Centre for Internet and Society

Mastering the Art of Keeping Indians Under Surveillance

bhairav — 2015-08-23T12:26:48Z

In its first year in office, the National Democratic Alliance government has been notably silent on the large-scale surveillance projects it has inherited. This ended last week amidst reports the government is hastening to complete the Central Monitoring System (CMS) within the year.

The article was published in the Wire on May 30, 2015.

In a statement to the Rajya Sabha in 2009, Gurudas Kamat, the erstwhile United Progressive Alliance’s junior communications minister, said the CMS was a project to enable direct state access to all communications on mobile phones, landlines, and the Internet in India. He meant the government was building ‘backdoors’, or capitalising on existing ones, to enable state authorities to intercept any communication at will, besides collecting large amounts of metadata, without having to rely on private communications carriers.

This is not new. Legally sanctioned backdoors have existed in Europe and the USA since the early 1990s to enable direct state interception of private communications. But the laws of those countries also subject state surveillance to a strong regime of state accountability, individual freedoms, and privacy. This regime may not be completely robust, as Edward Snowden’s revelations have shown, but at least it exists on paper. The CMS is not illegal by itself, but it is coloured by the compromised foundation of Indian surveillance law upon which it is built.

Surveillance and social control

The CMS is a technological project. But technology does not exist in isolation; it is contextualised by law, society, politics, and history. Surveillance and the CMS must be seen in the same contexts.

The great sociologist Max Weber claimed the modern state could not exist without monopolising violence. It seems clear the state also entertains the equal desire to monopolise communications technologies. The state has historically shaped the way in which information is transmitted, received, and intercepted. From the telegraph and radio to telephones and the Internet, the state has constantly endeavoured to control communications technologies.

Law is the vehicle of this control. When the first telegraph line was laid down in India, its implications for social control were instantly realised; so the law swiftly responded by creating a state monopoly over the telegraph. The telegraph played a significant role in thwarting the Revolt of 1857, even as Indians attempted to destroy the line; so the state consolidated its control over the technology to obviate future contests.

This controlling impulse was exercised over radio and telephones, which are also government monopolies, and is expressed through the state’s surveillance prerogative. On the other hand, because of its open and decentralised architecture, the Internet presents the single greatest threat to the state’s communications monopoly and dilutes its ability to control society.

Interception in India

The power to intercept communications arises with the regulation of telegraphy. The first two laws governing telegraphs, in 1854 and 1860, granted the government powers to take possession of telegraphs “on the occurrence of any public emergency”. In 1876, the third telegraph law expanded this threshold to include “the interest of public safety”. These are vague phrases and their interpretation was deliberately left to the government’s discretion.

This unclear formulation was replicated in the Indian Telegraph Act of 1885, the fourth law on the subject, which is currently in force today. The 1885 law included a specific power to wiretap. Incredibly, this colonial surveillance provision survived untouched for 87 years even as countries across the world balanced their surveillance powers with democratic safeguards.

The Indian Constitution requires all deprivations of free speech to conform to any of nine grounds listed in Article 19(2). Public emergencies and public safety are not listed. So Indira Gandhi amended the wiretapping provision in 1972 to insert five grounds copied from Article 19(2). However, the original unclear language on public emergencies and public safety remained.

Indira Gandhi’s amendment was ironic because one year earlier she had overseen the enactment of the Defence and Internal Security of India Act, 1971 (DISA), which gave the government fresh powers to wiretap. These powers were not subject to even the minimal protections of the Telegraph Act. When the Emergency was imposed in 1975, Gandhi’s government bypassed her earlier amendment and, through the DISA Rules, instituted the most intensive period of surveillance in Indian history.

Although DISA was repealed, the tradition of having parallel surveillance powers for fictitious emergencies continues to flourish. Wiretapping powers are also found in the Maharashtra Control of Organised Crime Act, 1999 which has been copied by Karnataka, Andhra Pradesh, Arunachal Pradesh, and Gujarat.

Procedural weaknesses

Meanwhile, the Telegraph Act with its 1972 amendment continued to weather criticism through the 1980s. The wiretapping power was largely exercised free of procedural safeguards such as the requirements to exhaust other less intrusive means of investigation, minimise information collection, limit the sharing of information, ensure accountability, and others.

This changed in 1996 when the Supreme Court, on a challenge brought by PUCL, ordered the government to create a minimally fair procedure. The government fell in line in 1999, and a new rule, 419A, was put into the Indian Telegraph Rules, 1951.

Unlike the United States, where a wiretap can only be ordered by a judge when she decides the state has legally made its case for the requested interception, an Indian wiretap is sanctioned by a bureaucrat or police officer. Unlike the United Kingdom, which also grants wiretapping powers to bureaucrats but subjects them to two additional safeguards including an independent auditor and a judicial tribunal, an Indian wiretap is only reviewed by a committee of the original bureaucrat’s colleagues. Unlike most of the world which restricts this power to grave crime or serious security needs, an Indian wiretap can even be obtained by the income tax department.

Rule 419A certainly creates procedure, but it lacks crucial safeguards that impugn its credibility. Worse, the contours of rule 419A were copied in 2009 to create flawed procedures to intercept the content of Internet communications and collect metadata. Unlike rule 419A, these new rules issued under sections 69(2) and 69B(3) of the Information Technology Act 2000 have not been constitutionally scrutinised.

Three steps to tap

Despite its monopoly, the state does not own the infrastructure of telephones. It is dependent on telecommunications carriers to physically perform the wiretap. Indian wiretaps take place in three steps: a bureaucrat authorises the wiretap; a law enforcement officer serves the authorisation on a carrier; and, the carrier performs the tap and returns the information to the law enforcement officer.

There are many moving parts in this process, and so there are leaks. Some leaks are cynically motivated such as Amar Singh’s lewd conversations in 2011. But others serve a public purpose: Niira Radia’s conversations were allegedly leaked by a whistleblower to reveal serious governmental culpability. Ironically, leaks have created accountability where the law has failed.

The CMS will prevent leaks by installing servers on the transmission infrastructure of carriers to divert communications to regional monitoring centres. Regional centres, in turn, will relay communications to a centralised monitoring centre where they will be analysed, mined, and stored. Carriers will no longer perform wiretaps; and, since this obviates their costs of compliance, they are willing participants.

In its annual report of 2012, the Centre for the Development of Telematics (C-DOT), a state-owned R&D centre tasked with designing and creating the CMS, claimed the system would intercept 3G video, ILD, SMS, and ISDN PRI communications made through landlines or mobile phones – both GSM and CDMA.

There are unclear reports of an expansion to intercept Internet data, such as emails and browsing details, as well as instant messaging services; but these remain unconfirmed. There is also a potential overlap with another secretive Internet surveillance programme being developed by the Defence R&D Organisation called NETRA, no details of which are public.

Culmination of surveillance

In its present state, Indian surveillance law is unable to bear the weight of the CMS project, and must be vastly strengthened to protect privacy and accountability before the state is given direct access to communications.

But there is a larger way to understand the CMS in the context of Indian surveillance. Christopher Bayly, the noted colonial historian, writes that when the British set about establishing a surveillance apparatus in colonised India, they came up against an established system of indigenous intelligence gathering. Colonial rule was at its most vulnerable at this point of intersection between foreign surveillance and indigenous knowledge, and the meeting of the two was riven by suspicion. So the colonial state simply co-opted the interface by creating institutions to acquire local knowledge.

The CMS is also an attempt to co-opt the interface between government and the purveyors of communications; because if the state cannot control communications, it cannot control society. Seen in this light, the CMS represents the natural culmination of the progression of Indian surveillance. No challenge against it that does not question the construction of the modern Indian state will be successful.

For more details visit https://cis-india.org/internet-governance/blog/the-wire-may-30-2015-bhairav-acharya-mastering-the-art-of-keeping-indians-under-surveillance

The Four Parts of Privacy in India

bhairav — 2015-08-23T13:04:50Z

Privacy enjoys an abundance of meanings. It is claimed in diverse situations every day by everyone against other people, society and the state.

Traditionally traced to classical liberalism’s public/private divide, there are now several theoretical conceptions of privacy that collaborate and sometimes contend. Indian privacy law is evolving in response to four types of privacy claims: against the press, against state surveillance, for decisional autonomy, and in relation to personal information. The Indian Supreme Court has selectively borrowed competing foreign privacy norms, primarily American, to create an unconvincing pastiche of privacy law in India. These developments are undermined by a lack of theoretical clarity and the continuing tension between individual freedoms and communitarian values.

This was published in Economic & Political Weekly, 50(22), 30 May 2015. Download the full article here.

For more details visit https://cis-india.org/internet-governance/blog/economic-and-political-weekly-bhairav-acharya-may-30-2015-four-parts-of-privacy-in-india

Your phone is a surveillance device, your ISP a surveillance provider…: Pranesh Prakash

praskrishna — 2015-06-17T14:53:40Z

“In India there is no special privilege for journalists over ordinary citizens,” Pranesh Prakash, Policy Director at the Centre for Internet and Society began at the workshop entitled ‘Digital Security for Journalists’ organised by the Mumbai Press Club and the Centre for Internet and Society.

The blog post was published by mxmindia.com on May 27, 2015. Pranesh Prakash gave his inputs.

“Even if you don’t care about your own security/privacy, think about you sources. Your sources want privacy,” Prakash said as he began the workshop on how to assess security threats, how to protect sources and how to prevent your ISP from leaking out information. With the growth of the internet since the 1980s, we know we can’t trust everyone; police stations, governments, all engage in surveillance of some sort, he pointed out. Prakash went on to explain the ‘Threat Model’, wherein journalists ought to ask questions like what are you protecting, who are you protecting yourself against, what do you hope to achieve and to what lengths are you willing to go? All of the measures you are going to take to protect your source are going to be inconvenient. Security is always at the cost of convenience he reiterated.

Data threat can be intercepted at two levels, Prakash explained; data in transit and data at rest. The important question to ask is which you wish to secure, because the means to secure both are very different.Emails being sent to someone can be intercepted by an outside source in transit. It is easier to secure you own data on your computer, but an email is so much more difficult to secure because there are multiple points where the information is stored. Targeted surveillance is much more difficult to protect yourself against than mass surveillance.

For WiFi, password protected networks form an encryption, one more barrier to protect you. However, a WEP encrypted network is easy to break through. You need at least a WPAII to be secure enough. Airport networks usually ask for a password after connecting to the WiFi. That too is easy to see through. Avoid using these networks for sensitive work.

One must keep in mind who they want to secure the data from; whether from a casual threat or an Intelligence Agency like the National Security Agency (NSA), National Technical Research Organisation (NTRO) or Intelligence Bureau (IB).Mass surveillance or non-targeted surveillance is not legal in India. However. the NTRO engages in mass surveillance, for which it was criticised in a Mint article, following which they shifted only to the national borders for surveillance. It is also possible for the NSA to tamper with your laptop before delivery.The NSA’s ANT catalogue has been working on a technology that has a device that can fit within the connector that connects to your keyboards and it can last there years and years without detection. Hence Prakash suggests that if a journalist is working on a sensitive story that if leaked could cause a ruckus, he/she would be safer buying a new computer and paying for it in hard cash.

The more important a source is, the less you must use your phone, Prakash pointed out. Phones leak information time and again, information of time and location. The NSA uses it, the police use it. If you are meeting with someone and you both have your phone, then information that you have met is transmitted. Even without GPS it can track your location, when you receive/send a call/message, as your mobile network needs to access the cell tower you are around in order to reach you.

Encrypted emails still leak identities. If the police look into an encrypted email, they will still know who you are communicating with. Background information you are doing on a story can also give away a lot you don’t want to be given away. Even with an encrypted email, they have access to your location, IP address, the sender and the receiver of the email, time stamp, Mac id and IMEI.

End-to-end encryption is the way out here.This means that no one in the middle, including the company can read the emails you send from your company server. End-to-end encryption is the most inconvenient. End-to-end encryption means that you and the party concerned need to come up with a code that the other party needs to be able to decrypt. The software both parties use also needs to be compatible.

“I recommend using WhatsApp over Viber and Line, Skype over other alternatives and Twitter is also safe, but never use Facebook for sensitive conversations that you don’t want to get out,” Prakash said. WhatsApp is safer than normal text messaging he points out. Prakash recommended an app called Conversations to use for messaging on your phone. It is safer than both normal SMSing and WhatsApp. An SMS leaks metadata, he explains, that’s why it is preferable to use data or apps that use the internet.

In the 2G network space, only Airtel and Docomo use at least a weak encryption.All the rest use no encryption. Anyone can snoop in on your conversations. Instead one must use data-enabled apps for calling like RedPhone, he suggested. This is a great way to protect your source.

Most people are known to repeat passwords for various accounts. Never repeat a password, Prakash advised. Maintain different passwords for all your accounts. It is the safest. And if you are unable to remember them all, then use password managementsoftware like LastPass or KeyPass. These enable you to key in and store all your passwords in one place and you only have to remember the password to your LastPass/KeyPass account. But if you forget your master password, then there is no way to recover all your other passwords.

The session concluded with Prakash working hands-on with the journalists, helping them to download the required software on their laptops and mobile phones. This knowledge is vital for all journalists in order to protect themselves and their sources when doing a high profile, sensitive story, Prakash said.

For more details visit https://cis-india.org/internet-governance/news/mxmindia-may-27-2015-dyanne-coelho-your-phone-is-a-surveillance-device-your-isp-a-surveillance-provider

Paper-thin Safeguards and Mass Surveillance in India

chinmayi — 2015-06-20T10:17:57Z

The Indian government's new mass surveillance systems present new threats to the right to privacy. Mass interception of communication, keyword searches and easy access to particular users' data suggest that state is moving towards unfettered large-scale monitoring of communication. This is particularly ominous given that our privacy safeguards remain inadequate even for targeted surveillance and its more familiar pitfalls.

This need for better safeguards was made apparent when the Gujarat government illegally placed a young woman under surveillance for obviously illegitimate purposes, demonstrating that the current system is prone to egregious misuse. While the lack of proper safeguards is problematic even in the context of targeted surveillance, it threatens the health of our democracy in the context of mass surveillance. The proliferation of mass surveillance means that vast amounts of data are collected easily using information technology, and lie relatively unprotected.

This paper examines the right to privacy and surveillance in India, in an effort to highlight more clearly the problems that are likely to emerge with mass surveillance of communication by the Indian Government. It does this by teasing out Indian privacy rights jurisprudence and the concerns underpinning it, by considering its utility in the context of mass surveillance and then explaining the kind of harm that might result if mass surveillance continues unchecked.

