Centre for Internet and Society

Leaked Privacy Bill: 2014 vs. 2011

elonnai — 2014-04-01T10:52:41Z

The Centre for Internet and Society has recently received a leaked version of the draft Privacy Bill 2014 that the Department of Personnel and Training, Government of India has drafted.

Note: After obtaining a copy of the leaked Privacy Bill 2014, we have replaced the blog "An Analysis of the New Draft Privacy Bill" which was based off of a report from the Economic Times, with this blog post.

This represents the third leak of potential privacy legislation for India that we know of, with publicly available versions having leaked in April 2011 and September 2011.

When compared to the September 2011 Privacy Bill, the text of the 2014 Bill includes a number of changes, additions, and deletions. Below is an outline of significant changes from the September 2011 Privacy Bill to the 2014 Privacy Bill:

Scope: The 2014 Bill extends the right to Privacy to all residents of India. This is in contrast to the 2011 Bill, which extended the Right to Privacy to citizens of India. The 2014 Bill furthermore recognizes the Right to Privacy as a part of Article 21 of the Indian Constitution and extends to the whole of India, whereas the 2011 Bill did not explicitly recognize the Right to Privacy as being a part of Article 21, and excluded Jammu and Kashmir from its purview.
Definitions: The 2014 Bill includes a number of new definitions, redefines existing terms, and deletes others.

Terms that have been added in the 2014 Bill and the definitions

Personal identifier: Any unique alphanumeric sequence of members, letters, and symbols that specifically identifies an individual with a database or a data set.
Legitimate purpose: A purpose covered under this Act or any other law for the time being in force, which is certain, unambiguous, and limited in scope for collection of any personal data from a data subject.
Competent authority : The authority which is authorized to sanction interception or surveillance, as the case may be, under this Act or rules made there under or any other law for the time being in force.
Notification: Notification issued under this Act and published in the Official Gazette
Control : And all other cognate forms of expressions thereof, means, in relation to personal data, the collection or processing of personal data and shall include the ability to determine the purposes for and the manner in which any personal data is to be collected or processed.
Telecommunications system: Any system used for transmission or reception of any communication by wire, radio, visual or other electromagnetic means but shall not include broadcasting services.
Privacy standards: The privacy standards or protocols or codes of practice. developed by industry associations.

Terms that have been re-defined in the 2014 Bill from the 2011 Bill and the 2014 Bill definitions

Communication data:The data held or obtained by a telecommunications service provider in relation to a data subject including the data usage of the telecommunications
Data subject : Any living individual, whose personal data is controlled by any person
Interception: In relation to any communication in the course of its transmission through a telecommunication system, any action that results in some or all of the contents of that communication being made available, while being transmitted, to a person other than the sender or the intended recipient of the communication.
Person: Any natural or legal person and shall include a body corporate, partnership, society, trust, association of persons, Government company, government department, urban local body, or any other officer, agency or instrumentality of the state.
Sensitive personal data: Personal data relating to: (a) physical and mental health including medical history, (b) biometric, bodily or genetic information, (c) criminal convictions (d) password, (e) banking credit and financial data (f) narco analysis or polygraph test data, (g) sexual orientation. Provided that any information that is freely available or accessible in public domain or to be furnished under the Right to Information Act 2005 or any other law for time being in force shall not be regarded as sensitive personal data for the purposes of this Act.
Individual: a resident of Indian
Covert surveillance: covert Surveillance" means obtaining private information about an individual and his private affairs without his knowledge and includes: (i) directed surveillance which is undertaken for the purposes of specific investigation or specific operation in such a manner as is likely to result in the obtaining of private information about a person whether or not that person was specifically identified in relation to the investigation or operation; (ii) intrusive surveillance which is carried out by an individual or a surveillance device in relation to anything taking place on a residential premise or in any private vehicle. It also covers use of any device outside the premises or a vehicle wherein it can give information of the same quality and detail as if the device were in the premises or vehicle; (iii) covert human intelligence service which is information obtained by a person who establishes or maintains a personal or other relationship with an individual for the covert purpose of using such a relationship to obtain or to provide access to any personal information about that individual
Re-identify: means the recovery of data from an anonymised data, capable of identifying a data subject whose personal data has been anonymised;
Process: “process" and all other cognate forms of expressions thereof, means any operation or set of operations, whether carried out through automatic means or not by any person or organization, that relates to:(a) collation, storage, disclosure, transfer, updating, modification, alteration or use of personal data; or (b) the merging, linking, blocking, degradation or anonymisation of personal data;
Direct marketing: Direct Marketing means sending of a commercial communication to any individual
Data controller: any person who controls, at any point in time, the personal data of a data subject but shall not include any person who merely provides infrastructure for the transfer or storage of personal data to it data controller;
Government: the Central Government or as the case may be, the State Government and includes the Union territory Administration, local authority or any agency and instrumentality of the Government;

Terms that have been removed from the 2014 Bill that were in the 2011 Bill and the 2011 definition:

Consent: Includes implied consent
Maintain: Includes maintain, collect, use, or disseminate.
Data processor: In relation to personal data means any person (other than the employee of the data controller), who processes the data on behalf of the data controller.
Local authority: A municipal committee, district board, body of port commissioners, council, board or other authority legally entitled to, or entrusted by the Government with, the control or management of a municipal or local fund.
Prescribed: Prescribed by rules made under this Act.
Surveillance: Surveillance undertaken through installation and use of CCTVs and other system which capture images to identify or monitor individuals (this was removed from the larger definition of surveillance.)
DNA: Cell in the body of an individual, whether collected from a cheek, cell, blood cell, skin cell or other tissue, which allows for identification of such individual when compared with other individual.

Terms that have remained broadly (with some modification) the same between the 2014 Bill and 2011 Bill (as per the 2014 Bill definition):

Authority: The Data Protection Authority of India
Appellate tribunal: the Cyber Appellate Tribunal established under Sub-Section (1) of section n48 of the Information Technology Act, 2000.
Personal data: Any data which relates to a data subject, if that data subject can be identified from that data, either directly or indirectly, in conjunction with other data that the data controller has or is likely to have and includes any expression of opinion about such data subject.
Member: Member of the Authority
Disclose: and all other cognate forms of expression thereof, means disclosure, dissemination, broadcast, communication, distribution, transmission, or make available in any manner whatsoever, of personal data.
Anonymised: The deletion of all data that identifies the data subject or can be used to identify the data subject by linking such data to any other data of the data subject, by the data controller.

Exceptions to the Right to Privacy: According to the 2011 Bill, the exceptions to the Right to Privacy included:

Sovereignty, integrity and security of India, strategic, scientific or economic interest of the state
Preventing incitement to the commission of any offence
Prevention of public disorder or the detection of crime
Protection of rights and freedoms of others
In the interest of friendly relations with foreign state
Any other purpose specifically mentioned in the Act.

The 2014 Bill reflects almost all of the exceptions defined in the 2011 Bill, but removes ‘detection of crime’ from the list of exceptions. The 2014 Bill also qualifies that the application of each exception must be adequate, relevant, and not excessive to the objective it aims to achieve and must be imposed on the manner prescribed – whereas the 2011 Bill stated only that the application of exceptions to the Right to Privacy cannot be disproportionate to the purpose sought to be achieved.

Acts not to be considered deprivations of privacy: The 2011 Bill lists five instances that will not be considered a deprivation of privacy - namely

For journalistic purposes unless it is proven that there is a reasonable expectation of privacy,
Processing data for personal or household purposes,
Installation of surveillance equipment for the security of private premises,
Disclosure of information via the Right to Information Act 2005,
And any other activity exempted under the Act.

The 2014 limits these instances to:

The processing of data purely for personal or household purposes,
Disclosure of information under the Right to Information Act 2005,
And any other action specifically exempted under the Act.

Privacy Principles: Unlike the 2011 Bill, the 2014 Bill defines nine specific privacy principles: notice, choice and consent, collection limitation, purposes limitation, access and correction, disclosure of information, security, openness, and accountability. The Privacy Principles will apply to all existing and evolving practices.

Provisions for Personal Data: Both the 2011 Bill and the 2014 Bill have provisions that apply to the processing of personal and sensitive personal data. The 2011 Bill includes provisions addressing the:

Collection of personal data,
Processing of personal data,
Data quality,
Provisions relating to sensitive personal data,
Retention of personal data,
Sharing (disclosure) of personal data,
Security of personal data,
Notification of breach of security,
Access to personal data by data subject,
Updation of personal data by data subject
Mandatory processing of data,
Trans border flows of personal data.

Of these, the 2014 Bill broadly (though not verbatim) reflects the 2011 Bill provisions relating to the:

Collection of personal data,
Processing of personal data,
Access to personal data,
Updating personal data
Retention of personal data
Data quality,

The 2014 Bill has further includes provisions addressing:

Openness and accountability,
Choice,
Consent,
Exceptions for personal identifiers.

The 2014 Bill has made changes to the provisions addressing:

Provisions relating to sensitive personal data,
Sharing (disclosure of personal data),
Notification of breach of security,
Mandatory processing of data
Security of personal data
Trans border flows of personal data.

The changes that have been made have been mapped out below:

Provisions Relating to Sensitive Personal Data: The 2011Bill and 2014 Bill both require authorization by the Authority for the collection and processing of sensitive personal data. At the same time, both Bills include a list of circumstances under which authorization for the collection and processing of sensitive personal data is not required. On the whole, this list is the same between the 2011 Bill and 2014 Bill, but the 2014 Bill adds the following circumstances on which authorization is not needed for the collection and processing of sensitive personal data:

For purposes related to the insurance policy of the individual if the data relates to the physical or mental health or medical history of the individual and is collected and processed by an insurance company.
Collected or processed by the Government Intelligence agencies in the interest of the sovereignty, integrity, security or the strategic, scientific or economic interest of India.

The 2014 Bill also allows the Authority to specify additional regulations for sensitive personal data, and requires that any additional transaction sought to be performed with the sensitive personal information requires fresh consent to first be obtained. The 2014 Bill carves out another exception for Government agencies, allowing disclosure of sensitive personal data without consent to Government agencies mandated under law for the purposes of verification of identity, or for prevention, detection, investigation including cyber incidents, prosecution, and punishment of offences.

Notification of Breach of Security: The provisions relating to the notification of breach of security in the 2014 Bill differ from the 2011 Bill. Specifically, the 2014 Bill removes the requirement that data controllers must publish information about a data breach in two national news papers. Thus, in the 2014 Bill, data controllers must only inform the data protection authority and affected individuals of the breach.

Notice: The 2014 Bill changes the structure of the notice mechanism – where in the 2011 Bill, prior to the processing of data, data controllers had to take all reasonable steps to ensure that the data subject was aware of the following:

The documented purposes for which such personal data is being collected
Whether providing of personal data by the data subject is voluntary or mandatory under law or in order to avail of any product or service
The consequences of the failure to provide the personal data
The recipient or category of recipients of the personal data
The name and address of the data controller and all persons who are or will be processing information on behalf of the data controller
If such personal data is intended to be transferred out of the country, details of such transfer.

In contrast the 2014 Bill provides that before personal data is collected, the data controller must give notice of:

What data is being collected and
The legitimate purpose for the collection.

If the purpose for which the data was collected has changed the data controller will then be obligated to provide the data subject with notice of:

The use to which the personal data will be put
Whether or not the personal data will be disclosed to a third party and if so the identity of such person
If the personal data being collected is intended to be transferred outside India and the reasons for doing so, how the transfer helps in achieving the legitimate purpose and whether the country to which such data is transferred has suitable legislation to provide for adequate protection and privacy of the data.
The security and safeguards established by the data controller in relation to the personal data
The processes available to a data subject to access and correct his personal data
The recourse open to a data subject, if he has any complaints in respect of collection or processing of the personal data and the procedure relating thereto
The name, address, and contact particulars of the data controller and all persons who will be processing the personal data on behalf of the data controller.

