari, Director General of CSIR and convinced him of the need to adopt OA. He accepted the idea immediately and opened up all the sixteen journals published by CSIR's publishing arm, NISCAIR. I persuaded the Indian Academy of Sciences to set up a repository for all papers by all Fellows and currently the repository is getting ready and I expect it to be available online in July or August. The Academy took nearly four years, but I am glad it is finally happening.

I have groomed a number of young people to take up OA advocacy and implementation. In particular, Muthu Madhan (now at ICRISAT) has done well. He has helped six institutions set up their repositories. I took him along with me (CIS funded his trip) to the International Conference on Repositories in Amsterdam jointly organized by JISC, SURF and UKOLN in 2009.

I have written about OA both on my own and in coauthorship with Peter Suber, Barbara Kirsop and Leslie Chan. I have given interviews to key outlets and spoken at many national and international conferences including two A2K conferences organized by Yale University, several Berlin conferences, and the ICSU-UNESCO conference where I was one of two keynote speakers.

AD: What is the potential of OA, and what makes it unique to India?

SA: OA has tremendous potential not only to India, but to the world as a whole. But its value to developing countries is much greater than to advanced countries, because the serials crisis and the access to knowledge problems are felt far more acutely in developing countries. Currently higher education and R&D (Research and Development) are in an unprecedented expansion phase and therefore we would need huge investments to meet information needs if only traditional methods of access were available to us. As large publishing corporations are raising subscription costs year after year at an unacceptably high rate, Indian researchers and students would benefit if more and more scientists in the West were to make their work OA.

There is nothing unique about OA in India. Whatever applies to India applies to the larger developing countries (China and Brazil, South Africa). That is why I believe these four countries should work together in promoting OA.

AD: What do you see as the future of the OA movement in India?

SA: As far as India is concerned, currently, a higher proportion of Indian work (12.5%) appears in OA journals than the world average (estimated to be between 8.5 and 10%). The two major Academies and CSIR in favor of OA. I and others are trying to persuade other funding agencies and research councils to adopt OA. It is a question of time before OA becomes accepted by at least some of the leading institutions. There are about 40 active repositories, but the number has started increasing.

AD: What are the impediments to realizing that future? Are there any legal concerns or legal obstacles that you anticipate approaching?

SA: There are no impediments. At least I do not see any. You may then ask why the progress is slow. It is largely because of author inertia and general ignorance. Yes, ignorance. Not many scientists really know about what is possible and what is not possible with regard to depositing their papers in a repository. They are needlessly afraid of copyright infringements. Thus all the 'impediments' are imaginary!

When it comes to journals, it is easy. We publish the journals and we decide if we want to be closed or open. MedKnow publishes 150 journals, of which 148 are open. All 11 journals of the Indian Academy are open. Even when they entered into an agreement with Springer [Publishing], they retained the right to keep all of them open on their site!

AD: How would you compare the institutional openness of India and the US to the potential and needs of OA?

SA: I have already explained why I believe OA is far more important to developing countries. But even in the West, the serials crisis is forcing librarians to adopt OA. In the West, prestigious institutions such as Harvard, MIT, NIH, Wellcome Trust, RCUK (Research Councils UK), have adopted OA and that has made a big difference. Now the US Congress is considering the FRPAA (Federal Research Public Access Act). Eventually, all institutions will have to adopt OA.

There is one advantage of institutions in the developing countries adopting OA that may be missed by many. Often research done in the South in problems like SARS, tsunami, HIV/AIDS, climate change will be of global relevance. These issues do not know any national boundaries.

AD: You have spoken of a social mission and a human-rights-based justification for supporting greater OA, particularly with regard to the hard sciences and scientific research. What is the relationship between justice and OA, both on an international scale and as it relates to India more specifically?

SA: A very good question. When Kofi Annan was heading the United Nations, it came up with the Millennium Development Goals (MDGs). On top of the list was poverty alleviation. What use is all the science that we do if fellow human beings are unable to even buy food and keep dying of hunger and malnutrition? This is the basis for the argument on opening up of scientific knowledge as an issue of justice. In India, the government has invested millions on R&D in atomic energy, space science, new biology and biotechnology and so on, and yet more than 60 years after we had became a Republic, poverty is rampant, the gap between the rich and the poor is increasing and both the number of billionaires and the number of people below the poverty line are increasing every year. All our science and technology have not ensured basic necessities for the poor. We do not use what we know, and what we know is not known widely.

In an excellent article “The Digital Provide: Information (Technology), Market Performance, and Welfare in the South Indian Fisheries Sector” in 22 Quarterly Journal of Economics 879 (2007), Robert Jensen of Harvard's Kennedy School used the example of how the introduction of mobile phones in coastal areas of Kerala opened up information and brought many benefits to the community as a whole and not just to fishing families.

There is another angle to the urgent need to reduce poverty, viz. the security angle. Two years ago, I was invited to write a short essay on information and livelihood and I began my essay with these words: "We live in a divided world where far too many people live in abject poverty. To help these people get out of poverty is good for the world as a whole, for great disparities in wealth will lead to violence and terrorism and no one can live in peace and harmony."

There is yet another issue. This is related to drugs and pharmaceuticals. Many pharma companies do not want to bring to market products from their latest research because the previous products are still doing well. Profit is the motive, and it trumps public good. Also, Western pharma companies send out scouts to the old world and learn from local wisdom the medicinal value of plants and herbs and take advantage but without sharing the profits with the local people. A clear case of the North exploiting the knowledge of the South. And yet their own drugs are all under patent protection!

AD: Some see Indian civil society and even Indian government insisting on greater transparency and access to information, with such movements as the one behind the Right to Information (RTI) Act as an example. Are you optimistic about such efforts at governmental and legal reform? And, how does it relate to your work and the broader objectives you advocate?

SA: About two years ago, the Department of Biotechnology entered into a partnership with the Wellcome Trust. The was born with a view to providing generous fellowships to scientists at three stages of their careers. One of the features was that all papers published by these Fellows have to be OA. The Minister for science and technology (Mr Kapil Sibal at that time) announced this proudly. I wrote him that he should also make OA all papers by scientists receiving grants from DBT, but he did not bother to reply. There is a lot of political doublespeak. I also wrote to Members of Parliament belonging to all the major parties suggesting that they consider legislation similar to the one which brought OA to all NIH-funded research in the US. No one replied. The RTI Act and the recent happenings on the corruption front (the government yielding to the request of Gandhian Anna Hazare) are indeed very good. And I believe one day the need for OA will be recognized as important and worthy of legal status. But one may also achieve a lot through bottom-up approaches by talking to individual institutions, universities and scientists.

I am not losing hope. I will keep making my requests until OA is accepted as the norm.

AD: How would you call upon American universities and institutes to act or reform in light of the OA measures you advocate?

SA: The larger the number of American universities, research institutions and funding agencies adopting OA, the better it would be for us, as we would have more papers in the open domain. More than that, we could cite their example and convince Indian institutions to adopt OA.