The first part of this paper threads together the evolution of Indian constitutional principles on privacy in the context of communication surveillance as well as search and seizure. It covers discussions of privacy in the context of our fundamental rights by the draftspersons of our constitution, and then moves on to the ways in which the Supreme Court of India has been reading the right to privacy into the constitution.

The second part of this paper discusses the difference between mass surveillance and targeted surveillance, and international human rights principles that attempt to mitigate the ill effects of mass surveillance.

The concluding part of the paper discusses mass surveillance in India, and makes a case for expanding our existing privacy safeguards to protect the right to privacy in a meaningful manner in face of state surveillance.

Download the paper here.

For more details visit https://cis-india.org/internet-governance/blog/paper-thin-safeguards-and-mass-surveillance-in-india

March 2015 Bulletin

praskrishna — 2015-05-12T01:36:18Z

Newsletter for the month of March.

We are happy to share with you the third issue of the CIS newsletter (March 2015). The past editions of the newsletter can be accessed at http://cis-india.org/about/newsletters.

Highlights

In a landmark judgement upholding the freedom of expression, the Supreme Court of India on March 24, 2015 struck down a provision (Section 66 A of the IT Act) which provided the power to arrest anyone for posting offensive comments online. Geetha Hariharan in her blog post captures the happenings which led to the court ruling.

CIS in partnership with Privacy International is doing the GSMA project that seeks to understand different legal and regulatory aspects of security and surveillance in India. The research outputs published thus far are now online in a consolidated blog post.
CIS as part of its RAW programme is inviting abstracts for essays that explore what it means to study Internet(s) in India today.
CIS is pleased to announce that the Researchers at Work (RAW) programme is supporting a new collaborative publishing project led by T.A.J. Residency / SKE Projects and or-bits.com. The first volume of the series titled 'Silicon Plateau' will feature contributions by a group of well-known artists, researchers, and writers.
Sumandro Chattapadhyay's paper titled 'Whose Open Data Community is it? Reflections on the Open Data Ecosystem in India' has been accepted for presentation at the Open Data Research Symposium to be held during the 3rd International Open Data Conference in Ottawa, Canada, on May 28-29 2015.
CIS has been invited to contribute two sections to the Asia Internet History - Third Decade (2001 - 2010) book edited by Dr. Kilnam Chon. The sections will discuss the activities and experiences of civil society organisations in Asia and India, respectively, in national, regional, and global Internet governance processes. Draft outlines of the sections are shared here . Comments and suggestions are invited.

CIS has prepared an open proposal to the Wikimedia Foundation to support its annual plan with USD 208,603.
CIS has prepared a draft work plan for the period July 2015 to June 2016 . This work plan consists of 18 programs across 6 verticals.
On December 24, 2015, Bharti Airtel, one of India's largest telecom players, announced the introduction of a new 'VOIP' usage policy for its mobile users. Tarun Krishnakumar analyses the developments in a blog post.

In his monthly column published in the Business Standard on March 4, 2015, Shyam Ponappa writes "systems and methods for access through elements that provide connectivity - spectrum, fibre-optic cable, coaxial cable, or "twisted-pairs" for ADSL - must be devised in an integrated manner and made available at low cost.
NVDA team as part of its project on developing text-to-speech software in 15 Indian languages has published key updates ofBengali and Assamese language testing.
In the year 2013 Nehaa Chaudhari had worked on a module on IP Rights for UNESCO's Open Access Curriculum. The module was published recently and is available under the CC-BY-SA 3.0 IGO license.

Rohini Lakshané in a blog post chronicles information about big-ticket lawsuits pertaining to mobile technology patents filed in India.

► Vacancies at CIS

CIS is seeking applications for these posts:

Assistant Project Manager : To assist the Project Manager on all tasks relating to the organization of the Fourth Global Congress on Intellectual Property and the Public Interest, which will take place in New Delhi from December 15-17, 2015.
Internship : CIS is providing opportunities for students enrolled in graduate programmes to undertake internship at its offices in Bangalore and Delhi. Eligible candidates are welcome to participate in our internship programme.

----------------------------------------------
Accessibility and Inclusion
----------------------------------------------
Under a grant from the Hans Foundation we are doing two projects. The first project is on creating a national resource kit of state-wise laws, policies and programmes on issues relating to persons with disabilities in India. CIS in partnership with CLPR (Centre for Law and Policy Research) compiled the National Compendium of Policies, Programmes and Schemes for Persons with Disabilities (29 states and 6 union territories). The publication has been finalised and is being printed. The draft chapters and the quarterly reports can be accessed on the project page. The second project is on developing text-to-speech software for 15 Indian languages. The progress made so far in the project can be accessed here.

►NVDA and eSpeak

Monthly Updates

March 2015 Report (Suman Dogra; March 31, 2015).

Language Testing Reports

Assamese Language (Nirmita Narasimhan; March 23, 2015).
Bengali Language (Nirmita Narasimhan; March 24, 2015).

Event Organized

Report on Training on the Use of eSpeak in Hindi with NVDA (Organized by NVDA team; Dr. Shakuntala Mishra National Rehabilitation University, Lucknow; March 16 - 29, 2015).

-----------------------------------------------------------
Access to Knowledge
-----------------------------------------------------------
As part of the Access to Knowledge programme we are doing two projects. The first one (Pervasive Technologies) under a grant from the International Development Research Centre (IDRC) is for research on the complex interplay between pervasive technologies and intellectual property to support intellectual property norms that encourage the proliferation and development of such technologies as a social good. The second one (Wikipedia) under a grant from the Wikimedia Foundation is for the growth of Indic language communities and projects by designing community collaborations and partnerships that recruit and cultivate new editors and explore innovative approaches to building projects.

►Pervasive Technologies

As part of the Pervasive Technologies project, Rohini Lakshané has written a blog entry that chronicles information on big-ticket lawsuits pertaining to mobile technology patents filed in India. As part of broader Access to Knowledge work UNESCO published a module on Intellectual Property Rights, Copyright and Alternative to a Strict Copyright Regime.

Module Units

Intellectual Property Rights - Open Access for Researchers (Nehaa Chaudhari; March 19, 2015, UNESCO). Nehaa worked on a module on Intellectual Property Rights for United Nations Educational, Scientific and Cultural Organization (UNESCO)'s Open Access Curriculum (Curriculum for Researchers) as part of a project for the Commonwealth Educational Media Centre for Asia. UNESCO published the module this year. Nehaa Chaudhari and Varun Baliga were among the Module preparation team. Nehaa Chaudhari was the writer for Units 1, 2 and 3: Understanding Intellectual Property Rights, Copyright and Alternative to a Strict Copyright Regime.

Blog Entries

Mobile App Developer Series: Terms of Agreement - Part IV (Samantha Cassar; March 23, 2015).
Compilation of Mobile Phone Patent Litigation Cases in India (Rohini Lakshané; March 15, 2015).
Interviews with App Developers: Open Source, Community, and Contradictions - Part III (Samantha Cassar; March 24, 2015).
Interviews with App Developers: Name of the Game - Part IV (Samantha Cassar; March 24, 2015).

Participation in Events

Conference on Standards Setting Organisations (SSOs) and FRAND (Organized by MHRD Chair on Intellectual Property Rights, Centre for Intellectual Property Rights and Advocacy (CIPRA), National Law School of India University, Bangalore, in association with Intel Technology India Pvt. Ltd.; Bangalore; March 21-22, 2015). Rohini Lakshané participated in this event.
4th IPR Researchers Confluence (Organized by Shailesh J. Mehta School of Management, Indian Institute of Technology Bombay, Mumbai and National Institute of Industrial Engineering, Mumbai with support from Ministry of Human Resource Development, New Delhi; March 27 - 28, 2015). Maggie Huang presented intermediary findings of the research entitled "India's Music Copyright Management in the Age of Music Streaming".

Media Coverage

The perils of not protecting intellectual property for new ventures (Evelyn Fok and Shonali Advani; Economic Times; March 20, 2015). Sunil Abraham gave his inputs.

►Wikipedia

As part of the project grant from the Wikimedia Foundation we have reached out to more than 3500 people across India by organizing more than 100 outreach events and catalysed the release of encyclopaedic and other content under the Creative Commons (CC-BY-3.0) license in four Indian languages (21 books in Telugu, 13 in Odia, 4 volumes of encyclopaedia in Konkani and 6 volumes in Kannada, and 1 book on Odia language history in English).

Announcements

Open Proposal for Funding : CIS has prepared an open proposal for funding for about USD 208,603 from the Wikimedia Foundation. CIS is inviting comments on the proposal. CIS is proposing to contribute to the qualitative and quantitative growth of 12 Wikimedia projects across 9 Indian languages and associated communities, in addition to providing need based support to other Indic communities.
Access to Knowledge Work Plan : CIS has prepared the India Access to Knowledge work plan (July 2015 to June 2016). The work plan consists of 18 programs across 6 verticals. These include eight programs in five language areas, two community strengthening initiatives, five stand-alone Wikimedia projects, creating movement resources, publicity, research and documentation, and general support and service to the movement.

Event Organized

Train the Trainer Program (CEO Centre; Dodda Gubbi; Bangalore; February 26 - March 1; 2015).

Blog Entry

Hindustani Language: We Are Wikipedia (Syed Muzamiluddin; March 27, 2015).

Participation in Event

2nd National Language Conference, Bhubaneswar (Organized by Institute of Odia Studies and Research; Institute of Physics, Bhubaneswar; March 30 - April 2, 2015). Subhashish Panigrahi presented a paper in Odia language in this conference as part of a panel discussion related to Odia language computing.

News and Media Coverage

CIS-A2K team gave its inputs to the following media coverage:

Train the Trainer (Udayavani; March 2, 2015).
More articles for Tulu Wikipedia (The Hindu; March 10, 2015).
GoI body National Mission for Manuscripts has digitised 3 million manuscripts (Sneha Johari; Medianama; March 13, 2015).
Bangla Wiki turns 10 (Sudeshna Banerjee, Showli Chakraborty and Abhinanda Datta; The Telegraph; March 29, 2015).

Events Co-organized

Women's History Month - India (Organized by CIS-A2K and Wikimedia India; India, March 2015). March 8 is International Women's Day, and to celebrate this women in India organized edit-a-thons and meetups to create and expand articles of importance to women in Wikipedia in English and various Indian languages. Online events were organized for these Wikipedias: Bengali , Punjabi , Odia , Marathi , Kannada and Malayalam .

►Openness

Media Coverage

India backs open source software for e-governance projects (originally published by IDG News Service was mirrored on the website ofCIO and PC World; March 29, 2015). Sunil Abraham gave his inputs.

-----------------------------------------------
Internet Governance
-----------------------------------------------
As part of its research on privacy and free speech, CIS is engaged with two different projects. The first one (under a grant from Privacy International and International Development Research Centre (IDRC)) is on surveillance and freedom of expression (SAFEGUARDS). The second one (under a grant from MacArthur Foundation) is on studying the restrictions placed on freedom of expression online by the Indian government.

►Freedom of Expression

India's Apex Court in a landmark decision struck down section 66A of the IT Act. The judgment provided great relief for advocates of freedom of speech on the Internet. The development attracted lots of media coverage to which CIS gave its inputs:

Articles

Internet censorship will continue in opaque fashion (Sunil Abraham; The Times of India; March 25, 2015).
Historic day for freedom of speech and expression in India (Vidushi Marda; Bangalore Mirror; March 25, 2015).
India's Supreme Court Axes Online Censorship Law, But Challenges Remain (Subhashish Panigrahi; Global Voices Online; March 25, 2015).
Big win for freedom of speech. Really? (Sunil Abraham; Bangalore Mirror; March 29, 2015).
Three reasons why 66A verdict is momentous (Pranesh Prakash; The Times of India; March 29, 2015).

Blog Entries

What Does Facebook's Transparency Report Tell Us About the Indian Government's Record on Free Expression & Privacy? (Pranesh Prakash; March 17, 2015).
No more 66A! (Geetha Hariharan; March 24, 2015).

· Requests to ICANN: CIS sent ICANN six requests to ICANN regarding ICANN's expenditure on travels and meetings, granular revenue, cyber-attacks on ICANN, ICANN's implementation of the NETmundial principles, complaints under the Ombudsman process, and information regarding revenues received from gTLD auctions. These were prepared by Geetha Hariharan:DIDP Request #7: Globalisation Advisory Groups and DIDP Request #8: ICANN Organogram.

Participation in Events

Tech Law Form @ NALSAR (Organized by NALSAR University of Law, Hyderabad; March 7 and 8, 2015). Geetha Hariharan participated as a speaker.
Roundtable on ICANN Accountability (Organized by Department of Electronics and Information Technology (DeitY), National Internet Exchange of India and Centre for Communication Governance, National Law University, Delhi; March 13, 2015).

►Privacy

Research Outputs

CIS in collaboration with Privacy International, UK as part of GSMA project is conducting research to understand different legal and regulatory aspects of security and surveillance in India. The following outputs have been published: Indian Law and the Necessary Proportionate Principles (Elonnai Hickok), Security, Surveillance and Data Sharing Schemes and Bodies in India (Maria Xynou and Elonnai Hickok), Export and Import of Security Technologies in India: QA (Elonnai Hickok), Regulation of CCTV's in India (Elonnai Hickok), Mutual Legal Assistance Treaties (MLATs) and Cross Border Sharing of Information in India (Maria Xynou and Elonnai Hickok), Composition of Service Providers in India (Lovisha Aggarwal), The Surveillance and Security Industry in India - An Analysis of Indian Security Expos (Divij Joshi), An Analysis of News Items and Cases on Surveillance and Digital Evidence in India (Lovisha Aggarwal), Policy Recommendations for Surveillance Law in India and an Analysis of Legal Provisions on Surveillance in India and the Necessary & Proportionate Principles (Maria Xynou), The Surveillance Industry in India (Maria Xynou), and State of Cyber Security and Surveillance in India: A Review of the Legal Landscape (Elonnai Hickok).

Event Organized

Cybersecurity and the Internet of Things (Organized by US Consulate Chennai, Cyber Security & Privacy Foundation and CIS; Hotel Atria, Palace Road, Bangalore; March 19, 2015).

Participation in Events

CONNECTing the Dots: Options for Future Action (Organized by UNESCO; March 3 - 4, 2015; Paris). Elonnai Hickok participated in the event.
Vox Pol Workshop on the Role of Social Media and Internet Companies in Responding to Violent Online Extremism (Organized by VOX-Pol network; March 5-6, 2015).