Disclosure of personal data: Though titled as ‘sharing of personal data’ both the 2011 Bill and 2014 Bill require consent for the disclosure of personal information, but list exceptional circumstances on which consent is not needed. In the 2011 bill, the relevant provision permits disclosure of personal data without consent only if (i) the sharing was a part of the documented purpose, (ii) the sharing is for any purpose relating to the exceptions to the right to privacy or (iii) the Data Protection Authority has authorized the sharing. In contrast, the 2014 Bill permits disclosure of personal data without consent if (i) such disclosure is part of the legitimate purpose (ii) such disclosure is for achieving any of the objectives of section 5 (iii) the Authority has by order authorized such disclosure (iv) the disclosure is required under any law for the time being in force (v) the disclosure is made to the Government Intelligence agencies in the interest of the sovereignty, integrity, security or the strategic, scientific or economic interest of India. As a safeguard, the 2014 Bill requires that any person to whom personal information is disclosed, whether a resident or not, must adhere to all provisions of the Act. Furthermore, the disclosure of personal data must be limited to the extent which is necessary to achieve the purpose for which the disclosure is sought and no person can make public any personal data that is in its control.

Transborder flow of information: Though both the 2011 Bill and the 2014 Bill require any country that data is transferred to must have equivalent or stronger data protection standards in place, the 2014 Bill carves out an exception for law enforcement and intelligence agencies and the transfer of any personal data outside the territory of India, in the interest of the sovereignty, integrity, security or the strategic, scientific or economic interest of India.

Mandatory Processing of Data: Both the 2011 Bill and 2014 Bill have provisions that address the mandatory processing of data. These provisions are similar, but the 2014 Bill includes a requirement that data controllers must anonymize personal data that is collected without prior consent from the data subject within a reasonable time frame after collection.

Security of Personal Data: The provision relating to the security of personal information in the 2014 Bill has been changed from the 2011 Bill by expanding the list and type of breaches that must be prevented, but removing requirements that data controllers must ensure all contractual arrangements with data processors specifically ensure that the data is maintained with the same level of security.

Conditions on which provisions do not apply: Both the 2011Bill and 2014 Bill define conditions on which the provisions of updating personal data, access, notification of breach of security, retention of personal data, data quality, consent, choice, notice, and right to privacy will not apply to personal data. Though the 2011 Bill and 2014 Bill reflect the same conditions, the 2014 Bill carves out an exception for Government Intelligence Agencies - stating that the provisions of updating personal data, access to data by the data subject, notification about breach of security, retention of personal data, data quality, processing of personal data, consent, choice, notice, collection from an individual will not apply to data collected or processed in the interest of the sovereignty, integrity, security or the strategic, scientific or economic interest of India.
Privacy Officers: Unlike the 2011 Bill, the 2014 Bill defines the role of the privacy officer that must be established by every data controller for the purpose of overseeing the security of personal data and implementation of the provisions of the Act.
Power of Authority to Exempt: Both the 2011 Bill and 2014 Bill contain provisions that enable the Authority to waive the applicability of specific provisions of the Act. The circumstances on which this can be done are based on the exceptions to the Right to Privacy in both the 2011 and 2014 Bill. To this extent, the 2014 Bill differs slightly from the 2011 Bill, by removing the power of the Authority to exempt for the ‘detection of crime’ and ‘any other legitimate purpose mentioned in this Act’ .

The Data Protection Authority: The 2011 Bill and 2014 Bill both establish Data Protection Authorities, but the 2014 Bill further clarifies certain aspects of the functioning of the Authority and expands the functions and the powers of the Authority. For example, new functions of the Authority include:

Auditing any or all personal data controlled by the data controller to assess whether it is being maintained in accordance with the Act,
Suggesting international instruments relevant to the administration of the Act,
Encouraging industry associations to evolve privacy standards for self regulations, adjudicating on disputes arising between data controllers or between individuals and data controllers.

The 2014 Bill also expands the powers of the Data Protection Authority – importantly giving him the power to receive, investigate complaints about alleged violations of privacy and issue appropriate orders or directions.

At the same time, the 2014 Bill carves out an exception for Government Intelligence Agencies and Law Enforcement agencies – preventing the Authority from conducting investigations, issuing appropriate orders or directions, and adjudicating complaints in respect to actions taken by the Government Intelligences Agencies and Law Enforcement, if for the objectives of (a) sovereignty, integrity or security of India; or(b) strategic, scientific or economic interest of India; or(c) preventing incitement to the commission of any offence, or (d) prevention of public disorder, or(e) the investigation of any crime; or (f) protection of rights and freedoms of others; or (g) friendly relations with foreign states; or (h) any other legitimate purpose mentioned in this Act.

This power is instead vested with a court of competent jurisdiction.

The National Data Controller Registry: The 2014 Bill removes the National Data Controller Registry and requirements for data controllers to register themselves and oversight of the Registry by the Data Protection Authority.
Direct Marketing: Both the 2011 and 2014 Bills contain provisions regulating the use of personal information for direct marketing purposes. Though the provisions are broadly the same, the 2011 Bill envisions that no person will undertake direct marketing unless he/she is registered in the ‘National Data Registry’ and one of the stated purposes is direct marketing. As the 2014 Bill removes the National Data Registry, the 2014 Bill now requires that any person undertaking direct marketing must have on record where he/she has obtained personal data from.
Interception of Communications: Though maintaining some of the safeguards defined in the 2011 Bill for interception, 2014 Bill changes the interception regime envisioned in the 2011 Bill by carving out a wide exception for organizations monitoring the electronic mail of employees, removing provisions requiring the interception take place only for the minimum period of time required for achieving the purposes, and removing provisions excluding the use of intercepted communications as evidence in a court of law. Similar to the 2011 Bill, the 2014 Bill specifies that the principles of notice, choice and consent, access and correction, and openness will not apply to the interception of communications.
Video Recording Equipment in public places: Unlike the 2011 Bill, which addressed only the use of CCTV’s, the 2014 Bill addresses the installation and use of video recording equipment in public places. Though both the 2011 Bill and 2014 Bill both prevent the use of recording equipment and CCTVs for the purpose of identifying an individual, monitoring his personal particulars, or revealing personal, or otherwise adversely affecting his right to privacy - the 2014 Bill requires that the use of recording equipment must be in accordance with procedures, for a legitimate purpose, and proportionate to the objective for which the equipment was installed.

The 2014 Bill makes a broad exception to these safeguards for law enforcement agencies and government intelligence agencies in the interest of the sovereignty, integrity, security or the strategic, scientific, or economic interest of India.

Privacy Standards and Self Regulation: The 2014 Bill establishes a specific mechanism of self regulation where industry associations will develop privacy standards and adhere to them. For this purpose, an industry ombudsman should be appointed. The standards must be in conformity with the National Privacy Principles and the provisions of the Privacy Bill. The developed standards will be submitted to the Authority and the Authority may frame regulations based on the standards. If an industry association has not developed privacy standards, the Authority may frame regulations for a specific sector.
Settlement of Disputes and Appellate Tribunal: The 2014 Bill makes significant change to the process for settling disputes from the 2011 Bill. In the 2014 Bill an Alternative Dispute Mechanism is established where disputes between individuals and data controllers are first addressed by the Privacy Officer of each Data Controller or the industry level Ombudsman. If individuals are not satisfied with the decision of the Ombudsman they may take the complaint to the Authority. Individuals can also take the complaint directly to the Authority if they wish. If an individual is aggrieved with the decision of the Authority, by a privacy officer or ombudsman through the Alternative Dispute Resolution mechanism, or by the adjudicating officer of the Authority, they may approach the Appellate Tribunal. Any order from the Appellate Tribunal can be appealed at a high court.

In the 2011 Bill disputes between the data controller and an individual can be taken directly to the Appellate Tribunal and orders from the Authority can be appealed at the Tribunal. There is not further path for appeal to an order of the tribunal.

Offences and Penalties: The 2014 Bill changes the structure of the offences and penalties section by breaking the two into separate sections - one addressing offences and one addressing penalties while the 2011 Bill addressed offences and penalties in the same section.

Offences: The 2014 Bill penalizes every offence with imprisonment and a fine and empowers a police officer not below the rank of Deputy Superintendent of Police to investigate any offence, limits the courts ability to take cognizance of an offence to only those brought by the Authority, requires that the Court be no lower than a Chief Metropolitan Magistrate or a Chief Judicial Magistrate, and permits courts to compound offences. The 2014 Bill further specifies that any offence that is punishable with three years in prison and above is cognizable, and offences punishable with three years in prison are bailable. . Under the 2014 Bill offences are defined as:

Unauthorized interception of communications
Disclosure of intercepted communications
Undertaking unauthorized Covert Surveillance
Unauthorized use of disclosure of communication data

The offences defined under the Act are reflected in the 2011 Bill, but the time in prison and fine is higher in the 2014 Bill.

Penalties: The 2014 Bill provides a list of penalties including:

Penalty for obtaining personal data on false pretext
Penalty for violation of conditions of license pertaining to maintenance of secrecy and confidentiality by telecommunications service providers
Penalty for disclosure of other personal information
Penalties for contravention of directions of the Authority
Penalties for data theft
Penalties for unauthorised collection, processing, and disclosure of personal data
Penalties for unauthorized use of personal data for direction marketing. These penalties reflect the penalties in the 2011 bill, but prescribe higher fines

Adjudicating Officer: Unlike the 2011 Bill that did not have in place an adjudicating officer, the 2014 Bill specifies that the Chairperson of the Authority will appoint a Member of the Authority not below the Rank of Director of the Government of India to be an adjudicating officer. The adjudicating officer will have the power to impose a penalty and will have the same powers as vested in a civil court under the Code of Civil Procedure. Every proceeding before the adjudicating officer will be considered a judicial processing. When adjudicating the officer must take into consideration the amount of disproportionate gain or unfair advantage, the amount of loss caused, the respective nature of the default

Civil Remedies and compensation: Both the 2011 and 2014 Bill contain provisions that permit an individual to pursue a civil remedy, but the 2014 Bill limits these instances to - if loss or damage has been suffered or an adverse determination is made about an individual due to negligence on complying with the Act, and provides for the possibility that the contravening parties will have to provide a public notice of the offense.

The 2014 Bill removes provisions specifying that individuals that have suffered loss due to a contravention by the data controller of the Act are entitled to compensation.

Exceptions for intelligence agencies: Unlike the 2011 Bill, the 2014 Bill includes an exception for Government Intelligence Agencies and Law Enforcement Agencies – stating that the Authority will not have the power to conduct investigations, issue appropriate orders and directions or otherwise adjudicate complaints in respect of action taken by the Government intelligence agencies and Law Enforcement agencies for achieving any of the objectives that reflect the defined exceptions to privacy.

The Centre for Internet and Society welcomes many of the changes that are reflected in the Privacy Bill 2014, but are cautious about the wide exceptions that have been carved out for law enforcement and intelligence agencies in the Bill.

In 2012, the Report of Group of Expert s on Privacy was developed for the purpose of informing a privacy framework for India. As such the Centre for Internet and Society will be analyzing in upcoming posts the draft Privacy Bill 2014 and the recommendations in the Report of the Group of Experts on Privacy.