Read the original interview published by the Berkman Center for Internet & Society here

For more details visit https://cis-india.org/openness/blog-old/an-interview-with-prof-arunachalam

Privacy By Design — Conference Report

praskrishna — 2011-08-22T12:03:30Z

How do we imagine privacy? How is privacy being built into technological systems? On April 16th,The Center for Internet and Society hosted Privacy by Design, an Open Space meant to answer these questions and more around the topic of privacy. Below is a summary of the conversations and dialogs from the event.

Introduction

On April 16th, The Center for Internet and Society hosted Privacy by Design, an Open Space meant to foster discussions around questions related to how privacy is being designed into technological systems. The day opened with two basic questions: How do we imagine privacy? And how are individuals building technology systems incorporating privacy into the system? Throughout the day the conversations took many twist and turns, but at the end of the day three basic points about privacy had come out of the many discussions: 1. Privacy cannot be limited to one definition; it is constantly changing based on person and on context 2. To a person - privacy is a function of abuse and violation 3. The increased generation of data that was made possible by web 2.0 has lead to a rise in privacy issues and is significantly changing many traditional concepts, spaces, and relationships – such as what constitutes a public space, and the relationship between a state and its citizens.

Database architecture and privacy

The morning discussion focused on databases and privacy, and began with questions like: How can a database be built to protect privacy? When a database is built, what role does privacy play in the migration of data? Is privacy protected in databases simply by limiting access to certain parts of data sets? Though many of these were left unanswered, the conversation highlighted the fact that th databases are coded to segregate /regulate users and information in order to protect the system. Thus, databases are architected to incorporate privacy in such a way that protects the viability of only the system and not the individual. In our research we have seen many cases of this. Individual’s privacy has been violated because of malfunctioning or poorly constructed databases. For example, currently Indian governmental databases often have incorrect information, individuals do not have the ability to access and change their information, and if an individual’s information is compromised the government is not held accountable, and there is no course of action that an individual can take towards redress.

Security vs. Privacy

Embedded in this understanding of how privacy is built into technological systems is the question of what security is, and when systems are built, whether privacy and security are considered to be essentially the same. Thus far in our research we have distinguished between privacy and security, saying that, security and privacy have an interesting relationship, because they go hand in hand, and yet at the same time have a different focus, because of this differing focus data security and privacy are not the same. Data breaches that contain personal information of any sort that can be matched, tracked or otherwise co-related to a person or persons will result in a privacy breach too. Though data security is critical for protecting privacy, because data security and privacy have different focuses, the principles that each follows are also different and sometimes conflicting. For example, data security focuses on data retention, logging, etc, while privacy focuses on consent, restricted access to data, limited data retention, and anonymity. If security measures are carried out without privacy interests in mind, privacy violations can easily result. Therefore we have thought that data security should influence and support a privacy regime, but not drive it.

security and privacy have an interesting relationship, because they go hand in hand, and yet at the same time have a different focus, because of this differing focus data security and privacy are not the same. Data breaches that contain personal information of any sort that can be matched, tracked or otherwise co-related to a person or persons will result in a privacy breach too. Though data security is critical for protecting privacy, because data security and privacy have different focuses, the principles that each follows are also different and sometimes conflicting. For example, data security focuses on data retention, logging, etc, while privacy focuses on consent, restricted access to data, limited data retention, and anonymity. If security measures are carried out without privacy interests in mind, privacy violations can easily result. Therefore we have thought that data security should influence and support a privacy regime, but not drive it.

The right to be forgotten and regulation of data

The possibility of creating systems with "off switches" also came out of this thread of conversation. For instance, can a database be structured to show only necessary information to third parties based on the context. In this scenario a card would be created that has all of an individual’s information on it, but only the pertinent information will be shown based on the different situations - if, for example, a teenager goes to a bar, the card will only show a third party that he is over 18. This idea is already taking shape in many Western countries, and is similar to the idea of a federated identity system. A question to ask though is if such a system could work for India, or be even more appropriate for India than a system like the UID. The purpose of federated systems of identity is to take context into consideration, and enable users to keep contexts separate, and link information about an individual only takes place when consent is given by the user. In response to the idea of an identity system that allows only certain information to be seen by third parties based on the situation, it was brought out that privacy is not protected simply by the separation of data into public or private categories, because all data have the potential to be misused. The immediate response to this concern was that if all data have the potential to be mis-used – than the use of data should be carefully regulated. The regulation of data though is also a double edged sword. On one hand regulating the use of data can stop a company from misusing information, but on the other hand it can keep a country from having full and equal access to the internet. A question that came out of this discussion on regulation was about the right to be forgotten. Does an individual have the right to regulate all information about themselves that is in the public sphere? Can they ask for their photos or videos to be taken down from the internet? In India this question has yet to be answered by the law, and it is a question that our research is looking into.

The purpose of federated systems of identity is to take context into consideration, and enable users to keep contexts separate, and link information about an individual only takes place when consent is given by the user. In response to the idea of an identity system that allows only certain information to be seen by third parties based on the situation, it was brought out that privacy is not protected simply by the separation of data into public or private categories, because all data have the potential to be misused. The immediate response to this concern was that if all data have the potential to be mis-used – than the use of data should be carefully regulated. The regulation of data though is also a double edged sword. On one hand regulating the use of data can stop a company from misusing information, but on the other hand it can keep a country from having full and equal access to the internet. A question that came out of this discussion on regulation was about the right to be forgotten. Does an individual have the right to regulate all information about themselves that is in the public sphere? Can they ask for their photos or videos to be taken down from the internet? In India this question has yet to be answered by the law, and it is a question that our research is looking into.

Data types and privacy

Emerging from the conversation on database structure, a conversation on types of data in databases was started. The question was raised as to whether or not databases can actually handle certain types of data. The example given was caste-related data. Information about a person’s caste is constantly changing as people lie about their caste, change their caste, and become married and take on another caste. Furthermore, some people do not want to live with their caste and want to shed off their caste. Therefore, can a database accurately represent such a dynamic data set? Is it dangerous to put such a politically volatile concept as caste into a database where it will confine a person to one definition once entered? Another side to this question though is that perhaps it is in fact necessary to try and place a person in one caste, as there benefits enshrined by law based on a person’s caste, and an individual who has the ability to change his/her caste at their whim therefore defeats and takes advantage of governmental benefits. The point was also raised that by placing information like caste and identity into a database, governments have the ability to divide the country into subsets of identities that they decide to generate. Caste is not the only data that faces these complications and issues. For instance religion and race raise similar question. How can you define and represent a person’s relationship with God in a database? How to you represent a child of multiracial parents on a database?