---------------------------------
News & Media Coverage
---------------------------------

CIS gave its inputs to the following media coverage:

Uploaded and blocked, a daylong battle rages on the web over BBC documentary (Kim Arora; The Times of India; March 6, 2015).
India tops list of content restrictions requests, says Facebook (Neha Alawadhi; Economic Times; March 17, 2015).
If you thought India is a country where freedom of speech and expression are fundamental rights, think twice! (Business Insider; March 17, 2015).
Live Chat: Aadhaar: An identity crisis? (Hindu; March 17, 2015).
Delhi Govt Sets Up WiFi Task Force (Originally published by Press Trust of India; TeleAnalysis; March 18, 2015).
India's plan to offer citizens digital lockers poses a privacy threat, say experts (Scroll.in; March 19, 2015).
Internet becomes vernacular with relaunch of e-bhasha (Ankita Lahiri; Governance Now; March 23, 2015).
Indian Supreme Court Overturns Law Barring 'Offensive Messages' Online (Niharika Mandhana; Wall Street Journal; March 24, 2015).
Supreme Court Strikes Down Section 66A Of IT Act (Indrani Basu and Betwa Sharma; Huffington Post; March 24, 2015).
India's section 66A scrapped: Win for free speech (Prasanto K. Roy; BBC; March 24, 2015).
India's Online Freedom Advocates Hail Court Ruling on Free Speech (Anjana Pasricha; Voice of America; March 24, 2015).
Live Chat: Win for Free Speech (Hindu; March 24, 2015). Geetha Hariharan participated in the live chat.
India's Supreme Court strikes down law that led to Facebook arrests (Annie Gowen; Washington Post; March 24, 2015).
Netizens Rejoice Over SC Ruling to Keep the Net Free (Parina Dhilla; New Indian Express; March 25, 2015).
'A safe Internet and a free Internet can co-exist' (Hindu; March 25, 2015).
India High Court: No Takedown Requests On Social Sites Without Court, Gov't Order (Madhur Singh; Bloomberg BNA; March 25, 2015).
India's Supreme Court strikes down law that led to arrests over Facebook posts (Annie Gowen; Star.com; March 25, 2015).
What the experts said on live chat (Hindu; March 25, 2015). Geetha Hariharan was one of the panelists.
Indian Court Strikes Down Section of Law Punishing Offensive Posts (Nida Najar and Suhasini Raj; NDTV; March 25, 2015).
IT Leaders, Lawyers Welcome SC Ruling on 66A of the IT Act (Cio.in; March 25, 2015).
I dare you, I double dare you: Social media celebrates Sec 66A verdict (Vishakha Saxena; Hindustan Times; March 25, 2015).
Ruling in India shields Web posts (Originally published by Washington Post and mirrored in Boston Globe; March 25, 2015).
The noose tightens on freedom of speech on the Internet (Gabey Goh; Digital New Asia; March 26, 2015). This was also mirrored in Malaymail Online.
SECTION 66A: DELETE (Kumar Anshuman; Open Magazine; March 27, 2015).
SC has set a high threshold for tolerance: Lawrence Liang (Dhamini Ratnam; Livemint; March 28, 2015).
66A DEAD. LONG LIVE 66A! (Soni Mishra; The Week; March 28, 2015).
India's landmark online speech ruling is step toward greater press freedom (Sumit Galhotra; CPJ; March 28, 2015).
You can still get into trouble for online posts: Digital law experts (Kim Arora; The Times of India; March 30, 2015).
'Smack' the Trolls! (Marianne De Nazareth; Citizen; March 31, 2015).

--------------------------------
Researchers at Work
--------------------------------
The Researchers at Work (RAW) programme is an interdisciplinary research initiative driven by contemporary concerns to understand the reconfigurations of social practices and structures through the Internet and digital media technologies, and vice versa. It is interested in producing local and contextual accounts of interactions, negotiations, and resolutions between the Internet, and socio-material and geo-political processes:

Announcements

Call for Essays: Studying Internet in India : CIS is inviting abstracts for essays that explore what it means to study Internet(s) in India today, the many experiences of Internet(s) in India; its histories and archaeologies; how we use it to read, write, create, relate, learn, and share. Please send abstracts (200 words) to raw@cis-india.org.
Announcing Silicon Plateau #01 : The RAW programme is supporting a new collaborative publishing project led by T.A.J. Residency / SKE Projects and or-bits.com. The first volume of the series titled 'Silicon Plateau' will feature contributions by a group of artists, researchers, and writers, including IOCOSE, Tara Kelton, Anil Menon, Sunita Prasad, Achal Prabhala and Sreshta Rit Premnath, along with contextual writing and documentation material. Here is an excerpt from the editorial note written by Marialaura Ghidini, the co-editor of the volume.
Whose Open Data Community is it? - Accepted Abstract (Sumandro Chattapadhyay; March 31, 2015). The paper 'Whose Open Data Community is it? Reflections on the Open Data Ecosystem in India' has been accepted for presentation at the Open Data Research Symposium to be held during the 3rd International Open Data Conference in Ottawa, Canada, on May 28-29 2015.

Event Organized

Digital Activism in Asia Reader (Organized by CIS; Bangalore; March 6-7, 2015). The project is a collaborative effort of CIS and the Centre for Digital Cultures, Leuphana University, Germany, which aims to bring together local knowledge, debates and conversations around Digital Activism in Asia. The Digital Activism in Asia Reader is expected to be published by the Hybrid Publishing Lab in mid-2015.

Blog Entries

Figures of Learning: The Reader (P.P.Sneha; March 24, 2015).
Civil Society Organisations and Internet Governance in Asia and India - Section Outlines : CIS has been invited to contribute two sections to the Asia Internet History - Third Decade (2001-2010) book edited by Dr. Kilnam Chon.

--------------------------------
Telecom
--------------------------------
CIS is involved in promoting access and accessibility to telecommunications services and resources and has provided inputs to ongoing policy discussions and consultation papers published by TRAI. It has prepared reports on unlicensed spectrum and accessibility of mobile phones for persons with disabilities and also works with the USOF to include funding projects for persons with disabilities in its mandate:

Op-ed

Railway Takeaways for Digital India (Shyam Ponappa; Business Standard and Organizing India Blogspot; March 4, 2015).

Blog Entry

TRAI-ing Times: The Story So Far (Tarun Krishnakumar; March 19, 2015).

---------------------------------
About CIS
---------------------------------
The Centre for Internet and Society is a non-profit research organization that works on policy issues relating to freedom of expression, privacy, accessibility for persons with disabilities, access to knowledge and IPR reform, and openness (including open government, FOSS, open standards, etc.), and engages in academic research on digital natives and digital humanities.

► Follow us elsewhere

Twitter: https://twitter.com/CISA2K
Facebook group: https://www.facebook.com/cisa2k
Visit us at: https://meta.wikimedia.org/wiki/India_Access_To_Knowledge
E-mail: a2k@cis-india.org

► Support Us

Please help us defend consumer / citizen rights on the Internet! Write a cheque in favour of 'The Centre for Internet and Society' and mail it to us at No. 194, 2nd 'C' Cross, Domlur, 2nd Stage, Bengaluru - 5600 71.

► Request for Collaboration:

We invite researchers, practitioners, and theoreticians, both organisationally and as individuals, to collaboratively engage with Internet and society and improve our understanding of this new field. To discuss the research collaborations, write to Sunil Abraham, Executive Director, at sunil@cis-india.org. To discuss collaborations on Indic language Wikipedia, write to T. Vishnu Vardhan, Programme Director, A2K, at vishnu@cis-india.org.

CIS is grateful to its primary donor the Kusuma Trust founded by Anurag Dikshit and Soma Pujari, philanthropists of Indian origin for its core funding and support for most of its projects. CIS is also grateful to its other donors, Wikimedia Foundation, Ford Foundation, Privacy International, UK, Hans Foundation, MacArthur Foundation, and IDRC for funding its various projects.

For more details visit https://cis-india.org/about/newsletters/march-bulletin-2015

April 2015 Bulletin

praskrishna — 2015-05-31T04:29:24Z

Newsletter for the month of April below.

We are happy to share with you the fourth issue of the Centre for Internet and Society (CIS) newsletter (April 2015). The past editions of the newsletter can be accessed at http://cis-india.org/about/newsletters.

-------------------------------
Highlights
-------------------------------

CIS received 35 engaging abstracts in response to the call for essays on 'Studying Internet in India'. The final essays will be published from June onwards. The ten selected abstracts can be read at http://cis-india.org/raw/studying-internet-in-india-selected-abstracts/ .

CIS submitted its comments to the National Informatics Centre on April 30, 2015 bringing to notice the negligible progress on the front for making Indian government websites conform to the notified standards, and gave recommendations to take the initiatives forward.
Nehaa Chaudhari has prepared a consolidated report that tracks the development of India's National IPR Policy and the requests by CIS to the Department of Industrial Policy and Promotion under the RTI Act and responses elicited from the Department.

Institute of Odia Studies and Research organised 2nd National Language Conference beginning on March 30, 2015 and ending on April 2, 2015 at the Institute of Physics, Bhubaneswar. This conference was organised in collaboration with the Department of Tourism and Culture. Subhashish Panigrahi presented a paper in Odia language in this conference as part of a panel discussion related to Odia language computing.

Sunil Abraham's article titled "Shreya Singhal and 66A" was published in Economic and Political Weekly Vol-L No.15. Vidushi Marda helped in doing the research.

Sunil Abraham in an article in DNA titled " Multiple Aspects Need to be Addressed as the Clamour Grows for Network Neutrality " tells readers that there are four violations of Network Neutrality that are considered particularly egregious.

Jyoti Panday prepared an analysis of the Supreme Court judgement in Shreya Singhal and what it does for intermediary liability in India.
In February 2015, CIS had requested DeitY under RTI Act to provide information clarifying the procedures for blocking in India. The response elicited from DeitY has been published.

CIS sent a joint response to the TRAI Consultation Paper on Regulatory Framework for Over-the-top (OTT) services with scholars from Indian Institute of Management, Ahmedabad. The response was sent on March 27, 2015.

► Vacancies at CIS

CIS is seeking applications for:

Internship : CIS is providing opportunities for students enrolled in graduate programmes to undertake internship at its offices in Bangalore and Delhi. Eligible candidates are welcome to participate in our internship programme.

►NVDA and eSpeak

# Monthly Updates

April 2015 Report (Suman Dogra; April 30, 2015).

# Language Testing Reports

Hindi Language (Nirmita Narasimhan; April 10, 2015).
Gujarati Language (Nirmita Narasimhan; April 16, 2015).
Oriya Language (Nirmita Narasimhan; April 30, 2015).

►Other

# Submission

Comments to the GIGW (Nirmita Narasimhan; April 30, 2015).

# Blog Entries

Methodology: Patent Landscaping in the Indian Mobile Device Market (Rohini Lakshané; November 10, 2014). The list of standards and specifications found in sub-USD-100 Internet-enabled mobile phones sold in India" (Annexure 2 in the post) has been updated .
Conference on Standards Settings Organizations (SSO) and FRAND, NLSIU (Rohini Lakshané; April 5, 2015).
National IPR Policy Series: RTI Requests by CIS to DIPP + DIPP Responses (Nehaa Chaudhari; April 15, 2015).
Pervasive Technologies Project Working Document Series: Literature Review on IPR in Mobile app development (Anubha Sinha; April 29, 2015).

Media Coverage

CIS gave inputs for the following:

One reason startups are moving out of India (Evelyn Fok and Varun Aggarwal; The Times of India; April 10, 2015). This was also mirrored in Economic Times .
Indian businesses crave IP certainty, but better patent values are tempting them overseas (IAM Magazine; April 28, 2015).

►Wikipedia

# Participation in Event

2nd National Language Conference, Bhubaneswar (Organized by Institute of Odia Studies and Research; Institute of Physics; Bhubaneswar; March 30 - April 2, 2015). This conference was organised in collaboration with the Department of Tourism and Culture. Subhashish Panigrahi presented a paper in Odia language in this conference as part of a panel discussion related to Odia language computing.

# Blog Entries

Hindustani Language: We Are Wikipedia (Syed Muzamiluddin; April 10, 2015).
ଓଡ଼ିଆ ଭାଷା ପାଇଁ ଡିଜିଟାଲ ଅସୁବିଧା (Subhashish Panigrahi; April 15, 2015).
Wikipedia Campus at Oxford College (Subhashish Panigrahi; April 28, 2015).

# News and Media Coverage

CIS-A2K team gave its inputs to the following media coverage:

Odia waits for Google Translate debut - Nine Indian languages available (Anwesha Ambaly; Telegraph; April 6, 2015).
Now you can search Google in Kannada, in your handwriting (Apurva Venkat; Bangalore Mirror; April 18, 2015).

►Openness

# Event Co-organized

NASA International Open Data Challenge 2015 (Co-organized by CIS and Team Indus; Bangalore; April 11-12, 2015).

►Freedom of Expression

# Articles

Shreya Singhal and 66A (Sunil Abraham; Economic and Political Weekly Vol-L No.15; April 11, 2015). Vidushi Marda helped in doing the research.
Don't Do Nothing. Take a Stand on Net Neutrality. (T. Vishnu Vardhan; NDTV; April 13, 2015).
Multiple Aspects Need to be Addressed as the Clamour Grows for Network Neutrality (Sunil Abraham; DNA; April 16, 2015).
The Hazards of a Non-neutral Internet (Geetha Hariharan; April 18, 2015). A modified version of the blog entry was published as an article titled " A must for free speech " in the Week.

# Blog Entries

The Supreme Court Judgment in Shreya Singhal and What It Does for Intermediary Liability in India? (Jyoti Panday; April 11, 2015).
DeitY says 143 URLs have been Blocked in 2015; Procedure for Blocking Content Remains Opaque and in Urgent Need of Transparency Measures (Jyoti Panday; April 29, 2015).

# Event

Freedom of Expression in a Digital Age: Effective Research, Policy Formation & the Development of Regulatory Frameworks in South Asia (Organized by Center for Global Communication Studies at the Annenberg School for Communication at the University of Pennsylvania, Observer Research Foundation and CIS; Observer Research Foundation, New Delhi; April 21, 2015).

# Participation in Event

Financial Express hosts #NetNeutralityDebate: 'Price discrimination can be allowed, but not for the same packet of data' (New Delhi; April 24, 2015). Pranesh Prakash participated in the discussion.

►Privacy

# Participation in Event

Privacy International Network Meeting (Organized by Privacy International, UK; April 22 - 23, 2015). Sunil Abraham attended the meeting.

