Centre for Internet and Society

Surveillance Camp: Privatized State Surveillance

praskrishna — 2013-01-29T06:51:39Z

This is the second in a series of posts mapping global surveillance challenges discussed at EFF’s Surveillance Camp in Rio de Janeiro, Brazil.

Katitza Rodriguez's blog post was published by the Electronic Frontier Foundation on their website on January 28, 2013. Elonnai Hickok is quoted.

In December 2012, EFF organized a Surveillance and Human Rights Camp in Brazil that brought together the expertise of a diverse group of people concerned about state electronic surveillance in Latin American and other countries. Among other concerns, participants spotlighted the many ways in which the private sector is increasingly playing a role in state surveillance. Here are a few examples:

Voluntary Agreements Between Law Enforcement and Private Companies

Often law enforcement agencies will approach companies asking for voluntary disclosure of information for investigative purposes. Those requests may look and sound more like threats, with a great deal of moral pressure applied on the companies.

This voluntary assistance remains out of the public eye and shrouded in secrecy, as notification of state access is never given to the individual concerned, is not codified in law, and is not clearly disclosed in the company's terms of service or user agreement. Currently there is minimal, if any, oversight over such voluntary cooperation, so the scope of assistance provided is not well-documented.

Canada

Canadian ISPs have jointly decided to provide identifying data about Canadian Internet users to law enforcement in child exploitation investigations. In fact, several Canadian ISPs have developed a formal protocol in conjunction with various law enforcement agencies to be used when those authorities are seeking identification information associated with a given IP address at a specific date and time. Since the adoption of this protocol, some ISPs have expanded their information sharing practices to cover customer identification data in other contexts, such as online harassment cases.

Law Enforcement Approaching Service Providers Without Legally-Required Authorization

A growing concern is the number of law enforcement officers skirting the law by asking service providers to simply fork over information without any sort of search warrant. Even when legal procedures, such as a search warrant, exist, police increasingly request information without obtaining a legal authorization. Nevertheless, they often expect full compliance from service providers.

Chile

In 2008, a Chilean website called Huelga.cl (“strike” in English) was approached by the Cyber Crime Section of the Chilean Police. The site is an online space for coordinating union actions. The agency demanded that the webmaster hand over data related to pseudonymous user accounts, such as IP addresses, records of previous connections, real names, and physical addresses. The targeted users had left comments on a website about an ongoing strike.

In this case, because police did not have a court order to back up the request for information, Huelga.cl took a stand by resisting police pressure and refusing to hand over the data without a fight. For legal assistance, they turned to Derechos Digitales, a Chilean online human rights nonprofit organization, and managed to resist the request.

In another case, the Regional Director of the Chilean Department of Labor, the agency responsible for ensuring the enforcement of labor laws, sent a letter to Huelga.cl simply demanding the removal of “inappropriate content” from their website along with the disclosure of user information, but it was only for administrative purposes as opposed to serious criminal investigations. Huegal.cl again refused to comply and instead, made the director’s demands public.

It is not always the case that service providers can resist extralegal government requests, find legal advice or have enough economic resources to fight against those demands as Huelga.cl did. Huelga.cl should be praised for speaking up and managing to make the request from law enforcement public.

Governments Pressure Private Sector

Governments frequently impose heavy fines for non-compliance with their requests for data access. This form of coercion acts as a mechanism of enforcement over service providers and can raise serious concerns for free expression. The service provider is left with little incentive or option to resist illegitimate requests from the government when they are threatened with heavy fines.

Brazil

In 2012, a judge from northern Brazil froze Google's accounts and imposed a fine on the company for refusing to remove three anonymous blogs or reveal contact details of the bloggers. The content of the blogs state d the mayor of Varzea Alegre of corruption and embezzlement.

While some companies might be able to withstand governmental pressure, alarms were raised that this won’t be the case for smaller companies that lack resources and influence. This is particularly true in contexts where heavy fines for noncompliance are written into legislation, and companies are not given legal avenues to appeal or fight the fine.

Foreign Governments Access To Individuals’ Data in the Cloud

Governments are increasingly seeking to negotiate access or interceptation capabilities to user data with companies that do not lie within their jurisdictions. This form of access is complicated because it is not always clear which country’s laws apply or to what extent. Because of the complex nature of these requests, governments often look for "easy" solutions that call for voluntary disclosure of information or simply allow full access to the user data.

For example, government officials in India have been pushing for real time interception capabilities for all BlackBerry services. In response to the demands from the Indian Government, after a number of unsatisfactory proposals, in 2012 RIM set up a NOC in Mumbai, providing security agencies with access to BlackBerry Messenger services, and created a solution for access to Blackberry Internet Services. In addition to asking RIM for real time access to communications, the Government of India had required Service Providers in India to adopt the solution provided by RIM by end of 2012 or risk being shut down.

According to Elonnai Hickok from the Centre for Internet and Society in Bangalore, India, the discussions between RIM and the Indian Government is just one example of how governments are trying to negotiate their interests in light of the challenges posed by communications stored in the cloud and in multiple jurisdictions.

While the Internet is technically borderless, in reality, state actors impose their sovereignty onto online environments with increasing frequency. The exercise of sovereignty over shared spaces can subject individuals to the laws of another country without any awareness on their part that this has happened. This in effect transforms the surveillance efforts of one country into privacy risks for all the world’s citizens.

Conclusion

State agencies and law enforcement are increasingly outsourcing investigations to private companies who are not under the same sort of judicial oversight as official law enforcement entities would be. The increasingly close and non-transparent connection between the private sector and law enforcement needs to be addressed, as it poses a risk to the rights and freedoms of the individual. Of major concern to all Camp participants was the notion that private companies are routinely complying with the requests of law enforcement in the absence of due process. We encourage further research and documentation of this phenomenon. To highlight on this issue, we will be blogging next about the privatization of public security in Latin America.

For more details visit https://cis-india.org/news/electronic-frontier-foundation-january-28-2013-katitza-rodriguez-surveillance-camp-privatized-state-surveillance

Surveillance Camp IV: Disproportionate State Surveillance - A Violation of Privacy

elonnai — 2013-02-19T12:37:09Z

This is the fourth in a series of posts mapping global surveillance challenges discussed at EFF's State Surveillance and Human Rights Camp in Rio de Janeiro, Brazil. This article has been co-written with Elonnai Hickok — Centre for Internet and Society India, and a speaker at EFF's Camp.

This article by Katitza Rodriguez and Elonnai Hickok was originally published by the Electronic Frontier Foundation on February 13, 2013.

States around the world are faced daily with the challenge of protecting their populations from potential and real threats. To detect and respond to them, many governments surveil communication networks, physical movements, and transactional records. Though surveillance by its nature compromises individual privacy, there are exceptional situations where state surveillance is justified. Yet, if state surveillance is unnecessary or overreaching, with weak legal safeguards and a failure to follow due process, it can become disproportionate to the threat—infringing on people's privacy rights.

Internationally, regulations concerning government surveillance of communications vary in approach and effectiveness, often with very weak or nonexistent legal safeguards. Some countries have strong regulations for the surveillance of communications, yet these regulations may be largely ineffective or unenforceable in practice. Other countries have no legal safeguards or legal standards differing vastly according to the type of communication data targeted. This is why, EFF organized at the end of last year a State Surveillance and Human Rights Camp in Brazil to build upon this discussion and focused on how states are facilitating unnecessary and disproportionate surveillance of communications in ways that lead to privacy violations.

State-Mandated Identity Verification

In 2012 the Constitutional Court in South Korea declared that country's "real-name identification system" unconstitutional. The system had mandated that any online portal with more than 100,000 daily users had to verify the identity of their users.[1]This meant that the individual has to provide their real name before posting comments online. The legal challenge to this system was raised by People's Solidarity for Participatory Democracy (PSPD)'s Public Law Center and Korean Progressive Network—Jinbonet among others.

Korea University professor Kyung-shin Park, Chair of PSPD's Law Center told EFF that portals and phone companies would disclose identifying information about six million users annually—in a country of only 50 million people. The South Korean Government was using perceived online abuses as a convenient excuse to discourage political criticism, professor Park told EFF:

The user information shared with the police most commonly has been used by the government to monitor the anti-governmental sentiments of ordinary people. All this has gone on because the government, the legislature, and civil society have not clearly understood the privacy implications of turning over identifying information of individuals.

The decision by the South Korean Constitutional Court to declare the "real identification system" unconstitutional was a win for user privacy and anonymity because it clearly showed that blanket mandates for the disclosure of identifying information, and the subsequent sharing of that data without judicial authorization, are a disproportionate measure that violates the rights of individuals.[2]

States Restrict Encryption and Demand Backdoors

Some States are seeking to block, ban, or discourage the use of strong encryption and other privacy enhancing tools by requiring assistance in decrypting information. In India service providers are required to ensure that bulk encryption is not deployed. Additionally, no individual or entity can employ encryption with a key longer than 40 bits. If the encryption equipments is higher than this limit, the individual or entity will need prior written permission from the Department of Telecommunications and must deposit the decryption keys with the Department.[3]The limitation on encryption in India means that technically any encrypted material over 40 bits would be accessible by the State. Ironically, the Reserve Bank of India issued security recommendations that banks should use strong encryption as higher as 128-bit for securing browser.[4]In the United States, under the Communications Assistance for Law Enforcement Act, telecommunication carriers are required to provide decryption assistance only if they already possess the keys (and in many communications system designs, there's no reason carriers should need to possess the keys at all). In 2011, the US Government proposed a bill that would place new restrictions on domestic development or use of cryptography, privacy software, and encryption features on devices. The bill has not been adopted.

Allowing only low levels of encryption and requiring service providers to assist in the decryption of communications, facilitates surveillance by enabling States easier access to data and preventing individuals from using crypto tools to protect their personal communications.

States Establish Blanket Interception Facilities

In Colombia, telecommunications network and service providers carrying out business within the national territory must implement and ensure that interception facilities are available at all times to state agencies as prescribed by law. This is to enable authorized state agencies to intercept communications at any point of time. In addition to providing interception facilities, service providers must also retain subscriber data for a period of five years, and provide information such as subscriber identity, invoicing address, type of connection on request, and geographic location of terminals when requested.

Though Colombia has put in place regulations for the surveillance of communications, these regulations allow for broad surveillance and do not afford the individual clear rights in challenging the same.

Conclusion

The examples above demonstrate that, although state surveillance of communications can be justified in exceptional instances, it leads to the violation of individual privacy when implemented without adequate legal safeguards. Clearly there is a need for international principles articulating critical and necessary components of due process for the surveillance of communications. Those strong legal safeguards are necessary not only in countries that don't have laws in place, but also in countries where laws are lacking and fail to adequately protect privacy. Last year, EFF organized the State Surveillance and Human Rights Camp to discuss a set of International Principles on State Surveillance of Communications, a global effort led by EFF and Privacy International, to define, articulate, and promote legal standards to protect individual privacy when the state carries out surveillance of communications.

[1].Constitutional Court's Decision 2010 Hunma 47, 252 (consolidated) announced August 28, 2012.

[2].The illegality of this practice was proved by a High Court decision handed down 2 months after the Constitutional Court's decision in August 2012. Seoul Appellate Court 2011 Na 19012, Judgment Announced October 18, 2012. This case was prepared and followed singularly by PSPD Public Interest Law Center.