Changes in the relationship between the state and the citizen

It was also brought out that the representation of citizens’ identities on a database changes the relationship between a state and its citizenry. States no longer see citizens as individuals, but instead as data samples. The UID is an example of an e-governance program that if enacted, could further such a change in the relationship between the state and the citizen, as the whole of India will suddenly and ubiquitously be recognized by the Government (and other entities/organizations) according to their aadhaar number. The relationship between the state and the citizen is not the only social change that databases bring about. Databases also change the concept of public space. As web 2.0 has facilitated the generation of large amounts of data, public space has become a space where one enters and interacts as a dataset. For example face book and twitter allow individuals to create datasets of them and interact with other people through their datasets. Beyond social networking online banking and online shopping also push people to form datasets about themselves and interact with services that were traditionally done in person as individuals, as datasets.

Questions of ownership

The above thread of conversation led to the next question of whether or not individuals control technology or whether technology controls individuals. The example of Facebook was used to illustrate this question. Even though Facebook has a privacy policy, once a person engages with Facebook he or she accepts Facebook’s definition of privacy – which is two tiered. On one level Facebook defines user privacy in terms of restriction - allowing the user to limit who can see their profiles. On another level Facebook’s privacy policy allows the company to share and sell personal information. In these ways companies are constructing databases so that instead of the company being the custodian of information – an entity that provides a structure to protect and hold information - the companies are now the owners of information- selling and using individuals information for profit. In India, this is a problem. Companies, once they collect data, treat it as their own - selling and sharing data with third parties, or using it in ways that were not agreed to by the customer. The question of ownership was a critical question for the group. In the discussions it was important to individuals that they had control and ownership over their information. Individuals felt that information that could be traced back to them or their identity belonged to them, and that in order to protect privacy consent should be secured before any information is used. For instance, data mining by websites without notice was seen as a violation of privacy. The collection of data in public places for marketing purposes without a person’s consent or awareness was similarly seen as a privacy violation. It was also brought out from this conversation that the digitization of information has caused a commercialization of information, and that has led to a sense of ownership and need for privacy over information. For example, before, if someone were to take one’s name and mis-use it, that person was charged with defamation – not for violation of privacy – but if someone misuses information that is in a database or online, that person is now charged for a violation of privacy. This shift in thinking is another example of how web 2.0 has increased privacy violations.

Perceptions and expectations of privacy

The day ended with a conversation about the perceptions and expectations of privacy. Privacy as it relates to an individual is almost wholly dependent on expectation, which changes from person to person, from community to community, and from culture to culture. Just as the expectation of privacy varies between individuals, so does the degree of violation. Thus, it is important to recognize the changing nature of privacy, because it explains why it is difficult for the legal system to address all the nuances of privacy with one broad legislation. This point has been crucial in our research thus far as we are consulting with the public, analyzing legislation, and following news items to see if privacy legislation is wanted and needed in India, and if it is - how it should be shaped.

From the conversation on perceptions of privacy and privacy violations it was also brought out that the concept of privacy is on one hand related to the notion of ownership, and on the other hand it is related to the violation. From the experiences shared by individuals, their privacy never became a concern until it was violated, or they learned about someone else’s privacy being violated. This led to the observation that not only is it difficult for the law to address privacy violations because the violation is based on perception, but also because the effect when one’s privacy is violated is often an emotional one.

Conclusion

The conversations held throughout the day showed the dynamic and personal nature of privacy, and how when databases are constructed, and how our lives made digital this personal aspect is easily lost. When we think about the conversations held throughout the day in relation to our initial questions: what are the different ways of imagining privacy, and how is privacy being built into technological systems, besides the three basic themes of privacy highlighted in the beginning of this blog - there emerged to more themes. One theme portrayed an imagination of privacy that is more personal, and that address the emotional component and the perception component to privacy. Another theme portrayed an imagination of privacy that is technologically more controlled, that allows for more personal regulation, more precise segregation of information in a database, and restricted access by third parties. This imagination of privacy can be and is being met by new and developing technologies. Increasingly in many countries technology is being structured with privacy built into the system. The larger question that this open space has raised, and not completely answered is if privacy legislation can adequately protect an individual’s privacy, and if it cannot, can technology can fill the gaps that privacy legislation leaves open.

For more details visit https://cis-india.org/internet-governance/blog/privacy/privacy_privacybydesign

April 2011 Bulletin

praskrishna — 2012-07-30T10:45:01Z

Greetings from the Centre for Internet and Society! In this issue we are pleased to present you the latest updates about our research, upcoming events, and news and media coverage:

Researchers@Work

RAW is a multidisciplinary research initiative. CIS believes that in order to understand the contemporary concerns in the field of Internet and society, it is necessary to produce local and contextual accounts of the interaction between the Internet and socio-cultural and geo-political structures. To build original research knowledge base, the RAW programme has been collaborating with different organisations and individuals to focus on its three year thematic of Histories of the Internets in India.

Workshops organised in Bangalore

Shadow Search Project (SSP) [CIS, April 18, 2011]
Facebook Resistance [CIS, April 2, 2011]

Digital Natives with a Cause?

Digital Natives with a Cause? is a knowledge programme initiated by CIS and Hivos, Netherlands. It is a research inquiry that seeks to look at the changing landscape of social change and political participation and the role that young people play through digital and Internet technologies, in emerging information societies. Consolidating knowledge from Asia, Africa and Latin America, it builds a global network of knowledge partners who want to critically engage with the dominant discourse on youth, technology and social change, in order to look at the alternative practices and ideas in the Global South. It also aims at building new ecologies that amplify and augment the interventions and actions of the digitally young as they shape our futures.

Columns on Digital Natives

A fortnightly column on ‘Digital Natives’ authored by Nishant Shah is featured in the Sunday Eye, the national edition of Indian Express, Delhi, from 19 September 2010 onwards. The following were published in the month of April:

Who the Hack? [Indian Express, April 24, 2011]
One for the avatar [Indian Express, April 3, 2011]

Digital Natives Newsletter

Links in the Chain is a bi-monthly publication which highlights the projects, ideas and news of the Digital Natives with a Cause? The first issue of volume IV is here:

links in the chain volume 4 Best Practices

New Blog Entry by Samuel Tettner

Samuel Tettner is a Digital Natives Coordinator in CIS. He has written the following blog entry:

Cyber Fears: What scares Digital Natives and those around them

Accessibility

Estimates of the percentage of the world's population that is disabled vary considerably. But what is certain is that if we count functional disability, then a large proportion of the world's population is disabled in one way or another. At CIS we work to ensure that the digital technologies, which empower disabled people and provide them with independence, are allowed to do so in practice and by the law. To this end, we support web accessibility guidelines, and change in copyright laws that currently disempower the persons with disabilities.