►Miscellaneous

# Announcement

IIGF Recruitment : The National Internet Exchange of India (NIXI) conducted walk-in interviews on May 16, 2015 at NIXI Jasola office, Flat No. 6B, 6th Floor, Uppals M6 Plaza, New Delhi. NIXI sought candidates to fill the posts of Technology Analyst, Policy Analyst, Research Associate and Executive Assistants.

# Participation in Events

Global Conference on Cyberspace 2015 (Co-organized by Dutch Government, City of the Hague and One Conference; The Hague, Netherlands; April 16 - 17, 2015). Sunil Abraham was a panelist. He also participated in an expert roundtable conference .
CII Digital India Summit (Organized by Confederation of Indian Industries; Taj Mahal Hotel and Pragati Maidan, New Delhi; April 21 and 24, 2015). Pranesh Prakash attended the summit.

------------------------------------
News & Media Coverage
------------------------------------
CIS gave its inputs to the following media coverage:

'Smack' the Trolls! (Marianne De Nazareth; The Citizen; March 31, 2015).
The block heads (Sibi Arasu; Hindu Businessline; April 3, 2015).
Smriti Irani brings back focus on voyeurism prevailing in our country (Amrita Madhukalya; DNA; April 6, 2015).
Surveillance rises, privacy retreats (Namrata Acharya; Business Standard; April 12, 2015).
People voice their support for net neutrality, say Internet a utility not a luxury (IBN Live; April 13, 2015).
Net neutrality: Trai receives over 2 lakh mails (Sandhya Soman and Jayanta Deka; April 14, 2015).
Net neutrality: Debate rages on (Surabhi Aggarwal; Business Standard; April 11, 2015)
Net neutrality debate rages (Lalatendu Mishra and Pradeesh Chandran; The Hindu; April 15, 2015).
Net neutrality: Net activism packs a punch (Sandhya Soman; The Times of India; April 19, 2015).
Net Neutrality debate in India: Here are all the arguments you need to know (Indian Express; April 23, 2015).
Freedom struggle 2.0 (Zara Khan; Hindu; April 25, 2015).
Cry, you nasty trolls (Prasun Chaudhari; The Telegraph; April 26, 2015). Net Neutrality: The argument continues (Deepak Ajwani and Debojyoti Ghosh; Forbes India Magazine; April 29, 2015).

# Blog Entries

Studying Internet in India: Selected Abstracts - CIS received thirty five engaging abstracts in response to the call for essays on 'Studying Internet in India.' The final essays will be published from June onwards. These are the ten selected abstracts: Studying the Internet Discourse in India through the Prism of Human Rights (by Deva Prasad); Indic Scripts and the Internet (by Dibyajyoti Ghosh); The Internet in the Indian Judicial Imagination (by Divij Joshi); Dharmasala Networked (by Laird Brown); WhatsApp Economy (by Maitrayee Deka); Citizens and their Internet (by Purbasha Auddy); The Many Lives and Sites of Internet in Bhubaneswar (by Sailen Routray); Quantity over Quality: Social Media and the New Class System in India (by Sarah McKeever); Governing Speech on the Internet: Transforming the Public Sphere through Policymaking (by Smarika Kumar).

# Submission

Response to TRAI Consultation Paper on Regulatory Framework for Over-the-Top (OTT) Services (Pranesh Prakash; March 27, 2015). The response was sent in March but mirrored on our website recently.

► Follow us elsewhere

Twitter: https://twitter.com/CISA2K
Facebook group: https://www.facebook.com/cisa2k
Visit us at: https://meta.wikimedia.org/wiki/India_Access_To_Knowledge
E-mail: a2k@cis-india.org

► Support Us

► Request for Collaboration:

For more details visit https://cis-india.org/about/newsletters/april-2015-bulletin

Surveillance rises, privacy retreats

praskrishna — 2015-05-02T06:43:33Z

WikiLeaks founder Julian Assange and former US National Security Agency contractor Edward Snowden have, at considerable personal cost, revealed how surveillance has eroded the private space in a world driven by digital technology.

The article was published in the Business Standard on April 12, 2015. Sunil Abraham is quoted.

In India, the extent of surveillance became evident after Union human resource development minister Smriti Irani walked into the trial room of a FabIndia outlet in Goa last week, only to discover closed-circuit television (CCTV) cameras pointed towards the trial room. The country woke up to the porous divide between privacy and surveillance.

Now, senior officials of FabIndia find themselves embroiled in a case of voyeurism and seven of them have taken interim anticipatory bail from a district court. They claim the CCTV cameras were in the retail area, not the trial room.

The FabIndia incident might have blown the lid on how flimsily our privacy is protected but there is no doubt that India is slowly but surely moving towards a surveillance regime, both in the private and the public spheres.

“After the Snowden episode, there are only two kinds of nations: Ones that know they are being watched, and others that don’t,” said Pavan Duggal, an advocate at the Supreme Court of India.

Despite the surge in surveillance, there are hardly any specific laws governing this.

A few laws
In 2000, India enacted the Information Technology Act, primarily to bring e-commerce under legal framework. After the Mumbai terrorist attack in 2008, the Act was amended, to give the government sweeping powers for mass surveillance.

In the context of private surveillance, the 2008 amendment added two definitions: (a) communication device; (b) intermediary.

A communication device, according to the law, means cell phones, personal digital assistance, or a combination of both or any other device used to communicate, send or transmit any text, video, audio, or image. An intermediary was defined as any person who, on behalf of another person, stores or transmits message or provides any service with respect to that message.

Rules regarding CCTV surveillance are governed by the IT Act, 2008, as CCTVs are considered to be communication devices, with computerised memory. However, the laws in relation to a communication device and intermediary deal mostly with third-party data sharing.

“Article 21 of the Constitution guards the right to privacy as a Fundamental Right. We do not have an explicit Act in this regard, but Section 43A of the IT Act, 2000, along with the IT Rules, 2011, protects data privacy in India,” said Prashant Mali, a cyber law and cyber security lawyer.

There were no amendments of the laws governing CCTVs.

However, Section 66E of the IT Act, states: “Whoever, intentionally or knowingly, captures, publishes or transmits, the image of a private area of any person, without his or her consent, under circumstances violating the privacy of that person, shall be punished with imprisonment, which may extend to three years, or with a fine not exceeding Rs 2 lakh, or both, with explanation.”

“The IT Act is not a privacy enabling law. Hence, the challenges to privacy in surveillance are not fully addressed in it,” said Duggal.

Internationally, there are more stringent laws governing CCTV cameras. For example, in the UK, there is a prescribed code. A person filmed by a surveillance camera can seek the footage. In the US, too, there are state-specific laws which prohibit the unauthorised installation or use of cameras in private places, like restrooms and trial rooms.

“Privacy laws must be compliant with international practices. Laws governing CCTVs should be more comprehensive. It should not be specific to voyeurism,” said Sunil Abraham, the executive director of Bengaluru-based research organisation, the Centre for Internet and Society.

The government has been working on a Privacy (Protection) Bill, which provides safeguards on personal data of individuals and sets conditions under which surveillance is allowed. It is expected that the Bill will lead to the creation of the offices of privacy commissioner and data protection commissioner. However, it is mostly silent on laws governing CCTV usage.

“In India, the concern over enacting privacy laws, implementing them and our understanding of privacy are low, compared to the global context. The Privacy Protection Bill, 2013 is pending before Parliament. When this gets enacted, our laws would be at par with those in the West,” said Mali. “But doubts remain about their implementation.”

Government surveillance
Amendments to the IT Act in 2008 gave the government wide powers of interception, encryption and blocking. The amendment introduced Section 66A, which made sending “offensive” messages through a computer or any other communication device, such as a cell phone or a tablet, a punishable offense.

The Supreme Court recently struck down the provision as infringing the constitutional right of freedom of speech.

“Every nation is under the classical dilemma to balance national security with privacy and freedom of expression. Always, when there is a conflict between the two, national security wins hands down. However, apart from international consensus, we need customise national solutions,” said Duggal.

Today, some of the biggest government projects based on the powers vested to it under the IT Act. It has enabled the progression of surveillance procedures like the Central Monitoring System (CMS) and National Intelligence Grid (Natgrid), enabled through information on Aadhar card or unique identification number.

The CMS gives the government access to records of any mobile to landline calls, to read private emails, texts, and even browsing history through telecom operators. Natgrid could make the information available to nearly 11 central agencies.

“It is reported that the CMS can monitor close to 900 million people at one go. There is neither confirmation nor denial from the government,” said Duggal. However, compared to the US and China, that practice blanket surveillance, India is still considered a low-surveillance category nation.

“India is still low on surveillance. In India, we have targeted surveillance. At any given point in time, less than 200,000 phone calls are being intercepted. Not more than a couple of lakh of surveillance orders are given by both state and central governments,” said Abraham.

Surely, with so many surveillance devices around, it is a closely watched world like never before.

SALIENT FEATURES ON PRIVACY IN THE IT ACT, 2008

Communication Device: Cell phones, personal digital assistance, or combination of both or any other device used to communicate, send or transmit any text, video, audio, or image
Intermediary: Any person, who on behalf of another person, stores or transmits messages or provides any service
Sections 66A to 66F: Added to Section 66, prescribing punishment for offences such as sending obscene messages, identity theft, cheating by impersonation using computer resources, violation of privacy and cyber terrorism
Section 69: Amended to give power to the state to issue directions for interception or monitoring or decryption of any information through any computer resource
Sections 69A and B: These grant power to the state to issue directions for blocking public access of any information through any computer resource and to authorise to monitor and collect traffic data or information through any computer resource for cyber security.

For more details visit https://cis-india.org/internet-governance/news/business-standard-namrata-acharya-april-12-2015-surveillance-rises-privacy-retreats

Freedom of Expression in a Digital Age: Effective Research, Policy Formation & the Development of Regulatory Frameworks in South Asia

jyoti — 2015-04-12T03:53:04Z

The Centre for Internet & Society cordially invites you to a panel discussion on Freedom of Expression in a Digital Age. The event organized by Center for Global Communication Studies at the Annenberg School for Communication at the University of Pennsylvania, Observer Research Foundation and the Centre for Internet and Society will be held at Observer Research Foundation on April 21, 2015 from 11.00 a.m. to 6.00 p.m.

The discussion will highlight the challenges in promoting and strengthening online freedom of expression and evaluating the application of existing regulatory frameworks in South Asia. Click to view the invite.

International Frameworks and Freedom of Expression

Freedom of expression-an important fundamental right in itself, is also critical for defending and upholding other freedoms and rights. We exercise this right in our day-to-day lives, through the exchange of ideas, opinions and information. Understanding the means and structures of communication, and the regulation of environments that facilitate such exchange therefore become crucial for those seeking to realize freedom of expression.

Freedom of expression is enshrined in Article 19 of both theUniversal Declaration of Human Rights (UDHR) and the International Covenant on Civil and Political Rights (ICCPR). The UDHR holds that " everyone has the right to freedom of opinion and expression; this right includes freedom to hold opinions without interference and to seek, receive and impart information and ideas through any media and regardless of frontiers" . The ICCPR holds that, " everyone shall have the right to freedom of expression; this right shall include freedom to seek, receive and impart information and ideas of all kinds, regardless of frontiers, either orally, in writing or in print, in the form of art, or through any other media of his choice".

Freedom of expression has also been enshrined in regional conventions and charters, for example the European Convention for the Protection of Human Rights and Fundamental Freedoms, the American Convention on Human Rights4, and the African Charter on Human and Peoples' Rights ("Banjul Charter") .

The former UN Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression, Frank La Rue, highlighted in his 2013 report report that these frameworks are applicable to actions that take place online.6 While there may be no disagreements on freedom of expression as a legal right, it is important to bear in mind that it is not a non-derogable right, and may therefore be limited subject to safeguards indicated, for example, in Article 19(3) of the ICCPR.

While there may be limitations are placed on the exercise of freedom of expression, there is limited clarity on when and how freedom of expression can be legitimately circumscribed. There have been attempts by civil society groups to articulate more clearly the specific conditions when freedom of expression may be derogated, most notably the Siracusa Principles on the Limitation and Derogation Provisions in the International Covenant on Civil and Political Rights ("Siracusa Principles" ), and the Johannesburg Principles on National Security, Freedom of Expression and Access to Information ("Johannesburg Principles").

Freedom of Expression and Communications

Over the years, the norms and standards required for freedom of expression in the traditional media world have received much attention. When regulating communication, some restrictions upon freedom of expression have been regarded necessary and are enforceable by national or international courts. Such restrictions have been defined in international human rights laws and cover issues such as defamation, incitement to violence and hate speech. While these restrictions are not affected by the introduction of new means of communication, the proliferation of digital communications does warrant the recognition that there are new forms of censorship, unsettled questions of jurisdiction, and the need to develop new norms and standards that can keep pace with the myriad forms of expression and information sharing.

Communication in the digital age has led to the evolution of the Internet as a medium that has revolutionised largely local capacity for communication into a worldwide phenomenon that encompasses everything from personal one-to-one emails, social networks and reaching out to large audiences globally. The proliferation of digital technologies has not only fostered unprecedented access to information; the very environment stands transformed by the introduction of new kinds of information from voice, sound, image, text and code, that are accessible on a range of devices and across several types of technologies.

These networks and services democratized communication by lowering barriers to access and creating new space for publishing and peer-to-peer collaboration. Bypassing traditional gatekeepers of other forms of media, users can take on the role of writers, broadcasters or publishers on the Internet thus creating limitless possibilities for producing, sharing and exchanging all kinds of content. From this view, the Internet has sprung up as a globally accessible means of communication that is free from traditional restraints on free speech and expression. However, there are other unintended consequences that the Internet has had on both forms of power and control in the regulation of content, as online content has become increasingly contested, enclosed in a nationalized sphere challenging the free flow of information and freedom of expression.

Freedom of Expression in South Asia

As a network of networks, the internet has no overarching jurisdiction and with no single entity governing the totality of the internet, there exists a jurisdictional vacuum over content on the web. Further, there are no means of regulating content internationally or even a broad consensus on the norms that should be applied for restricting freedom of expression either on traditional or modern media. This has led to adverse consequences such as states adopting arbitrary actions and standards or companies exercising private censorship with content online.

South Asia has an important role in global development, with its share of the world's largest working-age population, a quarter of the world's middle-class consumers, the largest number of poor and undernourished in the world, and several fragile states of global geopolitical importance. With inclusive growth, South Asia has the potential to change the global order and communications and technology continue to play a critical role in realising the region's potential. Unfortunately, the history of colonial rule, authoritarian governments and a turbulent geo-political landscape have resulted in a tendency to over-regulate speech. Governments have construed the advent of the Internet as a challenge to their authority and their anxiousness to restrict use of the medium by citizens has resulted in often regressive and sometimes draconian laws such as Myanmar's Electronic Transactions Law, India's IT Act and Pakistan's Prevention of Electronic Crimes Act.