[3].License Agreement for Provision of Internet Services Section 2.2 (vii)

[4].Reserve Bank of India. Internet Banking Guidelines. Section (f (2)).

For more details visit https://cis-india.org/internet-governance/blog/eff-feb-13-2013-katitza-rodriguez-and-elonnai-hickok-surveillance-camp-iv-disproportionate-state-surveillance-a-violation-of-privacy

Surveillance and the Indian Constitution - Part 3: The Public/Private Distinction and the Supreme Court’s Wrong Turn

pranesh — 2014-03-06T23:02:45Z

After its decision in Gobind, the Supreme Court's privacy floodgates opened; a series of claims involving private parties came before its docket, and the resulting jurisprudence ended up creating confusion between state-individual surveillance, and individual-individual surveillance.

Gautam Bhatia's blog post was originally published on Indian Constitutional Law and Philosophy Blog

We have seen that Gobind essentially crystallized a constitutional right to privacy as an aspect of personal liberty, to be infringed only by a narrowly-tailored law that served a compelling state interest. After the landmark decision in Gobind, Malak Singh v State of P&H was the next targeted-surveillance history-sheeter case to come before the Supreme Court. In that case, Rule 23 of the Punjab Police Rules was at issue. Its vires was not disputed, so the question was a direct matter of constitutionality. An order of surveillance was challenged by two individuals, on the ground that there were no reasonable bases for suspecting them of being repeat criminals, and that their inclusion in the surveillance register was politically motivated. After holding that entry into a surveillance sheet was a purely administrative measure, and thus required no prior hearing (audi alteram partem), the Court then embarked upon a lengthy disquisition about the scope and limitations of surveillance, which deserves to be reproduced in full:

“But all this does not mean that the police have a licence to enter the names of whoever they like (dislike?) in the surveillance register; nor can the surveillance be such as to squeeze the fundamental freedoms guaranteed to all citizens or to obstruct the free exercise and enjoyment of those freedoms; nor can the surveillance so intrude as to offend the dignity of the individual. Surveillance of persons who do not fall within the categories mentioned in Rule 23.4 or for reasons unconnected with the prevention of crime, or excessive surveillance falling beyond the limits prescribed by the rules, will entitle a citizen to the Court’s protection which the court will not hesitate to give. The very rules which prescribe the conditions for making entries in the surveillance register and the mode of surveillance appear to recognise the caution and care with which the police officers are required to proceed. The note following R. 23.4 is instructive. It enjoins a duty upon the police officer to construe the rule strictly and confine the entries in the surveillance register to the class of persons mentioned in the rule. Similarly R.23.7 demands that there should be no illegal interference in the guise of surveillance. Surveillance, therefore, has to be unobstrusive and within bounds. Ordinarily the names of persons with previous criminal record alone are entered in the surveillance register. They must be proclaimed offenders, previous convicts, or persons who have already been placed on security for good behaviour. In addition, names of persons who are reasonably believed to be habitual offenders or receivers of stolen property whether they have been convicted or not may be entered. It is only in the case of this category of persons that there may be occasion for abuse of the power of the police officer to make entries in the surveillance register. But, here, the entry can only be made by the order of the Superintendent of Police who is prohibited from delegating his authority under Rule 23.5. Further it is necessary that the Superintendent of Police must entertain a reasonable belief that persons whose names are to be entered in Part II are habitual offenders or receivers of stolen property. While it may not be necessary to supply the grounds of belief to the persons whose names are entered in the surveillance register it may become necessary in some cases to satisfy the Court when an entry is challenged that there are grounds to entertain such reasonable belief. In fact in the present case we sent for the relevant records and we have satisfied ourselves that there were sufficient grounds for the Superintendent of Police to entertain a reasonable belief. In the result we reject both the appeals subject to our observations regarding the mode of surveillance. There is no order as to costs.”

Three things emerge from this holding: first, the Court follows Gobind in locating the right to privacy within the philosophical concept of individual dignity, found in Article 21’s guarantee of personal liberty. Secondly, it follows Kharak Singh, Malkani and Gobind in insisting that the surveillance be targeted, limited to fulfilling the government’s crime-prevention objectives, and be limited – not even to suspected criminals, but – repeat offenders or serious criminals. And thirdly, it leaves open a role for the Court – that is, judicial review – in examining the grounds of surveillance, if challenged in a particular case.

After Malak Singh, there is another period of quiet. LIC v Manubhai D Shah, in 1993, attributed – wrongly – to Indian Express Newspapers the proposition that Article 19(1)(a)’s free expression right included privacy of communications (Indian Express itself had cited a UN Report without incorporating it into its holding).

Soon afterwards, R. Rajagopal v State of TN involved the question of the publication of a convicted criminal’s autobiography by a publishing house; Auto Shankar, the convict in question, had supposedly withdrawn his consent after agreeing to the book’s publication, but the publishing house was determined to go ahead with it. Technically, this wasn’t an Article 21 case: so much is made clear by the very manner in which the Court frames its issues: the question is whether a citizen of the country can prevent another person from writing his biography, or life story. (Paragraph 8) The Court itself made things clear when it held that the right of privacy has two aspects: the tortious aspect, which provides damages for a breach of individual privacy; and the constitutional aspect, which protects privacy against unlawful governmental intrusion. (Paragraph 9) Having made this distinction, the Court went on to cite a number of American cases that were precisely about the right to privacy against governmental intrusion, and therefore – ideally – irrelevant to the present case (Paras 13 – 16); and then, without quite explaining how it was using these cases – or whether they were relevant at all, it switched to examining the law of defamation (Para 17 onwards). It would be safe to conclude, therefore, in light of the clear distinctions that it made, the Court was concerned in R. Rajagopal about an action between private parties, and therefore, privacy in the context of tort law. It’s confusing observations, however, were to have rather unfortunate effects, as we shall see.

We now come to a series of curious cases involving privacy and medical law. In Mr X v Hospital Z, the question arose whether a Hospital that – in the context of a planned marriage – had disclosed the appellant’s HIV+ status, leading to his social ostracism – was in breach of his right to privacy. The Court cited Rajagopal, but unfortunately failed to understand it, and turned the question into one of the constitutional right to privacy, and not the private right. Why the Court turned an issue between two private parties – adequately covered by the tort of breach of confidentiality – into an Article 21 issue is anybody’s guess. Surely Article 21 – the right to life and personal liberty – is not horizontally applicable, because if it was, we might as well scrap the entire Indian Penal Code, which deals with exactly these kinds of issues – individuals violating each others’ rights to life and personal liberty. Nonetheless, the Court cited Kharak Singh, Gobind and Article 8 of the European Convention of Human Rights, further muddying the waters, because Article 8 – in contrast to American law – embodies a proportionality test for determining whether there has been an impermissible infringement of privacy. The Court then came up with the following observation:

“Where there is a clash of two Fundamental Rights, as in the instant case, namely, the appellant’s right to privacy as part of right to life and Ms. Akali’s right to lead a healthy life which is her Fundamental Right under Article 21, the RIGHT which would advance the public morality or public interest, would alone be enforced through the process of Court, for the reason that moral considerations cannot be kept at bay.”

With respect, this is utterly bizarre. If there is a clash of two rights, then that clash must be resolved by referring to the Constitution, and not to the Court’s opinion of what an amorphous, elastic, malleable, many-sizes-fit “public morality” says. The mischief caused by this decision, however, was replicated in Sharda v Dharmpal, decided by the Court in 2003. In that case, the question was whether the Court could require a party who had been accused of unsoundness of mind (as a ground for divorce under the wonderfully progressive Hindu Marriage Act) to undergo a medical examination – and draw an adverse inference if she refused. Again, whether this was a case in which Article 21 ought to be invoked is doubtful; at least, it is arguable, since it was the Court making the order. Predictably, the Court cited from Mr X v Hospital Z extensively. It cited Gobind (compelling State interest) and the ECHR (proportionality). It cited a series of cases involving custody of children, where various Courts had used a “balancing test” to determine whether the best interests of the child overrode the privacy interest exemplified by the client-patient privilege. It applied this balancing test to the case at hand by balancing the “right” of the petitioner to obtain a divorce for the spouse’s unsoundness of mind under the HMA, vis-à-vis the Respondent’s right to privacy.

In light of the above analysis, it is submitted that although the outcome in Mr X v Hospital Z and Sharda v Dharmpal might well be correct, the Supreme Court has misread what R. Rajagopal actually held, and its reasoning is deeply flawed. Neither of these cases are Article 21 cases: they are private tort cases between private parties, and ought to be analysed under private law, as Rajagopal itself was careful to point out. In private law, also, the balancing test makes perfect sense: there are a series of interests at stake, as the Court rightly understood, such as certain rights arising out of marriage, all of a private nature. In any event, whatever one might make of these judgments, one thing is clear: they are both logically and legally irrelevant to the Kharak Singh line of cases that we have been discussing, which are to do with the Article 21 right to privacy against the State.

For more details visit https://cis-india.org/internet-governance/blog/surveillance-and-the-indian-consitution-part-3

Surveillance and the Indian Constitution - Part 2: Gobind and the Compelling State Interest Test

pranesh — 2014-01-27T18:03:38Z

Gautam Bhatia analyses the first case in which the Supreme Court recognized a constitutional right to privacy, Gobind v. State of Madhya Pradesh, and argues that the holding in that case adopted the three-pronged American test of strict scrutiny, compelling State interest, and narrow tailoring in its approach to privacy violations.

After its judgment in Kharak Singh, the Court was not concerned with the privacy question for a while. The next case that dealt – peripherally – with the issue came eleven years later. In R.M. Malkani v State of Maharashtra, the Court held that attaching a recording device to a person’s telephone did not violate S. 25 of the Telegraph Act, because

"where a person talking on the telephone allows another person to record it or to hear it, it can-not be said that the other person who is allowed to do so is damaging, removing, tampering, touching machinery battery line or post for intercepting or acquainting himself with the contents of any message. There was no element of coercion or compulsion in attaching the tape recorder to the telephone."

Although this case was primarily about the admissibility of evidence, the Court also took time out to consider – and reject – a privacy-based Article 21 argument, holding that:

"Article 21 was invoked by submitting that the privacy of the appellant’s conversation was invaded. Article 21 contemplates procedure established by law with regard to deprivation of life or personal liberty. The telephonic conversation of an innocent citizen will be protected by Courts against wrongful or high handed interference by tapping the conversation. The protection is not for the guilty citizen against the efforts of the police to vindicate the law and prevent corruption of public servants. It must not be understood that the Courts will tolerate safeguards for the protection of the citizen to be imperiled by permitting the police to proceed by unlawful or irregular methods."

Apart from the fact that it joined Kharak Singh in refusing to expressly find a privacy right within the contours of Article 21, there is something else that unites Kharak Singh and R.M. Malkani: they hypothetical in Kharak Singh became a reality in Malkani – what saved the telephone tapping precisely because it was directed at "… a guilty person", with the Court specifically holding that the laws were not for targeting innocent people. Once again, then, the targeted and specific nature of interception became a crucial – and in this case, a decisive – factor. One year later, in another search and seizure case, Pooran Mal v Inspector, the Court cited M.P. Sharma and stuck to its guns, refusing to incorporate the Fourth Amendment into Indian Constitutional law.

