Centre for Internet and Society

Sean McDonald - Ebola: A Big Data Disaster

sumandro — 2016-04-21T09:57:26Z

We are proud to initiate the CIS Papers series with a fascinating exploration of humanitarian use of big data and its discontents by Sean McDonald, FrontlineSMS, in the context of utilisation of Call Detail Records for public health response during the Ebola crisis in Liberia. The paper highlights the absence of a dialogue around the significant legal risks posed by the collection, use, and international transfer of personally identifiable data and humanitarian information, and the grey areas around assumptions of public good. The paper calls for a critical discussion around the experimental nature of data modeling in emergency response due to mismanagement of information has been largely emphasized to protect the contours of human rights.

Read

Download the paper: PDF.

Preface

This study titled “Ebola: A Big Data Disaster” by Sean Martin McDonald, undertaken with support from the Open Society Foundation, Ford Foundation, and Media Democracy Fund, explores the use of Big Data in the form of Call Detail Record (CDR) data in humanitarian crisis.

It discusses the challenges of digital humanitarian coordination in health emergencies like the Ebola outbreak in West Africa, and the marked tension in the debate around experimentation with humanitarian technologies and the impact on privacy. McDonald’s research focuses on the two primary legal and human rights frameworks, privacy and property, to question the impact of unregulated use of CDR’s on human rights. It also highlights how the diffusion of data science to the realm of international development constitutes a genuine opportunity to bring powerful new tools to fight crisis and emergencies.

Analysing the risks of using CDRs to perform migration analysis and contact tracing without user consent, as well as the application of big data to disease surveillance is an important entry point into the debate around use of Big Data for development and humanitarian aid. The paper also raises crucial questions of legal significance about the access to information, the limitation of data sharing, and the concept of proportionality in privacy invasion in the public good. These issues hold great relevance in today's time where big data and its emerging role for development, involving its actual and potential uses as well as harms is under consideration across the world.

The paper highlights the absence of a dialogue around the significant legal risks posed by the collection, use, and international transfer of personally identifiable data and humanitarian information, and the grey areas around assumptions of public good. The paper calls for a critical discussion around the experimental nature of data modelling in emergency response due to mismanagement of information has been largely emphasized to protect the contours of human rights.

This study offers an important perspective for us at the Centre for Internet and Society, and our works on Privacy, Big Data, and Big Data for Development, and very productively articulates the risks of adopting solutions to issues important for development without taking into consideration legal implications and the larger impact on human rights. We look forward to continue to critically engage with issues raised by Big Data in the context of human rights and sustainable development, and bring together diverse perspectives on these issues.

- Elonnai Hickok, Policy Director, the Centre for Internet and Society

CIS Papers

The CIS Papers series publishes open access monographs and discussion pieces that critically contribute to the debates on digital technologies and society. It includes publication of new findings and observations, of work-in-progress, and of critical review of existing materials. These may be authored by researchers at or affiliated to CIS, by external researchers and practitioners, or by a group of discussants. CIS offers editorial support to the selected monographs and discussion pieces. The views expressed, however, are of the authors' alone.

For more details visit https://cis-india.org/papers/ebola-a-big-data-disaster

SCOSTA and UID Comparison not Valid, says Finance Committee

elonnai — 2011-11-22T16:37:43Z

The Standing Committee on Finance Branch, Lok Sabha Secretariat has responded to the suggestions offered by CIS on the National Identification Authority of India, Bill 2010 and has requested it to mail its views by 14 October 2011.

On January 6, 2011, CIS had sent an open letter to the Parliamentary Finance Committee demonstrating how the Aadhaar biometric standard is weaker than the SCOSTA standard. The text of the reply is reproduced below.

Sir,

This is in response to one of the views/suggestions offered by CIS on the National Identification Authority of India Bill, 2010.

CIS View /Suggestion:

"Though the Aadhaar biometrics are useful for the de-duplication and identification of individuals, the Smart Card Operating System for Transport Application [(SCOSTA), developed by the National Informatics Centre in India)] standard is a more secure, structurally sound, and cost-effective approach to authentication of identity for India. Therefore, the Aadhaar biometric based authentication process should be replaced with a SCOSTA standard based authentication process."

In this regard, do you agree with the following view? If not, please justify.

"Comparison between SCOSTA and the UID project are not valid since SCOSTA is fundamentally a standard for smart card based authentication and does not work for the objectives of the unique id project.

The UID project follows a different approach and has multiple objectives — providing identity to residents of India, ensuring inclusion of poor and marginalized residents in order to enable access to benefits and services, eliminating the fakes, duplicates and ghost identities prevalent in other databases and provide a platform for authentication in a cost effective and accessible manner.

UIDAI is not issuing cards or smart cards. Cards can be issued by agencies that are providing services. UID authentication does not exclude smart cards — service providers can still choose to issue smart cards to their beneficiaries or customers if they want to."

You are requested to email your view by 14 October, 2011 positively.

Standing Committee on Finance Branch
Lok Sabha Secretariat

For more details visit https://cis-india.org/internet-governance/blog/scosta-uid-comparison-invalid

Scholarly Communication in the Age of the Commons

sachia — 2011-04-05T04:37:37Z

One-day conference on Open Access Organised by National Aerospace Laboratories (as a part of their Golden Jubilee celebrations), Indian Academy of Sciences and Centre for Internet and Society

Background

Open-access (OA) literature is digital, online, free of charge, and free of most copyright and licensing restrictions. OA removes price barriers (subscriptions, licensing fees, pay-per-view fees) and permission barriers (most copyright and licensing restrictions) and ensures free availability and unrestricted use.

In today’s knowledge-based society, the advent of the Internet and widespread and easy access to scientific information are facilitating research and innovation. Open Access is not only changing the nature of scholarly communication but even the way research is carried out. Indeed Open Access is the bedrock on which the emerging Global Research Library initiative is being built.

Scientists and scientific institutions in India - some of them, to be precise - have moved up in the value chain in that they access information and disseminate their findings often through barrier-free electronic channels. Out of about 3,900 open access journals, India accounts for 108 titles as seen from the Directory of Open Access Journals. The major Indian publishers of OA journals are Indian Academy of Sciences, Indian National Science Academy, MedKnow Publications and National Informatics Centre. According to the Registry of Open Access Repositories there are 40 open access repositories in India including those at Indian Institute of Science, National Aerospace Laboratories, National Institute of Oceanography, Raman Research Institute, National Institute of Technology - Rourkela, and Indian Institutes of Technology. Prof. Samir Brahmachari, Director General of CSIR, has initiated the Open Source Drug Discovery programme as an alternative to the traditional patent-driven model of drug research. Recently CSIR has adopted an open access policy. Indian National Science Academy is one of the early signatories to the Berlin Declaration.

Thus Open Access - both for accessing worldwide information and for making our own research more visible - is not new to India. But one must admit that considering the size of India's research and higher education enterprise what we have achieved so far is utterly inadequate and incommensurate with our ambition to become a knowledge power. We have a long way to go. And the first step is to adopt open access nationwide.

This one-day “Conference on Scholarly Communication in India in the Age of the Commons” is organized to take stock of the current developments in Open Access and to highlight the issues that would need to be addressed to enable a wider access to scientific knowledge and to enhance the visibility of research performed in India.

Date and Time

26 March 2009; 9.30 am - 5.00 pm

Venue

S R Valluri Auditorium, National Aerospace Laboratories, (Old) Airport Road, Bangalore

Speakers

Speakers at the event include:

Prof Leslie Chan, University of Toronto and Bioline International http://www.utsc.utoronto.ca/~chan/

Prof John Willinsky, Stanford University and Public Knowledge Project http://en.wikipedia.org/wiki/John_Willinsky

Please see the programme below for names of the other speakers.

Contact

Dr I R N Goudar

Scientist ‘G’ and Head, ICAST

National Aerospace Laboratories

Airport Road, Bangalore-560017

Telephone: (+91) 80 2508 6080

Fax: (+91) 80 2526 0862

Email: goudar@nal.res.in

While you can register on the spot, we encourage you to kindly register through e-mail. Please provide name, designation, address, contact telephone number and e-mail address. Participants may make their own arrangements for travel and accommodation.

Programme

9.30 am-10.15 am -- Inaugural session

Welcome by Dr I R N Goudar

About the conference: Prof Subbiah Arunachalam

Talk by Prof D Balasubramanian

Remarks by Dr A R Upadhya

10.15 am-10.45 am -- Tea

10.45 am-11.35 am -- Prof Leslie Chan, University of Toronto and Bioline International

11.35 am-12.25 pm -- Prof John Willinsky, Stanford University and Public Knowledge Project

12.25 pm-1.15 pm -- Dr D K Sahu, MedKnow Publications

1.15 pm-2.15 pm -- Lunch

2.15 pm-2.45 pm -- Mr Sunil Abraham, Centre for Internet and Society

2.45 pm-4.15 pm -- Panel discussion

Moderator: Prof P Balaram

Panelists: Subbiah Arunachalam, Leslie Chan, N V Sathyanarayana, A R Upadhya, and John Willinsky

4.15 pm -- Tea

VIDEOS

For more details visit https://cis-india.org/events/scholarly-communication-in-the-age-of-the-commons

SCCR 29: Public Interest Organizations Statements regarding the Broadcasting Treaty

praskrishna — 2014-12-27T16:44:18Z

Also presented during the afternoon plenary, here are 3 statements by public interest organizations, the TACD, EFF and CIS:

The article was published in Knowledge Ecology International on December 9, 2014.