As the Internet expands and provides greater access, it also places censorship and surveillance capacities in the hands of states and corporations. It is therefore crucial that there exist strong protections of the right to freedom of expression that balance state powers and citizen rights. While the Internet has thrown up its own set of challenges such as hate speech, the verbal online abuse of women and the use of the Internet to spread rumours of violence, the regulation of content is a question that is far from being settled and needs our urgent attention. What role can and should the law play? When is it justified for the government to intervene? What can be expected from intermediaries, such as social networks and ISPs? And what can users do to protect the right to free speech - their own and that of others?

Balancing freedom of expression with other rights is further complicated by the challenges of fast paced and changing regulatory environment. By highlighting these challenges and questioning the application of existing frameworks we aim to contribute to further promoting and strengthening the right to freedom of expression, in India and beyond.

Introduction to panel and conference:

This is the context in which the Centre for Internet and Society, the Observer Research Foundation, the University of Pennsylvania's Internet Policy Observatory, and the Programme for Comparative Media Law and Policy at Oxford University are coming together to organise an event under the title 'Freedom of Expression in a Digital Age'. The event is a discussion and deliberation on 'Effective Research, Policy Formation, & the Development of Regulatory Frameworks in South Asia', aimed at bringing together policymakers, researchers, experts and civil society in discussing some of the most crucial issues in this space. The event would seek to look at past experiences, look at current realities and look ahead to how things could be made better in the South Asian context. The program agenda includes

Freedom of Expression in a Digital Age' Effective Research, Policy Formation, & the Development of Regulatory Frameworks in South Asia
Program Agenda and Article Submission Tracks
Learnings from the past		Current Realities		Looking ahead
11:00 - 1:00	1:00 - 2:00	2:00 - 4:00	4:00- 4:15	4:15-6:00
Welcome and Introductions		Welcome and Introductions		Welcome and Introductions
Overview of existing policies and regulatory models and their impact on FoEx online including the implementation of these models across South Asia	Lunch	How FoEx is being enabled online in different jurisdications and sectors of society across South Asia	Coffee break	Challenges associated with formulating a standard, harmonized, and adaptable regulation that is applicable to multiple digital platforms, both at the national and international level and possible solutions
FoEx as defined in jurisdictions across South Asia and as compared to international standards		Ways in which FoEx is, or may be, curtailed online		Ways forward to bridge existing gaps between policy formation and policy implementation with respect to FOEX online
Emerging technologies, markets, services and platforms and how they have shaped FoEx across South Asia		Online FoEx and the present need to balance it against other digital rights in jurisdictions across South Asia		Exploration of emerging regulatory questions such as whether online speech should be regulated in the same manner as offline speech or, if there are there are particular forms of online speech that are difficult to regulate such as defamation, hate speech, if there are effective models of remedy for violation of FOEX online
Impact of challenges on FoEx online such as barriers of entry, access, accessibility, cost, liability, policies and enforcement mechanisms differing across platforms across South Asia		The impact of jurisdiction, multi-national platforms, and domestic regulation on FOEX online		Ways in which civil society can impact and influence the development and implementation of Internet regulation
Research techniques that have been applied to the issue and have been effective in different political contexts across South Asia		Role and responsibility of intermediaries in regulating online speech as per governmental standards via content policies, terms of service, and other practices across South Asia		Exploration of the future role and interplay of technology and policy in enabling FOEX online
Q&A		Q&A		Q&A

About the Organisers

The Center for Global Communication Studies at the Annenberg School for Communication at the University of Pennsylvania-has created the Internet Policy Observatory (IPO) to research the dynamic technological and political contexts in which these Internet governance debates take place. The IPO serves as a platform for informing relevant communities of activists, academics, and policy makers, and for displaying collected data and analysis. The Observatory encourages and sponsors research and studies ongoing events, key decisions and proposals, on Internet policy. The IPO seeks to deepen understanding of the evolution of mechanisms and processes that affect domestic Internet policies in key jurisdictions and the legal, political, economic, international and social factors that influence the implementation, or non-implementation, of such policies.The IPO also seeks to understand the relationship between national efforts and international policy formations and the role of civil society in domestic Internet policy processes and control.

The Centre for Internet and Society (CIS)-is a non-profit research organization working to explore, understand and affect the shape and form of the Internet and its relationship with the political, cultural, and social milieu of our times. CIS' multidisciplinary research, intervention and collaboration engages with policy issues relating to freedom of expression, privacy, accessibility for persons with disabilities, access to knowledge and IPR reform, openness (including open government data, free/open source software, open standards, open access to scholarly literature, open educational resources, and open video). CIS also engages in academic research on digital natives and digital humanities.

The Observer Research Foundation (ORF)- is India's premier independent public policy think tank and is engaged in developing and discussing policy alternatives on a wide range of issues of national and international significance. The fundamental objective of ORF is to influence the formulation of policies for building a strong and prosperous India in a globalised world. It hosts India's largest annual cyber conference - CyFy: the India Conference on Cyber Security and Internet Governance.

For more details visit https://cis-india.org/internet-governance/events/freedom-of-expression-in-digital-age

Smriti Irani brings back focus on voyeurism prevailing in our country

praskrishna — 2015-05-08T00:59:30Z

The case of Union minister Smriti Irani finding a CCTV camera at Goa's Fab India has again brought back the focus on digital voyeurism and how a critical issue like surveillance can be exploited. Irani's case comes days after a woman found a mobile phone strapped to a changing room door of a Van Heusen store in Lajpat Nagar's Central market, a popular shopping hub.

The article by Amrita Madhukalya was published in DNA on April 6, 2015. Pranesh Prakash gave his inputs.

Bangalore girl Sumitra (name changed) remembers the day in 2009 she saw a camera when trying on a skirt at Palika Bazaar. "I looked around the tiny changing room and saw a camera with a dipping red light. I quickly rushed out and accused the shopkeeper. But, Palika is not a place of great repute, and my friend who was accompanying me asked me to forget the matter," she says, and that's what she did. She was a degree student at Delhi University, and being relatively unaware of the city, decided to keep mum. "But look at what has happened: if they can film a Union minister at a Fab India store, they will film anyone. We need stringent action."

One of the first cases of digital voyeurism was reported in Pune in 2003 when a peon in an establishment at Sahakar Nagar installed a web camera in a changing room. In 2005, landowner Mohan Kulkarni from Navi Peth was arrested for filming women tenants. In 2007, two MMS clips from the changing rooms of a renowned departmental store in Kolkata started making the rounds. In one, a girl was shown changing clothes while in the other a couple was shown having sex. Then a year later, shop assistant Sunil Kumar Jha was found filming women in a clothes store from below the trial room door in Kolkata.

Debarati Halder, advocate and founder of the Centre for Cyber Victim Counselling, feels that had it not been a politician like Irani, the case would not have been highlighted at all. "People would have brushed off the incident had it been another woman. It is hard to escape the amount of negative publicity a case like this garners," she says. This is reflected in the case of a woman who was filmed in a leading store in Mumbai and was scared to approach the police, as she and her father did not want to go through the "legal hassles" of the case. The woman spoke of her story to a journalist of a leading daily and the ensuing report eventually led to the arrest of the shop assistant.

Cyber security expert Pranesh Prakash says that digital voyeurism is a huge problem in India and elsewhere. "There is a mismatch between privacy protection provided in the IT Act against non-consensual sharing of certain forms of sexual images, and the utter disregard for privacy in other parts of the law. Given that cybercafes have often been places where users are secretly filmed, the law should seek to crack down on such invasions of privacy. Instead, the law doesn't prohibit that, and in fact the Cybercafe Rules, encourage cybercafe owners to photograph all users, including minors. The rules say that untrustworthy cybercafe owners keep these records for a minimum period of one year, but there is no maximum period," says Prakash.

Section 66E of the Information Technology Act, 2000, amended in 2008, deals with digital voyeurism. And section 354 (C) of the Indian Penal Code (IPC) deals with voyeurism in general.

But, there are many loopholes. "When the footage is shot by a government-run establishment, then the clause of surveillance is a cover, like in an MMS of Delhi Metro (where a couple was shown making out)."

For more details visit https://cis-india.org/internet-governance/news/dna-april-6-2015-amrita-madhukalya-smriti-irani-brings-back-focus-on-voyeurism-prevailing-in-the-country

GSMA Research Outputs

elonnai — 2015-04-06T14:18:18Z

This is a collection of research under our GSMA project that we have undertaken in collaboration with Privacy International. The research has sought to understand different legal and regulatory aspects of security and surveillance in India and consists of blog entries and reports. Any feedback or comment is welcome.

Indian Law and the Necessary Proportionate Principles

The presentation shows that there are no comprehensive provisions for the principles of legitimate aim, competent judicial authority, proportionality, transparency, etc. whereas these are partially present for the principles of legality, necessity, adequacy, public oversight, safeguards for international cooperation, etc. The presentation also looks at the Indian intelligence agencies and shows us that there are nine agencies authorized to intercept communications along with at least eleven additional agencies. It further dwelves into the establishment and structure of Indian intelligence agencies and whom they report to, the sharing of information internationally as well as nationally. It shows us that India has MLAT agreements with 36 countries and request to CBI can be initiated informally or formally through court order. It then lists out the various regulatory and important bodies responsible for national security. Some cases of unlawful interception / leaks have been discussed along with examples of arrests based on digital evidence. The various government schemes, the telecommunication companies in India, telecom licenses requirements, government developed security and surveillance solutions, private security companies, security expos, export, import and selling of security and surveillance equipment, and the way forward are also discussed.

Click to download the PDF

Security, Surveillance and Data Sharing Schemes and Bodies in India

Following the 2008 Mumbai terrorist attacks, India had implemented a wide range of data sharing and surveillance schemes. Though developed under different governments the purpose of these schemes has been to increase public safety and security by tackling crime and terrorism. As such, two data sharing schemes have been proposed - the National Intelligence Grid (NATGRID) and the Crime and Criminal Tracking Network & Systems (CCTNS), as well as several surveillance systems, such as the Lawful Intercept and Monitoring (LIM) system, the Network Traffic Analysis system (NETRA), state Internet Monitoring Systems and the Central Monitoring System (CMS). This chapter details the various schemes and provides policy recommendations for their improvement, with regards to the protection of the right to privacy and other human rights.

Click to download the PDF

Export and Import of Security Technologies in India: QA

The write-up examines in question-answer format the standards regulating the export of technologies that can be used for surveillance purposes, the department and legislation that governs exports and imports of security technologies in India, the procedure for obtaining an export licence for the export of SCOMET items, what is ITC (HS) and why is it important, and examples of ITC codes for technologies that can facilitate security or surveillance. The research finds answers to all these queries.

Click to download the PDF

Regulation of CCTV’s in India

In light of the increasing use and installation of CCTV’s in cities across India, and the role that CCTVs play in the Home Ministry's plans for implementing "Mega Policing Cities", this blog seeks to review various attempts to regulate the use of CCTV's in India, review international best practices, and provide preliminary recommendations for the regulation of CCTV's in India.

Click to download the PDF

Mutual Legal Assistance Treaties (MLATs) and Cross Border Sharing of Information in India

It is unclear the exact process that intelligence agencies in India share information with other agencies internationally. India is a member of Interpol and the Central Bureau of Investigation, which is a Federal/Central investigating agency functioning under the Central Government, Department of Personnel & Training is designated as the National Central Bureau of India.

Click to download the PDF

Composition of Service Providers in India

Telecom, at present, is one of the fastest-growing industries in India. As of January 2014, according to the Telecom Regulatory Authority of India (TRAI) there are 922 million wireless and over the wire subscribers in India, and 56.90 million broadband subscribers including wired, wireless and wimax subscribers. India’s overall wireless teledensity was quoted as having 893.31million subscribers, with a 0.79% (7.02 million) monthly addition.

Click to download the PDF

The Surveillance and Security Industry in India - An Analysis of Indian Security Expos

The ‘Spy Files’, a series of documents released by whistleblower website WikiLeaks over the last few years, exposed the tremendous growth of the private surveillance industry across the world – a multi-billion dollar industry thriving on increasing governmental and private capabilities for mass surveillance of individuals. These documents showed how mass surveillance is increasingly made possible through new technologies developed by private players, often exploiting the framework of nascent but burgeoning information and communication technologies like the internet and communication satellites.

Click to download the PDF

An Analysis of News Items and Cases on Surveillance and Digital Evidence in India

In a technologically advanced era, with preponderance of electronic communications in both professional and social interactions and the ability to store such information in digital form, digital evidence has gained significance in civil as well as criminal litigation in India. In order to match the pace with the progressive technology, the Indian Courts have embarked on placing more and more reliance on the digital evidence and a portion of such digital evidence is obtained through electronic surveillance.

Click to download the PDF

Policy Recommendations for Surveillance Law in India and an Analysis of Legal Provisions on Surveillance in India and the Necessary & Proportionate Principles

The Government of India has created a legal framework which supports the carrying out of surveillance by authorities through its various laws and license agreements for service providers. The Centre for Internet and Society (CIS) acknowledges that lawful, warranted, targeted surveillance can potentially be a useful tool in aiding law enforcement agencies in tackling crime and terrorism. However, current Indian laws and license agreements appear to overextend the Government's surveillance capabilities in certain cases, while inadequately safeguarding individuals' right to privacy and data protection.

Click to download the PDF

The Surveillance Industry in India

India has the world's second largest population, an expanding middle class and undoubtedly a huge market which attracts international investors. Some of the world's largest corporations have offices in India, such as Google Incorporated and BlackBerry Limited. In the Information Age, the market revolves around data and companies which produce technologies capable of mining such data are on the rise. Simultaneously, companies selling surveillance technologies appear to be on the peak too, especially since the global War on Terror requires law enforcement agencies around the world to be equipped with the latest surveillance gear.

Click to download the PDF

State of Cyber Security and Surveillance in India: A Review of the Legal Landscape

The issue of cyber security and surveillance, especially unauthorised surveillance, though traditionally unprioritised, has recently gained much traction due to the increasing number of news reports regarding various instances of unauthorised surveillance and cyber crimes. In the case of unauthorised surveillance, more than the frequency of the instances, it is their sheer magnitude that has shocked civil society and especially civil rights groups. In the background of this ever increasing concern regarding surveillance as well as increasing concerns regarding cyber security due to the increased pervasiveness of technology in our society, this paper tries to discuss the legal and regulatory landscape regarding surveillance as well as cyber security.