For more details visit https://cis-india.org/internet-governance/blog/leaked-privacy-bill-2014-v-2011

March 2014 Bulletin

praskrishna — 2014-05-30T12:12:33Z

We at the Centre for Internet & Society (CIS) welcome you to the third issue of the newsletter (March) for the year 2014.

Highlights

The Centre for Internet and Society (CIS) and the Centre for Law and Policy Research (CLPR) published a report on making the 2014 General Elections in India participatory and accessible for voters with disabilities.
CIS also published a report of a test conducted to determine the accessibility of websites of the Election Commission of India, the Parliament and some key political parties in India.
Proceedings of the 26^th session of WIPO-SCCR are brought forth in a 3 part summary. Varun Baliga and Alexandra Bhattacharya of the Third World Network provided their inputs.
The Access to Knowledge team from CIS (CIS-A2K) published a detailed draft work plan. These include 7 language area plans, 3 community strengthening initiatives, 8 stand-alone Wikimedia projects, creating movement resources, publicity, research and documentation, and general support and service to the movement.
CIS received a leaked version of the draft Privacy Bill 2014 that the Department of Personnel and Training, Government of India has drafted. Significant changes noted in the current bill when compared to the September 2011 Privacy Bill are analysed in a blog post.
As part of the Making Change project Denisse Albornoz has produced an analysis of the accessibility challenges for digital immigrants and the importance of behavioural science for the design of digital technologies in a blog post.
Dr. Nishant Shah was a panelist at an event on Digital Gender organized by HUMLAB and Umeå Centre for Gender Studies. He blogged about the event in HUMLAB Blog.

Jobs

CIS is seeking applications for the post of Programme Officer (Access to Knowledge): http://bit.ly/1fnydB0. There are two vacancies for this post one in Delhi and one in Bangalore. To apply, please send your resume to Sunil Abraham (sunil@cis-india.org), Nirmita Narasimhan (nirmita@cis-india.org) and Pranesh Prakash (pranesh@cis-india.org) with three writing samples of which at least one demonstrates your analytic skills, and one that shows your ability to simplify complex policy issues.

Accessibility and Inclusion

Under a grant from the Hans Foundation we are doing two projects. The first project is on creating a national resource kit of state-wise laws, policies and programmes on issues relating to persons with disabilities in India. We have completed compilation of draft chapters for 29 states and 6 union territories. The chapters along with the quarterly reports can be accessed on the project page available at: http://bit.ly/1e1FzgD. The second project is on developing text-to-speech software for 15 Indian languages. The progress made so far in the project can be accessed at: http://bit.ly/1hi1EI1.

NVDA

Blog Entry

NVDA e-Speak Text-to-Speech Project Update (March 2014): http://bit.ly/1hAR2OI.

Other Accessibility Updates

Publications

Enabling Elections (by CIS and CLPR, March 24, 2014): http://bit.ly/1qcRdqJ.
Accessibility of Political Parties Websites in India (by CIS March 24, 2014): http://bit.ly/1snN9G3.

Announcement

Constitution of the High Level Advisory Committee on National Policy on Universal Electronic Accessibility. CIS has been invited to serve on the high level committee on electronic accessibility policy constituted by the Indian government. This was communicated by the Department of Electronics and Information Technology: http://bit.ly/1ieuNz3.

Media Coverage

Are Elections Fair to People With Special Needs? (by Papiya Bhattacharya, New Indian Express, April 8, 2014): http://bit.ly/1hrQ7WS.
Enabling Elections (Vijay Karnataka, April 9, 2014): http://bit.ly/1mXFpJM. This was published in Kannada language.

Access to Knowledge

International Development Research Centre (IDRC) has funded CIS to do research on the complex interplay between pervasive technologies and intellectual property and to use the research outputs to support intellectual property norms that encourage, not inhibit, the proliferation and further development of such technologies as a social good. Further, the Access to Knowledge programme addresses the harms caused to consumers and human rights, and critically examines Open Government Data, Open Access to Scholarly Literature, and Open Access to Law, Open Content, Open Standards, and Free/Libre/Open Source Software.

Blog Entries

NGO Profile: Knowledge Ecology International (by Puneeth Nagraj, March 11, 2014): http://bit.ly/1fRFTNd.
004: A License to Share (by Devika Agarwal, March 17, 2014): http://bit.ly/PL85aJ
Broadcast Treaty: An Overview (by Varun Baliga, March 20, 2014): http://bit.ly/1e2Pli6.
WIPO Standing Committee on Copyright and Related Rights (SCCR) 26th Session- Consolidated Notes (Part 1 of 3) (by Nehaa Chaudhari, March 18, 2014): http://bit.ly/1fRH3s1.
WIPO Standing Committee on Copyright and Related Rights (SCCR) 26th Session- Consolidated Notes (Part 2 of 3) (by Nehaa Chaudhari, March 20, 2014): http://bit.ly/1imQ3E0.
WIPO Standing Committee on Copyright and Related Rights (SCCR) 26th Session- Consolidated Notes (Part 3 of 3) (by Nehaa Chaudhari, March 31, 2014): http://bit.ly/1kfnI8o.
Cultural Interests vs. Modernization: Robert Shapiro on IPR & Innovation in India (by Samantha Cassar, March 31, 2014): http://bit.ly/1fRNStF.

Upcoming Event

NASA International Space Apps Challenge 2014 (CIS, Bangalore, April 12 – 13, 2014): http://bit.ly/1mVy8tZ.

Participation in Events

9^th Session of the WIPO Advisory Committee on Enforcement (organized by WIPO, March 3 - 5, 2014, Geneva): http://bit.ly/1ifeS3p. Puneeth Nagraj participated in this event.
2nd International Conference Competition Law - Challenges in the Implementation (organized by ASSOCHAM, New Delhi, March 8, 2014). Nehaa Chaudhari participated in the event.
Design!Public (organized by Centre for Knowledge Societies in partnership with in partnership with Grameen Foundation India, Bill & Melinda Gates Foundation, UNDP, et.al., New Delhi, March 14, 2014): http://bit.ly/1g1jyNj. Sunil Abraham was a speaker at the event.
Stakeholders meeting to discuss the NCAER Report on "Parallel Imports" (organized by the Ministry of Human Resource Development, New Delhi, March 26, 2014). Nehaa Chaudhari participated in the event: http://bit.ly/1hkyN62.

The following has been done under grant from the Wikimedia Foundation (http://bit.ly/SPqFOl). As part this project (http://bit.ly/X80ELd), we organised 9 workshops in the month of March (http://bit.ly/1hvdUPE), wrote articles for DNA, Opensource.com, Global Voices, Foss Force, etc., and prepared a detailed work plan for July 2014 – June 2015:

Wikipedia

Draft Work Plan

India Access to Knowledge/Draft Work plan July 2014 - June 2015 (by T. Vishnu Vardhan, March 31, 2014): http://bit.ly/1hWE2Yh. A detailed work plan for languages like Bengali, Hindi, Kannada, Konkani, Marathi, Odia and Telugu was prepared by the CIS-A2K team.

Articles / Blog Entries

Open Education Week: Interview with Subhashish Panigrahi (by Noopur Raval, March 14, 2014): http://bit.ly/1e3KwFr.
Open Source Project Brings 11th Century Kannada Verses Online (by Pavithra Hanchagaiah, Omshivaprakash H L and Subhashish Panigrahi, March 19, 2014): http://bit.ly/POf9TW.
Vachana Sanchaya: 11th century Kannada literature to enrich Wikisource (by by Pavithra Hanchagaiah, Omshivaprakash H L and Subhashish Panigrahi, March 20, 2014): http://bit.ly/1kgYiaw.
ଓଡ଼ିଆ ଉଇକିପିଡ଼ିଆ: ତିନି ବର୍ଷର ସକ୍ରିୟ ଅବଦାନ ୧୦ ବର୍ଷର ପ୍ରକଳ୍ପକୁ ପୁନର୍ଜୀବନ ଦେଲା (by Subhashish Panigrahi, March 20, 2014): http://bit.ly/1gB9qa8.
Digitize any Book in the Public Domain (by Subhashish Panigrahi, Opensource.com, March 27, 2014): http://bit.ly/1iqXgDb.

Events Organized

First Urdu Wikipedia Workshop (Maulana Azad National Urdu University, Hyderabad, March 4, 2014): http://bit.ly/1ihqPpj. Syed Muzamiluddin conducted the workshop. The event was covered by Taemeer News, Aalami Akhbar, and Firokhabar on March 5, 2014. A video of the event was published by Ruby News.
Telugu Wikipedia Women’s Day (Hyderabad, March 8, 2014): http://bit.ly/1e3NvO8. The event was covered by Andhra Prabha Telugu daily and Andhra Bhoomi.
Wiki Women’s Day (International Center Goa, March 9, 2014): http://bit.ly/MRRJLy. Frederick Noronha conducted the workshop. The event was organized as part of the commemoration of the International Women's Day.
Wikipedia Editathon on India Women's History (Chaitanya Bharathi Institute of Technology (CBIT), Hyderabad, March 8, 2014). The event was covered by Andhra Prabha and Andhra Bhoomi on March 8, 2014. Syed Muzamiluddin participated in the event.
Kannada Wikipedia Workshop (SDM College, Ujire, March 23, 2014). Dr. U.B.Pavanaja conducted a workshop. Renuka Phadnis wrote a report of the event in the Hindu on March 24, 2014: http://bit.ly/1ekkf0m.
Community Capacity Building Workshop (KIIT University, March 30, 2014): http://bit.ly/1haLAaf. Subhashish Panigrahi along with experienced Wikipedians mentored the Odia Wikipedia community about community building strategies and outreach.

Events Co-organized

Kannada Wikipedia Workshop (organized by Kannada Times Sagara and co-sponsored by CIS-A2K, Sagara, March 1-2, 2014). Dr. U.B. Pavanaja conducted a Kannada Wikipedia workshop on March 1, followed a by edit-a-thon on Mar 2, 2014. The event was covered by Suvarna Prabha (March 1, 2014, http://bit.ly/1hjLbTL) and Vijaya Karnataka (March 2, 2014, http://bit.ly/1jmRMLA).
Odisha Day 2014 (organized by CIS-A2K and Odia Wikipedia community, Jayadev Bhawan, Bhubaneswar, March 29, 2014): http://bit.ly/1e6Lwsg. About 70 people participated in the event. The event was featured in the media about 14 times.

Participation in Events

Sessions on Kannada Wikipedia (organized by Tumkur University, March 27, 2014): http://bit.ly/1kB7It8. Dr. U.B.Pavanaja conducted a session on Kannada Wikipedia for students of M.Sc. Library and Information Sciences followed by an advanced Kannada Wikipedia session for students of M.A. Literature.
The Dynamics of Education to Employment Journey: Opportunities and Challenges (organized by KIIT School of Management, KIIT University, Bhubaneswar, February 21-22, 2014). T. Vishnu Vardhan gave a talk: http://bit.ly/1ePwqHc.