It is Gobind v State of MP, decided in 1975, that marks the watershed moment for Indian privacy law in the Constitution. Like Kharak Singh, Gobind also involved domiciliary visits to the house of a history-sheeter. Unlike Kharak Singh, however, in Gobind the Court found that the Regulations did have statutory backing – S. 46(2)(c) of the Police Act, which allowed State Government to make notifications giving effect to the provisions of the Act, one of which was the prevention of commission of offences. The surveillance provisions in the impugned regulations, according to the Court, were indeed for the purpose of preventing offences, since they were specifically aimed at repeat offenders. To that extent, then, the Court found that there existed a valid “law” for the purposes of Articles 19 and 21.

By this time, of course, American constitutional law had moved forward significantly from eleven years ago, when Kharak Singh had been decided. The Court was able to invoke Griswold v Connecticut and Roe v Wade, both of which had found a "privacy" as an "interstitial" or "penumbral" right in the American Constitution – that is, not reducible to any one provision, but implicit in a number of separate provisions taken together. The Court ran together a number of American authorities, referred to Locke and Kant, to dignity, to liberty and to autonomy, and ended by holding, somewhat confusingly:

“the right to privacy must encompass and protect the personal intimacies of the home, the family marriage, motherhood, procreation and child rearing. This catalogue approach to the question is obviously not as instructive as it does not give analytical picture of that distinctive characteristics of the right of privacy. Perhaps, the only suggestion that can be offered as unifying principle underlying the concept has been the assertion that a claimed right must be a fundamental right implicit in the concept of ordered liberty… there are two possible theories for protecting privacy of home. The first is that activities in the home harm others only to the extent that they cause offence resulting from the mere thought that individuals might he engaging in such activities and that such ‘harm’ is not Constitutionally protective by the state. The second is that individuals need a place of sanctuary where they can be free from societal control. The importance of such a sanctuary is that individuals can drop the mask, desist for a while from projecting on the world the image they want to be accepted as themselves, an image that may reflect the values of their peers rather than the realities of their natures… the right to privacy in any event will necessarily have to go through a process of case-by-case development."

But if no clear principle emerges out of the Court’s elucidation of the right, it was fairly unambiguous in stressing the importance of the right itself. Interestingly, it grounded the right within the context of the freedom struggle. "Our founding fathers," it observed, "were thoroughly opposed to a Police Raj even as our history of the struggle for freedom has borne eloquent testimony to it." (Para 30) The parallels to the American Fourth Amendment are striking here: in his historical analysis Akhil Amar tells us that the Fourth Amendment was meant precisely to avoid the various abuses of unreasonable searches and seizures that were common in England at the time.

The parallels with the United States become even more pronounced, however, when the Court examined the grounds for limiting the right to privacy. "Assuming that the fundamental rights explicitly guaranteed to a citizen have penumbral zones and that the right to privacy is itself a fundamental right, that fundamental right must be subject to restriction on the basis of compelling public interest." "Compelling public interest" is an interesting phrase, for two reasons. First, “public interest” is a ground for fundamental rights restrictions under Article 19 (see, e.g., Article 19(6)), but the text of the Article 19 restrictions do not use – and the Court, in interpreting them, has not held – that the public interest must be “compelling”. This suggests a stricter standard of review for an Article 21 privacy right violation than Article 19 violations. This is buttressed by the fact that in the same paragraph, the Court ended by observing: “even if it be assumed that Article 19(5) [restrictions upon the freedom of movement] does not apply in terms, as the right to privacy of movement cannot be absolute, a law imposing reasonable restriction upon it for compelling interest of State must be upheld as valid.” The Court echoes the language of 19(5), and adds the word “compelling”. This surely cannot be an oversight.

More importantly – the compelling State interest is an American test, used often in equal protection cases and cases of discrimination, where “suspect classes” (such as race) are at issue. Because of the importance of the right at issue, the compelling state interest test goes hand-in-hand with another test: narrow tailoring. Narrow tailoring places a burden upon the State to demonstrate that its restriction is tailored in a manner that infringes the right as narrowest manner that is possible to achieve its goals. The statement of the rule may be found in the American Supreme Court case of Grutter v Bollinger:

"Even in the limited circumstance when drawing racial distinctions is permissible to further a compelling state interest, government is still constrained under equal protection clause in how it may pursue that end: the means chosen to accomplish the government’s asserted purpose must be specifically and narrowly framed to accomplish that purpose."

To take an extremely trivial example that will illustrate the point: the State wants to ban hate speech against Dalits. It passes legislation that bans “all speech that disrespects Dalits.” This is not narrowly tailored, because while all hate speech against Dalits necessarily disrespects them, all speech that disrespects Dalits is not necessarily hate speech. It was possible for the government to pass legislation banning only hate speech against Dalits, one that would have infringed upon free speech more narrowly than the “disrespect law”, and still achieved its goals. The law is not narrowly tailored.

Crucially, then, the Court in Gobind seemed to implicitly accept the narrow-tailoring flip side of the compelling state interest coin. On the constitutionality of the Police Regulations itself, it upheld their constitutionality by reading them narrowly. Here is what the Court said:

“Regulation 855, in our view, empowers surveillance only of persons against whom reasonable materials exist to induce the opinion that they show a determination, to lead a life of crime – crime in this context being confined to such as involve public peace or security only and if they are dangerous security risks. Mere convictions in criminal cases where nothing gravely imperiling safety of society cannot be regarded as warranting surveillance under this Regulation. Similarly, domiciliary visits and picketing by the police should be reduced to the clearest cases of danger to community security and not routine follow-up at the end of a conviction or release from prison or at the whim of a police officer.”

But Regulation 855 did not refer to the gravity of the crime at all. Thus, the Court was able to uphold its constitutionality only by narrowing its scope in a manner that the State’s objective of securing public safety was met in a way that minimally infringed the right to privacy.

Therefore, whether the Gobind bench was aware of it or not, its holding incorporates into Indian constitutional law and the right to privacy, not just the compelling State interest test, but narrow tailoring as well. The implications for the CMS are obvious. Because with narrow tailoring, the State must demonstrate that bulk surveillance of all individuals, whether guilty or innocent, suspected of crimes or not suspected of crimes (whether reasonably or otherwise), possessing a past criminal record or not, speaking to each other of breaking up the government or breaking up a relationship – every bit of data must be collected to achieve the goal of maintaining public security, and that nothing narrower will suffice. Can the State demonstrate this? I do not think it can, but at the very least, it should be made to do so in open Court.

For more details visit https://cis-india.org/internet-governance/blog/surveillance-and-the-indian-consitution-part-2

Surveillance and the Indian Constitution - Part 1: Foundations

pranesh — 2014-01-23T15:12:30Z

In this insightful seven-part series, Gautam Bhatia looks at surveillance and the right to privacy in India from a constitutional perspective, tracing its genealogy through Supreme Court case law and compares it with the law in the USA.

Note: This was originally posted on the Indian Constitutional Law and Philosophy blog.

On previous occasions, we have discussed the ongoing litigation in ACLU v. Clapper in the United States, a challenge to the constitutionality of the National Security Agency’s (NSA) bulk surveillance program. Recall that a short while after the initial Edward Snowden disclosures, The Hindu revealed the extent of domestic surveillance in India, under the aegis of the Central Monitoring System (CMS). The CMS (and what it does) is excellently summarized here. To put thing starkly and briefly:

“With the C.M.S., the government will get centralized access to all communications metadata and content traversing through all telecom networks in India. This means that the government can listen to all your calls, track a mobile phone and its user’s location, read all your text messages, personal e-mails and chat conversations. It can also see all your Google searches, Web site visits, usernames and passwords if your communications aren’t encrypted.”

The CMS is not sanctioned by parliamentary legislation. It also raises serious privacy concerns. In order to understand the constitutional implications, therefore, we need to investigate Indian privacy jurisprudence. In a series of posts, we plan to discuss that.

Privacy is not mentioned in the Constitution. It plays no part in the Constituent Assembly Debates. The place of the right – if it exists – must therefore be located within the structure of the Constitution, as fleshed out by judicial decisions. The first case to address the issue was M. P. Sharma v. Satish Chandra, in 1954. In that case, the Court upheld search and seizure in the following terms:

"A power of search and seizure is in any system of jurisprudence an overriding power of the State for the protection of social security and that power is necessarily regulated by law. When the Constitution makers have thought fit not to subject such regulation to Constitutional limitations by recognition of a fundamental right to privacy, analogous to the American Fourth Amendment, we have no justification to import it, into a totally different fundamental right. by some process of strained construction."

The right in question was 19(1)(f) – the right to property. Notice here that the Court did not reject a right to privacy altogether – it only rejected it in the context of searches and seizures for documents, the specific prohibition of the American Fourth Amendment (that has no analogue in India). This specific position, however, would not last too long, and was undermined by the very next case to consider this question, Kharak Singh.

In Kharak Singh v. State of UP, the UP Police Regulations conferred surveillance power upon certain “history sheeters” – that is, those charged (though not necessarily convicted) of a crime. These surveillance powers included secret picketing of the suspect’s house, domiciliary visits at night, enquiries into his habits and associations, and reporting and verifying his movements. These were challenged on Article 19(1)(d) (freedom of movement) and Article 21 (personal liberty) grounds. It is the second ground that particularly concerns us.

As a preliminary matter, we may observe that the Regulations in question were administrative – that is, they did not constitute a “law”, passed by the legislature. This automatically ruled out a 19(2) – 19(6) defence, and a 21 “procedure established by law” defence – which were only applicable when the State made a law. The reason for this is obvious: fundamental rights are extremely important. If one is to limit them, then that judgment must be made by a competent legislature, acting through the proper, deliberative channels of lawmaking – and not by mere administrative or executive action. Consequently – and this is quite apart from the question of administrative/executive competence - if the Police Regulations were found to violate Article 19 or Article 21, that made them ipso facto void, without the exceptions kicking in. (Paragraph 5)

It is also important to note one other thing: as a defence, it was expressly argued by the State that the police action was reasonable and in the interests of maintaining public order precisely because it was “directed only against those who were on proper grounds suspected to be of proved anti-social habits and tendencies and on whom it was necessary to impose some restraints for the protection of society.” The Court agreed, observing that this would have “an overwhelming and even decisive weight in establishing that the classification was rational and that the restrictions were reasonable and designed to preserve public order by suitable preventive action” – if there had been a law in the first place, which there wasn’t. Thus, this issue itself was hypothetical, but what is crucial to note is that the State argued – and the Court endorsed – the basic idea that what makes surveillance reasonable under Article 19 is the very fact that it is targeted – targeted at individuals who are specifically suspected of being a threat to society because of a history of criminality.