Click to download the PDF

For more details visit https://cis-india.org/internet-governance/blog/gsma-research-outputs

Security, Governments and Data: Technology and Policy

elonnai — 2015-04-04T05:59:19Z

On January 8, 2015, the Centre for Internet and Society, in collaboration with the Observer research foundation, hosted the day long conference "Security, Governments, and Data: Technology and Policy" The conference discussed a range of topics including internet governance, surveillance, privacy, and cyber security.

The full report written and compiled by Lovisha Aggarwal and Nehaa Chaudhari and edited by Elonnai Hickok can be accessed here.

The conference was focused on the technologies, policies, and practices around cyber security and surveillance. The conference reached out to a number of key stakeholders including civil society, industry, law enforcement, government, and academia and explored the present scenario in India to reflect on ways forward. The conference was a part of CIS’s work around privacy and surveillance, supported by Privacy International.

Welcome Address

The welcome address opened with a reference to a document circulated by CIS in 2014 which contained hypothetical scenarios of potential threats to Indian cyber security. This document highlighted the complexity of cyber security and the challenges that governments face in defending their digital borders. When talking about cyber security it is important that certain principles are upheld and security is not pursued only for the sake of security. This approach allows for security to be designed and to support other rights such as the right of access, the right to freedom of expression, and the right to privacy. Indeed, the generation, use, and protection of communications data by the private sector and the government are a predominant theme across the globe today. This cannot be truer for India, as India hosts the third largest population on the internet in the world.

During the welcome, a brief introduction to the Centre for Internet and Society was given. It was noted that CIS is a 6.5 half year old organization that is comprised of lawyers, mathematicians, sociologists, and computer scientists and works across multiple focus areas including accessibility, internet governance, telecom, openness, and access to knowledge. CIS began researching privacy and surveillance in 2010, and has recently begun to expand their research into cyber security. The purpose of this is to understand the relationship between privacy, surveillance, and security and is the beginning of a learning process for CIS. In 2013 CIS undertook a process to attempt to evolve a legal regime to intelligently and adequately deal with privacy in India. Industry specific requirements are key in the Indian context and this process was meant to try and evolve a consensus on what a privacy law in India should look like by bringing together key stakeholders for roundtables. CIS is now in the final stages of preparing individual legal proposals that will be sent to the Government – to hopefully have an informed Privacy Law in India. This event represents CIS’s first attempt to have a simultaneous dialogue on surveillance, cyber security, and privacy. As part of this event and research CIS is trying to understand the technology and market involved in surveillance and cyber security as these are important factors in the development of policy and law.

For more details visit https://cis-india.org/internet-governance/blog/security-governments-datat-technology-and-policy

February 2015 Bulletin

praskrishna — 2015-03-30T16:09:05Z

It is my distinct pleasure to share with you the second issue of the CIS newsletter (February 2015).

Earlier this year, I joined the Centre for Internet and Society (CIS) as the Research Director. I have been fortunate to periodically work with CIS in various capacities since mid-2012, mostly focusing on the topics of open data, open access, and visual exploration of data. Most importantly perhaps for my present responsibilities, for the last year or so, I have been in communication with various projects teams at CIS and supported their efforts through workshops on research methodologies, and by discussing and co-designing their research questions and approaches.

As the Research Director, I look forward to take these works forward, along with leading the Researchers at Work (RAW) programme, which has been shaped by Prof. Nishant Shah to host an exciting range of critical research initiatives into how the Internet and digital technologies reconfigure social processes and structures, and vice versa. Please keep an eye on the newsletter for further updates from the RAW programme.

Our sincere apologies for the delay in sending out this month's newsletter. We will soon be back in our usual rhythm. The past editions of the newsletter can be accessed at http://cis-india.org/about/newsletters

Sumandro Chattapadhyay
Email: sumandro@cis-india.org

Highlights

Forbes India in an article titled " Minds that (should) matter" names Sunil Abraham as one of the Thinkers who best explain a rapidly-changing India to the world (and the world to India). Errata: This story was shared in the last newsletter but with an error, which is now rectified.

NVDA team organized three workshops during the month for training participants on using eSpeak with NVDA software. The languages covered werePunjabi,Oriya and Hindi.
The Department of Industrial Policy and Promotion (DIPP), Government of India invited comments on the First Draft of India's National IPR Policy. CIS sent its comments . CIS commended the DIPP for this initiative and appreciated the opportunity to provide comments on the National IPR Policy.

CIS sent out three different Right to Information (RTI) requests to find out more details about the constitution and working of the IPR Think Tank to draft the first national IPR Policy.
Anubha Sinha analyses the submission to the DIPP by Academia and Civil Society on the draft National IPR Policy from a public interest perspective.
In an Open Letter to the Prime Minister of India, CIS requests the Government of India to initiate the formation of a patent pool of critical mobile technologies and a five per cent compulsory license.
CIS's Access to Knowledge team (CIS-A2K) in collaboration with the Centre for Indian Languages (CILHE) at TISS, Mumbai conducted a two-day workshop at English and Foreign Languages University (EFLU) at Hyderabad on January 28 - 29, 2015. Tejaswini Niranjana captures the developments in a blog post.

Subhashish Panigrahi wrote an op-ed on the endangered languages in India. This was published by Odia daily Samaja on February 21 which is celebrated as the International Mother Language Day.
CIS-A2K team conducted the " Train the Trainer Program" (TTT 2015) at CEO Centre, Dodda Gubbi, Bangalore. About 25 delegates attended the programme.
CIS has joined an international campaign to allow anyone in the world to request whether Britain's intelligence agency GCHQ has illegally spied on them.
On January 30, 2015, Associated Chambers of Commerce & Industry of India (ASSOCHAM) held a consultation on Internet governance. A committee was set up to draft a report on Internet governance, with a focus on issues relevant to India. CIS is represented on the committee, and has provided its preliminary comments to ASSOCHAM .

As part of CIS's inquiry into 'Network Neutrality' in the developing world a set of definitions of the term from different sources was collected and published as a blog post.
Namita A. Malhotra in a blog entry examines the figure of the pornographer, as a mixed media figure entrenched in various networks of knowledge production, circulation and consumption.

Accessibility and Inclusion

Under a grant from the Hans Foundation we are doing two projects. The first project is on creating a national resource kit of state-wise laws, policies and programmes on issues relating to persons with disabilities in India. CIS in partnership with CLPR (Centre for Law and Policy Research) compiled the National Compendium of Policies, Programmes and Schemes for Persons with Disabilities (29 states and 6 union territories). The publication has been finalised and is being printed. The draft chapters and the quarterly reports can be accessed on the project page. The second project is on developing text-to-speech software for 15 Indian languages. The progress made so far in the project can be accessed here.

►NVDA and eSpeak

Monthly Update

February 2015 Report (Suman Dogra; February 28, 2015).

Events Organized

Joint Report on Training of the Use of eSpeak in Hindi with NVDA (Organized by NVDA team; National Association for the Blind, New Delhi, February 5 - 6, 2015 and Blind Relief Association, Delhi, February 13 - 14, 2015).
Report on Training in the use of eSpeak Oriya with NVDA (Organized by NVDA team; Orissa Association for the Blind, Bhubaneswar; February 8 - 10, 2015). Thirty six delegates attended the workshop.
Training of the use of eSpeak Punjabi with NVDA (Organized by NVDA team; Asha Kiran Training Institute, Chandigarh; February 20-21, 2015). The workshop was inaugurated by Shri Tilak Raj, Director, Ministry of Social Justice and Empowerment, Government of Punjab.

Access to Knowledge

As part of the Access to Knowledge programme we are doing two projects. The first one (Pervasive Technologies) under a grant from the International Development Research Centre (IDRC) is for research on the complex interplay between pervasive technologies and intellectual property to support intellectual property norms that encourage the proliferation and development of such technologies as a social good. The second one (Wikipedia) under a grant from the Wikimedia Foundation is for the growth of Indic language communities and projects by designing community collaborations and partnerships that recruit and cultivate new editors and explore innovative approaches to building projects.

►Pervasive Technologies

As part of the Pervasive Technologies project, Rohini Lakshané wrote an Open Letter to India's Prime Minister, Shri Narendra Modi for creation of a patent pool of critical mobile technologies. And as part of broader Access to Knowledge work CIS submitted comments to DIPP on the National IP Policy.

Blog Entries

National IPR Policy Series: CIS Comments to the First Draft of the National IP Policy (Nehaa Chaudhari, Pranesh Prakash and Anubha Sinha; February 4, 2015). Varnika Chawla assisted the team.
RTI Requests - DIPP: Details on constitution and working of IPR Think Tank (Nehaa Chaudhari; February 9, 2015).
Open Letter to Prime Minister Modi (Rohini Lakshané; February 10, 2015). Copies of the open letter were sent to various ministers.
Academia and Civil Society submit critical comments to DIPP on draft National IPR Policy (Anubha Sinha; February 16, 2015).

Participation in Event

India at Leisure: Media, Culture and Consumption in the New Economy (Organized by Jamia University; January 8 - 10, 2015). Maggie Huang attended the event and presented a paper titled "The Future of Music Streaming: Business Practices and Copyright Management in India". The paper was co-authored by Maggie and Amba Kak.

►Wikipedia

Op-ed

Our Endangered Languages (Subhashish Panigrahi; February 21, 2015).

Blog Entries

A Wikipedia Presentation at BITS, Goa (Radhakrishna Arvapally; February 9, 2015). Arvapally was a guest blogger.
Developing Open Knowledge Digital Resources in Indian Languages (Tejaswini Niranjana; February 20, 2015).
Telugu Wikipedia Winter Camp at Andhra Loyola College (Rahmanuddin Shaik; February 26, 2015).

Event Organized

Train the Trainer (Organized by CIS-A2K; CEO Centre, Dodda Gubbi, Bangalore; February 26 - March 1, 2015). Rohini Lakshané took a session on GLAM.

News and Media Coverage

CIS-A2K team gave its inputs to the following media coverage:

More online free content in Telugu Wikipedia soon (A.D.Rangarajan; Hindu, February 16, 2015).
Cultural knowledge needs to be more open (Jen Wike Huger; OpenSource.com; February 18, 2015).
Online Free Content in Telugu Wikipedia (Andhra Jyothy; February 19, 2015).

Announcements

2015 Opensource.com Community Awards : Every year, Opensource.com awards people from our community who have excelled in contributing and sharing stories about open source. Subhashish Panigrahi from the CIS-A2K team won the award under the category 'People's Choice Awards'.
CIS-A2K team also published the Telugu Wikipedia Stats tables. Most metrics have been collected from a partial dump (aka stub dump), which contains all revisions of every article, meta data, but no page content.

Participation in Events

Hindi Wiki Community Baithak (Organized by Wikipedia Community; February 14 - 15, 2015). Subhashish Panigrahi attended the event.
An International Conclave of Odia Language (Organized by the Intellects; February 20 - 21, 2015; Constitutional Club, Rafi Marg, New Delhi). Subhashish Panigrahi participated in the event.

►Openness

Participation in Events

Regional Open Data Agenda-Setting Workshop 2015 (Organized by Open Data Lab, Jakarta Web Foundation; Jakarta; February 4 - 6, 2015). Sunil Abraham was a speaker.
Washington Meet on Open Data (Organized by World Bank; Washington; February 20 - 21, 2015). Sunil Abraham was a speaker and made a presentation on Open Data.

Internet Governance

As part of its research on privacy and free speech, CIS is engaged with two different projects. The first one (under a grant from Privacy International and International Development Research Centre (IDRC)) is on surveillance and freedom of expression (SAFEGUARDS). The second one (under a grant from MacArthur Foundation) is on studying the restrictions placed on freedom of expression online by the Indian goverTnment.

►Privacy

Blog Entries

The Surveillance Industry in India - An Analysis of Indian Security Expos (Divij Joshi; February 19, 2015).
Right to Information (RTI) Requests to BSNL and MTNL Regarding Security Equipment (Maria Xynou; February 25, 2015). CIS had sent RTI requests to MTNL and BSNL in July 2013. MTNL responded recently whereas BSNL has yet to reply.

Announcements

CIS joins Worldwide Campaign to Discover Depth of GCHQ's Illegal Spying (Elonnai Hickok; February 28, 2015). Individuals who wish to take part in this process can sign up at https://www.privacyinternational.org/illegalspying.
Prof. Peng Hwa Ang from Nanyang Technology University visited CIS recently. He had a series of interactions with several researchers at CIS and has prepared a brief visit report. Impressed with the research work of CIS he had discussions with CIS on possible collaborations including publication in more academic journals, collaboration with academic institutions in research projects in Privacy / Data Protection and other areas of Internet Governance. He also discussed on the possible areas where he could contribute to CIS including conduction of training session on writing for academic journals.

►Freedom of Expression

Blog Entries

Requests to ICANN: CIS sent ICANN six requests to ICANN regarding ICANN's expenditure on travels and meetings, granular revenue, cyber-attacks on ICANN, ICANN's implementation of the NETmundial principles, complaints under the Ombudsman process, and information regarding revenues received from gTLD auctions. These were prepared by Geetha Hariharan: DIDP Request #1: ICANN's Expenditures on "Travel & Meetings" ; DIDP Request #2: Granular Revenue/Income Statements from ICANN; DIDP Request #3: Cyber-attacks on ICANN; DIDP Request #4: ICANN and the NETmundial Principles ; DIDP Request #5: The Ombudsman and ICANN's Misleading Response to Our Request ; and DIDP Request #6: Revenues from gTLD auction.

Collection of Net Neutrality Definitions (Tarun Krishnakumar; February 8, 2015). The definitions were compiled by Manoj Kurbet, Maitreya Subramaniam and Tarun Krishnakumar under the guidance of Sunil Abraham.
ICANN accountability, IANA transition and open questions (Geetha Hariharan; February 6, 2015).
Where Does ICANN's Money Come From? We Asked; They Don't Know (Geetha Hariharan; February 9, 2015).
Preliminary Submission on "Internet Governance Issues" to the Associated Chambers of Commerce & Industry of India (Geetha Hariharan; February 12, 2015).

►Miscellaneous

A Selection of Tweets on How to Make Crowdmaps Effectual for Mapping Violence against Women (Rohini Lakshané; February 19, 2015).
Reply to RTI Applications filed with respect to Foreign Contractors and Vendors of IT and Telecommunication Enterprises (Lovisha Aggarwal; February 25, 2015).