CIS gave its inputs to the following media coverage:

Media Coverage

Integrating Urdu with Modern Technology the Need of Hour (Daily Taskeen, March 6, 2014): http://bit.ly/1fZgcH6.
ଓଡ଼ିଶା ଦିବସ: ଓଡ଼ିଆ ଭାଷା ଭିତ୍ତିରେ ରାଜ୍ୟ ଗଠନର ୭୯ ବର୍ଷ (Odishan.com, March 27, 2014): http://bit.ly/OvTLCb.
Odia Wikipedia (The Telegraph, March 29, 2014): http://bit.ly/1qihWAb. Subhashish Panigrahi spoke about Odia Wikipedia plan.
Odia Wikimedia community celebrated Odisha day, bringing 14 copyright free Odia books (Odishadiary, March 29, 2014): http://bit.ly/1lJJ4ur.
Odia Wikipedia Brings 14 Copyright Free Odia Books and a Free Odia Font (Odishabarta, March 29, 2014): http://bit.ly/1mRHzI2. Subhashish Panigrahi shared the vision of the Wikimedia movement.
‘Digitisation only way to preserve valuable literature for posterity’ (Odisha Sun Times, March 29, 2014): http://bit.ly/1lF3Pok.
Odia Wikipedia to Digitise 14 Books (The Pioneer, March 30, 2014): http://bit.ly/1ec4Rsp.
ଓଡ଼ିଆରେ ଉଇକିପିଡିଆ ଓ ଉଇକିପାଠାଗାର: ଓଡ଼ିଆ ପୁସ୍ତକ ଏଣିକି ମୁକ୍ତରେ ମିଳିବ ଇଣ୍ଟରନେଟରେ (Odishan, March 30, 2014): http://bit.ly/1mVfeU1. Subhashish Panigrahi read out the annual report.
Odisha Day 2014 (Odisha Samay, March 30, 2014): http://bit.ly/1haQtzS.
Odisha Day 2014 (Sambad, March 31, 2014): http://bit.ly/1irzOWf.

Internet Governance

As part of its research on privacy and free speech, CIS is engaged with two different projects. The first one (under a grant from Privacy International and International Development Research Centre (IDRC)) is on surveillance and freedom of expression (SAFEGUARDS). The second one (under a grant from MacArthur Foundation) is on studying the restrictions placed on freedom of expression online by the Indian government. As part of our research we bring you an analysis highlighting the differences between the leaked version of the Privacy Bill and the September 2011 Privacy Bill.

Articles

Privacy worries cloud Facebook's WhatsApp Deal (by Sunil Abraham, March 20, 2014): http://bit.ly/1inIU6z.
The Age of Shame (by Dr. Nishant Shah, Indian Express, March 30, 2014): http://bit.ly/PD10ZW.

Blog Entries

Comparison of Section 35(1) of the Draft Human DNA Profiling Bill and Section 4 of the Identification Act Revised Statute of Canada (by Elonnai Hickok, March 3, 2014): http://bit.ly/1jmTWuI.
New Standard Operating Procedures for Lawful Interception and Monitoring (by Divij Joshi, March 13, 2014): http://bit.ly/1mRRIo4.
NTIA to give up control of the Internet's root (by Pranesh Prakash, March 18, 2014): http://bit.ly/1hRVA7R.
Net Neutrality and Privacy (by Divij Joshi, March 20, 2014): http://bit.ly/1khi1GQ.
European Union Draft Report Admonishes Mass Surveillance, Calls for Stricter Data Protection and Privacy Laws (by Elonnai Hickok, March 20, 2014): http://bit.ly/1h5Hksm.
Leaked Privacy Bill: 2014 vs. 2011 (by Elonnai Hickok, March 31, 2014): http://bit.ly/QV0Y0w.
Intermediary Liability Resources (by Elonnai Hickok, March 31, 2014): http://bit.ly/1hRT8OD. This blog post will be updated on an ongoing basis.

Event Co-organized

Counter Surveillance Panel: DiscoTech & Hackathon (co-organized by CIS, MIT Centre for Civic Media Co-Design Lab, Tactical Technology Collective, Hackteria.org and Srishti School of Art Design and Technology, Bangalore, March 1, 2014): http://bit.ly/NCGMyH.

Participation in Events

RightsCon Silicon Valley 2014 (organized by RightsCon, San Francisco, March 3 and 4, 2014): http://bit.ly/1kBluvP. Pranesh Prakash and Malavika Jayaram were speakers at this event.
Internet Governance Round-table (hosted by British High Commission, New Delhi, March 4, 2014): http://bit.ly/1kBljAJ. Geetha Hariharan participated in the round-table conference.
“The Internet and Controls: A Disturbing Scenario” (organized by Bangalore International Centre, TERI, Bangalore, March 7, 2014): http://bit.ly/QVc2ea. Sunil Abraham chaired and moderated the session.
How to Engage in Broadband Policy and Regulatory Processes (organized by LIRNEasia with the support of the Ford Foundation, Gurgaon, March 9, 2014): http://bit.ly/1fUgUZQ. Sunil Abraham taught Surveillance and Privacy.
International Conference on Cyberlaw & Cybercrime (organized by Cyberlaws.net and Pawan Duggal Associates, New Delhi, March 13, 2014): http://bit.ly/1fUgliD. Sunil Abraham was a panelist.
ICANN and Global Internet Governance: The Road to São Paulo, and Beyond (organized by the NonCommercial Users Constituency and ICANN, Raffles City Convention Centre, Singapore, March 21, 2014): http://bit.ly/1hjT0J5. Pranesh Prakash was a speaker. Geetha Hariharan participated in the event.
Panel Discussion – Intermediary Liability & Freedom of Expression in India (organized by the Centre for Communication Governance at NLU Delhi in association with the Global Network Initiative, Washington D.C., India International Centre Annex, New Delhi, March 26, 2014): http://bit.ly/1hjRlU1. Bhairav Acharya participated in the event.
Governance issues for private data stores (co-hosted by Harvard Faculty Club and Web Science Trust, 20 Quincy Street, Cambridge, March 28, 2014): http://bit.ly/1gBtjOk. Malavika Jayaram was a speaker at this event.
Cyber Dialogue 2014 (organized by the Canada Centre for Global Security Studies, Munk School of Global Affairs, University of Toronto, March 30 – 31, 2014): http://bit.ly/QZBTSg. Malavika Jayaram participated in the event.

News & Media Coverage

CIS gave its inputs to the following recent media coverage:

India: Privacy Bill will likely reflect EU Directive (DataGuidance, March 3, 2014): http://bit.ly/1fUirPp.
India’s ballot battle will also run through Facebook (by Zia Haq, Hindustan Times, March 4, 2014): http://bit.ly/1oFyjeM.
‘Mobile’ voters may sway polls (by Avantika Chilkoti, BDlive, March 5, 2014): http://bit.ly/1mTB0HK.
Girls just wanna have... a voice (The Telegraph, March 8, 2014): http://bit.ly/1e3Y57y.
When politics gets social (by Chanpreet Khurana, Livemint, March 11, 2014): http://bit.ly/QVaSPW.
The Internet Will Be Everywhere In 2025, For Better Or Worse (WCAI Cape and Islands NPR, March 12, 2014): http://bit.ly/1qbxkyj.
C-DoT's surveillance system making enemies on internet (by Krishna Bahirwani, DNA, March 21, 2014): http://bit.ly/1mS3q1P.
No to homosexuals, yes to their vote (by Yogesh Pawar, DNA, March 21, 2014): http://bit.ly/1gBwoO9.
India's social media election battle (by Atish Patel, BBC, March 31, 2014): http://bit.ly/1khoH7Z.

Digital Humanities

CIS is building research clusters in the field of Digital Humanities. The Digital will be used as a way of unpacking the debates in humanities and social sciences and look at the new frameworks, concepts and ideas that emerge in our engagement with the digital. The clusters aim to produce and document new conversations and debates that shape the contours of Digital Humanities in Asia:

Blog Entries

Digital Humanities: The Ecto-Parasite (by Anirudh Sridhar, March 12, 2014): http://bit.ly/1khz1Nl.
A Question of Digital Humanities (by Sneha PP, March 20, 2014): http://bit.ly/1mTCtOn.
Structure, Sign and Play in the Digital (by Anirudh Sridhar, March 28, 2014): http://bit.ly/QVgBoL.
Fishing is the New Black: Contemporary Art Imitates the Digital (by Anirudh Sridhar, March 28, 2014): http://bit.ly/1khzChU.
A Queer Digital Humanities Experience (by Ditilekha Sharma, March 31, 2014): http://bit.ly/1khzPSj.
The Digital Humanities Discourse: The Knowledge Question on the Wikipedia (by Sohnee Harshey, March 31, 2014): http://bit.ly/1kBocRW.

Participation in Event

Digital Gender: Theory, Methodology and Practice (co-organized by HUMlab and UCGS (Umeå Centre for Gender Studies), Umeå University, March 12 – 14, 2014). Dr. Nishant Shah was a panelist. He blogged about the event in HUMLAB Blog: http://bit.ly/1jmZSUD.

Digital Natives

CIS is doing a research project titled “Making Change”. The project will explore new ways of defining, locating, and understanding change in network societies. Having the thought piece 'Whose Change is it Anyway' as an entry point for discussion and reflection, the project will feature profiles, interviews and responses of change-makers to questions around current mechanisms and practices of change in South Asia and South East Asia:

Making Change Project

Blog Entry

Digital Design: Human Behavior vs. Technology (by Denisse Albornoz, March 4, 2014): http://bit.ly/1hjV4Rn.

Telecom

Shyam Ponappa, a Distinguished Fellow at CIS is a regular columnist with the Business Standard. The articles published on his blog Organizing India Blogspot is mirrored on our website:

Newspaper Column

Extractive Charges on Spectrum & Petroleum (by Shyam Ponappa, Business Standard, March 5, 2014, Observer India Blogspot, March 6, 2014): http://bit.ly/1khyMSz.

About CIS

The Centre for Internet and Society is a non-profit research organization that works on policy issues relating to freedom of expression, privacy, accessibility for persons with disabilities, access to knowledge and IPR reform, and openness (including open government, FOSS, open standards, etc.), and engages in academic research on digital natives and digital humanities.

► Follow us elsewhere

Twitter: https://twitter.com/CISA2K
Facebook group: https://www.facebook.com/cisa2k
Visit us at: https://meta.wikimedia.org/wiki/India_Access_To_Knowledge
E-mail: a2k@cis-india.org

► Support Us

Please help us defend consumer / citizen rights on the Internet! Write a cheque in favour of ‘The Centre for Internet and Society’ and mail it to us at No. 194, 2nd ‘C’ Cross, Domlur, 2nd Stage, Bengaluru – 5600 71.

► Request for Collaboration:

We invite researchers, practitioners, and theoreticians, both organisationally and as individuals, to collaboratively engage with Internet and society and improve our understanding of this new field. To discuss the research collaborations, write to Sunil Abraham, Executive Director, at sunil@cis-india.org or Nishant Shah, Director – Research, at nishant@cis-india.org. To discuss collaborations on Indic language Wikipedia, write to T. Vishnu Vardhan, Programme Director, A2K, at vishnu@cis-india.org.

CIS is grateful to its donors, Wikimedia Foundation, Ford Foundation, Privacy International, UK, Hans Foundation, MacArthur Foundation, IDRC and the Kusuma Trust founded by Anurag Dikshit and Soma Pujari, philanthropists of Indian origin, for its core funding and support for most of its projects.

For more details visit https://cis-india.org/about/newsletters/march-2014-bulletin

Intermediary Liability Resources

elonnai — 2014-07-03T06:45:48Z

We bring you a list of intermediary resources as part of research on internet governance. This blog post will be updated on an ongoing basis.