Let us now move to the merits. The Court upheld secret picketing on the ground that it could not affect the petitioner’s freedom of movement since it was, well secret – and what you don’t know, apparently, cannot hurt you. What the Court found fault with was the intrusion into the petitioner’s dwelling, and knocking at his door late at night to wake him up. The finding required the Court to interpret the meaning of the term “personal liberty” in Article 21. By contrasting the very specific rights listed in Article 21, the Court held that:

“Is then the word “personal liberty” to be construed as excluding from its purview an invasion on the part of the police of the sanctity of a man’s home and an intrusion into his personal security and his right to sleep which is the normal comfort and a dire necessity for human existence even as an animal? It might not be inappropriate to refer here to the words of the preamble to the Constitution that it is designed to “assure the dignity of the individual” and therefore of those cherished human value as the means of ensuring his full development and evolution. We are referring to these objectives of the framers merely to draw attention to the concepts underlying the constitution which would point to such vital words as “personal liberty” having to be construed in a reasonable manner and to be attributed that these which would promote and achieve those objectives and by no means to stretch the meaning of the phrase to square with any preconceived notions or doctrinaire constitutional theories.” (Paragraph 16)

A few important observations need to be made about this paragraph. The first is that it immediately follows the Court’s examination of the American Fifth and Fourteenth Amendments, with their guarantees of “life, liberty and property…” and is, in turn, followed by the Court’s examination of the American Fourth Amendment, which guarantees the protection of a person’s houses, papers, effects etc from unreasonable searches and seizures. The Court’s engagement with the Fourth Amendment is ambiguous. It admits that “our Constitution contains no like guarantee…”, but holds that nonetheless “these extracts [from the 1949 case, Wolf v Colorado] would show that an unauthorised intrusion into a person’s home and the disturbance caused to him thereby, is as it were the violation of a common law right of a man – an ultimate essential of ordered liberty”, thus tying its own holding in some way to the American Fourth Amendment jurisprudence. But here’s the crucial thing: at this point, American Fourth Amendment jurisprudence was propertarian based – that is, the Fourth Amendment was understood to codify – with added protection – the common law of trespass, whereby a man’s property was held sacrosanct, and not open to be trespassed against. Four years later, in 1967, in Katz, the Supreme Court would shift its own jurisprudence, to holding that the Fourth Amendment protected zones where persons had a “reasonable expectation of privacy”, as opposed to simply protecting listed items of property (homes, papers, effects etc). Kharak Singh was handed down before Katz. Yet the quoted paragraph expressly shows that the Court anticipated Katz, and in expressly grounding the Article 21 personal liberty right within the meaning of dignity, utterly rejected the propertarian-tresspass foundations that it might have had. To use a phrase invoked by later Courts – in this proto-privacy case, the Court already set the tone by holding it to attach to persons, not places.

While effectively finding a right to privacy in the Constitution, the Court expressly declined to frame it that way. In examining police action which involved tracking a person’s location, association and movements, the Court upheld it, holding that “the right of privacy is not a guaranteed right under our Constitution and therefore the attempt to ascertain the movements of an individual which is merely a manner in which privacy is invaded is not an infringement of a fundamental right guaranteed by Part III.”

The “therefore” is crucial. Although not expressly, the Court virtually holds, in terms, that tracking location, association and movements does violate privacy, and only finds that constitutional because there is no guaranteed right to privacy within the Constitution. Yet.

In his partly concurring and partly dissenting opinion, Subba Rao J. went one further, by holding that the idea of privacy was, in fact, contained within the meaning of Article 21: “it is true our Constitution does not expressly declare a right to privacy as a fundamental right, but the said right is an essential ingredient of personal liberty.” Privacy he defined as the right to “be free from restrictions or encroachments on his person, whether those restrictions or encroachments are directly imposed or indirectly brought about by calculated measures.” On this ground, he held all the surveillance measures unconstitutional.

Justice Subba Rao’s opinion also explored a proto-version of the chilling effect. Placing specific attention upon the word “freely” contained within 19(1)(d)’s guarantee of free movment, Justice Subba Rao went specifically against the majority, and observed:

“The freedom of movement in clause (d) therefore must be a movement in a free country, i.e., in a country where he can do whatever he likes, speak to whomsoever he wants, meet people of his own choice without any apprehension, subject of course to the law of social control. The petitioner under the shadow of surveillance is certainly deprived of this freedom. He can move physically, but he cannot do so freely, for all his activities are watched and noted. The shroud of surveillance cast upon him perforce engender inhibitions in him and he cannot act freely as he would like to do. We would, therefore, hold that the entire Regulation 236 offends also Art. 19(1)(d) of the Constitution.”

This early case, therefore, has all the aspects that plague the CMS today. What to do with administrative action that does not have the sanction of law? What role does targeting play in reasonableness – assuming there is a law? What is the philosophical basis for the implicit right to privacy within the meaning of Article 21’s guarantee of personal liberty? And is the chilling effect a valid constitutional concern?

We shall continue with the development of the jurisprudence in the next post.

You can follow Gautam Bhatia on Twitter

For more details visit https://cis-india.org/internet-governance/blog/surveillance-and-the-indian-consitution-part-1

Surveillance and Privacy Law Roundtable Invite

praskrishna — 2014-08-25T09:24:31Z

For more details visit https://cis-india.org/internet-governance/blog/surveillance-privacy-roundtable-invite.pdf

Surveillance and Privacy Law Roundtable

praskrishna — 2014-08-25T15:08:33Z

The Centre for Internet and Society, COAI and Vahura invite you to a privacy roundtable at the India International Centre in New Delhi on September 1, 2014.

Download the Invite (PDF, 1207 Kb)

Recent legislative developments regarding privacy law in India
In 2010, the European Union commissioned an assessment of the adequacy of Indian data protection laws in light of the transfer of personal data of European data subjects into India for processing. That assessment made adverse findings on the adequacy and preparedness of Indian privacy law to safeguard personal data. Consequently, in 2011, the Department of Personnel and Training (DoPT) proposed draft privacy legislation called the ‘Right to Privacy Bill, 2011’. The DoPT Bill contained provisions for the regulation of personal data, interception of communications, visual surveillance and direct marketing. Simultaneously, the Ministry of Communications and Information Technology issued the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 to give effect to section 43A of the Information Technology Act, 2000.

The Justice Shah Group of Experts on Privacy and the National Privacy Principles
Aware of the need for privacy laws to enable economic growth, the Planning Commission constituted a Group of Experts under the chairmanship of Justice Ajit P. Shah to make specific proposals for future Indian privacy law. The Group of Experts submitted its Report to the Planning Commission in October 2012 wherein it proposed the adoption of nine National Privacy Principles. These are the principles of notice, choice and consent, collection limitation, purpose limitation, disclosure of information, security, openness, and accountability. The Report recommended the application of these principles in future privacy law.

Surveillance law in India
The cases of Kharak Singh v. State of Uttar Pradesh (1963) and Gobind v. State of Madhya Pradesh (1975) first brought the questions of permissibility and limits of surveillance to the Supreme Court for judicial review. The regime governing the interception of telecommunications is contained in section 5(2) of the Indian Telegraph Act, 1885 read with rule 419A of the Indian Telegraph Rules, 1951. The Telegraph Rules were twice amended to give effect to certain procedural safeguards laid down by the Supreme Court in PUCL v. Union of India (1996). In addition, further subordinate legislation issued to fulfil the provisions of sections 69(2) and 69B(3) of the Information Technology Act permit the interception and monitoring of electronic communications to collect traffic data and to intercept, monitor, and decrypt such communications.

About these roundtable consultations
These roundtable consultations are hosted by the Centre for Internet & Society (CIS), COAI and Vahura. They are a series of national roundtables to focus on surveillance regulation and interception of communications in relation to telecom service providers, internet service providers, internet access providers, and internet-based service providers. These roundtables are designed to elicit comments on legal proposals to regulate surveillance. The text of these legal proposals has been drafted at CIS and continues to be modified to reflect the opinions and consensus at each roundtable consultation. The objective of these meetings is gain a stakeholder-based, participatory, and democratic consensus on the future of Indian surveillance and privacy law.

For more details visit https://cis-india.org/events/surveillance-privacy-roundtable

Surveillance and Privacy

praskrishna — 2014-04-03T06:02:27Z

Presented by Sunil Abraham at LirneAsia event on March 9, 2014 in Gurgaon.

For more details visit https://cis-india.org/internet-governance/blog/surveillance-and-privacy.pdf

Surveillance

praskrishna — 2022-04-28T02:19:59Z

Surveillance

For more details visit https://cis-india.org/home-images/Surveillance.jpg

Surveillance

royson — 2008-09-21T14:57:53Z

Context

Technology and Surveillance have always been comfortable bed-partners. Each new technology has led to new and more ubiquitous form of surveillance practices premised on intensive data-mining and centralisation of data. In the age of Information Technologies, where Information is the new capital, Surveillance, as a theoretical concept and as practice takes on an unprecedented everydayness. The experience of the urban is necessarily one of being an object of surveillance. Everyday practices are now structured around models of surveillance—from CCTV in areas of consumption to physical surveillance at areas of transit—such that surveillance has become almost value neutral in its presence around us.

This overwhelming sense of being watched has led to two distinct forms of manifestation in the last four decades. The first is the sense of paranoia—the Big Brother syndrome—which has found many proponents lamenting the loss of privacy and the abduction of the personal by the State and the market. The second is in the anti-surveillance stance which demands either for an abolishing of the surveillance practices or for an ethical use of the data. While both these forms have their own merits, the debate and the stakes change considerably once we enter the digital domains.

Especially within the digital spaces, where ‘presence’, a ‘record of the presence’, and an archiving of the records are inescapable, surveillance becomes more than just a practice; it becomes an inescapable condition of being online. To be online is to leave traces, physical and digital, personal and pseudonymous. In such a case, instead of taking an either-or position around surveillance, we are now looking at what surveillance enables and what are the ways in which it mediates the complex mechanics of urban survival.

Research Agenda

What are the various forms of surveillance that we encounter in the digital world? How do we understand being subject to surveillance as a part of being online?
What are the ways to negotiate, mediate, and surpass the various forms of surveillance that are a part of cyberspaces? Who are the agents of surveillance?
What does surveillance enable for the different actors within a given space? For example, for the agent conducting the surveillance, it might be a question of collecting data. For the actor being watched, it might be a narrative condition where s/he can manifest him/her self in the process of surveillance. For the audience that becomes witness to the surveillance, a new set of relationships might emerge with the object being manifest and the practice of surveillance.
How does surveillance become a threat when it is especially conducted in the promotion of safety and security? What are the paradoxes it generates and how do we negotiate with them?
With the proliferation of portable media capture devices, what is the value of surveillance? What are the new forms of authorship that it creates? Can we look upon surveillance—the process of being watched, the knowledge of being watched, and the incessant historicisation of the present—as an aesthetic paradigm?

For more details visit https://cis-india.org/about/substantive-areas/digital-pluralism/surveillance

Surat’s Massive Surveillance Network Should Cause Concern, Not Celebration

joe — 2014-09-06T03:05:13Z

The blog post examines the surveillance network of Surat, a city in Gujarat state in India.

The Surveillance System

Surat, a city in the state of Gujarat, has recently unveiled a comprehensive closed-circuit camera surveillance system that spans almost the entire city. This makes Surat the first Indian city to have a modern, real-time CCTV system, with eye-tracking software and night vision cameras, along with intense data analysis capabilities that older systems lack.