TACD: Thank you very much the transAtlantic consumer dialogue is concerned that the discussion on this treaty whereas in the past due to the lack of definitions we called it an unidentified flying object, now, as the definitions get a bit clearer, we feel it's becoming a more identified flying object in the air as a transmission and precisely because it's becoming identified some of these definitions we consider are concerning us and we are worried about these definitions because we think these definitions and these protections of rights could mean a threat to access to culture, a threat even to freedom of speech, and a threat to the public domain. And we are talking about a public domain, about public broadcasting signals.
And we think these threats are coming from a scope that is much broader than is recommendable. It is a scope that could take into account a lot of the digital rights that millions of young people around the world are fighting for and defending. And I think this sensitivity of digital rights of mixing, of the type of things that go on every day millions of times on the Internet should not be threatened by this treaty. So how can we avoid that? We could avoid that by avoiding any post fixation rights.

We could avoid it by a very narrow definition of simultaneous or near simultaneous traditional broadcasting signals to the public in the air. We could -- broadcasting should mean, similar to the Rome Convention, the transmission by wireless over the air means for public reception of sounds, of images and of words.
As well, what is a signal? What is a signal? A signal obviously could not just mean everything. A signal means an electronically generated carrier over the air with sounds and images, and what we really need, what we really need is to narrow down the scope to a point where we don't see this as something that can be a threat to the creativity, innovation, new business models at a time when we know that the new business models need that flexibility, what we don't need is yet another layer of bureaucratic costly rights that will be burdensome for the future of the Internet.

So for that reason, for consumers, for Internet users, for culture, for new innovation, we would like really to call for this very narrow definition of the scope. Thank you very much.

The call for a narrow based possible treaty was echoed by EFF https://www.eff.org/deeplinks/2014/12/danger-post-fixation-rights-wipo-b...

>> Electronic frontier foundation: This year marks the tenth anniversary of EFF discussions over the WIPO treaty for broadcasting organisations. And during that time our position has been constant that any such treating should be limited to addressing the unauthorized simultaneous and near simultaneous retransmission of traditional broadcast untiles to the public without assigning new exclusive rights in the content of those signals. We also note it would be possible to include a right to prohibit the transmission of prebroadcast signals within a snail based approach and without assigning any new exclusive rights. Although this has been [decided?] in the past when WIPO dwed at the 2007 assembly to follow a signal based approach. Current discussions on post fixation rights have backtracked from this commitment and it's that more than anything else that has led these negotiations to become more protracted.
Creating new exclusive rights in post broadcast fixations would impede access to public domain material and material over which copyright limitations and exceptions may apply. This is because some material may not be readily available other than from broadcasts such as in the case of broadcast of sport or use events. It would impede the use of technological innovations that add val you to broadcast. Especially if it curtailed the use of circumvention devices this could affects digital media players and new innovations we can't even envision yet especially those running on free and open source marredware and software. So EFF urges WIPO members to be disciplined in their add harns to a narrow signal based approach as we see this as the only way that a treaty for broadcasting ors organisations can be conclude in 2015 or at all. Thank you.

The CIS made a technical analysis of the "charts" that cannot (yet) be provided to the public also here: http://cis-india.org/a2k/blogs/wipo-sccr-29-cis-intervention-on-proposed...

> CIS: Thank you, Mr. Chair. This intervention will be based on your chart detailing the concepts corresponding to the various definitions we are discussing here today. We believe that there are certain elements to these concepts that are inconsistent with the broadcast treaty based on a signals based approach and over the course of the next few minutes, I would like to briefly discuss these.
First, Mr. Chair, in the first column, and broadcasting or cable casting organisation in the traditional sense where communication of the signal has been listed under the scope of responsibility. Mr. Chair, as we have submitted in other statements before this community, before this committee, communication itself we believe is a concept that is an element of copyright, and it's distinction broadcast rights char related rights. A signal, Mr. Chair, we, therefore, believe could be broadcast or transmitted and accordingly under the element that deals with the scope of responsibility, we are of the money opinion that it should read broadcast or transmission of the signal and not communication of the signal, and the focus should not be communication to the public.

A concept that's also been discussed in certain alternatives to the definitions under Article 5 which accordingly we would loss not favor. Second, Mr. Chair, in the second column in broadcasting and cable casting transmission, we have three observations. Fist, under the means of transmission, we believe the transmission over computer networks is wide enough to encompass IP based tran missions and, therefore, should be excluded in order for the treaty to be consistent with the signals based approach.

Second, on the reception of the broadcast or cable cast prance mission, we believe that it should be qualified using the phrase general public. We are of the opinion that there is a danger that a limited public, say, family members, could be covered under the term public but would be excluded from the term general puck public which in any case is the targeted audience of a broadcast. Third, Mr. Chair, on whether the transmission would be encrypted or not, which also flows into the thought column on the signal, and whether the signal itself is encrypted or not, encrypted or not.

And which would also then relate to whether broadcasting organisations will have the right to prevent unauthorized decription. Mr. Chair, we don't think there should be a separate right to prevent unauthorized decription. Given that signal theft is a crime, having a spect decription might result in an absurdity where it would cover decrypting and unauthorized retransmission without authorization from the retransmitter where the transmission by the retransmitter was illegal to begin with.

Finally, Mr. Chair, in the third column and on the meaning of the signal, we submit that our preferred definition would be one where the definition of a signal is confined, and is understood as an electronically generated carrier transmitting a broadcast or a cable cast and not one which has the capability of such transmission as has been stated in your third chart.

For more details visit https://cis-india.org/a2k/news/knowledge-ecology-international-sccr-29-public-interest-organizations-statements-regarding-the-broadcasting-treaty

SCCR 29 Libraries, Archives and Public Interest NGOs in Q&A with Dr. Crews

praskrishna — 2014-12-27T16:54:58Z

While the many publishers representatives took the floor to explain that there are truly no problems with limitations and exceptions for libraries and archives (and anyway according to them if there are problems that can be solved with licenses), libraries & archives as well as public interest groups make their case: the committee must continue its work on limitations and exceptions for libraries and archives and find solutions.

This blog entry was published on the website of Knowledge Ecology International on December 11, 2014.

Here are excerpts from some of the interventions:

Hasmik Galstyan, Yerevan, Armenia speaking for the Electronic Information for LIbraries (eIFL.net):

>> EIFL: I'm speaking on behalf of the electronic information for libraries and that works with libraries and library con sort Sha in more than 60 developing and transition economy countries. We thank the Secretariat for commissioning the updated study that provided a comprehensive overview in the IP law. We thank professor crews for his clear presentation.
The report contains positives and negatives from our Point of View. The positives include the fact that law makers are to some degree responding to the need for legal change and a small number of countries have over the last six years created new exceptions especially with regard to digital services. These changes are to be commended. On the other hand, it is discouraging that 18% of countries including five EIFL partner countries have new exceptions for libraries and over one-third located almost totally in the developing world still do not have an exception allowing libraries to make copies of their works for the users. The trend regarding digital library services doesn't look good. Even for states that introduce amendment 2008 digital is barred in 50% in some cases for preservation and it states with anti-circumvention protection while some have applied library exceptions as mentioned by professor crews half of the countries have provided no library exceptions. So while a small number of countries are moving ahead and reforming their copyright laws the digital divide is being perpetuated at a time when libraries everywhere are adopting new technologies and Developing Countries are rapidly moving to mobile. My question is how can the situation be addressed. How can WIPO as an UN agency with a commitment to work with Developing Countries to enhance their participation in the global innovation economy most effectively support countries to be at the forefront of digital developments. To ensure that our libraries that are working hard to support education and development are not operating with one hand tied behind our backs.

My second question is considering that between 2008 and 2014 only a handful of countries have been implemented made changes benefitting libraries and their users and imagining that the current rate of support for a change stays the same, how long do you think it will take before all WIPO Member States have exceptions good enough to support library activities in the Digital Age? And the last question, please. Libraries collections contain materials of unique cultural and historical significance to people in other countries to the national border changes shared languages and a host of other reasons. In addition collaboration among researchers today is international. Therefore libraries increasingly need to send and receive information across borders. In our examination of copyright laws how do they accommodate or not these activities? Thank you very much.