Event Co-organized

Digital Security Workshop for Journalists (Organized by CIS and Mumbai Press Club; Mumbai Press Club, Azad Maidan, Mumbai; February 7, 2015). Rohini Lakshané conducted the workshop as part of the Cyber Stewards project.

Upcoming Event

Cybersecurity and the Internet of Things (Organized by US Consulate Chennai, Cyber Security & Privacy Foundation and CIS; Hotel Atria, Palace Road, Bangalore; March 19, 2015).

Participation in Events

Winter School on Privacy, Surveillance and Data Protection (Organized by the Centre for Communication Governance (CCG) in collaboration with the UNESCO Chair on Freedom of Communication and Information at the University of Hamburg and the Hans Bredow; Delhi; January 19 - 23, 2015). Bhairav Acharya was a facilitator. Errata: This was wrongly mentioned in the last newsletter. We have corrected this.
NetGain: Working Together for a Stronger Digital Society (Organized by Ford Foundation; February 11 - 12, 2015).

---------------------------------
News & Media Coverage
---------------------------------
CIS gave its inputs to the following media coverage:

Facebook offers free but limited access to the Internet in India (PC World; February 10, 2015).
Govt may turn to supercomputing for better use of Aadhaar database (Moulishree Srivastava; Livemint; February 10, 2015).
Analytics to help govt read public mood online (Surabhi Talwar; Business Standard; February 10, 2015).
Facebook launches Internet.org in India (Lalatendu Mishra and Sriram Srinivasan; Hindu; February 11, 2015).
Google's war on nude photos goes against user rights (Sahil Mohan Gupta; India Today; February 25, 2015).
Hacking of SIM card by spy agencies raises fears of sensitive documents being leaked (PK Jayadevan and Neha Alawadhi; Economic Times; February 25, 2015).
Delhi government in consultation with Centre to block Uber's Internet address (Harsimran Julka; Economic Times; February 25, 2015).
SC reserves judgement in cases against Section 66A (Shreeja Sen; Livemint; February 26, 2015).

Researchers at Work

The Researchers at Work (RAW) programme is an interdisciplinary research initiative driven by contemporary concerns to understand the reconfigurations of social practices and structures through the Internet and digital media technologies, and vice versa. It is interested in producing local and contextual accounts of interactions, negotiations, and resolutions between the Internet, and socio-material and geo-political processes:

Event Organized

Innovative Infrastructures for Research and Pedagogy in Interdisciplinary Social Sciences and Humanities (Co-organized by Centre for Study of Culture and Society and CIS, Bangalore): The RAW programme organized a consultation to discuss and conceptualise an upcoming project. The project will be hosted by the RAW programme.

Blog Entry

Figures of Learning: The Pornographer (Namita A. Malhotra; February 28, 2015).

About CIS

The Centre for Internet and Society is a non-profit research organization that works on policy issues relating to freedom of expression, privacy, accessibility for persons with disabilities, access to knowledge and IPR reform, and openness (including open government, FOSS, open standards, etc.), and engages in academic research on digital natives and digital humanities.

► Follow us elsewhere

Twitter: https://twitter.com/CISA2K
Facebook group: https://www.facebook.com/cisa2k
Visit us at: https://meta.wikimedia.org/wiki/India_Access_To_Knowledge
E-mail: a2k@cis-india.org

► Support Us

► Request for Collaboration:

For more details visit https://cis-india.org/about/newsletters/february-2015-bulletin

Live Chat: Aadhaar: An identity crisis?

praskrishna — 2015-04-03T06:54:25Z

The Aadhaar card is not compulsory for citizens and "no person should be denied any benefits or ‘suffer’ for not having the Aadhaar cards issued by Unique Identification Authority of India," the Supreme Court ruled on Monday.

The live chat was published in the Hindu on March 17, 2015. Sunil Abraham took part in the discussions.

Four years after Aadhaar was launched – and touted as a panacea to access social services and subsidies – its users continue to be dogged by an array of problems ranging from technical glitches to procedural delays. And those who do not have an Aadhaar card find themselves quizzed by government authorities.

The Hindu’s Tamil Nadu edition today highlighted the challenges ordinary citizens - both those who have cards and those who do not – face, be it from non-availability of application forms or glitches in the biometrics process.

We will be hosting a live chat on Aadhaar at 5 pm today. You can pose questions and share your views with Sunil Abraham, Executive Director of Bangalore-based research organisation, Centre for Internet and Society; K. Gopinath, Professor at the Computer Science and Automation Department at the Indian Institute of Science (IISc) and The Hindu’s K. Venkatraman.

Comment From Anon

What could have happened such that the current government, who were once in the opposition, were members of the parliamentary committee that strongly opposed UIDAI, now suddenly wants to use it everywhere? What could have transpired such that the PM got so convinced that it would help its citizens more than it could potentially harm?

Sunil Abraham: Usually the party that is in power is pro-surveillance and anti-censorship and the opposition is pro-privacy and pro-free speech. After the elections - if the parties swap positions as a result of the mandate - then they usually also swap positions on surveillance and censorship. This phenomenon is not specific to India.

K. Gopinath: The leakage in the current models is very high. Hence, the attraction.

The issue earlier was whether there was some costs to the use of sw (esp. proprietary) from outside the country. Probably, these have been addressed.

Comment From Saurabh

Aadhaar was supposed to be a good 2 factor authentication mechanism, what happens to it now ?

Sunil Abraham: Aadhaar architecture was designed to allow for multiple authentication factors. Unfortunately biometrics is a poor authentication factor since it cannot be revoked. Any two-factor authentication scheme where one factor is biometrics is in reality only a one-factor scheme. Pin code as with credit cards and debit cards would have been much more secure for authentication.

K Venkataramanan: It will continue to be relevant, but is unlikely to be mandatory for quite some time.

K. Gopinath: Real-time 2-factor auth (biometrics, signatures) are not easy, esp over Internet, and would require a much longer rollout

Comment From Saurabh

I did not get Aadhar for myself or my family. Does this mean, I will not have to as yet.

Sunil Abraham: As per the UIDAI - Aadhaar is not mandatory. Also according to the latest remarks from the Supreme Court - Aadhaar should not be made mandatory without enabling law. But many state and central government agencies have ignored the comments made by the SC and have made Aadhaar mandatory for various programmes and schemes.

The Hindu: Is Aadhaar virtually redundant now following the SC order? Nothing more than an expensive experiment?

K. Gopinath: I think it will be used as an addl auth mechanism (just like elec./ph. receipts). May be once the technology is demo'ed properly (it has not been done seriously anywhere else), it will be taken up again.

Comment From Abubacker

I am an NRI and need to have Aadhaar Card? How to obtain Appointmet - I am from Tuticorin, Tamil Nadu

K Venkataramanan: Your family member or representative living in Tuticorin may apply for Aadhaar through the local body. It may be possible to get a date for recording biometrics. However, you have to come down here for recording biometric details.

Comment From Kishore J

Why is Govt. not able to legalize the Aadhar, I'm assuming the only reason Supreme court keeps blocking it is because its not a law passed by Parliament ?

K. Gopinath: SC goes by the constitution. If there is some concern someone is being "excluded", they will block it.

Sunil Abraham: The NIA bill was proposed in parliament and then referred to a Standing Committee. Our summary and detailed feedback to the Bill is available here: http://cis-india.org/intern... The Standing Committee harshly criticized the Bill. See: http://164.100.47.134/lsscommittee/Finance/42%20Report.pdf After which the Bill has not been reworked by the UIDAI or the Planning Commission /Niti Aayog for re-presentation to the Parliament.

Sunil Abraham: No - it is not just an expensive experiment. It is much more dangerous - it is what security experts call a Honey Pot. A centralized repository of biometrics harvested from residents of India. These biometrics can be used to authenticate transactions in the UIDAI database and other services. If there is a breach - then this huge collection of authentication factors will end us in the hands of criminal elements or some foreign state.

Comment From vaz

Aadhar is a joke, i have so many IDs and i cannot get any benefits out of it, it is simply wasting time, if Govt really want mandate make it easy for people, i pay taxes and Govt should treat me like one , i can not waste my time standing in queues to get that card, get me time slot and don't waste my time.

Sunil Abraham: This is because the process of registration has been outsourced to private agencies. These private agencies have futher outsourced to others and so on and so forth. Consequently, there is very poor management and quality control by these agencies. If indeed corruption was a priority - we should have tackled high-ticket corruption first. We could have had biometric registration just for only the politicians and bureaucrats. We could use biometric authentication with them to create a non-repudiable audit trail of subsidies flowing from the Centre to the Panchayat. Unfortunately, we tried to register everybody simultaneously and that has resulted in poor quality of biometrics and demographic data. We have visited some of the registration centre and have seen the reality on the ground.

Comment From Guest

I have been threatened by Gas Agency people if i don't link Aadhar to Bank Account, won't be given a refilling cylinder.Is this a right one?

K Venkataramanan: There is an option for getting DBT even without Aadhaar. The bank account and the gas agency consumer account can be linked without Aadhar. Please check www.mylpg.in for knowing how to apply for DBT registration without Aadhaar

The Hindu: Your views Prof Gopinath? Do you see it as a biometrics Honey Pot too?

K. Gopinath: From a security pov, it is certainly risky. It needs really robust technologies before one can think of rolling out. For example, we have "denial of service" attacks. ie, a service can be shut out by random bombardment of msgs. Most curr large scale systems are designed to handle it but some cannot handle it if large numbers collude. This only prevents access to service but other attacks can exfiltrate (take out) data, modify data, etc.

The Hindu: And Mr. Venkataramanan, your thoughts?

Comment From kuldeep singh chauhan

We need a strong law for data security. Aadhar is collecting data but there is no provision except some provisions of IT Act and IPC for data security.

K. Gopinath: Yes, the legislation is weak or unnecessarily vague (eg. the IT2000 act) or too broad in scope. I think what we need is a citizen's charter for data access, security and privacy. Also, what needs to be done when systems do not work!

Sunil Abraham: There are two interpretations of Sec. 43A of the IT Act. Acccording to most experts it only applies to Body Corporates in other words it does not apply to the Government when it plays the role of a data controller. According to an order issued by the IT Secy of Maharastra [the court of first instance for 43A of ITA] -this section will also apply to the Government. But beyond that order we have no clarity on this question.

Comment From Pavan

With no privacy laws, isn't it a bad idea to store citizen's data in a database? We all know how inept our government is in ensuring any security/privacy.

Sunil Abraham: With or without laws. Centralized approaches to identity/authentication management are much more fragile and vulnerable compared to decentralized options. The Internet is secured by digital signatures - there is no centralized repository of all these signatures. Therefore there is no centralized point of failure for the Internet. If the Aadhaar project was based on Smart Cards instead of Biometrics - then just like the Internet it would be robust without a central point of failure. http://cis-india.org/intern...

K. Gopinath: Storing all info in a single place is a big security risk. It needs very robust technologies (such as replication and "secret sharing protocols") that work inspite of failures. These have been done here and there but doing it on a large scale requires care.

Comment From Kunal Soni

SC Adhar card recommendations, ok Got it! But what about the banks for example SBI who ask for adhar cards stating its the bank's rule? Who's going to answer the question as they would never listen to common man and they never did.

Comment From Sandeep

Hi,May be it is a strong message, but what exactly is the need to make/introduce the Adhaar card, which is not recognizable worldwide? Why dont we make our passport smart enough and reduce it to a chip as in Europe. This will also enable everyone to get enrolled in our administrative system. Basically, we are only repeating the entire process with no international recognition.

Comment From Krishna Rao

Need to make it mandatory in the lines of SSN in US. Else it would be very difficult to manage and ensure the subsidies and benefits reach the really deserved section.

Comment From Ramesh

It is a great concept it all information like property purchases, tax returns, ration card, pf, esi, bank accounts , rail, air tickets are all linked. will reduce corrupt practice considerably. It should be the main identity of an Indian

Comment From arun

@Sunil what are the privacy safeguards that are in place currently regarding protection of information collected by the government and private agencies designated for this?

Sunil Abraham: Do you mean legal or technical?

K Venkataramanan: @The Hindu: Yes, there are serious privacy issues involved in a centralised database. However, their is a counter-view that this is no different from any other data base available in the hands of the government such as the one relating to PAN. The main concern of those worried about the privacy problem in Aadhaar is that data collection is done by private agencies, and details such as biometric data could be misused

The Hindu: Sunil, a question for you from arun

Comment From Pawan

Govt should give it legal recognition and give legal guarantee about the usage and storage of the data... After that there would be no concern related to identity security or enforcing it on the people.. People would trust it and come forward to register for it.

Sunil Abraham: Legal recognition and guarantees are not sufficient. You cannot use the law to fix poor technology design. The security of the Internet is not a function of good law. It is a function of good technological design.

Comment From Pappan

the so called Europe, US an other developed countries already have Social security numbers, why cant we just look at it like that?

Sunil Abraham: Social Security Number are an additional identifier. The database just contains a collection of identifiers. If that database is compromised the information cannot be used to authenticate transactions. This is very unlike the UIDAI centralized database which is a collection of authentication factors. Think of it as a database filled with the passwords of all Indian residents.

K Venkataramanan: @Kunal Soni - SBI can't insist on it as of now. The person who issued any circular to that effect may be hauled up in court

Comment From Guest

I have two questions. First, why is the honourable supreme court strking down aadhar, on what grounds? Second, how can the government come around those objections and allay the courts fears/objections? The informed panelists may please give their opinions too. Thank you

Sunil Abraham: There are 3 sets of petitioners who are being heard by the SC in the combined case. Some of them associated with the right are arguing that the UID is a threat to national security as it legitimizes illegal immigrants. Those associated with the left are arguing that it is a violation of the right to privacy. Still other who are ex-officers from the armed forces are arguing that the project is mired in corrupt practices.

K Venkataramanan: The Court has not struck down Aadhaar. It has only passed interim orders protecting the access to services of those who have not yet had them.

Comment From Aashish Gupta

Aadhaar was supposed to usher in portability of benefits. That is, you could migrate to a different state and still get the benefit you deserved.

Sunil Abraham: The Aadhaar database only contains information that identifies you and also allow you to authenticate against that database. It does not indicate eligibility for various schemes/subsidies. The migration across State level eligibility lists has to be done by the State. It is not a functionality provided by the UIDAI.

Comment From Ramesh

Supreme Court should have suggested a better option instead of coming down heavily on the Aadhar Card. The card will straight eliminate multiple rations cards and voter ids.