Similar systems are planned for cities across India, from Delhi to Punjab, even those that already have older CCTV programs in place. Phase I of the system, which is currently completed, consists of 104 CCTV cameras installed at 23 locations and a 280 square foot video wall at the police control room. The video wall is one of the largest in the country, according to the Times of India.

Narendra Modi, then the Gujarat chief minister, launched the project in January 2013, though the project was original conceptualized by police commissioner Rakesh Asthana, who has cited the CCTV system in Scotland Yard as his inspiration.

Phase II of the surveillance project will involve the installation of 550 cameras at 282 locations, and in the future, police plan to install over 5000 cameras across the city. Though other security systems, like those in Delhi, rely on lines from the state owned service provider MTNL, with limited bandwidth for their CCTV network, the Surat system has its own dedicated cables.

The security system was financed by a unique Public-Private Partnership (PPP) model, where a coalition of businesses, including many manufacturing units and representatives of Surat’s textile industry want to prevent crime. The many jewelers in the city also hoped it would limit thefts. In the model, businesses interested in joining the coalition contribute Rs 25 lakh as a one-time fee and the combined fees along with some public financing go to construct the city-wide system. The chairman of the coalition is always the Commissioner of Surat Police. Members of the coalition not only get a tax break, but also believe they are helping to create a safer city for their industries to thrive.

Arguments for the System

Bomb blasts in Ahmedabad in 2008 led the Gujarat police to consider setting up surveillance systems not just in Ahmedabad, according to Scroll.in, but in many cities including Surat. Terror attacks in Mumbai in 2008 and at the Delhi High Court in 2011 lent momentum to surveillance efforts, as did international responses to terror, such as the United Kingdom’s intensive surveillance efforts in response to 2005 bombing in London. The UK’s security system has become so comprehensive that Londoners are caught on camera over 300 times a day on average. The UK’s CCTV systems cost over £500 million between 2008 and 2012, and one single crime has been solved in London for every 1,000 cameras each year, according to 2008 Metropolitan Police figures.

However, citizens in London may feel safer in their surveillance state knowing that the Home Office of the United Kingdom regulates how CCTV systems are used to ensure that cameras are being used to protect and not to spy. The UK’s Surveillance Camera Code of Practice outlines a thorough system of safeguards that make CCTV implementation less open to abuse. India currently has no comparable regulation.

The combined government worries of terrorism and business owners desire to prevent crime led to Surat’s unique PPP, ournalist Suarav Datta’s article in Scroll.in continues. Though the Surat Municipal Corporation invested Rs 2 crore, business leaders demonstrated their support for the surveillance system by donating the remaining Rs 10 crore required to build the first phase system. Phase II will cost Rs 21 crore, with the state government investing Rs 3 crore and business groups donating the other Rs 18 crore. This finance model demonstrates both public and private support for the CCTV system.

Why CCTV systems may do more harm than good

Despite hopes that surveillance through CCTV systems may prevent terrorism and crime, evidence suggests that it is not as much of a golden bullet as its proponents believe. In the UK, for example, where surveillance is practice extensively, the number of crimes captured on camera dropped significantly in 2010, because there were so many cameras that combing through all the hours footage was proving to be an exercise in futility for many officers. According to Suaray Datta’s article on Scroll.in, potential offenders in London either dodge cameras or carry out their acts in full view of them, which detracts from the argument that cameras deter crime. Additionally, prosecutors allege that the CCTV systems are of little value in court, because the quality of the footage is so low that it cannot provide conclusive proof of identities.

A 2008 study in San Francisco showed that surveillance cameras produce only a placebo effect–they do not deter crime, they just move it down the block, away from the cameras. In Los Angeles, more dramatically, there was little evidence that CCTV cameras helped detect crime, because in high traffic areas the number of cameras and operators required is so high, and because the city’s system was privately funded, the California Research Bureau’s report noted that it was open to exploitation by private interests pursuing their own goals. Surat’s surveillance efforts are largely privately funded too, a vulnerability that could lead to miscarriages of justice if private security contractors were to gain to security footage.

More evidence of the ineffectiveness of CCTV surveillance comes in the Boston marathon bombing of 2013 and the attack on the Indian parliament in 2001. In the case of the Boston bombing, release of CCTV footage to the general public led to rampant and unproductive speculation about the identity of the bomber, which resulted in innocent spectators being unfairly painted with suspicion.

India’s lack of regulation over CCTV’s also makes Surat’s new system susceptible to misuse. There is currently no strong legislation that protects citizens filmed on CCTV from having their images exploited or used inappropriately. Only police will have access to the recordings, Surat officials say, but the police themselves cannot always be trusted to adequately respect the rights of the citizens they are trying to protect.

The Report of the Group of Experts on Privacy acknowledges the lack of regulations on CCTV surveillance, and recommends that CCTV footage be legally protected from abuse. However, the Report notes that regulating CCTV surveillance to the standards of the National Privacy Principals they establish earlier in the report may not be possible for a number of reasons. First, it will be difficult to limit the quantity of information collected because the cameras are simply recording video of public spaces, and is unlikely that individuals will be able to access security footage of themselves. However, issues of consent and choice can be addressed by indicating that CCTV surveillance is taking place on entryways to monitored spaces.

Surat is not the first place in India to experiment with mass CCTV surveillance. Goa has mandated surveillance cameras in beach huts to monitor the huts and deter and detect crime. The rollout is slow and ongoing, and some of the penalties the cameras are intended to enforce seem too severe, such as potentially three months in prison for having too many beach chairs. More worryingly, there are still no laws ensuring that the footage will only be used for its proper law-enforcement objectives. Clear oversight is needed in Goa just as it is in Surat. The Privacy Commissioner outlined by the Report of the Group of Experts could be well suited to overseeing the proper administration of CCTV installations, just as the Commissioner would oversee digital surveillance.

Concerns of privacy and civil liberties appear to have flown out the window in Surat, with little public debate. It is unclear that Surat’s surveillance efforts will achieve any of their desired effects, but without needed safeguards they will present an opportunity for abuse. Perhaps CCTV initiatives need to be subjected to a little bit more scrutiny.

For more details visit https://cis-india.org/internet-governance/blog/surat-massive-surveillance-network-cause-of-concern-not-celebration

Supreme Court Order is a Good Start, but is Seeding Necessary?

Elonnai Hickok and Rohan George — 2015-09-07T13:21:58Z

This blog post seeks to unpack the ‘seeding’ process in the UIDAI scheme, understand the implications of the Supreme Court order on this process, and identify questions regarding the UID scheme that still need to be clarified by the court in the context of the seeding process.

Introduction

On August 11th 2015, in the writ petition Justice K.S Puttaswamy (Retd.) & Another vs. Union of India & Others1, the Supreme Court of India issued an interim order regarding the constitutionality of the UIDAI scheme. In response to the order, Dr. Usha Ramanathan published an article titled  'Decoding the Aadhaar judgment: No more seeding, not till the privacy issue is settled by the court' which, among other points, highlights concerns around the seeding of Aadhaar numbers into service delivery databases. She writes that "seeding' is a matter of grave concern in the UID project. This is about the introduction of the number into every data base. Once the number is seeded in various databases, it makes convergence of personal information remarkably simple. So, if the number is in the gas agency, the bank, the ticket, the ration card, the voter ID, the medical records and so on, the state, as also others who learn to use what is called the 'ID platform', can 'see' the citizen at will."2

Building off of this statement, this article seeks to unpack the 'seeding' process in the UIDAI scheme, understand the implications of the Supreme Court order on this process, and identify questions regarding the UID scheme that still need to be clarified by the Court in the context of the seeding process.

What is Seeding?

In the UID scheme, data points within databases of service providers and banks are organized via individual Aadhaar numbers through a process known as 'seeding'. The UIDAI has released two documents on the seeding process - "Approach Document for Aadhaar Seeding in Service Delivery Databases version 1.0" (Version 1.0)3 and "Standard Protocol Covering the Approach & Process for Seeding Aadhaar Number in Service Delivery Databases June 2015 Version 1.1" (Version 1.1)4

According to Version 1.0 "Aadhaar seeding is a process by which UIDs of residents are included in the service delivery database of service providers for enabling Aadhaar based authentication during service delivery."5 Version 1.0 further states that the "Seeding process typically involves data extraction, consolidation, normalization, and matching".6 According to Version 1.1, Aadhaar seeding is "a process by which the Aadhaar numbers of residents are included in the service delivery database of service providers for enabling de-duplication of database and Aadhaar based authentication during service delivery".7 There is an extra clause in Version 1.1's definition of seeding which includes "de-duplication" in addition to authentication.

Though not directly stated, it is envisioned that the Aadhaar number will be seeded into the databases of service providers and banks to enable cash transfers of funds. This was alluded to in the Version 1.1 document with the UIDAI stating "Irrespective of the Scheme and the geography, as the Aadhaar Number of a given Beneficiary finally has to be linked with the Bank Account, Banks play a strategic and key role in Seeding."8

How does the seeding process work?

The seeding process itself can be done through manual/organic processes or algorithmic/in-organic processes. In the inorganic process the Aadhaar database is matched with the database of the service provider - namely the database of beneficiaries, KYR+ data from enrolment agencies, and the EID-UID database from the UIDAI. Once compared and a match is found - for example between KYR fields in the service delivery database and KYR+ fields in the Aadhaar database - the Aadhaar number is seeded into the service delivery database.9

Organic seeding can be carried out via a number of methods, but the recommended method from the UIDAI is door to door collection of Aadhaar numbers from residents which are subsequently uploaded into the service delivery database either manually or through the use of a tablet or smart phone. Perhaps demonstrating the fact that technology cannot be used as a 'patch' for a broken or premature system, organic (manual) seeding is suggested as the preferred process by the UIDAI due to challenges such as lack of digitization of beneficiary records, lack of standardization in Name and Address records, and incomplete data.10

According to the 1.0 Approach Paper, to facilitate the seeding process, the UIDAI has developed an in house software known as Ginger. Service providers that adopt the Aadhaar number must move their existing databases onto the Ginger platform, which then organizes the present and incoming data in the database by individual Aadhaar numbers. This 'organization' can be done automatically or manually. Once organized, data can be queried by Aadhaar number by person's on the 'control' end of the Ginger platform.11

In practice this means that during an authentication in which the UIDAI responds to a service provider with a 'yes' or 'no' response, the UIDAI would have access to at least these two sets of data: 1.) Transaction data (date, time, device number, and Aadhaar number of the individual authenticating) 2.) Data associated to an individual Aadhaar number within a database that has been seeded with Aadhaar numbers (historical and incoming). According to the Approach Document version 1.0, "The objective here is that the seeding process/utility should be able to access the service delivery data and all related information in at least the read-only mode." 12 and the Version 1.1 document states "Software application users with authorized access should be able to access data online in a seamless fashion while providing service benefit to residents." 13

What are the concerns with seeding?

With the increased availability of data analysis and processing technologies, organisations have the ability to link disparate data points stored across databases in order that the data can be related to each other and thereby analysed to derive holistic, intrinsic, and/or latent assessments. This can allow for deeper and more useful insights from otherwise standalone data. In the context of the government linking data, such "relating" can be useful - enabling the government to visualize a holistic and more accurate data and to develop data informed policies through research14. Yet, allowing for disparate data points to be merged and linked to each other raises questions about privacy and civil liberties - as well as more intrinsic questions about purpose, access,  consent and choice.  To name a few, linked data can be used to create profiles of individuals, it can facilitate surveillance, it can enable new and unintended uses of data, and it can be used for discriminatory purposes.