Shielding the Messengers: Protecting Platforms for Expression and Innovation. The Centre for Democracy and Technology. December 2012, available at: https://www.cdt.org/files/pdfs/CDT-Intermediary-Liability-2012.pdf: This paper analyses the impact that intermediary liability regimes have on freedom of expression, privacy, and innovation. In doing so, the paper highlights different models of intermediary liability regimes, reviews different technological means of restricting access to content, and provides recommendations for intermediary liability regimes and provides alternative ways of addressing illegal content online.
Internet Intermediaries: Dilemma of Liability: Article 19. 2013, available at: http://www.article19.org/data/files/Intermediaries_ENGLISH.pdf:This Policy Document reviews different components of intermediary liability and highlights the challenges and risks that current models of liability have to online freedom of expression. Relying on international standards for freedom of expression and comparative law, the document includes recommendations and alternative models that provide stronger protection for freedom of expression. The key recommendation in the document include: web hosting providers or hosts should be immune from liability to third party content if they have not modified the content, privatised enforcement should not be a model and removal orders should come only from courts or adjudicatory bodies, the model of notice to notice should replace notice and takedown regimes, in cases of alleged serious criminality clear conditions should be in place and defined.
Comparative Analysis of the National Approaches to the Liability of Internet Intermediaries: Prepared by Daniel Seng for WIPO, available at http://www.wipo.int/export/sites/www/copyright/en/doc/liability_of_internet_intermediaries.pdf:This Report reviews the intermediary liability regimes and associated laws in place across fifteen different contexts with a focus on civil copyright liability for internet intermediaries. The Report seeks to find similarities and differences across the regimes studied and highlight principles and components in different that can be used in international treaties and instruments, upcoming policies, and court decisions.
Freedom of Expression, Indirect Censorship, & Liability for Internet Intermediaries. The Electronic Frontier Foundation. February 2011, available at: http://infojustice.org/download/tpp/tpp-civil-society/EFF%20presentation%20ISPs%20and%20Freedom%20of%20Expression.pdf:This presentation was created for the Trans-Pacific Partnership Stakeholder Forum in Chile and highlights that for freedom of expression to be protected, clear legal protections for internet intermediaries are needed and advocates for a regime that provides blanket immunity to intermediaries or is based on judicial takedown notices.
Study on the Liability of Internet Intermediaries. Contracted by the European Commission. 2007, available at: http://ec.europa.eu/internal_market/e-commerce/docs/study/liability/final_report_en.pdf. This Report provides insight on the application of the intermediary liability sections of the EU e-commerce directive and studies the impact of the regulations under the Directive on the functioning of intermediary information society services. To achieve this objective, the study identifies relavant case law across member states, calls out and evaluates developing trends across Member States, and draws conclusions.
Internet Intermediary Liability: Identifying Best Practices for Africa. Nicolo Zingales for the Association for Progressive Communications, available at: https://www.apc.org/en/system/files/APCInternetIntermediaryLiability_BestPracticesAfrica_20131125.pdf: This background paper seeks to identify challenges and opportunities in addressing intermediary liability for countries in the African Union and recommend safeguards that can be included in emerging intermediary liability regimes in the context of human rights. The paper also reviews different models of intermediary liability and discusses the limitations, scope, and modes of operation of each model.
The Liability of Internet Intermediaries in Nigeria, Kenya, South Africa, and Uganda: An uncertain terrain. Association for Progressive Communications. October 2012, available at: http://www.academia.edu/2484536/The_liability_of_internet_intermediaries_in_Nigeria_Kenya_South_Africa_and_Uganda_An_uncertain_terrain:This Report reviews intermediary liability in Nigeria, Kenya, South Africa and Uganda – providing background to the political context, relevant legislation, and present challenges . In doing so, the Report provides insight into how intermediary liability has changed in recent years in these contexts and explores past and present debates on intermediary liability. The Report concludes with recommendations for stakeholders affected by intermediary liability.
The Fragmentation of intermediary liability in the UK. Daithi Mac Sithigh. 2013, available at: http://jiplp.oxfordjournals.org/content/8/7/521.full.pdf?keytype=ref&ijkey=zuL8aFSzKJqkozT. This article looks at the application of the Electronic Commerce Directive across Europe and argues that it is being intermixed and subsequently replaced with provisions from national legislation and provisions of law from area specific legislation. Thus, the article argues that systems for intermediary liability are diving into multiple systems – for example for content related to copyright intermediaries are being placed with new responsibilities while for content related to defamation, there is a reducing in the liability that intermediaries are held to.
Regimes of Legal Liability for Online Intermediaries: an Overview. OECD, available at: http://www.oecd.org/sti/ieconomy/45509050.pdf. This article provides an overview of different intermediary liability regimes including EU and US.
Closing the Gap: Indian Online Intermediaries and a Liability System Not Yet Fit for Purpose. GNI. 2014, available at: http://www.globalnetworkinitiative.org/sites/default/files/Closing%20the%20Gap%20-%20Copenhagen%20Economics_March%202014_0.pdf. This Report argues that the provisions of the Information Technology Act 2000 are not adequate to deal with ICT innovations , and argues that the current liability regime in India is hurting the Indian internet economy.
Intermediary Liability in India. Centre for Internet and Society. 2011, available at: http://cis-india.org/internet-governance/intermediary-liability-in-india.pdf. This report reviews and ‘tests’ the effect of the Indian intermediary liability on freedom of expression. The report concludes that the present regime in India has a chilling effect on free expression and offers recommendations on how the Indian regime can be amended to protect this right.
The Liability of Internet Service providers and the exercise of the freedom of expression in Latin America have been explored in detail through the course of this research paper by Claudio Ruiz Gallardo and J. Carlos Lara Galvez. The paper explores the efficacy and the implementation of proposals to put digital communication channels under the oversight of certain State sponsored institutions in varying degrees. The potential consequence of legal intervention in media and digital platforms, on the development of individual rights and freedoms has been addressed through the course of this study. The paper tries to arrive at relevant conclusions with respect to the enforcement of penalties that seek to redress the liability of communication intermediaries and the mechanism that may be used to oversee the balance between the interests at stake as well as take comparative experiences into account. The paper also analyses the liability of technical facilitators of communications while at the same time attempting to define a threshold beyond which the interference into the working of these intermediaries may constitute an offence of the infringement of the privacy of users. Ultimately, it aims to derive a balance between the necessity for intervention, the right of the users who communicate via the internet and interests of the economic actors who may be responsible for the service: http://www.palermo.edu/cele/pdf/english/Internet-Free-of-Censorship/02-Liability_Internet_Service_Providers_exercise_freedom_expression_Latin_America_Ruiz_Gallardo_Lara_Galvez.pdf

Click to read the newsletter from the Association of Progressive Communications. The summaries for the reports can be found below:

Internet Intermediaries: The Dilemma of Liability in Africa. APC News, May 2014, available at: http://www.apc.org/en/node/19279/. This report summarizes the challenges facing internet content regulators in Africa, and the effects of these regulations on the state of the internet in Africa. Many African countries do not protect intermediaries from potential liability, so some intermediaries are too afraid to transmit or host content on the internet in those countries. The report calls for a universal rights protection for internet intermediaries.

APC’s Frequently Asked Questions on Internet Intermediary Liability: APC, May 2014, available at: http://www.apc.org/en/node/19291/. This report addresses common questions pertaining to internet intermediaries, which are entities which provide services that enable people to use the internet, from network providers to search engines to comments sections on blogs. Specifically, the report outlines different models of intermediary liability, defining two main models. The “Generalist” model intermediary liability is judged according to the general rules of civil and criminal law, while the “Safe Harbour” model protects intermediaries with a legal safe zone.

New Developments in South Africa: APC News, May 2014, available at: http://www.apc.org/en/news/intermediary-liability-new-developments-south-afri. This interview with researchers Alex Comninos and Andrew Rens goes into detail about the challenges of intermediary in South Africa. The researchers discuss the balance that needs to be struck between insulating intermediaries from a fear of liability and protecting women’s rights in an environment that is having trouble dealing with violence against women. They also discuss South Africa’s three strikes policy for those who pirate material.

Preventing Hate Speech Online In Kenya: APCNews, May 2014, available at: http://www.apc.org/en/news/intermediary-liability-preventing-hate-speech-onli. This interview with Grace Githaiga investigates the uncertain fate of internet intermediaries under Kenya’s new regime. The new government has mandated everyone to register their SIM cards, and indicated that it was monitoring text messages and flagging those that were deemed risky. This has led to a reduction in the amount of hate speech via text messages. Many intermediaries, such as newspaper comments sections, have established rules on how readers should post on their platforms. Githaiga goes on to discuss the issue of surveillance and the lack of a data protection law in Kenya, which she sees as the most pressing internet issue in Kenya.

New Laws in Uganda Make Internet Providers More Vulnerable to Liability and State Intervention: APCNews, May 2014, available at: http://www.apc.org/en/news/new-laws-uganda-make-internet-providers-more-vulne. In an interview, Lilian Nalwoga discusses Uganda’s recent anti-pornography law that can send intermediaries to prison. The Anti-Pornography Act of 2014 criminalizes any sort of association with any form of pornography, and targets ISPs, content providers, and developers, making them liable for content that goes through their systems. This makes being an intermediary extremely risky in Uganda. The other issue with the law is a vague definition of pornography. Nalwoga also explains the Anti-Homosexuality Act of 2014 bans any promotion or recognition of homosexual relations, and the monitoring technology the government is using to enforce these laws.

New Laws Affecting Intermediary Liability in Nigeria: APCNews, May 2014, available at: http://www.apc.org/en/news/new-laws-affecting-intermediary-liability-nigeria. Gbenga Sesan, executive director of Paradigm Initiative Nigeria, expounds on the latest trends in Nigerian intermediary liability. The Nigerian Communications Commission has a new law that mandates ISPs store users data for at least here years, and wants to make content hosts responsible for what users do on their networks. Additionally, in Nigeria, internet users register with their real name and prove that you are the person who is registration. Sesan goes on to discuss the lack of safe harbor provisions for intermediaries and the remaining freedom of anonymity on social networks in Nigeria.

Internet Policies That Affect Africans: APC News, May 2014, available at: http://www.apc.org/en/news/intermediary-liability-internet-policies-affect-af. The Associsation for Progressive Communcations interviews researcher Nicolo Zingales about the trend among African governments establishing further regulations to control the flow of information on the internet and hold intermediaries liable for content they circulate. Zingales criticizes intermediary liability for “creating a system of adverse incentives for free speech.” He goes on to offer examples of intermediaries and explain the concept of “safe harbor” legislative frameworks. Asked to identify best and worst practices in Africa, he highlights South Africa’s safe harbor as a good practice, and mentions the registration of users via ID cards as a worst practice.

Towards Internet Intermediary Responsibility: Carly Nyst, November 2013, available at: http://www.genderit.org/feminist-talk/towards-internet-intermediary-responsibility. Nyst argues for a middle ground between competing goals in internet regulation in Africa. Achieving one goal, of protecting free speech through internet intermediaries seems at odds with the goal of protecting women’s rights and limiting hate speech, because one demands intermediaries be protected in a legal safe harbor and the other requires intermediaries be vigilant and police their content. Nyst’s solution is not intermediary liability but responsibility, a role defined by empowerment, and establishing an intermediary responsibility to promote positive gender attitudes.

For more details visit https://cis-india.org/internet-governance/blog/intermediary-liability-resources

Cyber Dialogue Conference 2014

praskrishna — 2014-04-08T05:09:54Z

The Cyber Dialogue conference, presented by the Canada Centre for Global Security Studies at the Munk School of Global Affairs, University of Toronto, will convene an influential mix of global leaders from government, civil society, academia and private enterprise to participate in a series of facilitated public plenary conversations and working groups around cyberspace security and governance.

Malavika Jayaram is participating in this event being held on March 30 and 31, 2014. Full event details here.

After Snowden, Whither Internet Freedom?

A recent stream of documents leaked by former NSA contractor Edward Snowden has shed light on an otherwise highly secretive world of cyber surveillance. Among the revelations — which include details on mass domestic intercepts and covert efforts to shape and weaken global encryption standards — perhaps the most important for the future of global cyberspace are those concerning the way the U.S. government compelled the secret cooperation of American telecommunications, Internet, and social media companies with signals intelligence programs.