Workshop organised in Hyderabad

Web Sites Accessibility Evaluation Methodologies: Conference Report

Openness

CIS believes that innovation and creativity should be fostered through openness and collaboration and is committed towards promotion of open standards, open access, and free/libre/open source software. Its latest endeavour has resulted into these:

Submission

Comments on Draft National Policy on ICT in School Education

New Blog Entry

Towards Open and Equitable Access to Research and Knowledge for Development [PLoS, March 29, 2011]

Internet Governance

Although there may not be one centralized authority that rules the Internet, the Internet does not just run by its own volition: for it to operate in a stable and reliable manner, there needs to be in place infrastructure, a functional domain name system, ways to curtail cyber crime across borders, etc. The Tunis Agenda of the second World Summit on the Information Society (WSIS), paragraph 34 defined Internet governance as “the development and application by governments, the private sector and civil society, in their respective roles, of shared principles, norms, rules, decision-making procedures, and programmes that shape the evolution and use of the Internet.” Its latest endeavour has resulted into these:

CIS is doing a project, ‘Privacy in Asia’. It is funded by Privacy International (PI), UK and the International Development Research Centre, Canada and is being administered in collaboration with the Society and Action Group, Gurgaon. The two-year project commenced on 24 March 2010 and will be completed as agreed to by the stakeholders. It was set up with the objective of raising awareness, sparking civil action and promoting democratic dialogue around challenges and violations of privacy in India. In furtherance of these goals it aims to draft and promote over-arching privacy legislation in India by drawing upon legal and academic resources and consultations with the public.

Featured Research

Interview

An Interview with Activist Shubha Chacko: Privacy and Sex workers

Workshops organized in Ahmedabad and Bangalore

'Privacy Matters', Ahmedabad: Conference Report [Ahmedabad Management Association, Ahmedabad, March 26, 2011]
Privacy, By Design [CIS, April 16, 2011]

New Blog Entries

Telecom

The growth in telecommunications in India has been impressive. While the potential for growth and returns exist, a range of issues need to be addressed for this potential to be realized. One aspect is more extensive rural coverage and the second aspect is a countrywide access to broadband which is low at about eight million subscriptions. Both require effective and efficient use of networks and resources, including spectrum. It is imperative to resolve these issues in the common interest of users and service providers. CIS campaigns to facilitate this:

Column

Shyam Ponappa is a Distinguished Fellow at CIS. He writes regularly on Telecom issues in the Business Standard and these articles are mirrored on the CIS website as well.

Learning from Fukushima [published in the Business Standard on April 7, 2011]

News & Media Coverage

The Gary Chapman International School on Digital Transformation[International School on Digital Transformation, July 17-22, 2011]
Iraqi delegation in Bangalore to study e-governance projects [Economic Times, April 20, 2011]
Dark waders [Time Out Bengaluru, Vol. 3, Issue 20, April 15 - 28, 2011]
Beyond Clicktivism [Outlook, April 18, 2011]
Gone in a flash [Times of India, April 16, 2011]
How Web 2.0 responded to Hazare [Hindu, April 11, 2011]
EU Commissioner Hedegaard to deliver keynote address at consumer world congress
Net cracker [Time Out Bengaluru Vol. 3 Issue 19, April 1 - 14, 2011]
On the Path to Global Open Access: A Few More Miles to Go [PLoS, March 2011, Volume 8, Issue 3]

Follow us elsewhere

Get short, timely messages from us on Twitter
Follow CIS on identi.ca
Join the CIS group on Facebook
Visit us at www.cis-india.org

CIS is grateful to Kusuma Trust which was founded by Anurag Dikshit and Soma Pujari, philanthropists of Indian origin, for its core funding and support for most of its projects.

For more details visit https://cis-india.org/about/newsletters/april-2011-bulletin

No access to pornography in cyber cafes, declare new rules

praskrishna — 2011-05-01T01:09:50Z

Fresh guidelines, which are part of Information Technology (guidelines for cyber cafe) Rules 2011, will require cyber cafe owners to "tell users" not to surf websites that contain "pornographic or obscene material". Experts termed the rule arbitrary, saying that watching pornography is not an offence in India. This article by Javed Anwer was published in the Times of India on April 26, 2011.

According to the rules notified on April 11, all cyber cafes in the country will have to register with an "agency as notified" by the government. While some of the guidelines deal with the security threat posed by "anonymous internet users", most aim to make sure that people don't use cyber cafes to access pornographic material.

Pawan Duggal, a lawyer who specializes in IT laws, said the new guidelines were arbitrary. "Watching pornography is not illegal in India," he said. "It's absurd to ask cyber cafe owners to tell their customers not to access pornographic material even as law allows individuals to access adult websites unless it's not child pornography. The new rules require a second look."

The new rules suggest cafe owners install filtering software and keep a log of all websites accessed by customers for at least one year. Cafe owners have also been asked not to build a cabin/cubicle with a height of more than four and half feet. In a cyber cafe where there are no cubicles, "owners will have to place computers with the screens facing outward" or towards open space. The move is aimed at reducing privacy a cyber cafe user can get.

Duggal said if implemented earnestly, the new rules will put most of cyber cafe owners out of business.

Internet activists termed the guidelines "unconstitutional". Pranesh Prakash, a programme manager with Centre of Internet and Society, said the rules will violate privacy and will hamper internet users' ability to freely express themselves.

The new rules make it mandatory for user to carry an identity card. Cyber cafe owners have been asked to give user logs to the "registration agency" every month as well keep these records along with the log of websites accessed at the cyber cafe safe for a period of one year. A few cafe owners said that technically, it would be a daunting task to keep a record of every website accessed using their computers for a year.

While minors, if carrying identity cards have been permitted to use computers in a cyber cafe, they won't be allowed inside cubicles if not accompanied by guardians or parents. There is also provision of photographing cyber cafe users using a webcam or other device. The photographs will have to be authenticated by the user. Prakash said that photographing users raises serious privacy questions, especially in the case of children.

Read the original article published by the Times of India here

For more details visit https://cis-india.org/news/no-pornography-in-cyber-cafes

The world is your oyster, by invitation only

praskrishna — 2011-05-01T01:40:59Z

Recent trends show the world of social networking actually reflects the social divides and groupings in the real world. This article by Shreya Ray was published in the Livemint on April 26, 2011.

Looking for love and thinking it’s a shame someone as gorgeous as you is single? Worry not, for Beautifulpeople.com is here. The UK-based site guarantees beautiful singletons a chance to find “beautiful relationships” through their network. The homepage gives you a little snapshot into what they are all about. A cluster of model-like people, different ethnicities and yet, ironically, strikingly similar in their Anglo-Saxon good looks: high cheekbones and sharp noses. Membership is open for all with one caveat: The photo you submit must first be rated by your peer group (that is, the people already deemed “beautiful” by the website), only then do you get admission.

Based on a similar principle of peer-group approval is Facebook’s Compare People application, where you rate friends based on their smile, eyes, sex appeal, profile picture (and other school-report card qualities such as “helpfulness”). And then, of course, there are quizzes such as “How Beautiful Are You”, in which too your final score is based on where you stand vis-à-vis other people in the network.