The fact that the seeding process is meant to facilitate extraction, consolidation, normalization and matching of data so it can be queried by Aadhaar number, and that existing databases can be transposed onto the Ginger platform can give rise to Dr. Ramanthan's concerns. She argues that anyone having access to the 'control' end of the Ginger platform can access all data associated to a Aadhaar number, that convergence can now easily be initiated with databases on the Ginger platform,  and that profiling of individuals can take place through the linking of data points via the Ginger platform.

How does the Supreme Court Order impact the seeding process and what still needs to be clarified?

In the interim order the Supreme Court lays out four welcome clarifications and limitations on the UID scheme:

The Union of India shall give wide publicity in the electronic and print media including radio and television networks that it is not mandatory for a citizen to obtain an Aadhaar card;
The production of an Aadhaar card will not be condition for obtaining any benefits otherwise due to a citizen;
The Unique Identification Number or the Aadhaar card will not be used by the respondents for any purpose other than the PDS Scheme and in particular for the purpose of distribution of foodgrains, etc. and cooking fuel, such as kerosene. The Aadhaar card may also be used for the purpose of the LPG Distribution Scheme;
The information about an individual obtained by the Unique Identification Authority of India while issuing an Aadhaar card shall not be used for any other purpose, save as above, except as may be directed by a Court for the purpose of criminal investigation."15

In some ways, the court order addresses some of the concerns regarding the seeding of Aadhaar numbers by limiting the scope of the seeding process to the PDS scheme, but there are still a number of aspects of the scheme as they pertain to the seeding process that need to be addressed by the court.

These include:

The Process of Seeding

Prior to the Supreme Court interim order, the above concerns were quite broad in scope as Aadhaar could be adopted by any private or public entity - and the number was being seeded in databases of banks, the railways, tax authorities, etc. The interim order, to an extent, lessens these concerns by holding that  "The Unique Identification Number or the Aadhaar card will not be used by the respondents for any purpose other than the PDS Scheme…".

However, the Court could have perhaps been more specific regarding what is included under the PDS scheme, because the scheme itself is broad. That said, the restrictions put in place by the court create a form of purpose limitation and a boundary of  proportionality on the UID scheme. By limiting the purpose of the Aadhaar number to use in the PDS system, the  Aadhaar number can only be seeded into the databases of entities involved in the PDS Scheme, rather than any entity that had adopted the number. Despite this, the seeding process is an issue in itself for the following reasons:

Access: Embedding service delivery databases and bank databases with the Aadhaar number allows for the UIDAI or authorized users to access information in these databases. According to version 1.1 of the seeding document from the UIDAI - the UIDAI is carrying out the seeding process through 'seeding agencies'. These agencies can include private companies, public limited companies, government companies, PSUs, semi-government organizations, and NGOs that are registered and operating in India for at least three years.16 Though under contract by the UIDAI, it is unclear what information such organizations would be able to access. This ambiguity leaves the data collected by UIDAI open to potential abuse and unauthorized access. Thus, the Court Ruling fails to provide clarity on the access that the seeding process enables for the UIDAI and for private parties.

Consent: Upon enrolling for an Aadhaar number, individuals have the option of consenting to the UIDAI sharing information in three instances:

"I have no objection to the UIDAI sharing information provided by me to the UIDAI with agencies engaged in delivery of welfare services."

"I want the UIDAI to facilitate opening of a new Bank/Post Office Account linked to my Aadhaar Number.

"I have no objection to sharing my information for this purpose""I have no objection to linking my present bank account provided here to my Aadhaar number"17

Aside for the vague and sweeping language of actions users provide consent for, which raises questions about how informed an individual is of the information he consents to share, at no point is an individual provided the option of  consenting  to the UIDAI accessing data - historic or incoming - that is stored in the database of a service provider in the PDS system seeded with the Aadhaar number. Furthermore, as noted earlier, the fact that the UIDAI concedes that a beneficiary has to be linked with a bank account raises questions of consent to this process as linking one's bank account with their Aadhaar number is an optional part of the enrollment process. Thus, even with the restrictions from the court order, if individuals want to use their Aadhaar number to access benefits, they must also seed their number with their bank accounts. On this point, in an order from the Finance Ministry it was clarified that the seeding of Aadhaar numbers into databases is a voluntary decision, but if a beneficiary provides their number on a voluntary basis - it can be seeded into a database.18

Withdrawing Consent: The Court also did not directly address if individuals could withdraw consent after enrolling in the UID scheme - and if they did - whether Aadhaar numbers should be 'unseeded' from PDS related databases. Similarly, the Court did not clarify whether services that have seeded the Aadhaar number, but are not PDS related, now need to unseed the number. Though news items indicate that in some cases (not all) organizations and government departments not involved in the PDS system are stopping the seeding process19, there is no indication of departments undertaking an 'unseeding' process. Nor is there any indication of the UIDAI allowing indivduals enrolled to 'un-enroll' from the scheme. In being silent on issues around consent, the court order inadvertently overlooks the risk of function creep possible through the seeding process, which "allows numerous opportunities for expansion of functions far beyond those stated to be its purpose"20.

Verification and liability: According to Version 1.0 and Version 1.1 of the Seeding documents, "no seeding is better than incorrect seeding". This is because incorrect seeding can lead to inaccuracies in the authentication process and result in individuals entitled to benefits being denied such benefits. To avoid errors in the seeding process the UIDAI has suggested several steps including using the "Aadhaar Verification Service" which verifies an Aadhaar number submitted for seeding against the Aadhaar number and demographic data such as gender and location in the CIDR. Though recognizing the importance of accuracy in the seeding process, the UIDAI takes no responsibility for the same. According to Version 1.1 of the seeding document, "the responsibility of correct seeding shall always stay with the department, who is the owner of the database."21 This replicates a disturbing trend in the implementation of the UID scheme - where the UIDAI 'initiates' different processes through private sector companies but does not take responsibility for such processes. 22

The Scope of the UIDAI's mandate and the necessity of seeding

Aside from the problems within the seeding process itself, there is a question of the scope of the UIDAI's mandate and the role that seeding plays in fulfilling this. This is important in understanding the necessity of the seeding process.

On the official website, the UIDAI has stated that its mandate is "to issue every resident a unique identification number linked to the resident's demographic and biometric information, which they can use to identify themselves anywhere in India, and to access a host of benefits and services." 23 Though the Supreme Court order clarifies the use of the Aadhaar number, it does not address the actual legality of the UIDAI's mandate - as there is no enabling statute in place -and it does not clarify or confirm the scope of the UIDAI's mandate.

In Version 1.0 of the Seeding document the UIDAI has stated the "Aadhaar numbers of enrolled residents are being 'seeded' ie. included in the databases of service providers that have adopted the Aadhaar platform in order to enable authentication via the Aadhaar number during a transaction or service delivery."24 This statement is only partially correct. For only providing and authenticating of an Aadhaar number - seeding is not necessary as the Aadhaar number submitted for verification alone only needs to be compared with the records in the CIDR to complete authentication of the same. Yet, in an example justifying the need for seeding in the Version 1.0 seeding document the UIDAI states "A consolidated view of the entire data would facilitate the social welfare department of the state to improve the service delivery in their programs, while also being able to ensure that the same person is not availing double benefits from two different districts."25 For this purpose, seeding is again unnecessary as it would be simple to correlate PDS usage with a Aadhaar number within the PDS database. Even if limited to the PDS system,  seeding in the databases of service providers is only necessary for the creation and access to comprehensive information about an individual in order to determine eligibility for a service. Further, seeding is only necessary in the databases of banks if the Aadhaar number moves from being an identity factor - to a transactional factor - something that the UIDAI seems to envision as the Version 1.1 seeding document states that Aadhaar is sufficient enough to transfer payments to an individual and thus plays a key role in cash transfers of benefits.26

Conclusion

Despite the fact that adherence to the interim order from the Supreme Court has been adhoc27, the order does provide a number of welcome limitations and clarifications to the UID Scheme. Yet, despite limited clarification from the Supreme Court and further clarification from the Finance Ministry's Order, the process of seeding and its necessity remain unclear. Is the UIDAI taking fully informed consent for the seeding process and what it will enable? Should the UIDAI be liable for the accuracy of the seeding process? Is seeding of service provider and bank databases necessary for the UIDAI to fulfill its mandate? Is the UIDAI's mandate to provide an identifier and an authentication of identity mechanism or is it to provide authentication of eligibility of an individual to receive services? Is this mandate backed by law and with adequate safeguards? Can the court order be interpreted to mean that to deliver services in the PDS system, UIDAI will need access to bank accounts or other transactions/information stored in a service provider's database to verify the claims of the user?

Many news items reflect a concern of convergence arising out of the UID scheme.28 To be clear, the process of seeding is not the same as convergence. Seeding enables convergence which can enable profiling, surveillance, etc. That said, the seeding process needs to be examined more closely by the public and the court to ensure that society can reap the benefits of seeding while avoiding the problems it may pose.

[1]. Justice K.S Puttaswamy & Another vs. Union of India & Others. Writ Petition (Civil) No. 494 of 2012. Available at: http://judis.nic.in/supremecourt/imgs1.aspx?filename=42841

[2]. Usha Ramanthan. Decoding the Aadhaar judgment: No more seeding, not till the privacy issues is settled by the court. The Indian Express. August 12^th 2015. Available at: http://indianexpress.com/article/blogs/decoding-the-aadhar-judgment-no-more-seeding-not-till-the-privacy-issue-is-settled-by-the-court/

[3]. UIDAI. Approach Document for Aadhaar Seeding in Service Delivery Databases. Version 1.0. Available at: https://authportal.uidai.gov.in/static/aadhaar_seeding_v_10_280312.pdf

[4]. UIDAI. Standard Protocol Covering the Approach & Process for Seeding Aadhaar Numbers in Service Delivery Databases. Available at: https://uidai.gov.in/images/aadhaar_seeding_june_2015_v1.1.pdf

[5]. Version 1.0 pg. 2

[6]. Version 1.0 pg. 19

[7]. Version 1.1 pg. 3

[8]. Version 1.1 pg. 7

[9]. Version 1.1 pg. 5 -7

[10]. Version 1.1 pg. 7-13

[11]. Version 1.0 pg 19-22

[12]. Version 1.0 pg. 4

[13]. Version 1.1 pg. 5, figure 3.