The libraries representatives were echoed by archives representatives. William Maher, University of Illinois at Urbana-Champaign, representing the Society of America Archivists.

Thank you for producing a study that brings such clarity to the quite confusing maze of the laws that librarians and archivists must work with. Archives has been mentioned a lot over the past couple of days but I am only the second archivist to be addressing this issue at SCCR. Archivists know that the general populations does not understand what archives are and how and why we do what we do. However, it seems reasonable that those who draft copyright laws should understand that archives are fundamentally about the unpublished legacy of humankind. Yet, when looking at the 70 or so countries in the 2014 study, archives are seriously overlooked–Despite whatever minimal improvement for libraries, archives have been left out of 53% of the exceptions for preservation and 72 % of the exceptions for copying for research. Is this absence of provisions also reflected in the fact that the laws lack definitions of archives? Can this oversight be read as meaning that archives do not matter to the nations copyright system, or does it mean that copyright should not matter to archives?
>> KENNETH CREWS: Well, thank you very much. Yes, I think you have also heard me speak very strongly about the distinct interests of archives and maybe I should say even more important the distinct interests of our citizens in archives and in the works that they are -- the work that they are doing. And their ability to use these copyright provisions for the benefit of the country and of its citizens. I certainly can't emphasize that enough. So I -- I'm not going to read in to the lack of reference to archives. The kind of meaning that you are asking about. But instead I think we can certainly say that it makes you wonder if archives have been recognized by the drafters of many of these statutes and if in the case of following through on the example of the models influencing domestic law it really is have archives come to the attention of the individuals who have been responsible for developing some of the models. So I believe very strongly that the future statutes in individual countries and the drafting of different kinds of instruments or models that may come from WIPO or any other organization need to encompass archives. And the -- because the preservation and research access and other kinds of beneficial uses of archival material goes directly to the preservation of the culture and the history of our countries and our people. And it is vital that we be able to do that and keep archives at the table. And I thank you very much for being here.

Another stakeholder, Nehaa Chaudhari, Lawyer, Programme Officer at the Centre for Internet and Society questioned Dr. Crews on provisions regarding digital works:

CIS: Thank you Madame Chair. Thank you very much professor crews for your presentation yesterday and this comprehensive study on libraries and archives. Very timely and very important to us from the [...] access to knowledge and information most critically.
I have two questions. My first question: did you find in your examination that in terms of or on the question of limitations and exceptions did you find that there was an equal or equitable treatment of digital resources in comparison to resources available in more traditional formats? And if not, where do you think that are lever of change lies to ensure that fair use of fair dealing provisions are extended e equitably to the digital environment as well.

My second question is on the interoperability of limitations and exceptions. Given that copyright is a very national thing and as your study has also well established countries have a whole range of veridy veers approaches and practices on limitations and exceptions. But also given the fact that we live in an increasingly globalized world we need a system that is interoperable with respect to the transboundary movement of works with as little fiction as possible. Again both in the physical as well as in the digital environments. So what did your examination show of how interoperable or not the range of limitations and exceptions actually have. Those are my two questions. Thank you very much.

> KENNETH CREWS: Thank you very much. On the second question, I'm afraid I might mind myself only repeating some of the concepts that have already said about transborder and really about in the statutes anyway, a lack of recognition of transborder. And the transborder concept, so I will add this piece to the conversation, the transborder concept seldom if ever appears in these library exceptions to the extent that we are going to find it in copyright law or some other part of a national law it may very well be over in the import/export kind -- area of the law. But that also goes to the interoperability which think we have answered a few times just this sort -- the lack of exact harmonization and as others have reminded me I have said before that I may not be a fan of exact precise harmonization and indeed it may not be possible or even desirable. But some degree of harmonization can help with that interoperability. Interesting question, you do -- you did raise a new point about digital. We have talked several times in this conversation about use of digital technologies in the exercise of the rights of use under the exception. However what I think you were asking about is the ability to apply the exception to works that are digital in the first place that are what we call born digital and that's a very interesting question. The statutes do not address that. Sometimes you will see a statute that refers to -- that says it applies to all these different kinds of works but not computer software. That tells you somebody was thinking it shouldn't apply to software but somehow software is different and there are problems with that. We know that software has changed and been incorporated in to many different works. But we generally see a statute almost always see a statute that's about books or archival materials or some other kind of work without specifying the technology. So can it apply to an e-book in addition to the paper book? The statutes don't go there. They don't sort that out.

So in my common law tradition I look at that and see that as a question for interpretation. In
a civil code system I might look at it and see it a little bit more firmly for lack of a better word
about what the scope of that word book, for example, really means. Really good question. And it is one that the statutes have not picked up on. Thank you very much.

Finally, the TransAtlantic Consumer Dialogue (TACD) representative David Hammerstein made the following political and philosophical intervention:

Thank you very much. Thank you Mr. Crews for your presentation. I would like to say a few general words. Internet and the digital obviously is global. Copyright laws are national. Economic power is global. Politics is national. This is very relevant to our discussion.
And other relevant factor is that copyright law and the idea of exceptions and limitations are very complicated. It is for small circles of specialists usually and when these things come out in to the open to the greater public opinion things change radically. I can only remind peep of this room for the debate on ACTA or the debate for SOPA and PIPA in the United States. When these issues come out of the closet things are seen in a very, very different light. The opinion of copyright specialist especially where I know in the European Union and totally different with the opinions of the general public. And the general public the vast majority are frustrated by copyright law because social reality that applies de facto and I am not talking about piracy, I am talking about de facto flexibilities and exceptions and limitations are very, very far from the legal reality of the copyright. The vast majority of Europeans would like to have a harmonized and mandatory exceptions and limitations that we are speaking about, whether it be more text and data mining, whether it be for libraries whether it be cross-border, whether it be preservation of cultural heritage, they would like that. Now the opinions of the often of political structures are captured by certain experts and very special groups that are interested in what they want. Especially the European Union is at a cross roads and we can see it politically because around a year ago the European Union launched a process called lnss for Europe where some of the ideas presented by some of the industry people were brought up memorandums of understanding and that the solution to exceptions and limitations for these issues could be found in voluntary measures between stakeholders. This was a failure. This was a terrible failure. We had letters many many many Nobel Prize winners who are asking tore a legal exceptions and limitations for text and data mining for other scientific research and we think that many orphan works legislation does not go far enough. Et cetera, et cetera, self generated user content. How can that Democratic debate take place and these cross roads can be made a positively by real decisions. And I think those real decisions have to be deal with the public dough minute yon, what is public knowledge and things about the commons, we are talking about the knowledge commons here need to have a democratic debate and need to have democratic management. Now this could be done by very delayed mediation to end up in the hands of a few copyright experts that are very close to very narrow industry that I think is defending outdated models or we could open a democratic debate where exceptions and limitations for libraries and archives for preservation for scientific limitation would be beyond borders. Even inside the European Union today it is almost hard to imagine there to be harmonization in the internal market. And the people making money prefer a fragmented market even though European site sents want a harmonized market for these things. My question is impossible question. I am sorry to put you on spot of how to open up the door, how to bring this issue out of the closet and how to involve millions of people who really want that change. Thank you very much

For more details visit https://cis-india.org/a2k/news/knowledge-ecology-international-sccr-29-december-11-2014-libraries-archives-public-interest-ngos-q-a-with-dr-crews

SCCR 26

praskrishna — 2014-05-01T13:57:22Z

For more details visit https://cis-india.org/a2k/blogs/sccr-26.pdf

SC seeks govt reply on PIL challenging powers of IT Act

praskrishna — 2014-09-08T04:45:51Z

Section 66A of the IT Act punishes sending offensive messages through communication services, including posts on social media websites like Facebook.

The article by Shreeja Sen was published in Livemint on August 30, 2014. Leslie D’Monte contributed to this story. Sunil Abraham gave his inputs.

The Supreme Court on Friday asked for the central government’s response in a writ petition filed by Internet and Mobile Association of India (IAMAI) challenging the arbitrary powers that the Information Technology (IT) Act confers on the government to remove user-generated content.

This is not the first time that the amended provisions of the IT Act 2000 and the IT (Intermediaries Guidelines) Rules, 2011 have been challenged. The rules were released by the government in April 2011, and laid down detailed procedures for regulation of intermediaries and online content.

A bench of justices J. Chelameswar and A.K. Sikri, while issuing notice to the central government, tagged the cases with others of a similar nature, including ones by MouthShut.com, a consumer review website, and Shreya Singhal, a public interest litigant who challenged the constitutionality of Section 66A in support of Shaheen Dhada, who was arrested for criticizing the shutdown of Mumbai after the death of Shiv Sena supremo Bal Thackeray in 2012. Section 66A of the IT Act punishes sending offensive messages through communication services, including posts on social media websites like Facebook.

“We’re very happy at MouthShut that IAMAI decided to take a stand regarding this,” said Faisal Farooqui, chief executive officer of MouthShut.com.