To be fair, this isn’t just a fetish of the beautiful and those who want to officially belong to “beautiful-only” groups. Because, in just the same way, the social networking world is just as populated by people wanting to either be part of “rich-only” (Affluence.org) or “smart only” (Epernicus.com, for researchers) groups, and most recently, the India-based Vagad Visible (Vagadvisible.com, for the Vagads, a small clan within Kutchi Jains), among others. The world of social networking is about everyone wanting to be something “only” and in that sense, to quote Chicago-based social networking expert David Armano, it is “less about being social”.

Exclusivity: The invite-only system allows social networks and other Web platforms to control and stagger the growing load on their infrastructure. Raajan/Mint

Unsocial networking

One of the latest improvements on Facebook towards the end of 2010 was the option that allows you to edit friends with hyperactive user activity (people who are forever cluttering your page with Farmville updates or quizzes) and “hide” such user activity from your feed. “On Facebook, groups are smaller gatherings, individuals which are invite-only. On Twitter, users create lists to help them filter out signal from noise. Lists on Twitter are not really about exclusivity, but they do say something about how people desire to extract more value from a network,” says Armano, in an email interview.

Sunil Abraham, executive director of the research institute Centre for Internet and Society, Bangalore, says the “hierarchy on the online attention economy often reflects the class and social divides in the real world”.The term attention economy was first used by Michael Goldhaber in December 1997 to describe a new arrangement in which the “flow of attention” metaphorically replaced money as the currency of the Internet.

Quantitative research in the Philippines has shown that rich people are less likely to respond to messages that say “will you be my friend”, he adds, citing the work of researcher Raul Pertierra. “On Facebook, the act of friending someone may appear symmetric. But privacy settings on content, groups and feed configurations may be used to fine-tune the exact power dynamics of the relationship. In platforms such as Twitter, the asymmetry is explicit: For example, Twitter, where I can follow you but you need not follow me,” he says.

Technology has aided this aspect of exclusivity. “There are now beta releases of social software which typically get released to a smaller group of influential and digital savvy individuals. There are now services such as Klout that partner with brands to reward individuals who have the largest social graphs,” adds Armano. Klout measures your overall online influence using over 35 variables on Facebook and Twitter and rates you as True Reach, Amplification Probability, and Network Score.

The other way of practising exclusivity—unlike Facebook, Twitter and other “open” networks—is to just come out and say it: invite only. Beautifulpeople.com will only admit you on the basis of your looks; asmallworld (Asmallworld.net), becoming increasingly popular among the First World swish set, can only be accessed by invitation; and Affluence.org very categorically states it is a place for wealthy individuals to “connect” (membership is free but requires a verifiable minimum household net worth of $1 million, or Rs. 4.5 crore) and “engage in meaningful conversations”. There are others that are slightly work oriented: The Behance network (Behance.net) is a place for creative professionals and you have to seek a membership invitation by describing your creative work. Sermo (Sermo.com) is a place for physicians to “share medical insights”.

Vahad Visible is completely restricted to the Vahad community (a user’s credentials are authenticated by a phone interview and other records), and is social networking meets matrimonial meets classified ads.

The why

There are many reasons for this exclusivity. First, technical. “The invite-only system allows social networks and other Web platforms to control and stagger the growing load on their infrastructure,” says Abraham.

There is also a marketing and commercial aspect to it. Affluence.org, for instance, provides a forum for “exclusive, high quality content and advice from experts on subjects such as art, technology and travel”. Similarly, asmallworld has advertisements for accommodation (it also doubles up as a couch-surfing site of sorts, only these are all rich people living in the First World), among others. Both the technical and the commercial aspects, however, are tied to the larger, that is, sociological aspect of exclusivity. For instance, the “invite-only” system also creates a sense of exclusivity and then drives registrations, says Abraham.

Sociologically, the recipient of this exclusivity, according to Armano, “feels special and rewarded for their social status”. “Those who deal in exclusivity are looking to create smaller “higher quality” networks of individuals who they deem are connected in a way which benefits them,” he says. The way we configure our social network and allow access to our feeds on Twitter or the Facebook page are based on our individual priorities and objectives. “Exclusive social networks are meant for those with overlapping priorities and objectives. The generic social networking websites are meant for finding long-lost classmates and friends and weak ties in general. Exclusive social networks are for accumulating new contacts and building strong ties,” says Abraham.

The dichotomy about social networks, adds Armano, is that “in theory, they flatten social norms” and also make certain things more accessible—like personal publishing. “However, networks do not guarantee that you will find yourself in the desirable social circles. You still have to do that the old-fashioned way—networking,” he adds.

Read the original article published by Livemint here

For more details visit https://cis-india.org/news/world-is-your-oyster

CDT Provides Answers to Questions on Internet Neutrality

pranesh — 2012-06-04T05:56:46Z

Pranesh Prakash of CIS asked David Sohn of CDT a few pointed questions on the emerging hot topic of 'Internet neutrality', and received very useful responses. Those questions and Mr. Sohn's responses are documented in this blog post.

As part of the Centre for Democracy and Technology's (CDT's) excellent "Ask CDT" initiative, we were provided the opportunity to clear up some of our doubts around "net neutrality" (which CDT prefers referring to as Internet neutrality rather than network neutrality) by asking an expert: David Sohn, CDT's Senior Policy Counsel. Reproduced below are the questions that I asked (inset and in gray), and David's replies (provided below each question). Some of the questions I asked below were doubts that I had, while some others are instances of donning the roles of devil's advocate. We hope this will be helpful in clarifying doubts that some of the readers of this blog have had as well.

1a. "As far as I can understand, content distribution networks (CDNs) such as Akamai, don't really fall within your understanding of violations of Internet neutrality. Why not? In what cases is 'spending more to get faster speeds' permitted for content hosts? Since not only specialised companies like Akamai, but regular Tier 1 companies like Level3 and AT&T also engage in CDN-like behaviour, does it make it more liable to illicit/underhand/non-transparent service differentiation techniques?"

1a. That's correct, CDNs don't violate either Internet neutrality principles or the FCC's recent rules. I talked about this at some length in a blog post a couple years ago. The short answer is that Internet neutrality does not aim to guarantee that all online content and services will work equally well, but rather to prevent ISPs from exercising "gatekeeper" control with respect to their subscribers. Thus, content providers who have money can purchase various advantages -- for example, more or better servers, upgraded software, or caching services from a CDN such as Akamai. Significantly, things like servers and caching are available from competitive sources; no supplier has gatekeeper control. In contrast, priority treatment on the transmission facilities serving any given Internet user is an advantage that only that user's ISP could provide. Another difference is that when one content provider purchases caching, it doesn't slow anybody else's traffic (indeed, it could speed it up, since it may help reduce overall network congestion). By contrast, when an ISP designates favoured traffic for priority transmission, non-favoured traffic by definition is de-prioritized. Think about a line of "bits" waiting in a router queue -- if you let some bits "cut in line," it inevitably lengthens the wait for those who don't get to cut. Given CDT's general comfort level with CDNs and the existence of competitive offerings in the marketplace, I'm not too concerned about who provides the service (Akamai, Level3, AT&T, etc.). It doesn't seem to be a case of the ISP leveraging its unique control over access to subscribers.