For American citizens, the NSA story has touched off soul-searching discussions about the legality of mass surveillance programs, whether they violate the Fourth and Fifth Amendments of the U.S. Constitution, and whether proper oversight and accountability exist to protect American citizens' rights. But for the rest of the world, they lay bare an enormous “homefield advantage” enjoyed by the United States — a function of the fact that AT&T, Verizon, Google, Facebook, Twitter, Yahoo!, and many other brand name giants are headquartered in the United States.

Prior to the Snowden revelations, global governance of cyberspace was already at a breaking point. The vast majority of Internet users — now and into the future — are coming from the world’s global South, from regions like Africa, Asia, Latin America, and the Middle East. Of the six billion mobile phones on the planet, four billion of them are already located in the developing world. Notably, many of the fastest rates of connectivity to cyberspace are among the world’s most fragile states and/or autocratic regimes, or in countries where religion plays a major role in public life. Meanwhile, countries like Russia, China, Saudi Arabia, Indonesia, India, and others have been pushing for greater sovereign controls in cyberspace. While a US-led alliance of countries, known as the Freedom Online Coalition, was able to resist these pressures at the Dubai ITU summit and other forums like it, the Snowden revelations will certainly call into question the sincerity of this coalition. Already some world leaders, such as Brazil’s President Rousseff, have argued for a reordering of governance of global cyberspace away from U.S. controls.

For the fourth annual Cyber Dialogue, we are inviting a selected group of participants to address the question, “After Snowden, Whither Internet Freedom?” What are the likely reactions to the Snowden revelations going to be among countries of the global South? How will the Freedom Online Coalition respond? What is the future of the “multi-stakeholder” model of Internet governance? Does the “Internet Freedom” agenda still carry any legitimacy? What do we know about “other NSA’s” out there? What are the likely implications for rights, security, and openness in cyberspace of post-Snowden nationalization efforts, like those of Brazil’s?

As in previous Cyber Dialogues, participants will be drawn from a cross-section of government (including law enforcement, defence, and intelligence), the private sector, and civil society. In order to canvass worldwide reaction to the Snowden revelations, this year’s Cyber Dialogue will include an emphasis on thought leaders from the global South, including Africa, Asia, Latin America, and the Middle East.

For more details visit https://cis-india.org/news/cyber-dialogue-conference-2014

C-DoT's surveillance system making enemies on internet

praskrishna — 2014-04-04T09:45:37Z

Reporters Without Boundaries says it gives unbridled power to law- enforcement agencies to snoop on citizens.

The article by Krishna Bahirwani was published in DNA on March 21, 2014. Sunil Abraham is quoted.

The Central Monitoring System (CMS) developed by the Centre for Development of Telematics (C-DoT) has come under fire from a France based non-profit organisation, which claims the system has the capacity to directly snoop on all forms of communications over phone and internet, without involving telecom operators.

The NGO's Reporters Without Boundaries report 2014, 'Enemies Of The Internet' has equated C-DoT with Government Communications Headquarters (GCHQ) in the UK, and the US's National Security Agency (NSA), which recently came under criticism for spying on citizens.

CMS, India's mass electronic surveillance system, was rolled out in 2013.

Before the CMS, tapping was done by the telecom operators, but not before taking prior permission. The CMS gives direct access to C-DoT employees and law-enforcement agencies.

CMS has created an automated front containing central and regional databases, which central and state government agencies can use to intercept and monitor any landline, mobile or internet connection in India.

Minister of state for information technology Milind Deora said, "The new data collection system will actually improve citizens' privacy because telecommunications companies would no longer be directly involved in the surveillance."

Asked what would prevent C-DoT employees, who would have access to data, from misusing it, Deora said, "There is a switching mechanism (that) diverts the call to law-enforcement agencies and eliminates layers. The existing surveillance and interception system is actually insecure as the operator, people from the home ministry and other government officials have access to the data. The CMS will erase such people from play."

"I want the people to know the design aspects and how the system is being used for lawful interceptions, so that they can shed their inhibitions We do not want to put power in the hands of the bureaucrats" he said.

Harold Dcosta, a cyber security expert who trains Maharashtra and Goa police, said, "It's possible that employees of CDoT/law enforcement agencies could use the information gathered by CMS for personal or political use although 43 and 43 A of the IT Act would protect people when something like that happens and will give the person compensation.

He said, "There should be more transparency with regard to CMS".

Sunil Abraham, executive director of Bangalore-based non-profit Centre for Internet and Society said the mistaken assumption in their thinking is technology will serve as a check and balance.

"Technology can always be compromised," he said. There is no way to find out about what is actually going on. If the CMS is abused it is very difficult to prove."

Deora said a privacy law is being drafted to address these issues. Last month, a parliamentary standing committee rejected the government claim that IT Act protects citizens' privacy. The committee, chaired by former Congress MP Rao Inderjit Singh, said, "The committee is extremely unhappy to note that the government is yet to institute a legal framework on privacy."

For more details visit https://cis-india.org/news/dna-march-21-2014-krishna-bahirwani-c-dots-surveillance-system-making-enemies-on-internet

European Union Draft Report Admonishes Mass Surveillance, Calls for Stricter Data Protection and Privacy Laws

divij — 2014-09-30T08:52:45Z

Ever since the release of the “Snowden files”, the secret documents evidencing the massive scale of surveillance undertaken by America’s National Security Agency and publically released by whistle-blower Edward Snowden, surveillance in the digital age has come to the fore of the global debate on internet governance and privacy.

The Committee on Civil Liberties, Justice and Home Affairs of the European Parliament in its draft report on global surveillance has issued a scathing indictment of the activities of the NSA and its counterparts in other member nations and is a welcome stance taken by an international body that is crucial to the fight against surveillance.

The "European Parliament Draft Report on the US NSA surveillance programme, surveillance bodies in various Member States and their impact on EU citizens’ fundamental rights and on transatlantic cooperation in Justice and Home Affairs" released on the 8^th of January, 2014, comprehensively details and critiques the mass surveillance being undertaken by government agencies in the USA as well as within the EU, from a human rights and privacy perspective. The report examines the extent to which surveillance systems are employed by the USA and EU member-states, and declares these systems in their current avatars to be unlawful and in breach of international obligations and fundamental constitutional rights including "the freedom of expression, of the press, of thought, of conscience, of religion and of association, private life, data protection, as well as the right to an effective remedy, the presumption of innocence and the right to a fair trial and non-discrimination".

Furthermore, the report points to the erosion of trust between the EU and the US as well as amongst member states as an outcome of such secret surveillance, and criticises and calls for a suspension of the data-sharing and transfer agreements like the Terrorist Finance Tracking Program (TFTP), which share personal information about EU citizens with the United States, after examining the inadequacy of the US Safe Harbour Privacy principles in ensuring the security of such information.

After considering the secret and unregulated nature of these programmes, the report points to the need of restricting surveillance systems and criticizes the lack of adequate data protection laws and privacy laws which adhere to basic principles such as necessity, proportionality and legality.. It also questions the underlying motives of these programmes as mere security-tools and points to the possible existence of political and economic motives behind their deployment. Recognizing the pitfalls of surveillance and the terrible potential for misuse, the report "condemns in the strongest possible terms the vast, systemic, blanket collection of the personal data of innocent people, often comprising intimate personal information; emphasises that the systems of mass, indiscriminate surveillance by intelligence services constitute a serious interference with the fundamental rights of citizens; stresses that privacy is not a luxury right, but that it is the foundation stone of a free and democratic society; points out, furthermore, that mass surveillance has potentially severe effects on the freedom of the press, thought and speech, as well as a significant potential for abuse of the information gathered against political adversaries."

Amongst the recommendations in the 51-page report are calls for a prohibition of mass surveillance and bulk data collection, and an overhaul of the existing systems of data-protection across the European Union and in the US to recognize and strengthen the right to privacy of their citizens, as well as the implementation of democratic oversight mechanisms to check security and intelligence agencies. It also calls for a review of data-transfer programmes and ensuring that standards of privacy and other fundamental rights under the European constitution are met. The committee sets out a 7-point plan of action, termed the European Digital Habeus Corpus for Protecting Privacy, including adopting the Data Protection Package, suspending data transfers to the US until a more comprehensive data protection regime is through an Umbrella Agreement, enhancing fundamental freedoms of expression and speech, particularly for whistleblowers, developing a European Strategy for IT independence and developing the EU as a reference player for democratic and neutral governance of the internet.

Though this draft report has no binding legal value as yet, the scathing criticism has assisted in calling to the attention of the global community the complex issues of internet governance and privacy and surveillance, and generated debate and discourse around the need for an overhaul of the current system. The recent decision of the US government to ‘democratize’ the internet by handing control of the DNS root zone to an international body, and thereby relinquishing a large part of its means of controlling the internet, is just one example of the systemic change that this debate is generating.

For more details visit https://cis-india.org/internet-governance/blog/european-union-draft-report-admonishes-mass-surveillance

CIS Cybersecurity Film Screening

purba — 2014-03-20T09:34:38Z

The Centre for Internet and Society invites you to a screening of Episode 1&2 of DesiSec: the first documentary film on cybersecurity in India. Hope you can join us on 26th March, at CIS, Domlur!

Early 2013, the Centre for Internet and Society began shooting its first documentary film project. After months of researching and interviewing activists and experts, CIS released the first episode on 11th December.

CIS is hosting a special screening of DesiSec: Episode 1&2 on 26th March, 2013, 5.30 pm and invites you to this event. The first episode is centered around the issue of privacy and surveillance in cyber space and how it affects Indian society. The second episode is focused on anonymity and free speech online.

We look forward to seeing you there!

RSVP: purba@cis-india.org

Venue: http://osm.org/go/yy4fIjrQL?m=

This work was carried out as part of the Cyber Stewards Network with aid of a grant from the International Development Research Centre, Ottawa, Canada.

For more details visit https://cis-india.org/events/cis-cybersecurity-film-screening

Privacy worries cloud Facebook's WhatsApp Deal

sunil — 2014-03-20T05:59:28Z

Privacy activists in the United States have asked the competition regulator or the Federal Trade Commission to put on hold Facebook's acquisition of WhatsApp. Why have they done this when Facebook has promised to leave WhatsApp untouched as a standalone app?

Read the original published in the Economic Times on March 14, 2014

Activists have five main concerns.

Facebook has a track record of not keeping its promises to users.
The ethos of both companies when it comes to privacy is diametrically opposite.
The probability that WhatsApp messages and content will be intercepted because of Facebook's participation in NSA's PRISM spying programme.
Facebook slurping WhatsApp's large repository of phone numbers.
Two hundred trackers already monitor your internet use when you are not using Facebook and now they tracking mobile use much more granularly. This week the Indian competition regulator (CCI) also told the media that the acquisition would be subject to scrutiny. However, unlike the US regulator the Indian regulator does not have the mandate to examine the acquisition from a privacy perspective.

LIRNEAsia research in Indonesia paints a very similar picture to one we have in India. When Indonesian mobile phone users were asked if they used Facebook they answered in affirmative. Then the very same users were asked if they used the internet and they replied in negative. A large number of Facebook users in these other similar economies are trapped within what are called "walled gardens."

Walled gardens allow mobile phone subscribers without data connections to get access to a single over-the-top service provider like Facebook because their telcom provider has an arrangement. Software such as Facebook on every phone makes it possible for feature phone users to also enter the walled garden.