The petition, which runs into 1,100 pages according to those familiar with the case, seeks to challenge Section 79(3)(b) of the Information Technology Act. The section holds an Internet service provider (ISP) responsible for content which may be unlawful, published by third parties (not the ISPs) when they’ve been intimated by the government. It takes away the safe harbour rule, which protects ISPs from being sued because of third party actions.

According to a statement by IAMAI, the industry lobby approached the apex court for “objective interpretation of the laws”. Referring to the court agreeing to hear the petition, the statement said, “This admission today allows the industry an opportunity to argue for a clear Safe Harbour Provision for the intermediaries, which is an essential pre-condition of a thriving digital content business.”

“In my view, the court may be sympathetic to this particular situation because there is a body of research and evidence that demonstrates that the private censorship regime instituted by Section 79A that places unconstitutional limits of freedom of speech and expression,” said Sunil Abraham, executive director of the Centre for Internet and Society (CIS), India, a non-profit organization involved with research in freedom of expression, privacy and open access to literature.

On 27 April 2012, CIS-India had released a paper which, among other things, listed why the IT Rules 2011 could have a “chilling” effect on intermediaries. No much has changed since. The paper argued that not all intermediaries have sufficient legal competence or resources (or the willingness to devote such legal resources) to deliberate on the legality of an expression, as a result of which, intermediaries have a tendency to err on the side of caution. It also pointed out that the qualifications and due diligence requirements of different classes of intermediaries have not been clearly defined in the Rules resulting in uncertainty in the steps to be followed by the intermediary. It noted that depending on the nature of a service, it may be technically unfeasible for an intermediary to comply with the takedown within 36 hours.

“The chilling effect can primarily be attributed to the requirement for private intermediaries to perform subjective judicial determination in the course of administering the takedown. From the responses to the takedown notices, it is apparent that not all intermediaries have sufficient legal competence or resources to deliberate on the legality of an expression, as a result of which, such intermediaries have a tendency to err on the side of caution and chill legitimate expressions in order to limit their liability,” the paper said.

Another privacy lobby body, SFLC.in, had submitted feedback to the government when the draft IT Rules were put up for consultation but said that “when the final Rules were notified we found that most of our concerns were not addressed and that the Rules exceeded the scope of the parent act”.

In a July paper, SFLC.in reiterated that “Words and phrases like grossly harmful, harassing, blasphemous, disparaging and “harm minors in any way” are not defined in these Rules or in the Act or in any other legislation. These ambiguous words make the Rules susceptible to misuse…(and have a) chilling effect on free speech rights of users by making them too cautious about the content they post and byforcing them to self-censor…As technology evolves at a fast pace, the law should not be found wanting. The law should be an enabling factor that ensures that citizens enjoy their right to freedom of speech and expression without any hindrance. India, being the largest democracy in the world should lead the world in ensuring that the citizens enjoy the right to express themselves freely online.”

SFLC.in is a donor-supported legal services organization that brings together lawyers, policy analysts, technologists, and students.

According to a March study commissioned by the Global Network Initiative, a multistakeholder group of companies, civil society organizations, investors, and academics and conducted by Copenhagen Economics, an economic consultancy, the GDP contribution of online intermediaries may increase to more than 1.3 % ($ 241 billion) by 2015, provided the current liability regime is improved.

In another development, hearing a petition asking to take down pornographic website, the court deemed it fit to send it to an advisory committee that has been set up under Section 88 of the Information Technology Act. The petition, filed by lawyer Kamlesh Vaswani in 2013, asked for a direction to the central government to block pornography websites, platforms, links or downloading. Speaking to reporters, Vaswani’s lawyer Vijay Panjwani said, “as on date, there are 4 crore pornographic websites. For 18 months, the government has not blocked them.”

The central government informed the committee was considering several options to address the issue of including methods used in the US and UK. This case was being heard by a three-judge bench headed by the chief justice of India R.M. Lodha, who said that to address these technological issues, a “synthesis of law, technology and governance is required.”

For more details visit https://cis-india.org/internet-governance/news/livemint-august-30-2014-shreeja-sen-sc-seeks-govt-reply-on-pil-challenging-powers-of-it-act

Sameet Panda - Impact of the JAM Trinity on Pension & PDS in Odisha during COVID-19

sumandro — 2021-02-26T06:45:00Z

For more details visit https://cis-india.org/raw/sameet-panda-impact-of-the-jam-trinity-on-pension-pds-in-odisha-during-covid-19

Salient Points in the Aadhaar Bill and Concerns

Amber Sinha and Elonnai Hickok — 2016-03-21T04:37:48Z

Since the release of the Aadhaar Bill, the Centre for Internet and Society has been writing a number of posts analyzing the Bill and calling out problematic areas and the implications of the same. This post is meant to contribute to this growing body of writing and call out our major concerns with the Bill.

Use of Aadhaar Number

What the Bill says:

Used to establish identity: The Aadhaar number can be used by any government or private agency to validate a person’s identity for any lawful purpose, but it cannot be used as a proof of citizenship. (Sections 4, 6, and 57)
Mandatory for access to government services: The government can make it mandatory for a person to authenticate her/his identity using Aadhaar number before receiving any government subsidy, benefit, or service whose expenditure is incurred from the Consolidated Fund of India.
Those without a number, must apply for one: If someone attempting to access an applicable service does not have an Aadhaar number, he/she should make an application for enrolment, and will be allowed to use an alternative method of identification in the meantime. (Section 7)
Open to use by public and private bodies: The Bill does not prevent the use of Aadhaar number to establish identity for other lawful purposes by the State or other private bodies. (Section 57)

Concerns:

Aadhaar is not voluntary: Section 7 makes its mandatory to have an Aadhaar number to access services, subsidies and benefits, and stipulates that in case one does not have the Aadhaar number they must apply for it. This is counter to the repeated claims about Aadhaar being purely voluntary, and the Supreme Court order dated August 11, 2015 which prevents making Aadhaar mandatory, barring a few specified services. The Bill does not limit mandatory use of Aadhaar to those services, and leaves the door open for the government to route more benefits, subsidies and services through the Consolidated Fund of India and expand the scope of Aadhaar.
There are limited and unclear alternatives: While there is a proviso in the Act which speaks for “viable and alternative” means of identification where Aadhaar number is not issued, the language is not clear and speaks of cases where Aadhaar “is not assigned” rather than simply stating that it is applicable to anyone who does not have an Aadhaar number.
There is a conflict in the objects and actual scope of the Bill: There is a conflict between the objects of the Bill which is stated as identification of individuals for targeted delivery of entitlements and Section 57 which allows all entities, public or private, to use the Aadhaar number for authentication.

Enrollment Process

What the Bill says:

Enrolling agencies must provide notice: At the time of enrollment, the enrolling agency will inform the individual of the following details— i) how their information will be used; ii) what type of entities the information will be shared with; and iii) that they have a right to access their information, and also tell them how they can access their information. (Section 3)
Biometrics and demographics will be collected: Biometric information and demographic information will be collected at enrollment. Biometric information means photograph, fingerprint, Iris scan, or any other biological attributes specified by regulations. Demographic information includes information relating to the name, date of birth, address and other relevant information as specified by regulations. (Section 2)
Special measures to ensure enrollment for all: The UIDAI will take special measures to issue Aadhaar number to women, children, senior citizens, persons with disability, unskilled and unorganised workers, nomadic tribes or to such other persons who do not have any permanent residence and similar categories of individuals as specified by the regulations. (Section 5)

Concerns:

The Bill fails to address implementation issues: The Bill does not address issues that have arising during enrolment processes that have already been implemented. These include: the collection of additional and unnecessary information, unclear retention, storage, and destruction standards for data collected by enrollment agencies, abuse of methods used to ensure all have access to the enrollment process, inaccuracy in the collection of data. Detailed procedure and chain of custody for the enrollment process needs to be addressed through provisions in the Bill particularly as this process is undertaken by contracted third party registrars and enrolling agencies.
Definition of “Biometric Information” is broad and ambiguous: The Bill defines “biometric information” as “photograph, fingerprint, iris scan, or other such biological attributes of an individual.” This definition is broad and gives sweeping discretionary power to the UIDAI / Central Government to determine “other such biological attributes of an individual”. The definition should be precise and exhaustive in its scope. Any modification to this, and other terms in the Bill, should take place only through a legislative act.