1b. "A large part of the claims of Internet neutrality supporters are founded on the basis of 'dumb networks', which can also be seen as a reformulation of the end-to-end principle. A question arises, which is often posed by the likes of Dave Farber, Bob Kahn and Robert Pepper: why should we stick dogmatically to the end-to-end principle when embedding 'intelligence' in the core is/will soon be a viable option *without* jeopardising the simplicity of the Internet? If you are fine with CDNs, then are you fine with a partial supplanting of the dogmatism of the end-to-end principle (because, after all, CDNs are in a sense, intelligence in the core rather than in the edges)?"

1b. I don't think that supporting Internet neutrality requires a dogmatic opposition to any and all built-in "intelligence" in the network. Certainly a strong case can be made for handling certain network management matters, such as some cyber security issues, at the network level. I get concerned on neutrality grounds not by the mere existence of "intelligence" in the core, but by the use of that intelligence to make judgments and decisions about which applications and services are most important or most in need of special treatment -- as opposed to remaining application-agnositic or, in the alternative, leaving the decision to end users. Intelligence that is put in the service of end users, allowing the users themselves to make judgments about what to prioritize, does not concern me at all. But if the network-level intelligence results in broader reliance on centralized evaluation and categorization of the type or content of Internet communications, and centralized decisions about what to favor or disfavor, then I think it poses a neutrality problem. The bottom line is, the idea that networks could benefit from some built-in intelligence does not argue for giving ISPs unbounded discretion to discriminate among traffic. Indeed, a network that empowered users themselves to determine the relative priority levels of their traffic based on their individual needs would be far "smarter" than on in which ISPs make broad, across-the-board choices.

2. "What is the bright-line rule that separates some IP-based networks that are 'private' (and hence free to do as they please), and others that are part of the 'Internet' (and hence need to follow Internet neutrality)? Where does IPTV fall? (While answering that question, think not only of present-day IPTV, but keep in mind its potential applications.) Where do 'walled gardens' of the WWW fall?"

2. In CDT's view, Internet access service provides a general-purpose ability to send and receive data communications across the Internet. Other services could be exempt from neutrality rules if they serve specific and limited functional purposes and have limited impact on the technical performance of Internet traffic. CDT's comments to the FCC went into considerable detail -- see, for example, the comments we filed in October. The FCC rules took a similar but not identical tack, saying that Internet access services are services that provide the capability to send and receive data "from all or substantially all Internet endpoints" or that provide a functional equivalent of such a service. In any event, the question of how clear the line is between Internet access services that are subject to neutrality rules and other services that are not is an important one that will bear close watching over time. As for IPTV, it offers a specific function -- access to video programming -- rather than general purpose access to the entire Internet. So IPTV can be distinguished from Internet service. As for "walled gardens," it likely would depend how large the garden is. If the garden seeks to offer a wide enough variety of sites that it can be used as a substitute for Internet access, then the FCC could choose to apply neutrality rules. At some point, a garden can become big and general-purpose enough that it is effectively serving as a non-neutral version of an Internet access service. That kind of end-run around neutrality rules shouldn't be allowed.

3a. "Should Internet neutrality be kept at the level of non-enforceable (but still important) enunciation of principles, or should they be enforceable laws? In either case, who has the authority to regulate Internet neutrality, given the non-territoriality of the 'Internet' (and especially keeping in mind the direction that ICANN's been taking with things like the Affirmation of Commitments). Why should the FCC have such powers? Why should any American governmental body have such powers?"

3a. It is important to have some enforceable rules. The FCC enunciated principles back in its 2005 broadband Policy Statement -- but when the agency tried to act after Comcast violated those principles, a court ruled that the FCC had no ability to do so. Enunciated principles are of little value if ISPs are free to violate them without consequence. For U.S. Internet users, I think the FCC is an appropriate agency in which to lodge the authority to police neutrality violations; the FCC has a long history of working to ensure that providers of physical communications infrastructure do not abuse their position. And since the focus is on the provisions of physical communications connections, I don't the the territoriality issue you raise is a major problem. The United States has the authority to establish rules for companies providing last-mile communications links to U.S.-based subscribers. The Internet is of course a global medium, but the endpoint connections have a clear geographic location.

3b. "If Internet neutrality is really about ensuring fair competition (so an ISP doesn't promote one company's content), then why not just allow competition law / anti-trust law to ensure that fair competition? What are the lacunae in global competition laws that necessitate the separate articulation of 'Internet neutrality' principles/rules?"

3b. The ability of antitrust law to protect Internet openness is pretty limited. Absent a clear anticompetitive motive, network operators likely could curtail Internet openness in a variety of ways without running afoul of antitrust law. Antitrust’s prohibition against anticompetitive conduct is a far cry from any kind of affirmative policy to preserve the Internet’s uniquely open network structure. Nor can antitrust law take into account the major non-economic reasons for maintaining an open Internet, such as the impact on independent speech and civic empowerment. Finally, as a practical matter, antitrust cases tend to drag on for many years. Individual innovators and small startup companies – key beneficiaries of Internet openness – are unlikely to be in a position to bring antitrust cases against major network operators.

4a. "One of the strongest arguments of anti-Internet neutrality folks is that adoption of Internet neutrality principles/rules will ensure that it is only the consumers who foot the bill for bandwidth consumption, and bandwidth hogs (like NetFlix) don't ever pay. This, they say, is unfair on consumers. How do you respond to this?"

4a. First, I question the statement that "bandwidth hogs like NetFlix don't ever pay." For starters, NetFlix buys a huge amount of bandwidth connecting its servers to the Internet. Once on the Internet, its traffic is carried onward pursuant to peering agreements between the ISPs and backbone providers. When NetFlix traffic volume grows, it may trigger new payment demands between carriers, as we've seen in the recent dispute between Comcast and Level3. But the bottom line is, nobody is forced to carry any traffic they haven't contractually agreed to handle. Of course, it is true that NetFlix doesn't make payments to (for example) AT&T for delivering NetFlix traffic to AT&T's customers. That might seem unfair if you think of NetFlix as a "bandwidth hog" eating up AT&T's capacity. I believe that is the wrong way to think about it. NetFlix has no ability to forcefeed traffic onto AT&T's network. Every bit it sends was requested by an AT&T subscriber. So if there are "bandwidth hogs" here, they are the end users -- they are the ones that pull all those bits onto AT&T's network. And they have already paid AT&T for the ability to get those bits. I would add that when individual users choose to download huge volumes, I have no problem with the ISP charging them more. Second, you suggest that it may be unfair to ask consumers to foot the full bill for their connectivity. But the Internet is such an open and innovation-friendly platform precisely because it is so user-driven. This user-centric focus could change if ISPs start thinking of themselves as providing services not just to end user subscribers, but also to non-subscribers such as large online content providers to whom the ISPs do not directly provide bandwidth. The ISPs would then have divided loyalties; rather than just focusing on empowering users, they would be collecting fees to steer users in particular directions. Sure, in other contexts there are examples of "two-sided markets" in which end users foot only part of the bill. Newspapers are often cited. But including paid advertising in newspapers doesn't have much impact in how the overall product is perceived or presented to users. In contrast, ISPs charging content providers for special transmission priority would be akin to a newspaper in which advertisers pay not just to place ads, but also to influence where the substantive articles appear -- which ones go on the front page and which on the interior, for example. In turn, content providers of all stripes would need to think about striking deals with multiple ISPs -- something that is not necessary today. In the end, turning the Internet into a two-sided market would make the medium dramatically less open, less innovative, and less empowering of users.