According to Facebook it "is a fast and easyto-use native app that works on more than 3,000 different types of feature phones from almost every handset manufacturer that exists today."

Unlike North American and European users of Facebook - who freely roam the "world wild web" and then choose to visit Facebook when they want to many Indian users will first experience data services in a domesticated fashion within a walled garden.

Whether or not they will wander in the wild when they are have full access to the internet remains to be seen. But given our poor rates of penetration, dogmatic insistence on network neutrality at this early stage of internet adoption may not be the right way to maximise welfare and consumer interest.

Fortunately for Facebook and unfortunately for us, India still does not have a comprehensive data protection or horizontal privacy law. The Justice AP Shah Committee that was constituted by the Planning Commission in October 2012 recommended that the Privacy Act articulate national privacy principles and establish the office of the Privacy Commissioner. It further recommended that data protection and surveillance be regulated for both the private sector and the state.

Since then the Department of Personnel and Training has updated the draft bill to implement these recommendations and has been working towards consensus within government.

Since we still don't have our own privacy regulator we will have to depend on foreign data protection authorities and privacy commissioners to protect us from the voracious appetite for personal data of over-the-top service providers like Facebook This is woefully insufficient because they will not act on harm caused to Indian consumers or be aware of how Facebook acts differently in the Indian market.

As we approach the first general election in India when social media will play a small but influential role it would have been excellent if we had someone to look out for our right to privacy.

For more details visit https://cis-india.org/internet-governance/blog/economic-times-march-14-2014-sunil-abraham-privacy-worries-cloud-facebook-whatsapp-deal

NTIA to give up control of the Internet's root

pranesh — 2014-03-18T18:21:40Z

On Friday evening the U.S. government's National Telecommunications and Information Administration (NTIA) announced that it was setting into motion a transition to give up a few powers that it holds over some core Internet functions, and that this would happen by September 2015. Pranesh Prakash provides a brief response to that announcement.

As it noted in the NTIA's press release:

NTIA’s responsibility includes the procedural role of administering changes to the authoritative root zone file – the database containing the lists of names and addresses of all top-level domains – as well as serving as the historic steward of the [Domain Name System (DNS)]. NTIA currently contracts with [the Internet Corporation for Assigned Names and Numbers, ICANN] to carry out the Internet Assigned Numbers Authority (IANA) functions and has a Cooperative Agreement with Verisign under which it performs related root zone management functions. Transitioning NTIA out of its role marks the final phase of the privatization of the DNS as outlined by the U.S. Government in 1997.

This move was welcomed by "Internet technical leaders".

While this announcement cannot be said to be unexpected, it is nonetheless an important one and is also a welcome one. The NTIA seems to have foreclosed any option of the US government's role being performed by any government-led organization by noting in their press release, "NTIA will not accept a proposal that replaces the NTIA role with a government-led or an inter-governmental organization solution," once again reaffirming their belief in American exceptionalism: the NTIA could fulfil its role despite being a government, but now even a body involving multiple stakeholders can't replace the NTIA's role if it is going to be government-led.

Unfortunately, this announcement to relax American "stewardship" or "oversight" over some aspects of the Internet's technical functioning cannot restore the trust that has been lost due to actions taken by the US government and US companies. This new announcement won't change the US government's ability to 'tap' the Internet, nor will it affect their ability to unilaterally seize .com/.net/.name/.org/.edu/.tv/.cc/.us and other US-based domain names. Nor will a shift away from NTIA oversight lead to any of the chilling visions that some believe might lie in our future: the fears of the Association of National Advertisers and of some politicians and members of the US Congress is based on ignorance of what NTIA's role is.

The European Commission in a communiqué last month noted: "recent revelations of large-scale surveillance have called into question the stewardship of the U.S. when it comes to Internet governance". Unfortunately, the U.S. giving up that stewardship role will not prevent the continuation of their large-scale surveillance, just as the lack of such a stewardship role has not prevented other governments — U.K., India, Canada, Sweden, France, etc. — from engaging in large-scale surveillance.

There are three main benefits from the U.S. giving up this role.

First, it will put an end to the political illegitimacy of the U.S. government having a core authority in a global system, somehow making it first among equals;
Second, will focus light on ICANN, which under US oversight performs the IANA functions, and might, one hopes, lead to needed reform in ICANN's other functions;
Third, it will allow us to collectively move on from this dreaded political issue at the heart of Internet governance, which nevertheless is of little practical consequence if ICANN's accountability mechanisms are strengthened. As difficult as it may be, ICANN has to be accountable not just to one government or another but to the world, and ensuring that accountability to all doesn't become accountability to none, as NetChoice's Steve DelBianco put it, is the formidable task ahead of us.

Yet, all the ICANN reform in the world will still not lead to a less spied-upon, more open, and more equitable Internet.

For more details visit https://cis-india.org/internet-governance/blog/ntia-to-give-up-control-of-internets-root

New Standard Operating Procedures for Lawful Interception and Monitoring

divij — 2014-03-20T05:13:13Z

Government issues new guidelines to TSP’s to assist Lawful Interception and Monitoring.

Even as the Central Government prepares the Central Monitoring System for the unrestricted monitoring of all personal communication, the Department of Telecom has issued new guidelines for Telecom Service Providers to assist in responding to requests for interception and monitoring of communications from security agencies.

These guidelines do not appear to be publicly accessible, but according to news items, under the “Standard Operating Procedures for Lawful Interception and Monitoring of Telecom Service Providers”, the TSP’s must now provide for lawful interception and monitoring requests for voice calls, Short message Service (SMS), General Packet Radio Service (GPRS) and Value Added Service (VAS) including Multi Message Service (MMS), data and voice in 3G/4G/Long Term Evolution (LTE) including video call or Voice Over Internet protocol (VoIP). This move comes just days after the Home Ministry suggested that the Department of Telecom either change the rules under their Telecom Policies such as the Unified Access Service Licence (UASL) to include VoIP monitoring, or, drastically, block all VoIP services on the internet, which would include several communication applications including Skype and GTalk. (See the article published by Economic Times).

The guidelines will supposedly also provide for some basic safeguards to ensure that non-authorized interception does not take place, such as ensuring that the interception is only to be provided by the Chief Nodal Officer of a TSP and only upon the issue of an order by the Home Secretary at the Central or State Government. Furthermore, these requests must only be in written, in untampered and sealed envelopes with no overwriting, etc. and bearing the order number issued by the concerned Secretary, with the date of the order. However, in exigent circumstances the order may be provided by email, provided that the physical copy is sent within two days of the order, else the interception order must be terminated. Inquiry processes are detailed under the new SOP’s which can verify whether the request was in original and addressed to the Nodal Officer and from which designated security agency it was issued, and can also verify the issue of an acknowledgment of compliance of the order by the TSP within two days of its receipt. The new guidelines also clarify the issue of interception of roaming subscribers by the State Government where the subscriber is registered. According to the guidelines, an order by the government of the state where such a caller has registered is sufficient and does not need vetting by the Home Secretary at the centre.

Notwithstanding the additional “safeguards” against unlawful or unauthorized interception, the message to take away from these guidelines is the Government’s continued efforts to expand its surveillance regime to comprehensively monitor every action and every communication at its whim. These requests for monitoring, undertaken by “security agencies” which include taxation agencies and the SEBI, are flawed not merely because of the possibility of “unauthorized” interception, rather because the legal basis of the interception is vague, broad and widely susceptible to misuse, as the recent “snoopgate” allegations against the Gujarat government have shown. (See the article published by the Hindu).

The current regime, based on a wide interpretation of Section 5(2) of the Indian Telegraph Act and the telecom policies of the Department of Telecom, do not have adequate safeguards for preventing misuse by those in power – such as the requirement of reasonable suspicion or a warrant. Without a sound legal basis for interception, which protects the privacy rights of individuals, any additional safeguards are more or less moot, since the real threat of intrusive surveillance and infringing of basic privacy exists regardless of whether it is done under the seal of the Home Secretary or not.

Resources

For more details visit https://cis-india.org/internet-governance/blog/new-standard-operating-procedures-for-lawful-interception-and-monitoring

How to Engage in Broadband Policy and Regulatory Processes

praskrishna — 2014-04-03T06:07:04Z

LIRNEasia with the support of the Ford Foundation offered a four-day course in Gurgaon from March 7 to 10, 2014. Sunil Abraham taught on Surveillance and Privacy.

Click to see Sunil Abraham's presentation on Surveillance and Privacy. Also read it on LIRNE asia website here.

Goal

To enable members of Indian civil-society groups (including academics and those from the media) to marshal available research and evidence for effective participation in broadband policy and regulatory processes including interactions with media, thereby facilitating and enriching policy discourse on means of increasing broadband access by the poor.

Outcomes

The objective of the course is to produce discerning and knowledgeable consumers of research who are able to engage in broadband policy and regulatory processes. The course will benefit those working in government and at operators as well.

At the end of the course attendees will:

Be able to find and assess relevant research & evidence

Be able to summarize the research in a coherent and comprehensive manner
Have an understanding of broadband policy and regulatory processes in India
Have the necessary tools to improve their communication skills
Have some understanding of how media function and how to effectively interact with media

Participants will be formed into teams on day1. Both group assignments are connected.

The first assignment requires each group to research on a National Broadband Network (NBN) assigned to them (one of US, Singapore, Hong Kong, Brazil, South Africa, Korea or Colombia) and writing it up based on a template that will be provided. Each team will have to present their findings about the NBN at the end of day 2.

The second assignment is to be performed by teams. It is an oral presentation, accompanied by a policy brief of two pages max. at a mock public hearing at which the Indian Department of Telecommunications (DoT) is seeking input on the question of subsidizing fiber-to-the-home (FTTH) as the second phase of the current INR 20,000 Crore (USD 4 Billion) National Optical Fiber Network initiative. Each team will be assigned a role and they should present the recommendations from the point of view of the assigned ‘role’. All presentations must be evidence based. It is expected that participants will use what they learnt about other NBNs on day 2 to support their argument. Additional research must be conducted on Days 3 and 4.

	Day1 (March 7)	Day2 (March 8)	Day3 (March 9)	Day4 (March 10)
09.00 10.30	S1 Introduction (Rohan Samarajiva RS)	S5 Interrogating supply-side indicators (RS & RLG)	S8 Indian broadband policy & regulatory environment in relation to comparator countries (Satyen Gupta SG)	S13 Lessons from Mexico (Ernesto Flores EF)
10.30 11.00	Break	Break	Break	Break
11.00 12.00	S2 Research on significance of broadband/Internet (Payal Malik PM)	S6 Assessing & summarizing research (RS & NK)	S9 Research on subsidies in broadband eco system (PM)	S14 Spectrum policy debates (Martin Cave (MC)
12.00 13.00	S3 Finding research (Nilusha Kapugama NK)	S7 The art of media interaction (RS)	S10 Making policy & doing regulation (SG & Rajat Kathuria RK) panel discussion	S15 Framing issues (RS)
13.00 14.00	Lunch	Lunch	Lunch	Lunch
14.00 15.00	A1 Group formation; Assignments explained and introduction of Broadband Website (Roshanthi Lucas Gunaratne RLG)	A2 Rewriting research summaries & preparing presentations	S11 Surveillance and Privacy (RS & Sunil Abraham SA)	A5 Mock public hearing (RS & panel)
15.00 15.30	Break	Break	Break	Break
15.30 17.00	S4 Demand-side research (NK)	A3 Presentation & critique of research summaries (RS & Panel)	S12 International policy debates on Internet and broadband (RS)	A5 Mock public hearing & critique (RS & panel)
17.00 onwards	Group work	Group work	Group work	Certificate dinner

Faculty

Rohan Samarajiva, PhD
Rohan Samarajiva, was the founding CEO (2004 - 2012) and Chair (2004 – onwards) of LIRNEasia.