Authentication Process

What the Bill says:

Consent and use limitation during authentication: The Bill states that any requesting entity will— (a) take consent from the individual before collecting his/her Adhaar information; (b) use the information only for authentication with the CIDR.
Notice during authentication: Further, the entity requesting authentication will also inform the individual of the following— (a) what type of information will be shared for authentication; (b) what will the information be used for; and (c) whether there is any alternative to submitting the Aadhaar information to the requesting entity. (Section 8)
Retention of authentication records: The UIDAI will maintain the authentication records in the manner and for as long as specified by regulations. (Section 32) The UIDAI will not collect, keep or maintain any information about the purpose of authentication. (Section 32)
Ability to obtain authentication records: Every Aadhaar number holder may obtain his authentication record as specified by regulations. (Section 32)
Requirement to update information: The UIDAI has the power to require residents to update their demographic and biometric information from time to time. (Section 6)

Concerns:

Lack of strong consent mechanism: While the Bill does provide for seeking consent for collecting and using an Aadhaar for authentication, the Bill does not specify that this must be informed consent with an ‘opt out’ mechanism and does not specify the manner in which such consent should be sought. This leaves it it in the hands of the UIDAI and possibly the third requesting entity to determine the form of consent that is to be taken. This could result in ambiguous, misleading, or inconsistent consent mechanisms being used.
Lack of strong notice mechanism: While the Bill does provide that individuals should be given notice of the type of information be shared and what the information will be used for, and any alternative identity that will be accepted during the authentication process this is a minimal notice and does not meet the standards in the (Reasonable security practices and procedures and sensitive personal data or information) Rules 2011 which require individuals to be notified of a) the fact that the information is being collected b) the purposes for which the information is being collected c) the intended recipients of the information d) the name and address of the agency collecting the information and the agency that will retain the information. Furthermore, the Bill does not require the UIDAI, contracted bodies, or requesting entities to notify individuals of any changes in organizational privacy policies.
“Obtaining” rather than the right to access: Instead of providing the individual with a clear right to access the information that the UIDAI holds about him or her, the Bill waters down this safeguard by giving the individual the ability to obtain only his authentication record. What ‘obtaining’ will entail and how one will go about it is delegated to regulations.
Lack of ability to opt out, withdraw consent and/or ‘exit’ Aadhaar: There are no opt-out mechanisms in the Aadhaar Act.This means that individuals cannot:

Opt out and leave the Aadhaar ‘ecosystem’ once enrolled and their information is not deleted.
Opt out of sharing of information at the enrollment stage or authentication stage.
Opt out of any use, disclosure, or retention of their information prescribed by the Act.

Security

What the Bill says:

Security measures for information with UIDAI: The UIDAI will take measures to ensure that all information with the UIDAI, including CIDR records is secured and protected against access, use or disclosure and against destruction, loss or damage. (Section 28)
Security measures through contract: The UIDAI will adopt and implement appropriate technical and organisational security measures, and ensure the same are imposed through agreements/arrangements with its agents, consultants, advisors or other persons. (Section 28)
Security protocol via regulations: The UIDAI has the power to prescribe via regulation various processes relating to data management, security protocol and other technology safeguards (Section 54)

Concerns:

Undefined security measures: The Bill specifies that appropriate technical and organisational security measures shall be put in place without elaborating upon what those measure should be or defining any standards that they will adhere to. The Bill gives the Authority the power to define broad regulations pertaining to security protocol.

Confidentiality

What the Bill says:

Restriction on Sharing, Disclosure, and Use: Unless otherwise provided, the UIDAI or its agents will not reveal any information in the CIDR to anyone. (Section 28) The core biometric information collected will not be a) shared with anyone for any reason, and b) used for any purpose other generation of Aadhaar numbers and authentication. (Section 29) Identity information, other than core biometric information, may be shared as per this Act and regulations specified under it. (Section 29) Identity information available with a requesting entity will not be used for any purpose other than what is specified to the individual, nor will it be shared further without the individual’s consent. (Section 29) Aadhaar numbers or core biometric information will not be made public except as specified by regulations. (Section 30)
Application of Information Technology Act: All biometric information collected and stored in electronic form will be deemed to be “electronic record” and “sensitive personal data or information” under Information Technology Act, 2000 and its provisions and rules will apply to it in addition to this Act. (Section 30)

Concerns:

Aadhaar numbers and biometric information to be made public: It is unclear for what purposes it would be necessary for Aadhaar numbers and core biometric information to be made public and it is concerning that such circumstances are left to be defined by regulation. This is different from the Telegraph Act and the IT Act which define the circumstances for interception in the Act and define the procedure for carrying out interception orders in associated Rules. Defining circumstances for such information to be made public is against the disclosure standards in the 43A Rules - which would be applicable to the UIDAI and the disclosure of core biometric information.
Unclear application of Section 43 A Rules: The Bill characterises biometric information collected as ‘sensitive personal data or information’ under the Information Technology Act, 2000 and Section 43A Rules and states that the Act and Rules would be applicable to biometric information. If this is the case, than any body corporate (including the UIDAI) collecting, processing, or storing biometric information would need to follow the standards established in the Rules - including standards for collection, consent, disclosure, sharing, retention, and security. Yet, the Bill allows the UIDAI to make regulations for collection, disclosure, security etc.

Disclosure

What the Bill says:

Disclosure during authentication: During authentication, the UIDAI will respond to the authentication request with yes, no, or other appropriate response and share identity information about the Aadhaar number holder, but not share any biometric information. (Section 8)
Exceptions to confidentiality provisions: The UIDAI may reveal identity information, authentication records or any information in the CIDR following a court order by a District Judge or higher. Any such order may only be made after UIDAI is allowed to appear in a hearing. (Section 33) The confidentiality provisions in Sections 28 and 29 will not apply with respect to disclosure made in the interest of national security following directions by a Joint Secretary to the Government of India, or an officer of a higher rank, authorised for this purpose. (Section 33)
Oversight Committee: An Oversight Committee comprising Cabinet Secretary, and Secretaries of two departments — Department of Legal Affairs and DeitY— will review every direction under 33 B above. Any directions in the interest of national security above are valid for 3 months, after which they may be extended following a review by the Oversight Committee. (Section 33)

Concerns:

Unnecessary disclosure during authentication: Usually authentication would be a binary process leading to a yes or no result, however, Section 8 also allows sharing of identity information in certain cases. It is unclear why any additional information would need to be shared in the authentication process.
Lack of opportunity to data subject: In case of a court order identity information and authentication records of an individual can be revealed without any notice or opportunity of hearing to the individual affected. Aside from allowing the UIDAI a right to be heard, the Bill does not provide any means by which an individual can contest such an order or challenge it after it has been passed.
Lack of defined functions and responsibilities of oversight mechanisms: Section 33 currently specifies a procedure for oversight by a committee, however, there are no substantive provisions laid down as the guiding principles establishing the responsibilities and powers of the oversight mechanism.
Low standards for disclosure order: Though a court order from a District Judge is required to authorize disclosure of information, the Bill fails to define important standards that such an order must meeting including that the order is necessary and proportionate.
Sweeping exception of National Security: Disclosures that are made ‘in the interest of national security’ do not require authorization by a judge and instead can be authorized by the Joint Secretary of the Government of India - a standard lower than that established in the Telegraph Act and IT Act for the interception of communications.

Power of UIDAI to make rules and regulations

What the Bill says:

The matters on which the UIDAI may frame rules include:

The process of collecting information,
Verification of information,
Individual access to information,
Sharing and disclosure of information,
Alteration of information,
Request and response for authentication,
Defining use of Aadhaar numbers,
Defining privacy and security processes,
Specifying processes relating to data management, security protocols and other technology safeguards under this Act
Establishing redressal mechanisms.

Concerns:

Over delegation of powers to the UIDAI: This Bill follows in the tradition of laws like the Information Technology Act, which allows the executive a very high degree of discretionary power. As mentioned above, a number of important powers which should ideally be within the purview of the legislature are delegated to the UIDAI. The UIDAI has been administrating the project since its inception, and a number of problems have already been documented in process such as collection, verification, sharing of information, privacy and security processes. Rather than addressing these problems, the Bill allows the UIDAI to continue to have similar powers.
Lack of independence of grievance redressal mechanism: Within the text of the Bill there are no grievance redressal mechanism created under the Bill. The power to set up such a mechanism is delegated to the UIDAI under Section 23 (2) (s) of the Bill. However, making the entity administering a project, also responsible for providing for the frameworks to address the grievances arising from the project, severely compromises the independence of the grievance redressal body.

For more details visit https://cis-india.org/internet-governance/salient-points-in-the-aadhaar-bill-and-concerns

RTI Applications on Blocking of Websites

pranesh — 2012-12-21T06:34:27Z

In recent weeks, an increasing number of incidents have come to light on government-ordered blocking of websites. In one case involving Zone-H.org, it is clear who has ordered the block (a Delhi district court judge, as an interim order), even though the block itself is open to constitutional challenge. In all others cases, including the TypePad case, it is unclear who has ordered the block and why. We at CIS have sent in two right to information requests to find out.

While under the law (i.e., s.69A of the Information Technology Act), the Department of Information Technology (DIT) has the power to order blocks (via the 'Designated Officer'), in some cases it has been noted that the ISPs have noted that the order to block access to the websites have come from the Department of Telecom (DoT). Due to this, we have sent in RTI applications to both the DIT and the DoT.