Sunil Abraham: The previous technology adopted by the NDA government - smart cards or SCOSTA [for the MNIC]. This technology option is free from many of the flaws of UIDAI's current design.

Comment From Mrigesh

Why is Aadhaar needed? I am for a middle class or for the elite class?

Comment From Geetha

Has the government (or concerned agencies/departments) formulated any policy on using the Aadhar information collected? For instance, what agency can use the information, under what conditions, with whose approval, for what limited purposes? Is this policy publicly available?

Sunil Abraham: No. Anyone who is approved by the UIDAI as a legitimate can use the KYC API. Absolutely anyone can use the Authentication API. There is no policy on what data collection/retention practices must be adhered to by the users of both these APIs.

Comment From Arun Jayapal

Has the government ever considered/analyzed a way to link the existing resources (such as ration card, DL, passport, voter id, etc.,) and not have come up with a completely new system (aadhaar). Is this not an absolute waste of time and resources?

Sunil Abraham: Yes, you are absolutely right. The government should have used biometrics as a means to dedup an existing high value database like the Electoral Rolls or more importantly the PAN Card database. That would have been better RoI for our anti-corruption Rupee.

K Venkataramanan: @Ramesh The Court has come down heavily on only officials who insist on Aadhar for delivery of services when there are clear orders that it should not be mandatory

Comment From George J

I'm an NRI. I presently work and live in a country where the first order of business on landing/Birth is to register one self and get a unique ID number and ID. This the case for expats as well as residents be they foreigners or Citizens. The registration process includes collection of Biometric data. This single No and Id is used for everything from Bank Accounts to School Admissions. It is good that India is doing something similar. It is high time people with multiple ration cards, Passports and the like are weeded out and provided a single verifiable identity. Data Security is of essence and necessary safeguards are available.

Sunil Abraham: Could you name the country? And can you use biometrics your country to authenticate transactions in a centralized database for all sorts of transactions? If yes, then the technology design in your country is as poor as in ours and it is only a question of time when the centralized database leaks.

Comment From Aashish Gupta

Apart from the Honey Pot, Aadhaar does not serve its primary purpose: tackling corruption. Most pilots of Aadhaar have crash landed, and as a result, state governments have created their own simpler systems to tackle corruption.

Sunil Abraham: See: http://www.thehindu.com/opi... If the authentication match is not working [1:1 match]. Then basically the dedup will not work [1:n] match. That is why they are doing demographic dedup before biometric dedup - because they know that the biometric dedup is fallible.

Comment From Balu

A citizenship card , backed with a strond database is a must for every citixen . Some serious thoughts should be done in this matter at the earliest , instead of wasting time and money on different schemes .

Sunil Abraham: We should use decentralized Internet scale technologies based on open standards that are already proven. If we had used smart cards based on SCOSTA or EMV standard we would be in a much better place.

Comment From PRASHANTH

Comment From vikash

supreme court should not have to push such legal hurdles given that the 750 million card has already been generated.A lot of money has been investad in the project

Comment From Saket

Aaadhar card is full of errors. At the place where I got registered person was issuing it in a hurry which creates lots of typing errors in DOB and Place.

Comment From Aashish Gupta

The supreme court has not struck down aadhaar, it has said that aadhaar cannot be mandatory. This is to make sure that people who do not have an aadhaar card do not miss out on their entitlements.

Comment From Ramesh

Aadhaar should be made mandatory with necessary safeguards. Unless there is an ultimatum and time frame to get the card it will never be implemented. Even now many do not know where to get it done.

Comment From Aadharam

Could you clarify whether this is an interim order or a final order on Aadhar? Is there scope for a retraction/shift on the Supreme Court's part?

Comment From Onkar Tiwari

Why supreme court doesnt understand Adhar is necessary? it can curb corruption. it wll reduce corruption specially in manrega where people enters fake details and grab the money.

K Venkataramanan: It is only an interim order. The Court will, hopefully, resolve the questions raised by the petitioners about privacy and data security issues

Comment From George J

I have taken Aadhar Card. The procedure asks the applicant themselves to verify the data entered for typing mistakes etc. before being uploaded, in fact where I registered they had asked for a sign off on the final data on a printout. So how errors can creep in is beyond me. However the photography equipment and skill of the data entry operator leave much to be desired as the mug shot is not very kind to me!

Comment From Guest

There should be a guide line which need to be followed as it is in the hands of private partners who are also ask for bribe from the poor people for the aadhar and they have no other option to pay for it as they thought that this only can help them to get the govt. facilities and subsidies.

K Venkataramanan: @Onkar Tiwari, It is up to the government to convince the court that Aadhaar will help curb corruption, and how. The Court is unlikely to stop the use of technology to improve delivery of services and curb corruption.

Comment From v subrahmanian

help line over phone and the email correspondence is total waste.. they themselves are helpless. Any query has never been replied to the caller's satisfaction. Getting them on line itself is a challenge. It's so complex. Of course, every eligible citizen of this complex country must have the identity card. Why not if it is done through employer in case of organized salaried employees?

Comment From Ramakrishna Rao

Hi !! I request the panelists to kindly sum up in few 4 or 5 points the reasons/grounds on which the parliamentary committee has rejected the aadhar

Comment From Guest

The agencies who are collecting data for Aadhar Card are not doing good. The aadhar card is full with many kind of errors including Name and DOB.. Even a person is able to register twice under this scheme.

The Hindu: Mr. Venkataramanan would you like to respond to Ramakrishna Rao?

Comment From Guest

@K Gopinath - how robust is the de-duplication UID claims to have. And in real time transactions, is it possible to authenticate n request without 'false positives' or 'negatives'?

K. Gopinath: Dedup claims assume “good” conditions. For example, a farmhand may have rough skin, etc that may make the fingerprints problematic. 1% errors have been reported in the past. Real time txns: I think the current Aadhar is not geared for it. The connectivity is not there. Also, with fingerprint technologies, the ability to check large number of fingerprints for a match is not good enough. It has never been scaled to the extent that is being planned.

Comment From Sandeep

Still not sure if Aadhaar then other ID cards not needed ? Or Still all along with Aadhaar ? then what is meaning of Aadhaar ? Only for LPG connection? Why not govt making Aadhaar is mandatory in all other fields as well , As Govt spent huge money for Aadhaar

Comment From Guest

@ Sunil - How plausible is the idea that govt can use UID data to profile public?

Comment From Sushubh

I for one is very happy that at least the Supreme Court is not falling for this privacy infringing scam. People defending this card here on this platform needs to read more about it.

Comment From Guest

Govt. created panic among public regarding adhaar. Public is highly annoyed with the way the government is handling this adhaar project. Only court reprimands,govt. backtracks as far as the adhaar is concerned. It is high time for govt. to have serious insight into this.

K Venkataramanan: The parliamentary committee on Finance had objected to the UID being extended to non-citizens on the ground that it may end up in illegal immigrants getting Aadhaar numbers.

It had also questioned the rollout ofthe scheme before legislation was passed. It had objected to its implementation without regard to its consequences.

Comment From Srinivasa

I believe Nandan Nilkeni had mentioned certain very good examples of the system flagging duplicates. So I assume the system is robust. We need to make it mandatory for all services delivery and have suitable policy and technology to protect data.

Sunil Abraham: I don't think we can go by the assurance of someone no longer associated with the project. It is not persons that keep us safe it is proper technology and law.

The Hindu: Welcome back Sunil! Lots of questions await you

K Venkataramanan: The committee had said UIDAI had no conceptual clarity, no proper assessment of the costs involved, and that it could end up in the hands of private agencies, that the technology was untested and the UID may not meet the objectives for which it was conceived

Sunil Abraham: Sorry I was logged out.

Comment From Guest

There was a recent news in The Hindu about linking of Adhar cards to election voter ID cards in Andhra Pradesh. Do you think that adopting such moves by every state result in mandating the procedure eventually?

Comment From Guest

First Passport then PAN , voter id and now adahar, in any country there is only passport and SSN, why india needs so many identity cards

K. Gopinath: The PAN database has been problematic just as the voter id. Hence, every technology cycle, a new system is usually attempted that attempts to be "better" than the before. However, this requires care which is not in good supply in the govt where the "lowest" bidder wins or outsourcing happens.

The Hindu: We have Prof Gopinatha back too. Sorry about that technical glitch.

Comment From Deepak Vasudevan

Why are different apex agencies managing Aadhar like UIDAI, Census and NPR? There should be one root (apex) body and others should report onto it.

Sunil Abraham: Yes. The division of work between UIDAI and NPR is not very clear and has added to the confusion.

K Venkataramanan: The parliamentary standing committee, too pointed out the overlap of functions involving UIDAI and NPR

The Hindu: There was this question for you earlier on the thread @K Gopinath - how robust is the de-duplication UID claims to have. And in real time transactions, is it possible to authenticate n request without 'false positives' or 'negatives'?

Comment From Guest

When Union Of India aimed to greater transparency... these are the road blocks they get... If Aadhar is not mandatory... then make Voter ID, PAN Card, Ration card also not mandatory in their respective Govt Businesses ... make self declaration as mandatory .. lets go to the stone age in this Information age. Instead SC should direct the center to come up with procedure to accommodate legitimate citizens of India into the scheme in a time bound manner and frame policies to avoid misuse of the personal data. are we looking the current world Information age thru the same old glasses... it is time to adopt the change...

Sunil Abraham: Indeed we need more transparency. But privacy protections must be inversely proportionate to power and as Julian Assange says transparency requirements should be directly proportionate to power See: http://openup2014.org/priva...

K Venkataramanan: Linking Aadhaar and voter ID cards is also being tried out in other states It is only one more means of eliminating fake voters or duplicates, but is unlikely tobe a ground to make Aadhaar mandatory

Comment From Ganesh

@Mr.Sunil, The current technology adopted for UIDAI is not good compared to last regime?

Sunil Abraham: Please see my our open letter on this question http://cis-india.org/intern...

Comment From Madhavan R

Just because UPA government bring this, its not good for NDA to object it.. STOP wasting our money.. Just try to make best out of it..

Sunil Abraham: Pouring more money into a failed project will not save it. It has serious technological flaw and without addressing it we are just making a bad situation worse.

Comment From George J

Currently all embassy's are collecting biometric data when you apply for a visa. Most of this collection is done by private parties on behalf of the respective governments. So if an Indian has travelled abroad the chances of his Biometric data being available to foreign govts is 99%. So what is the big scare about this? The need that it should be secure and should not be misused is sacrosanct. with the kind of revelations that have been made about mass eavesdropping I think people should get used to living in glass houses!

Comment From Pappan

@Sunil, please clarify about your comment on technology inadequecy

Comment From Yuvaraj

I strongly support Adhaar card implemenataion. intially they may face challeneges but for the long run its very effective mechanism to monitor every thing

Sunil Abraham: Monitoring everything means you monitor nothing. The bigger the haystack the harder it is to find the needle. Good surveillance practices means targetting survelliance not en masse data collection.

Comment From Guest

It is heard that privacy of citizens is at stake with adhaar card. can panelists respond to this?

Sunil Abraham: I have dealt with your question here: http://www.business-standar...

Comment From Srinivasa

That comparison of the two standards (SCOSTA and Aadhar) made interesting reading. Why not a system where you collect biometrics and iris and then issue a SCOSTA card? the biometrics and iris can be used to remove duplicates and maintain a clean registry by failing the duplicate SCOSTA cards. And all further transactions will only need a card based access.

Comment From Loganathan

This is one the worst move by any government in the center to remember. With no motive for the card, they introduced just to add to the loss in exchequer and there is no benefit out of it. Many have wrong data entered against their name and totally the waste one of all

Comment From Sabari Arasu

I am aware of someone who is not Indian citizen got Aadhar card for himself and his family. This scares me a lot as anyone(read Bangaladheshis, Sri Lankans, Pakintanis, etc..) can get Aadhar card. Is there a measure taken by Government to identify these issues?

Sunil Abraham: This is possible because the technology [biometrics] cannot verify citizenship. Even worse biometrics can be imported from foreign countries and can be used to create resident ghosts. This is because the technology cannot even verify if the person in India. We will need surveillance cameras at every point of registration to take care of this possible fraud.

Comment From Chandra Sekhar

Aadhaar card was a huge opportunity for the government to improve the efficiency of governance.It was a challenging task and required great amount accuracy.The way this project was executed is a question mark on efficiency of governance.

The Hindu: Sunil, Venkatramanan, Gopinath - would you agree that Aadhaar was an opportunity to improve governance? @chandra sekhar

Comment From Guest

Freebee lovers/netas will always oppose when you want to implement some thing which might deny them the benefit.

Sunil Abraham: Any evidence to backup this statement?

Comment From Guest

if the ASDHAAR is nt necessary as per SC then why everywhere it is being preferred identity such as Subsidy, Passport etc.

Sunil Abraham: Preference is not the same as a mandatory requirement.

For more details visit https://cis-india.org/internet-governance/news/the-hindu-march-17-2015-aadhaar-an-identity-crisis

What Does Facebook's Transparency Report Tell Us About the Indian Government's Record on Free Expression & Privacy?

pranesh — 2015-04-05T05:08:37Z

Given India's online population, the number of user data requests made by the Indian government aren't very high, but the number of content restriction requests are not only high on an absolute number, but even on a per-user basis.

Further, Facebook's data shows that India is more successful at getting Facebook to share user data than France or Germany. Yet, our government complains far more about Facebook's lack of cooperation with Indian authorities than either of those countries do. I think it unfair for any government to raise such complaints unless that government independently shows to its citizens that it is making legally legitimate requests.

Since the Prime Minister of India Shri Narendra Modi has stated that "transparency and accountability are the two cornerstones of any pro-people government", the government ought to publish a transparency report about the requests it makes to Internet companies, and which must, importantly, provide details about how many user data requests actually ended up being used in a criminal case before a court, as well as details of all their content removal requests and the laws under which each request was made.

At the same time, Facebook's Global Government Requests Report implicitly showcases governments as the main causes of censorship and surveillance. This is far from the truth, and it behoves Facebook to also provide more information about private censorship requests that it accedes to, including its blocking of BitTorrent links, it's banning of pseudonymity, and the surveillance it carries out for its advertisers.

For more details visit https://cis-india.org/internet-governance/blog/what-does-facebook-transparency-report-tell-us-about-indian-government-record-on-free-expression-and-privacy

State of Cyber Security and Surveillance in India: A Review of the Legal Landscape

praskrishna — 2015-03-14T03:23:35Z

For more details visit https://cis-india.org/internet-governance/blog/state-of-cyber-security-and-surveillance-in-india.pdf