4b. "If a consumer wants a faster connection (to access content faster), she can get that by paying the ISP more and getting more bandwidth. If a business wants a faster connection (to deliver content faster), it can get that by paying the ISP more bandwidth. However, certain kinds of paying for faster delivery of content are sought to be curbed. Where should we draw that line? And Why should we hold on so dearly to a certain model of accounting for costs?"

4b. Consumers and businesses should be able to pay their respective ISPs for more bandwidth. I think that is very different from paying other people's ISPs for preferential treatment. The latter arrangement turns ISPs into gatekeepers with respect to their subscribers -- because once the quality of delivery depends on which content providers have struck a deal with the subscribers' ISP, every content provider needs to negotiate with that ISP in order to keep up with its competitors. We hold on to the Internet's model of accounting for costs because it is part of what makes the Internet such an open, innovative environment: content providers and innovators don't face the hurdle of having to negotiate deals with all their users' ISPs.

For more details visit https://cis-india.org/internet-governance/blog/cdt-internet-neutrality

The Gary Chapman International School on Digital Transformation — Deadline Expires on April 30

praskrishna — 2011-04-26T06:23:02Z

The application period for the Gary Chapman International School on Digital Transformation is now open! The deadline for applications is April 30, 2011.

The UT Austin Portugal program is now accepting applications for the third annual International School on Digital Transformation, to be held July 17-22 in Porto, Portugal. Advanced students and emerging professionals, social entrepreneurs, and activists from around the world with an interest in digital technology and the enrichment of civil society are invited to apply.

For the past two years, this intensive residential program has brought together scholars, policy experts, community advocates, designers, and hackers to explore the potential for digital media to empower citizens, strengthen communities, and contribute to a more vibrant civil society. The School is named for Gary Chapman, an internationally renowned Internet policy expert and member of the faculty at the LBJ School of Public Affairs at UT Austin who founded this innovative program and passed away suddenly last year. His life continues to inspire the School.

The School is conducted in English and in previous years has attracted faculty and participants from Portugal, South Africa, Finland, India, the U.K., the U.S., and Brazil, among many other countries. During the week, innovators in digital communications serve as teachers and mentors, presenting current projects and engaging in discussion. Faculty and students will be regarded as peers during the School.

Participants of the School will have the opportunity to present and discuss their own projects with those having similar interests, and explore ways to further develop their work. Additionally, members will collaborate on group projects involving digital media and civil society. Consisting of approximately 40 participants and 15 faculty, the School seeks to create an atmosphere of scholarly collegiality, fostering dialogue among diverse perspectives including those of design, policy, activist, and research backgrounds. The daily schedule will include time for presentations, bar camp style meetings, and informal conversations among faculty and students.

The School’s program for 2011 will focus on these themes:

Information access and open civic discourse
Digital tools for government transparency
Evolving Internet content regulation and the public’s right to information
Digital media and the democratic process
Factors influencing the growth of online civic engagement

The School will be held at the Hotel Eurostars Das Artes, a four-star hotel near the heart of Porto’s historic district, an area renowned for its active arts culture, wine, architecture, and breathtaking views. A link to the hotel site is below.

Participant fees are:

370 Euros, which includes

Six nights of lodging in a single room at the Eurostars Das Artes
Six days of breakfasts at the hotel (Monday-Saturday)
Six dinners at a local restaurant (Sunday-Friday)
The daily program of meetings, with coffee breaks
An evening cultural activity

170 Euros for UT-Austin-Portugal PhD Program students (this includes the items listed above, minus hotel and breakfast. Students will be asked to pay an additional charge for lodging, unless they are based in Porto andwish to stay at home.)

All participants should expect to pay for travel to and from Porto, lunches, and any incidental expenses such as bar tabs and outings to cafes or other Porto sites not included in the official agenda.

The Gary Chapman International School on Digital Transformation is organized by the UT Austin-Portugal program, a cooperative endeavor between the University of Texas at Austin and some of the top universities of Portugal. The co-directors of the School are Dr. Sharon Strover of the University of Texas at Austin and Dr. Artur Pimenta Alves of the University of Porto. More details on the program will be added and updated as they are confirmed.

The Eurostars Das Artes is a deluxe hotel located near many shops, restaurants, and art galleries and about a 20-minute walk to the Praça da Ribeira, at the shores of the Douro River. More information may be found here. For more information on the broader program, please see this.

There is limited space and the final deadline for applications is April 30. For questions regarding the program or call for applications, please contact Karen Gustafson at kegustafson@gmail.com.

Read the original news here

For more details visit https://cis-india.org/news/international-school-on-digital-transformation

Learning from Fukushima

praskrishna — 2011-08-30T12:47:25Z

Take remedial steps and demystify the unreasoning dread of nuclear power, says Shyam Ponappa in his latest column published by the Business Standard on April 7, 2011.

Official statistics report over 22,000 deaths related to fires, 27,000 by drowning and 144,000 in traffic accidents annually in India[1]. By contrast, the number of deaths resulting from the Chernobyl nuclear accident is about 10,000 in total, estimates Frank von Hippel, a nuclear physicist at Princeton, who is co-chairman of the International Panel on Fissile Materials (other estimates: World Health Organisation 4,000; International Agency for Research on Cancer 16,000; Belarus 93,000 plus 270,000 cancer patients; and Ukraine 500,000). Against this, he estimates the number of deaths owing to pollution from coal plants in the US alone at 10,000 each year [2].

In this context, what are we to make of a top Indian scientist’s demand for stopping nuclear power production in India pending a transparent safety audit of all nuclear plants? Why not stop all traffic because of traffic accidents, to paraphrase another leading scientist? Should we shut down all our cities and towns until the sewerage systems work? A conscious effort should be made to demystify nuclear power.

To consider this rationally, let’s begin with some reported facts. The Fukushima accident happened after the earthquake, after the plant shut down. The plant was designed to withstand waves of six metres, but was struck by an eight-metre high tsunami, according to the US’ National Oceanographic and Atmospheric Administration (other estimates range between 6.71 and 14 metres).