RTI Application to Department of Information Technology

Shri B.B.Bahl,
Joint Director and PIO (RTI)
Office of PIO (RTI)
Room No 1016, Electronics Niketan
Department of Information Technology (DIT)
Ministry of Communications and Information Technology
6, CGO Complex, New Delhi

Dear Sir,

Subject: Information on Website Blocking Requested under the Right to Information Act, 2005

1. Full Name of the Applicant:
Pranesh Prakash

2. Address of the Applicant:
E-mail Address:
pranesh[at]cis-india.org

Mailing Address:
Centre for Internet and Society
194, 2-C Cross,
Domlur Stage II,
Bangalore – 560071

3. Details of the information required:

It has come to our attention that Airtel Broadband Services (“Airtel”) has recently blocked access to a blog host called TypePad (http://www.typepad.com) (“TypePad”) for all its users across the country. In this regard, we request information on the following queries under Section 6(1) of the Right to Information Act, 2005:

Did the Department order Airtel to block TypePad under s.69A of the Information Technology Act (“IT Act”), 2000 read with the Information Technology (Procedures and Safeguards for Blocking Access of Information by Public) Rules, 2009 (“Rules”) or any other law for the time being in force? If so, please provide a copy of such order or orders. If not, what action, if at all, has been taken by the Department against Airtel for blocking of websites in contravention of s.69A of the IT Act?
Has the Department ever ordered a block under s.69A of the IT Act? If so, what was the information that was ordered to be blocked?
How many requests for blocking of information has the Designated Officer received, and how many of those requests have been accepted and how many rejected? How many of those requests were for emergency blocking under Rule 9 of the Rules?
Please provide use the present composition of the Committee for Examination of Requests constituted under Rule 7 of the Rules.
Please provide us the dates and copies of the minutes of all meetings held by the Committee for Examination of Requests under Rule 8(4) of the Rules, and copies of their recommendations.
Please provide us the present composition of the Review Committee constituted under rule 419A of the Indian Telegraph Rules, 1951.
Please provide us the dates and copies of the minutes of all meetings held by the Review Committee under Rule 14 of the Rules, and copies of all orders issued by the Review Committee.

4. Years to which the above requests pertain:
2008-2011

5. Designation and Address of the PIO from whom the information is required:

To the best of my belief, the details sought for fall within your authority. Further, as provided under section 6(3) of the Right to Information Act (“RTI Act”), in case this application does not fall within your authority, I request you to transfer the same in the designated time (5 days) to the concerned authority and inform me of the same immediately.

To the best of my knowledge the information sought does not fall within the restrictions contained in section 8 and 9 of the RTI Act, and any provision protecting such information in any other law for the time being in force is inapplicable due to section 22 of the RTI Act.

Please provide me this information in electronic form, via the e-mail address provided above.

This to certify that I, Pranesh Prakash, am a citizen of India.

A fee of Rs. 10/- (Rupees Ten Only) has been made out in the form of a demand draft drawn in favour of “Pay and Accounts Officer, Department of Information Technology” payable at New Delhi.

Date: Monday, February 28, 2011
Place: Bengaluru, Karnataka

(Pranesh Prakash)

RTI Application to Department of Telecom

Shri Subodh Saxena
Central Public Information Officer (RTI)
Director (DS-II)
Room No 1006, Sanchar Bhawan
Department of Telecommunications (DoT)
Ministry of Communications and Information Technology
20, Ashoka Road, New Delhi — 110001

Dear Sir,

Subject: Information on Website Blocking Requested under the Right to Information Act, 2005

1. Full Name of the Applicant:
Pranesh Prakash

2. Address of the Applicant:
E-mail Address:
pranesh[at]cis-india.org

Mailing Address:
Centre for Internet and Society
194, 2-C Cross,
Domlur Stage II,
Bangalore – 560071

3. Details of the information required:

It has come to our attention that Airtel Broadband Services (“Airtel”) has recently blocked access to a blog host called TypePad (http://www.typepad.com) (“TypePad”) for all its users across the country. Airtel subscribers trying to access this website receive a message noting “This site has been blocked as per request by Department of Telecom”. In this regard, we request information on the following queries under Section 6(1) of the Right to Information Act, 2005:

Does the Department have powers to require an Internet Service Provider to block a website? If so, please provide a citation of the statute under which power is granted to the Department, as well as the the safeguards prescribed to be in accordance with Article 19(1)(a) of the Constitution of India.
Did the Department order Airtel to block TypePad or any blog hosted by TypePad? If so, please provide a copy of such order or orders. If not, what action, if at all, has been taken by the Department against Airtel for blocking of websites?
Has the Department ever ordered the blocking of any website? If so, please provide a list of addresses of all the websites that have been ordered to be blocked.
Please provide use the present composition of the Committee constituted under rule 419A of the Indian Telegraph Rules, 1951.
Please provide us the dates and copies of the minutes of all meetings held by the Committee constituted under rule 419A of the Indian Telegraph Rules, 1951, and copies of all their recommendations.

4. Years to which the above requests pertain:
2005-2011

5. Designation and Address of the PIO from whom the information is required:
Shri Subodh Saxena
Central Public Information Officer (RTI)
Director (DS-II)
Room No 1006, Sanchar Bhawan
Department of Telecommunications (DoT)
Ministry of Communications and Information Technology
20, Ashoka Road, New Delhi — 110001

Please provide me this information in electronic form, via the e-mail address provided above.

This to certify that I, Pranesh Prakash, am a citizen of India.

A fee of Rs. 10/- (Rupees Ten Only) has been made out in the form of a demand draft drawn in favour of “Pay and Accounts Officer (HQ), Department of Telecom” payable at New Delhi.

Date: Monday, February 28, 2011
Place: Bengaluru, Karnataka

(Pranesh Prakash)

For more details visit https://cis-india.org/internet-governance/blog/rtis-on-website-blocking

RTI and Third Party Information: What Constitutes the Private and Public?

Noopur Raval — 2011-11-24T09:21:20Z

The passing of the Right to Information Act, 2005 was seen as giving an empowering tool in the hands of the citizens of India, six years post its implementation, loopholes have surfaced with misuse of the many fundamental concepts, which have yet not been defined to allow for a consistent pattern of decisions. Among many problems that emerge with the Act, a major problem is defining the extent to which an individual has access to other people’s information. While most of us tend to think that asking for other people’s phone numbers, personal details like passport number or IT returns are private and would be kept so, under the RTI Act and as seen in the Central Information Commission (CIC) decisions, all of these details can be availed of by someone who doesn’t know you at all!

According to section 2 (n) of the RTI Act, 2005, 'third party' means a person other than the citizen making a request for information and includes a 'public authority'. This implies that the term 'third party' includes anyone other than the appellant or the respondent. In matters where an appellant is seeking information not regarding his or her own activities, or is asking for details of shared records that list details of several persons other than him or her, information cannot be provided until the ‘third party’ consents to disclosure and subsequently until the Central Public Information Office (CPIO), after considering the implications of such disclosure allows it. Section 11 (1) the Act provides the procedure to access third party information wherein the appellant needs to request for the third party’s consent after which the CPIO will produce a written request to the 'third party' and within a stipulated time period obtain their response. However, it is not the information bearer (third party) who holds the key to disclosure. The power, by the RTI Act, 2005, is vested in the public information officer who will then, either see a 'larger public interest', or otherwise allow disclosure based on the merits of the case.

In such a situation, it is interesting to see who the Central Information Commission (CIC) regards as 'third party'. While going through the judgments delivered by the CIC, one comes across several judgments that tell you who can and who cannot access your information. While a son or daughter naturally inherits his/her father’s wealth, land or other possessions, they do not inherit his position for obtaining information. This is just one instance. Similar holds true for access to information of a deceased kin. Unless the public information officer sees a ‘larger public interest’ in disclosure of such information, it cannot be revealed even to the deceased’s wife, husband or children unless they hold a power of attorney specifically to a right to access information.

This brings us to the question of ‘larger public interest’ and what information can be delved to anyone for this cause. While the RTI Act, 2005, clearly states that the appellant needs not a reason to ask for any information, it is largely based on the public information officer’s inference as to what the appellant may do with the data and hence, maybe deemed as acting in public interest or for personal gains. This also produces positions of potential criminality and the need for State subjects to prove themselves as ideal information seekers, void of malice in order for the public information officer to rule in their favour.

Third party position is a problematic one as it only goes so far as to define the state-mediated interaction between two subjects in relation to each other through legal machinery that holds massive discretionary powers to disclose or withhold information. Hence, while, in relation to ‘third party’, a subject may need to justify his larger benevolent interests, the State finds no problems revealing or disclosing information for its own good. In Shri Rajender Kumar Arya vs Dy. Commissioner of Police (DCP), (4 March 2009), the commission ruled that they now have the decision of the Madras High Court in the context of right to privacy in light of the RTI Act. The Madras High Court observed that with the advent of the Right to Information Act, section 3 of the Act entitles a citizen to the right of information. Section 4(2) of the said Act obliges a public authority to disclose information to common people. Even personal information or information, which may otherwise amount to an invasion of privacy, may also be disclosed if the larger public interest so warrants. The court in fact came to the conclusion that the right to privacy virtually fades out in front of the 'Right to Information' and 'larger public interest’. This tells us that ‘third party’ is a mere negotiating position from which the State itself regulates information flow to citizens and can revoke these privileges as and when needed.