[14]. David Card, Raj Chett, Martin Feldstein, and Emmanuel Saez. Expanding Access to Adminstrative Data for Research in the United States. Available at: http://obs.rc.fas.harvard.edu/chetty/NSFdataaccess.pdf

[15]. Justice K.S Puttaswamy & Another vs. Union of India & Others. Writ Petition (Civil) No. 494 of 2012. Available at: http://judis.nic.in/supremecourt/imgs1.aspx?filename=42841

[16]. Version 1.1 pg. 18

[17]. Aadhaar Enrollment Form from Karnataka State. http://www.karnataka.gov.in/aadhaar/Downloads/Application%20form%20-%20English.pdf

[18]. Business Line. Aadhaar only for foodgrains, LPG, kerosene, distribution. August 27^th 2015. Available at: http://www.thehindubusinessline.com/economy/aadhaar-only-for-foodgrains-lpg-kerosene-distribution/article7587382.ece

[19]. Bharti Jain. Election Commission not to link poll rolls to Aadhaar. The Times of India. August 15^th 2015. Available at: http://timesofindia.indiatimes.com/india/Election-Commission-not-to-link-poll-rolls-to-Aadhaar/articleshow/48488648.cms

[20]. Graham Greenleaf. “Access all areas': Function creep guaranteed in Australia's ID Card Bill (No.1) Computer Law & Security Review. Volume 23, Issue 4. 2007. Available at: http://www.sciencedirect.com/science/article/pii/S0267364907000544

[21]. Version 1.1 pg. 3

[22]. For example, the UIDAI depends on private companies to act as enrollment agencies and collect, verify, and enroll individuals in the UID scheme. Though the UID enters into MOUs with these organizations, the UID cannot be held responsible for the security or accuracy of data collected, stored, etc. by these entities. See draft MOU for registrars: https://uidai.gov.in/images/training/MoU_with_the_State_Governments_version.pdf

[23]. Justice K.S Puttaswamy & Another vs. Union of India & Others. Writ Petition (Civil) No. 494 of 2012. Available at: http://judis.nic.in/supremecourt/imgs1.aspx?filename=42841

[24]. Version 1.0 pg.3

[25]. Version 1.0 pg.4

[26]. Version 1.1 pg. 3

[27]. For example, there are reports of Aadhaar being introduced for different services such as education. See: Tanu Kulkarni. Aadhaar may soon replace roll numbers. The Hindu. August 21^st, 2015. For example: http://www.thehindu.com/news/cities/bangalore/aadhaar-may-soon-replace-roll-numbers/article7563708.ece

[28]. For example see: Salil Tripathi. A dangerous convergence. July 31^st. 2015. The Live Mint. Available at: http://www.livemint.com/Opinion/xrqO4wBzpPbeA4nPruPNXP/A-dangerous-convergence.html

For more details visit https://cis-india.org/internet-governance/blog/supreme-court-order-is-a-good-start-but-is-seeding-necessary

Sunil Abraham, CIS : "Avec l’e-G8, Nicolas Sarkozy veut promouvoir de nouvelles restrictions à la liberté d’expression"

praskrishna — 2011-05-25T11:54:51Z

Le débat continue de faire rage en Inde au sujet d’une nouvelle législation posant des limites floues et, selon certains, potentiellement dangereuses, à la liberté d’expression sur Internet. Et alors que s’ouvre à Paris l’e-G8, sur fond de polémiques autour des intentions de son principal supporteur, le président de la République Française, Nicolas Sarkozy, Sunil Abraham, directeur exécutif de l’ONG Center for Internet & Societies, a accepté de partager son regard sur l’événement, depuis Bangalore. This news was published in LE MAG IT on May 24, 2011.

LeMagIT: L’Inde vient de se doter d’une nouvelle législation relative aux technologies de l’information et de la communication. Que dénoncez-vous dans cette législation ?

Sunil Abraham: Il y a trois principales préoccupations, pour la société civile. Tout d’abord, cette nouvelle législation va au-delà de son périmètre légitime et définit des limites vagues et inconstitutionnelles à la liberté d’expression sur Internet. Par exemple, un discours dénigrant, relevant du harcèlement, blasphématoire ou haineux n’a jamais été criminel ou considéré comme tel par la justice indienne. Mais du fait de cette nouvelle législation, cela peut être puni de 3 ans de prison. Ensuite, ces règles introduisent un biais contre la participation citoyenne à toute forme de publication en ligne, en particulier dans les médias sociaux ou la production de contenus collective. Ainsi, une fois qu’un ordre de retrait a été notifié, le contenu contestable visé doit être supprimé dans un délai de 36 heures. Ou c’est l’intermédiaire concerné qui est susceptible de voir engagée sa responsabilité. De grandes entreprises telles que Google seront en mesure de gérer de telles injections et d’engager des procédures en justice mais de simples individus seront écrasés par la censure privée sans application équitable de la loi. En outre, les individus ne seront pas notifiés de l’application d’une telle censure et aucune pénalité n’est prévue pour ceux qui abuseraient du système en émettant des ordres de retrait de contenu en masse de manière automatisée. Enfin, l’État a créé un système de surveillance à plusieurs niveaux impliquant cyber-cafés, FAI et fournisseurs de services en ligne. Les garde-fous sur les réquisitions judiciaires émises par les agences de renseignement ont été dilués. La rétention de logs redondante à plusieurs niveaux fournit en outre des cibles multiples avec des vulnérabilités multiples aux criminels à la fois au sein et en dehors de ces institutions. Les violations de la vie privée vont se multiplier et ne feront que distraire les agents du renseignement de leurs missions de fond pour lutter contre la criminalité et le terrorisme.

En clair, nous pensons que ces nouvelles règles vont réfréner la liberté d’expression sur Internet en Inde en stimulant l’auto-censure, la censure privée et la surveillance. Cela va nuire à l’exercice démocratique, à la liberté des médias, et à la transparence des institutions publiques, à la culture et à la créativité, à la recherche et au développement, et enfin - mais ce n’est pas rien - à l’entrepreneuriat.

LeMagIT: Dans un contexte de suspicion sur les objectifs du forum e-G8, et avec la perspective de la nouvelle législation indienne, quel regard portez-vous sur le sommet international qui s’ouvre ce mardi 24 mai en France ?

Sunil Abraham: Nicolas Sarkozy et les nations développées de l’Ouest ont complètement perdu leur légitimité morale dans le débat sur la liberté sur Internet. Leur duplicité et leur double-langage ont été mis en lumière - d’un côté, ils critiquent la Birmanie, l’Arabie Saoudite et la Chine mais, dans le même temps, à l’intérieur de leurs frontières, ces nations ont courbé l’échine pour satisfaire aux demandes des ayants-droits. Rétention de données, exigence de justification d’identité dans les cyber-cafés, riposte graduée, investigations transnationales, etc... sont en train de devenir la norme. Nicolas Sarkozy semble avoir oublié que l’accès au savoir est le prérequis de la liberté d’expression. Le partage de l’information est une composante essentielle des activités quotidiennes des citoyens du Net. Criminaliser ces actes afin de soutenir les modèles économiques moribonds des éditeurs de logiciels et des sociétés de production de médias ne fera que réduire Internet à une télévision interactive.

En tant que personne mariée à un ayant-droit en quête de rente, Nicolas Sarkozy n’a naturellement que peu de sympathie pour l’accès [libre] à la connaissance et peut ainsi se faire le champion vocal des régimes de riposte graduée. Il serait bien capable d’interdire à quelqu’un de lire sous un livre prétexte que cette personne aurait partagé les photocopies de ce livre avec trois de ses amis. Il n’y a aucune proportionnalité entre le préjudice et la punition.

Avec l’e-G8, Nicolas Sarkozy essaie de pousser d’autres restrictions à la liberté d’expression avec son concept “d’Internet civilisé” - les régimes répressifs du monde entier ont de quoi se réjouir. Leur régulation draconienne a été importée par le pays de “liberté, égalité, fraternité.” J’espère que le peuple français se joindra aux sociétés civiles du monde entier pour rejeter les propositions de Nicolas Sarkozy.

Sunil's original response in English

What is wrong with the latest IT Rules 2011 [Intermediary Due Diligence, Cyber Cafe and Reasonable Security Measures) under the IT Act [Amendment 2008]

There are 3 broad concerns that civil society has with the latest IT rules. One, they go beyond the the scope of the IT Act and place unconstitutional and vague limits on freedom of expression online. For example speech that is harmful, harassing, disparaging, blasphemous or hateful has never been criminal or defined by Indian courts. But thanks to the latest rules, they are punishable with 3 years of imprisonment. Two, the rules are biased against citizen participation in online publication especially in the form of social media and commons based peer production. Once a take down notice is received the objectionable content has to be deleted within 36 hour otherwise the intermediary looses immunity. Large corporations like Google will be able to manage due diligence and also fight court battles but individual users will becrushed by private censorship sans due process of law. This individuals will not be notified when such censorship occurs and there is no penalty for those who abuse the system by sending bulk machine generated take-downs. Three, the state has mandated a multi-tier blanket surveillance regime - by cyber-cafes, ISPs and application service providers. Safeguards for information requests by intelligence agencies have been diluted. Redundant multi-level retention of logs provides multiple targets with multiple vulnerabilities to criminals both inside and outside these institutions. Privacy violations will multiply only serving a big distraction from the real intelligence work required to stop criminals and terrorists.

In brief - we believe the latest rules have a chilling effect on online freedom of expression in India via self-censorship, private censorship and blanket surveillance. This will undermine - democratic governance, free media, transparency and accountability in public institutions, culture and creativity, research and development and last but not least entrepreneurship.

What is wrong with Sarkozy's agenda at the e-G8

Sarkozy and developed western nations have completely lost their higher moral ground on net freedom. Their duplicity and double-speak has been exposed - on the one hand they criticise Burma, Saudi Arabia and China. But simultaneously at home these nations have bent backwards to please rights-holders. Blanket data retention, real ID requirements at cyber-cafes, three strikes regime, cross-border searches, etc are becoming the norm. Sarkozy appears to have forgotten that access to knowledge is the precondition for freedom of expression. Sharing of information is an essential component of the everyday Internet use of ordinary netizens. Criminalising these acts in order to prop up extinct business models of media houses and software companies will only reduce the Internet to interactive television.

Read the original published by LeMagIT here

For more details visit https://cis-india.org/news/avec-i-e-g-8

Summary of the CIS workshop on the Draft Human DNA Profiling Bill 2012

maria — 2013-07-12T15:33:25Z

On March 1st, 2013, the Centre for Internet and Society organized a workshop which analysed the April 2012 draft Human DNA Profiling Bill and its potential implications on human rights in India.

This research was undertaken as part of the 'SAFEGUARDS' project that CIS is undertaking with Privacy International and IDRC.

Think you control who has access to your DNA data? That might just be a myth of the past. Today, clearly things have changed, as draft Bills with the objective of creating state, regional, and national DNA databases in India have been leaked over the last years. Plans of profiling certain residents in India are being unravelled as, apparently, the new policy when collecting, handling, analysing, sharing and storing DNA data is that all personal information is welcome; the more, the merrier!

Who is behind all of this? The Centre for DNA Fingerprinting and Diagnostics in India created the 2007 draft DNA Profiling Bill[1], with the aim of regulating the use of DNA for forensic and other purposes. In February 2012 another draft of the Bill was leaked which was created by the Department of Biotechnology. The most recent version of the Bill was drafted in April 2012 and seeks to create DNA databases at the state, regional and national level in India[2]. According to the latest 2012 draft Human DNA Profiling Bill, each DNA database will contain profiles of victims, offenders, suspects, missing persons and volunteers for the purpose of identification in criminal and civil proceedings. The Bill also establishes a process for certifying DNA laboratories, and a DNA Profiling Board for overseeing the carrying out of the Act.