The reactor core takes several days to cool after being shut down and requires external cooling. The cooling system lost power from the grid because of the earthquake. The backup diesel generators worked for an hour, then stopped (there are conflicting reports on the reasons). The backup batteries then powered the pumps until they ran out. There are also conflicting reports of alternate diesel generators that were either of insufficient capacity or could not be connected for reasons that are unclear (flooded connectors, incompatible plugs and so on). The tsunami devastated the surroundings even as it hampered assistance from elsewhere. The failure appears to have been in the supply of power and water, that is , ancillary services.

Japan has 55 nuclear power reactors and it experiences frequent earthquakes. Though there have been instances of plants being shut down after earthquakes (2007: electrical transformer fire at Kashiwazaki-Kariwa, and some leaks of slightly radioactive water reported; 2004: one unit at the same plant was shut down), there has been no failure of nuclear plants because of earthquakes. So, no new facts relating to earthquakes or tsunamis seem to have surfaced to cause India to shut down its nuclear plants arbitrarily.

An increase in energy use in India is inescapable, given the correlation between growth and energy consumption. On balance, we need all the energy we can get staying within reasonable risks and costs. Objectively, what can we expect from our government and related agencies such as the Department of Atomic Energy and the Atomic Energy Agency?

Remedial Action

One could be to expect action to reduce risks based on experience.

After the Indian Ocean tsunami of 2004, a 3.2-km wall was constructed at Kalpakkam, which was in the path of the tsunami, fortified with sandbags, rocks and embankments. (The plant is situated at over 9 metres above the sea, with the reactor floors at a height of nearly 10.7 metres.)
The backup generators are located some distance away from the plant, out of the reach of tsunamis.
Mangroves and casuarinas along the coast helped diffuse the impact of the waves in 2004. News reports indicate the Department of Atomic Energy plans to augment these after its recent review of coastal nuclear plants.
News reports also mention that portable generators will be acquired for backup and tsunami alarms will be installed at coastal sites.

Other remedial measures based on experience may have been incorporated at Indian plants, or if not, could be incorporated now. For instance, referring to Fukushima, Dr von Hippel describes a filtered vent system designed to reduce radioactivity before releasing pressure from the containment building in the event of a meltdown (see diagram). Though it was ignored in the US, Sweden adopted it and so did France and Germany. Presumably, a benefit of Areva’s partnership with the Nuclear Power Corporation of India for constructing India’s new reactors will be the inclusion of filtered vents, if appropriate and not already in our design.

Costs, Benefits and Risks

Another issue is educating people on the risks, costs and benefits of different fuels. Life-cycle emissions capture one aspect of these costs (see figure for Europe).

A similar study is available for the US: “Life-Cycle Assessment of Electricity Generation Systems and Applications for Climate Change Policy Analysis” by Paul J Meier, University of Wisconsin-Madison, August 2002 (http://fti.neep.wisc.edu/pdf/fdm1181.pdf) Besides, there are costs such as population displacement and environmental effects associated with hydroelectric plants, land requirements and the environmental impact of manufacturing for solar generation, noise levels for wind farms, or pollution and the higher risk of accidents associated with coal [3].

Open Information and Communication

A third issue is easy access to accurate and relevant information. After the tsunami in 2004, the information sharing with the public was exemplary, with open and transparent briefings at Kalpakkam. This approach needs to be instituted as a standard operating procedure for governance by all departments and agencies, displaying integrity in systems, thereby instilling confidence in the public.

Prompt and accurate information about safety features including design and remedial measures could be compiled for ready access on websites, with pointers during press briefings. Regular and effective communication of systems and procedures, and measures to mitigate risks, could reduce our unreasoning dread of nuclear energy. Such steps would help assess risks reasonably and provide a good framework for governance and crisis management.

Notes

[1]."Table 38.1 Incidence of Accidental Deaths", http://mospi.nic.in/...38%20ACCIDENT%20STATISTICS/Table-38.1.xls [2008: latest available data].

[2].“It Could Happen Here”, Frank N von Hippel, New York Times, March 23, 2011: http://www.nytimes.com/2011/03/24/opinion/24Von-Hippel.html.

[3].“Nuclear power is safest way to make electricity, according to study”, David Brown, Washington Post, April 2, 2011: http://www.washingtonpost.com/national/nuclear-power-is-safest-way-to-make-electricity-according-to-2007-tudy/2011/03/22/AFQUbyQC_story.html.

For more details visit https://cis-india.org/telecom/blog/fukushima

Centre for Internet and Society

Announcing the Asia Pacific Google Policy Fellows

Take charge of Facebook

Log out of multiple sessions

Avoid the unwanted photo tag

Secure your account

Stop Facebook from haunting you online

Cut off the ads

Customize your Facebook page

Block unwanted applications

Remove yourself from Facebook & Google Search

Add a dislike button

A Network of Chains

Bangalore-based NGO files RTI query asking list of websites blocked by Indian govt

Consumers International IP Watchlist 2011 — India Report

IT Act if enforced will leave internet use in India no freer than in China

Guilty until proven innocent

Checks and balances exist

Learn from the world

Limits to Privacy

Introduction

Constitutional Jurisprudence on Privacy

Vocabularies of Privacy Limitation

Privacy of Communications

Privileged Communications

Privacy of the Home: Search and Seizure Provisions

Privacy of the Body

Court-ordered Medical Examinations

Reproductive Rights

DNA Tests in Civil Suits

Bodily Effects — Fingerprints, handwriting samples, photographs, Irises, narco-analysis, brain maps and DNA

Privacy of Records

Conclusion

Notes

Q&A on open access with Subbiah Arunachalam of the Centre for Internet and Society (Bangalore)

Privacy By Design — Conference Report

Introduction

Database architecture and privacy

Security vs. Privacy

The right to be forgotten and regulation of data

Data types and privacy

Changes in the relationship between the state and the citizen

Questions of ownership

Perceptions and expectations of privacy

Conclusion

April 2011 Bulletin

Researchers@Work

Workshops organised in Bangalore

Digital Natives with a Cause?

Columns on Digital Natives

Digital Natives Newsletter

New Blog Entry by Samuel Tettner

Accessibility

Workshop organised in Hyderabad

Openness

Submission

New Blog Entry

Internet Governance

Featured

New Blog Entries

Study Tour

Featured Research

Interview

Workshops organized in Ahmedabad and Bangalore

New Blog Entries

Telecom

Column

News & Media Coverage

Follow us elsewhere

No access to pornography in cyber cafes, declare new rules

The world is your oyster, by invitation only

Unsocial networking

The why

CDT Provides Answers to Questions on Internet Neutrality

The Gary Chapman International School on Digital Transformation — Deadline Expires on April 30

Learning from Fukushima

Remedial Action

Costs, Benefits and Risks

Open Information and Communication

Notes