Moreover, there is no clear definition to the ‘larger public interest’ or ‘invasion of privacy’. In several judgments, the committee upholds principles of natural justice to justify instance of public good but these cannot be upheld for all decisions. It is also interesting to see what comes under the purview of ‘public information’. It’s a misconception if you think that you hold the right to revealing your age, birth date, place you belong to, your marks, the rank that you hold, the salary you get, the returns you file or subsequently any of this information regarding your children. As upheld in Madhulika Rastogi vs Regional Passport Office, New Delhi, on 4 February 2009, M. Rajamannar vs PIO, AC Division, Indira Gandhi National Open University on 18 February 2009 and A.V.Subrahmanyam vs BSNL, Hyderabad on 16 February 2009 — the judgments illustrate that information submitted to public authorities at any point in time whether to get admitted to school, to get a license, to pass a public services examination or even file a divorce; all qualify for access to other people because they have been knowingly submitted to the public domain. A lot of sensitive information like passport details, telephone call records and medical records that can map intimate interactions of a person’s daily life can also be obtained if larger public interest is proven.

Hence, it becomes important to revise and rethink the commonly accepted notions of privacy, especially when information gains such strategic importance as well as fluidity through fast expanding platforms as well as tools such as RTI. While one may confidently think that information generated by the self, pertaining to one’s own business and life rightfully belongs to the private domain, it is very important to realize the constantly looming hold of the State to any information. In such a situation, what you can claim as private data totally depends on how much common interest it garners.

For more details visit https://cis-india.org/internet-governance/blog/rti-and-third-party-info

Round Table on Assessing the Efficacy of Information and Communication Technologies (ICTs) for Public Initiatives: A Report

sachia — 2011-08-20T22:28:55Z

Zainab Bawa reports on the Round Table on Assessing the Efficacy of Information and Communication Technologies for Public Initiatives, hosted by the Centre for Internet and Society, Bangalore, on 17 June 2009, in collaboration with the Liberty Institute, New Delhi.

In recent times, there has been an upsurge in the use of ICTs to provide information to people and to elicit participation. Individuals, corporate organisations, NGOs, civil society organisations, collectives, municipalities, political parties and politicians have been using the internet and other mediums to communicate with people. The round table was organised primarily to discuss two issues:

What is the effectiveness of the initiatives introduced in recent times?
How do we move forward in terms of partnerships/collaborations in the areas of data gathering, sharing, dissemination and architecture of information?

Given the constraints of time, however, we were only able to discuss a few issues with respect to efficacy of initiatives, rather than come up with a concrete action plan on how to measure effectiveness of many of the existing initiatives. This remains an agenda for subsequent meetings.

This round table was the first meeting of its kind. It brought together participants from diverse backgrounds to discuss key issues involved in leveraging ICTs towards various ends, and to collaborate with each other on ongoing initiatives. Participants included researchers, persons who have developed information platforms and databases, individuals working in the area of leveraging technology for streamlining processes in society and people who have been studying usage patterns of social media tools. Most of the participants were using ICTs to improve information access related to health issues, education, budgets, development of rural areas and recently, elections and governance. In the subsequent sections, I will briefly elaborate on some of the key themes around which discussions took place during the round table.

Building on Ideas: In the morning and pre-lunch sessions, one issue that featured prominently was the importance of developing ideas rather than trying to work out a perfect model that we believe will solve what we perceive to be people’s problems. Two of the participants explained that they started implementing ideas as they came to them, rather than trying to come up with a framework that they thought would work for the masses. They worked towards evolving their ideas, exploring what works and what does not. One of them further pointed out that such evolution cannot be observed as it happens; it only becomes apparent in hindsight. Hence, discussions such as the current round table are useful.

It is also important to note that we are still in a nascent stage of understanding how ICTs can impact people’s lives and deploying them accordingly. As a result, many efforts are likely to be in the stage of trial and error.

Key areas of interest and concern: Based on the input from participants in the morning session, we arrived at a list of areas that require more understanding and discussion.

Information gathering, dissemination, access – including information architecture, technology design: Here, three issues were discussed:

Who are we talking about when we refer to information access? It was pointed out that information is crucial particularly for people who do not have computers and for whom internet is not a priority. The intensity with which they seek information is remarkable. One of the participants argued that we undervalue the potential of information to make a difference to people’s lives.
How do we deliver information? Providing information is not enough.
Representativeness of the information for those who it is provided for.

Another issue that was referred to was whether language is a problem, i.e., most information is available only in English. One of the participants suggested that this is not the case because Google has found that a very small percentage of the population actually refers to material on the web in languages other than English.

Community mobilization: During the deliberations, we referred to the problem of replication of initiatives. Two observers of social media pointed out that replication happens because people are trying to create their own unique communities around their initiatives. This is an important insight for future efforts and also indicates the need to share databases and information that individuals and organisations have compiled. They also suggested that it is important to discover existing communities and spaces where conversations around issues of governance, education, health and development are taking place. This helps to plug into existing resource pools and to extend outreach.

Citizens’ participation: Initiatives that work and why they succeed - We briefly discussed the Jaagore campaign and India Vote Report, which were launched before the 2009 national elections in India to enable people to register on the electoral rolls and to report irregularities during elections respectively. Some people found it difficult to register themselves on the Jaagore website and some had difficulties in finding the local offices where they needed to follow-up with the process. It was also pointed out that Vote Report did not connect with the end user because it would have been easier to report irregularities and anomalies via SMS rather than trying to report them by logging on to the site. If one looks at the case of the Online Complaint Management System (OCMS) developed by Praja, the availability of the telephone hotline service through which citizens could register their complaints helped in widening usage. Thus, it appears that two issues are pertinent:

Whether the initiative connects with the people who are likely to use it;
Simplicity of design/system that enables more users.

Target Audience: One of the participants pointed out that some initiatives do not work because they are targeted towards the wrong audiences. For example, when it comes to voting and elections, poor groups are the ones who go out and vote in large numbers. Hence, information systems need to be tailored to provide them with the data that they need most. Access also has to be configured accordingly. In some instances, the target is too broad to reach out effectively.

It appears that there is a need to develop strategies on how platforms and databases that have been created to enhance access to information can be made known among the masses and how people can be made aware to use them. It is equally important to understand what constitutes ‘information’ and for whom. Here, the other issue to explore is how information links back to the people for who it is provided.

Technology: In this area, a key concern was the high costs involved in developing technologies and whether we could learn from each other’s experience of developing technologies instead of reinventing the wheel. We also discussed whether open source software helps to reduce costs of development. The other issue with respect to open source is whether there is enough assistance and support available to resolve problems that may crop up during use of technology from time to time.

Sharing of Data: Discussions also veered around the issue of whether appropriate technology and applications could be created to help with sharing existing databases and information pools. We did not discuss this issue in depth, but it remains relevant for subsequent meetings.

Back end integration: According to some of the participants, one of major problems is the interface between government and citizens, which remains weak. Technology can be used to enhance the interactions. Participants also pointed out the difficulty in obtaining data from government bodies that is important to create the interface between government and citizens. A participant involved with the Jaagore campaign referred to the problem of back-end integration during their efforts to help citizens register themselves with the election commission (EC) offices. A participant from Google similarly reported that they faced problems in obtaining election results from the EC’s offices as a result of which, they had to rely on their partners for this information. Here too, we could not deliberate on how to resolve this problem, but this could be a major theme for a subsequent meeting.

Performance (monitoring, evaluation): One of the themes that participants zeroed in on was the evaluation of the performance of elected representatives and making this evaluation available for people to see. Here, the debate was around the problem of evaluation being carried out according to the criteria we set which may not seem relevant to other sections of society. One of the suggestions that came up was to develop a matrix for evaluation and put out information accordingly. People can then use it to make their own judgments.

In the post-lunch session, some of the participants shared their experiences with implementation and also the work they and their organisations are currently engaged with. Towards the end of the round table, each one of the participants explained their respective projects and how they may wish to collaborate with other participants (who were present) in their initiatives. An e-group called “CIS-Info-Access” has been created to take these conversations and collaborations further.