However, the 2012 draft Human DNA Profiling Bill lacks adequate safeguards and its various loopholes and overreaching provisions could create a potential for abuse. The creation of DNA databases is currently unregulated in India and although regulations should be enacted to prevent data breaches, the current Bill raises major concerns in regards to the collection, use, analysis and retention of DNA samples, DNA data and DNA profiles. In other words, the proposed DNA databases would not only be restricted to criminals…

DNA databases...and Justice for All?

Source: Libertas Academica on flickr

During the workshop [3]on the 2012 draft Human DNA Profiling Bill, DNA[4] was defined as a material that determines a persons´ hereditary traits, whilst DNA profiling[5] was defined as the processing and analysis of unique sequences of parts of DNA. Thus the uniqueness of DNA data is clear and the implications that could potentially occur through its profiling could be tremendous. The 2007 DNA Profiling Bill has been amended, yet its current 2012 version appears not only to be more intrusive, but to also be extremely vague in terms of protecting data, whilst very deterministic in regards to the DNA Profiling Board´s power. A central question in the meeting was:

Should DNA databases be created at all?

The following concerns were raised and discussed during the workshop:

● The myth of the infallibility of DNA evidence

The Innocence Project[6], which was presented at the workshop, appears to provide an appeal towards the storage of DNA samples and profiles, as it represents clients seeking post-conviction DNA testing to prove their innocence. According to statistics presented at the workshop, there have been 303 post-conviction exonerations in the United States, as a result of individuals proving their innocence through DNA testing. Though post-conviction exonerations can be useful, they cannot be the basis and main justification for creating DNA databases. Although DNA testing could enable post-conviction exonerations, errors in matching data remain a high probability and could result in innocent people being accused, arrested and prosecuted for crimes they did not commit. Thus, arguments towards the necessity and utility of the creation of DNA databases in India appear to be weak, especially since DNA evidence is not infallible[7].

False matches can occur based on the type of profiling system used, and errors can take place in the chain of custody of the DNA sample, all of which indicate the weakness of DNA evidence being used. DNA data only provides probabilities of potential matches between DNA profiles and the larger the amount of DNA data collected, the larger the probability of an error in matching profiles[8].

● The non-criteria of DNA data collection

How and when can DNA data be collected? The amended draft 2012 Bill remains extremely vague and broad. In particular, the Bill states that all offences under the Indian Penal Code and other laws, such as the Immoral Traffic (Prevention) Act, 1956, are applicable instances of human DNA profiling. Section B(viii) of the Schedule states that human DNA profiling will be applicable for offences under ´any other law as may be specified by the regulations made by the Board´. This incredibly vague section empowers the DNA Profiling Board with the ultimate power to decide upon the offences under which DNA data will be collected. The issue is this: most laws have loopholes. A Bill which lists applicable instances of human DNA profiling, under the umbrella of a potentially indefinite number of laws, exposes individuals to the collection of their DNA data, which could lead to potential abuse.

● The DNA Profiling Board´s power

The DNA Profiling Board has ´absolute´ power, especially according to the 2012 draft Human DNA Profiling Bill. Some of the Board´s functions include providing recommendations for provision of privacy protection laws, regulations and practices relating to access to, or use of, stored DNA samples or DNA analyses[9]. The Board is also required to advise on all ethical and human rights issues, as well as to take ´necessary steps´ to protect privacy. However, it remains unclear how a Board which lacks human rights expertise will carry out such tasks.

No human rights experts

Despite the various amendments[10] to the section on the composition of the Board, no privacy or human rights experts have been included. According to the Bill, the Board will be comprised of many molecular biologists and other scientists, while human rights experts have not been included to the list. This can potentially be problematic as a lack of expertise on privacy and human rights laws can lead to the regulation of DNA databases without taking civil liberties into consideration.

Vague authorisation for communication of DNA profiles

The Bill also empowers the Board to ´authorise procedures for communication of DNA profiles for civil proceedings and for crime investigation by law enforcement and other agencies´[11]. Although the 2007 Bill [12]restricted the Boards´ authorisation to crime investigation by law enforcement agencies, its 2012 amendment extends such authorisation to ´civil proceedings´ which can also be carried out by so-called ´other agencies´.[13] This amendment raises concerns, as the ´other agencies´ and the term ´civil proceedings´ remain vague.

Protecting the public

The Board is also authorised to ´assist law enforcement agencies in using DNA techniques to protect the public´[14]. Over the last years, laws are being enacted that enable law enforcement agencies to use technologies for surveillance purposes in the name of ´public security´, and the 2012 draft Bill is no exception. Many security measures have been applied to ´protect the public´, such as CCTV cameras and other technologies, but their actual contribution to public safety still remains a controversial debate[15]. DNA techniques which would effectively protect the public have not been adequately proven, thus it remains unclear how the Board would assist law enforcement agencies.

Sharing data with international agencies…and regulating DNA laboratories

In addition to the above, the Board would also encourage cooperation between Indian investigation agencies and international agencies[16]. This would potentially enable the sharing of DNA data between third parties and would enhance the probability of data being leaked to unauthorised third parties.

The Board would also be authorised to regulate the standards, quality control and quality assurance obligations of the DNA laboratories[17]. The draft 2012 Bill ultimately gives monopolistic control to the DNA Profiling Board over all the procedures related to the handling of DNA data!

● The DNA Data Bank Manager

According to the 2012 draft Human DNA Profiling Bill[18], it is the DNA Data Bank Manager who would carry out ´all operations of and concerning the National DNA Data Bank´. All such operations are not clearly specified. The powers and duties that the DNA Data Bank Manager would be expected to have are not specified in the Bill, which merely states that they would be specified by regulations made by the DNA Profiling Board.

The Bill also empowers the Manager to determine appropriate instances for the communication of information[19]. In other words, law enforcement agencies and DNA laboratories can request the disclosure of information from the DNA Data Bank Manager, without prior authorisation. The DNA Data Bank Manager is empowered to decide the requested data.

DNA access restrictions

Are you a victim or a cleared suspect? You better be, if you want access to your data to be restricted! The 2012 draft Human DNA Profiling Bill [20]states that access to information will be restricted in cases when a DNA profile derives from a victim or a person who has been excluded as a suspect. The Bill is unclear as to how access to the data of non-victims or suspects is regulated.

● Availability of DNA profiles and DNA samples

According to the amended draft 2012 Bill[21], DNA profiles and samples can be made available in criminal cases, judicial proceedings and for defence purposes among others. However, ´criminal cases´ are loosely defined and could enable the availability of DNA data in low profile cases. Furthermore, the availability of DNA data is also enabled for the ´creation and maintenance of a population statistics database´. This is controversial because it remains unclear how such a database would be used.

● Data destruction

According to an amendment to section 37, DNA data will be kept on a ´permanent basis´ and the DNA Data Bank Manager will expunge a DNA profile only once the court has certified that an individual is no longer a suspect. This raises major concerns, as it does not clarify under what conditions individuals can have access to their data during its retention, nor does it give volunteers and missing persons the opportunity to have their data deleted from the data bank.

Workshop conclusions

Source: micahb37 on flickr

The various loopholes in the Bill which can create a potential for abuse were discussed throughout the workshop, as well as various issues revolving around DNA data retention, as previously mentioned.

During the workshop, some participants questioned the creation of DNA databases to begin with, while others argued that they are inevitable and that it is not a question of whether they should exist, but rather a question of how they should be regulated. All participants agreed upon the need for further safeguards to protect individuals´ right to privacy and other human rights. Further research on the necessity and utility of the creation of DNA databases in regards to human rights was recommended. In addition to all the above, the Ministry of Law and Justice was recommended to pilot the draft DNA Profiling Bill to ensure better provisions in regards to privacy and data protection.

A debate on the use of DNA data in civil cases versus criminal cases was largely discussed in the workshop, with concerns raised in regards to DNA sampling being enabled in civil cases. The fact that the terms ´civil cases´ and ´criminal cases´ remain broad, vague and not legally-specified, raised huge concerns in the workshop as this could enable the misuse of DNA data by authorities. Thus, the members attending the workshop recommended the creation of two separate Bills regulating the use of DNA data: a DNA Profiling Bill for Criminal Investigation and a DNA Profiling Bill for Research. The creation of such Bills would restrict the access to, collection, analysis, sharing of and retention of DNA data to strictly criminal investigation and research purposes.

However, even if separate Bills were created, who is to say that when implemented DNA in the database would not be abused? Criminal investigations can be loosely defined and research purposes can potentially cover anything and everything. So the question remains:

Should DNA databases be created at all?

[1] Draft DNA Profiling Bill 2007, http://dbtindia.nic.in/DNA_Bill.pdf

[2] Human DNA Profiling Bill 2012: Working draft versión – 29th April 2012,

[3] Centre for Internet and Society, Analyzing the Draft Human DNA Profiling Bill 2012, 25 February 2013, http://cis-india.org/internet-governance/events/analyzing-draft-human-dna-profiling-bill

[4] Genetics Home Reference: Your Guide to Understanding Genetic Conditions, What is DNA?, http://ghr.nlm.nih.gov/handbook/basics/dna

[5] Shanna Freeman, How DNA profiling Works, http://science.howstuffworks.com/dna-profiling.htm

[6] Innocence Project, DNA exoneree case profiles, http://www.innocenceproject.org/know/

[7] Australian Law Reform Commission (ALRC), Essentially Yours: The Protection of Human Genetic Information in Australia (ALRC Report 96), ´Criminal Proceedings: Reliability of DNA evidence´, Chapter 44, http://www.alrc.gov.au/publications/44-criminal-proceedings/reliability-dna-evidence

[8] Ibid.

[9] Human DNA Profiling Bill 2012: Working draft version – 29th April 2012, Section 12(o, p, t), http://cis-india.org/internet-governance/blog/draft-dna-profiling-bill-2012.pdf

[10] Ibid: Section 4(q)

[11] Ibid: Section 12(j)

[12] Draft DNA Profiling Bill 2007, Section 13, http://dbtindia.nic.in/DNA_Bill.pdf

[13] : Human DNA Profiling Bill 2012: Working draft version – 29^th April 2012, Sections 12(j), http://cis-india.org/internet-governance/blog/draft-dna-profiling-bill-2012.pdf

[14] Ibid: Section 12(l)

[15] Schneier, B.(2008), Schneier on Security, ´CCTV cameras´, http://www.schneier.com/blog/archives/2008/06/cctv_cameras.html

[16] Human DNA Profiling Bill 2012: Working draft version – 29^th April 2012, Sections 12(u) and 12(v), http://cis-india.org/internet-governance/blog/draft-dna-profiling-bill-2012.pdf

[17] Ibid: Section on the ´Standards, Quality Control and Quality Assurance Obligations of DNA Laboratories´

[18] Ibid: Section 33

[19] Ibid: Section 35

[20] Ibid: Section 43

[21] Ibid: Section 40

For more details visit https://cis-india.org/internet-governance/blog/summary-of-cis-workshop-on-dna-profiling-bill-2012

Submission to UN High Level Panel on Digital Cooperation

Admin — 2019-02-19T00:55:04Z

For more details visit https://cis-india.org/internet-governance/files/submission-to-un-high-level-panel-on-digital-cooperation