Evaluation of the Round Table and Way Forward:

When invitations were sent out to people to participate in the round table, many of the invitees expressed a genuine and enthusiastic interest in being part of this effort. As mentioned above, one of the reasons for this enthusiasm was because this was the first meeting of its kind, bringing together individuals from the fields of technology, research and implementation. We invited a total of 35 people out of which 27 finally attended the meeting. The diversity of the participants was an asset in that a variety of issues were brought to the table. The drawback was that there was not enough time to discuss some of the pertinent issues in depth. Future meetings can be tailored to discuss one or two specific themes such as back-end integration and sharing of information, technology issues, ideas for mobilising citizens and communities, etc.

The possibilities of collaboration between participants in this meeting are immense and we hope that some of the synergies will materialise into concrete outcomes. Further, a few participants have expressed an interest in organising similar meetings in their cities/towns, perhaps focusing on a few issues instead of bringing people together under a broad theme. Of some of the issues discussed, participants have indicated that back-end integration with government and ideating on different ways of disseminating data can be further deliberated on in future. One of the participants also suggested that there is a need to make ‘data’ more relevant to people’s lives.

While the meeting was fruitful in many respects, one issue needs to be underlined. This concerns the imagination of internet and ICTs as mediums that can resolve all existing problems with respect to citizen-government interface, streamlining of processes and provision of information. Such an overarching imagination of technology overlooks the cultural, economic, social and political specificities of communities and contexts. Technology can also have negative implications in some circumstances. It also needs to be reinforced that technology is embedded in society and culture. Therefore we need to view technology as one of the avenues among others available which will facilitate interactions between people and their governments and the state. Democratisation is more likely to be realised through such a perspective.

For more details visit https://cis-india.org/events/event-blogs/round-table-assessing-efficacy

Role of the US Tech Companies in Government Surveillance: A Lecture by Christopher Soghoian

praskrishna — 2012-08-26T11:03:19Z

Christopher Soghoian will deliver a lecture on the role US tech companies play in assisting government surveillance at the Centre for Internet & Society office in Bangalore on August 27, 2012, from 5.00 p.m. to 7.00 p.m.

Your internet, phone and web application providers are all, for the most part, in bed with US and other foreign government agencies. They all routinely disclose their customers' communications and other private data to law enforcement and intelligence agencies. Worse, firms like Google and Microsoft specifically log data in order to assist the government. How many government requests does your ISP get for its customers' communications each year? How many do they comply with? How many do they fight? How much do they charge for the surveillance assistance they provide? Who knows? Most companies have a strict policy of not discussing such topics.

The differences in the privacy practices of the major players in the telecommunications and internet applications market are significant. Some firms retain identifying data for years, while others retain no data at all; some voluntarily provide the government access to user data, while other companies refuse to voluntarily disclose data without a court order; some companies charge government agencies when they request user data, while others disclose it for free. For an individual, later investigated by the police or intelligence services, the data retention practices adopted by their phone company or email provider can significantly impact their freedom.

Unfortunately, although many companies claim to care about end-user privacy, and some even that they compete on their privacy features, none seem to be willing to compete on the extent to which they assist or resist the government in its surveillance activities. Because information about each firms' practices is not publicly known, consumers cannot vote with their wallets, and pick service providers that best protect their privacy.

This talk will pierce the veil of secrecy surrounding these practices. Based upon a combination of Freedom of Information Act requests, off the record conversations with industry lawyers, and investigative journalism, the practices of many of these firms will be revealed.

Christopher's Personal Experience

In the year 2006, the Federal Bureau of Investigation (FBI) raided Christopher’s home at 2.00 a.m. seizing his personal documents and computers. Two attorneys, Stephen Braga and Jennifer Granick came to his defence. With their expert assistance, Christopher was able to get back his possessions within three weeks, and FBI’s criminal and TSA’s civil investigations were closed without any charges being filed.

Jennifer Granick came to Christopher’s assistance once again (joined by Steve Leckar) in 2010 after the Federal Trade Commission’s Inspector General investigated Christopher for using his government badge to attend a closed-door surveillance industry conference. It was at that event that Christopher recorded an executive from wireless carrier ‘Sprint’ bragging about the eight million times his company had obtained GPS data on its customers for law enforcement agencies in the previous years.

To know more, read Christopher Soghoian’s dissertation titled "The Spies We Trust: Third Party Service Providers and Law Enforcement Surveillance". [PDF, 1056 Kb]

About Christopher Soghoian

Christopher Soghoian is a privacy researcher and activist, working at the intersection of technology, law and policy. He is a Principal Technologist and Senior Policy Analyst at the American Civil Liberties Union and is based in Washington, D.C.

Soghoian completed his Ph.D. at Indiana University in 2012, which focused on the role that third party service providers play in facilitating law enforcement surveillance of their customers. In order to gather data, he has made extensive use of the Freedom of Information Act, sued the Department of Justice pro se, and used several other investigative research methods. His research has appeared in publications including the Berkeley Technology Law Journal and been cited by several federal courts, including the Ninth Circuit Court of Appeals.

Between the years, 2009-2010, he was the first ever in-house technologist at the Federal Trade Commission's Division of Privacy and Identity Protection, where he worked on investigations of Facebook, Twitter, MySpace and Netflix. Prior to joining the FTC, he co-created the Do Not Track privacy anti-tracking mechanism now adopted by all of the major web browsers.

He is a TEDGlobal 2012 Fellow, was an Open Society Foundations Fellow between the years, 2011-2012, and was a Student Fellow at the Berkman Center for Internet & Society, Harvard University between 2008 and 2009.

For more details visit https://cis-india.org/internet-governance/role-of-us-tech-companies-in-govt-surveillance

RightsCon 2018

Admin — 2018-02-28T15:15:06Z

Rohini Lakshané, Anubha Sinha, Vidushi Marda, and Amba Kak will be participating in the seventh event in the RightsCon Summit Series to be held in Toronto from May 16 - 18, 2018 as speakers.

Rohini's proposal “Cheap and chipper: IP in India's affordable smartphones” has been accepted!

As the world’s leading conference on human rights in the digital age, RightsCon brings together business leaders, policy makers, general counsels, government representatives, technologists, and human rights defenders from around the world to tackle pressing issues at the intersection of human rights and digital technology. This is where our community comes together to break down silos, forge partnerships, and drive large-scale, real-world change toward a more free, open, and connected world.

For more info click here

For more details visit https://cis-india.org/a2k/news/rightscon-2018

Right to Read Campaign - Kolkata

radha — 2013-02-04T06:47:59Z

The nationwide Right to Read campaign which began with its first road show at Loyola College, Chennai is now having its second road show at the West Bengal National University of Juridical Sciences, Kolkata. There will be half day events with publicity. Events shall comprise presentations, debates and demonstrations, book reading sessions and stalls where various accessibility tools will be demonstrated.

Problem Statement

Millions of Indians are unable to read printed material due to disabilities. There are technologies available which can help them read print if the material is converted into an alternate format such as large print, audio, Braille or any electronic format. While the Indian constitution guarantees the “right to read” as a fundamental right, the copyright regime does not permit the conversion of books into accessible formats for the benefit of persons with print impairment, as a result of which a “book famine” is created. International conventions that India is a party to specifically require India to amend its copyright laws for the benefit of persons with disabilities and to make available information and material to persons with disabilities on an equal basis as others. Publishers also do not make books available in accessible formats as a result of which less than 0.5% of books are available in accessible formats in India. As a result persons with print impairments get excluded from the education system and it impacts their career choices.
In addition to this, there are no national Policies or action plan to ensure that publications in accessible formats in all Indian languages are available to persons with print disabilities all over the country.

Objectives of the Right to Read Campaign

To accelerate change in copyright law
To raise public awareness on the issue
To gather Indian support for the Treaty for the Blind proposed by the World Blind Union at the World Intellectual Property Organisation (WIPO).

Your Support:

No campaign is complete without the endorsement of leaders in the field. We invite you to lend your name and support to this campaign in large numbers and help us make this campaign a success. If you wish to do so, please e-mail Nirmita Narasimhan: nirmita@cis-india.org.

Agenda

Declaration on the Right to Read

Cookie Jar - Glass Jar full of cookies. The jar is locked by chains and a lock. Caption below in large letters saying "Open the cookie jar for 70 million people". Right to Read logo. Wording below: The right to read campaign seeks to accelerate change in copyright law, raise public awareness on issues of access to reading for the print impaired. Support the campaign by turning up for the event at Kolkata. Venue, date and time given. To know more about the campaign and to join us in our endeavor visit our website. www.righttoread.in

Daffodils - Poem Daffodils by Wordsworth. Black strips across many of the lines of the poem as a result only some scattered words of the poem can be seen. Caption below in large letters saying "Not Quite Right? 70 million people agree". Right to Read logo. Wording below: The right to read campaign seeks to accelerate change in copyright law, raise public awareness on issues of access to reading for the print impaired. Support the campaign by turning up for the event at Kolkata. Venue, date and time given. To know more about the campaign and to join us in our endeavor visit our website. www.righttoread.in

Videos
iframe>

For more details visit https://cis-india.org/events/right-to-read-campaign-kolkata