Previously he was the Team Leader at the Sri Lanka Ministry for Economic Reform, Science and Technology (2002-04) responsible for infrastructure reforms, including participation in the design of the USD 83 million e Sri Lanka Initiative. He was Director General of Telecommunications in Sri Lanka (1998-99), a founder director of the ICT Agency of Sri Lanka (2003-05), Honorary Professor at the University of Moratuwa in Sri Lanka (2003-04), Visiting Professor of Economics of Infrastructures at the Delft University of Technology in the Netherlands (2000-03) and Associate Professor of Communication and Public Policy at the Ohio State University in the US (1987-2000). He was Policy Advisor to the Ministry of Post and Telecom in Bangladesh (2007-09).

He serves as Senior Advisor to Sarvodaya (Sri Lanka’s largest community based organization) on ICT matters. Samarajiva is a Board Member of Communication Policy Research south, an initiative to identify and foster policy intellectuals in emerging Asia. He serves on the editorial boards of seven academic journals.

His full CV can be found at http://lirneasia.net/wp-content/uploads/2007/12/CVApril1long.pdf

Martin Cave, PhD
Martin Cave is a regulatory economist specialising in competition law and in the network industries, including airports, broadcasting, energy, posts, railways, telecommunications and water. He has published extensively in these fields, and has held professorial positions at Warwick Business School, University of Warwick, UK, and the Department of Economics, Brunel University, UK. In 2010/11, Martin held the BP Centennial Chair at the London School of Economics, based in the Department of Law. He is now Visiting Professor at Imperial College Business School.

He is a Deputy Chair of the Competition Commission from January 2012. He has provided expert advice to governments, competition authorities, regulators and firms around the world, focussing particularly upon the communications industries. This work has included reviews of spectrum policies for the Governments of Australia, Canada and the UK; advice on market analysis and access remedies to a large number of regulators in Asia, Australia, Europe and Latin America, including the European Commission. He has provided advice and expert testimony in competition and sector-specific regulatory proceedings to a number of major international firms in Asia, Australasia and Europe. He has also advised UK ministers on matters relating to the water sector, housing, legal services and airports, and advised regulators in the railway and energy sectors. He was a founder member of the Academic Advisory Committee of the Brussels-based think tank, the Centre for Regulation in Europe (www.cerre.eu). In 2009 he was awarded the OBE for public service.

His full CV available on http://www.martincave.org.uk/index.php

Payal Malik
Payal Malik is a Senior Research Fellow of LIRNEasia and an Associate Professor of Economics at the Delhi University. She is currently on deputation to the Competition Commission of India. She is also associated with National Council of Applied Economic Research and Indicus Analytics. She received her Master of Philosophy (M.Phil.), and MA in Economics from the Delhi School of Economics and BA in Economics from Lady Shriram College, University of Delhi. She also has a MBA in Finance from the University of Cincinnati.

She has several years of research experience on the issues of competition and regulation in network industries like power, telecommunication and water. In addition, she has done considerable research on the ICT sector. Recently she has been actively engaged in competition policy research. At LIRNEasia, she has led research on measuring India’s telecom sector and regulatory performance, including a study on Universal Service Instruments. She has written both for professional journals as well as for the economic press. Currently she is a regular columnist for the Financial Express, India and a referee for the Information Technologies and International Development journal published by University of Southern California, Annenberg. Click here to download a detailed version of CV.

Satyen Gupta
Satyen Gupta is the founder and Secretary General, NGN Forum, India. Previously he was the chief of Corporate Affairs, Sterlite Technologies Ltd and headed the Regulatory and Govt. Affairs for BT global Services for SAARC Region and handled Licencing, Regulation, compliance, competition and Industry Advocacy issues. He is also a member, Advisory Board of Creation and Implementation of National Optical Fibre Network for the government of India (2011 onwards). From 2000-2006 he served as the Principle Advisor, Telecom Regulatory Authority of India at the level of additional secretary to the government of India and headed the fixed network division. He is the author of “Everything Over IP-All you want to know about NGN” (2011).

He has conducted and taught many courses on telecommunication technologies, policy and regulation. He is also a Govt. Affairs and Regulatory advocate. He graduated with Hons, in Engineering in 1979 from NIT, Kurukshetra University, INDIA and went on to complete his post graduate studies in Electronics Design Technology at CEDT, Indian Institute of Science, Bangalore.

Rajat Kathuria, PhD
Rajat Kathuria is Director and Chief Executive at Indian Council for Research on International Economic Relations (ICRIER), New Delhi. He has over 20 years experience in teaching and 10 years experience in economic policy, besides research interests on a range of issues relating to regulation and competition policy. He worked with Telecom Regulatory Authority of India (TRAI) during its first eight years (1998-2006) and gained hands on experience with telecom regulation in an environment changing rapidly towards competition. The role entailed analysis of economic issues relating to telecom tariff policy, tariff rebalancing, interconnection charges and licensing policy. Market research and questionnaire development and analysis formed an integral part of this exercise. It also involved evaluation of macro level initiatives for transforming the telecom industry. He wrote a number of consultation papers which eventually formed the basis of tariff and interconnection orders applicable to the industry. He has an undergraduate degree in Economics from St. Stephens College, a Masters from Delhi School of Economics and a PhD degree from the University of Maryland, College Park.

Ernesto Flores, PhD
Ernesto M. Flores-Roux majored in Mathematics from the National University of Mexico (UNAM), obtained partial credits in a Masters in Economics (ITAM), and received his PhD in Statistics from The University of Chicago (1993). From 1993 to 2004, he worked for McKinsey & Co., Inc. (Mexico, Brazil), one of the most prestigious international consulting firms, first as a Consultant, then as Partner, and finally as the Partner in charge of McKinsey's Rio de Janeiro office. He specialized in several aspects of the telecommunications industry, including regulation, planning, strategy, and marketing. He assisted the governments of Mexico and Brazil in their deregulation and privatization processes. In 2004, he joined Telefonica, first as Director of Marketing and Strategy in Mexico and then transferring to Telefónica's operations in Peru, China (Beijing), and Brazil. In 2008 he joined the Ministry of Communications and Transport (SCT) in Mexico as Chief of Staff of the Deputy Minister of Communications. In 2009 he joined CIDE (Centro de Investigación y Docencia Económicas, Mexico City) as an associate professor of CIDE's telecommunications program (Telecom CIDE). He has published several papers in telecommunications policy and has written reports for the IDB, GSMA, UN/CEPAL , Ahciet, CAF, OECD, as well as other publications in industry and academic journals. In 2011 he became a member of the Advisory Council of the Mexican telecommunications regulator (Cofetel – Comisión Federal de Telecomunicaciones).

Sunil Abraham
Sunil Abraham is the Executive Director of Bangalore based research organization, the Centre for Internet and Society. He founded Mahiti in 1998, a company committed to creating high impact technology and communications solutions. Today, Mahiti employs more than 50 engineers. Sunil continues to serve on the board. Sunil was elected an Ashoka fellow in 1999 to 'explore the democratic potential of the Internet' and was also granted a Sarai FLOSS fellowship in 2003. Between June 2004 and June 2007, Sunil also managed the International Open Source Network, a project of United Nations Development Programme's Asia-Pacific Development Information Programme serving 42 countries in the Asia-Pacific region.

Nilusha Kapugama
Nilusha Kapugama is a Research Manager at LIRNEasia and manages the electricity component of the 2012-2014 IDRC Project on ‘Achieving e-inclusion by improving government service delivery & exploring the potential of “big data” for answering development questions’.

She is also working on a systematic review looking at the economic impacts of mobile phones. Previously she managed the Knowledge Based Economy project at LIRNEasia, which looked at the information and knowledge gaps in agriculture supply chains. She also worked on CPR south, LIRNEasia’s capacity-building initiative to develop Asia-Pacific expertise and knowledge networks in ICT policy regulation. She has also done research on broadband quality indicators and national regulatory authority (NRA) website indicators. She has also worked on LIRNEasia’s Virtual Organization Project. She has experience organizing international conferences and training courses.

She holds a master’s degree in development economics and policy from the University of Manchester, UK.

Roshanthi Lucas Gunaratne
Roshanthi is a Research Manager at LIRNEasia and is currently managing the Ford Foundation Funded project on Giving Broadband Access to the Poor in India.

She is also contributing to the IDRC Customer Lifecycle Management Practices Project by conducting research on customer lifecycle management practices in telecommunication sector in Bangladesh.

Before joining LIRNEasia, Roshanthi worked at the Global Fund to fight AIDS, Tuberculosis and Malaria, Geneva, Switzerland as a Strategic Information Officer. She contributed to the process of defining the Global Fund Key Performance Indicators, and also worked on improving the performance measurements of their grants. Prior to that, she worked as a telecom project manager at Dialog Telecom, and Suntel Ltd in Sri Lanka. As Suntel she managed the design and implementation of corporate customer projects.

She holds a MBA from the Judge Business School, University of Cambridge, UK and a BSc. Eng (Hons) specializing in Electronics and Telecommunication from the University of Moratuwa, Sri Lanka.

Resource Materials

Bauer, Johannes M.; Kim, Junghyun; & Wildman, Steven S. (2005). An integrated framework for assessing broadband policy options. MICH. ST. L. REV. 21, pp. 21-50. http://www.msulawreview.org/PDFS/2005/1/Bauer-Kim.pdf

Broadband Commission (2012). The state of broadband 2012: Achieving digital inclusion for all. http://www.broadbandcommission.org/Documents/bb-annualreport2012.pdf

Government of India, Department of Telecommunications (2012). National Telecom Policy 2012. http://www.dot.gov.in/ntp/NTP-06.06.2012-final.pdf

Government of India, Department of Telecommunications (2004). Broadband policy. http://www.dot.gov.in/ntp/broadbandpolicy2004.htm

Junio, Don Rodney (2012). Does a National Broadband Plan Matter? A Comparative Analysis of Broadband Plans in Hong Kong and Singapore http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2146566

InfoDev. Broadband strategies toolkit. http://broadbandtoolkit.org/en/toolkit/contents

Samarajiva, Rohan (2010). Leveraging the budget telecom network business model to bring broadband to the people, Information Technology and International Development, 6, special edition: 93-97. http://itidjournal.org/itid/article/view/630/270

For more details visit https://cis-india.org/news/how-to-engage-in-broadband-policy-and-regulatory-processes

Institute for Internet & Society 2014, Pune

samantha — 2014-04-07T11:31:23Z

Last month, activists, journalists, researchers, and members of civil society came together at the 2014 Institute for Internet & Society in Pune, which was hosted by CIS and funded by the Ford Foundation. The Institute was a week long, in which participants heard from speakers from various backgrounds on issues arising out of the intersection of internet and society, such as intellectual property, freedom of expression, and accessibility, to name a few. Below is an official reporting summarizing sessions that took place.

Day One

February 11, 2014

Time	Detail
9.30 a.m. – 9.40 a.m.	Introduction: Sunil Abraham, Executive Director Centre for Internet and Society
10.00 a.m. – 10.15 a.m.	Introduction of Participants
10.15 a.m. – 12.00 p.m.	Internet Governance and Privacy: Sunil Abraham
12.00 p.m. – 12.30 p.m.	Tea-break
12.30 p.m. – 1.00 p.m.	Keynote: Bishakha Datta, Filmmaker and Activist, and Board Member, Wikimedia Foundation
1.00 p.m. – 2.00 p.m.	Lunch
1.30 p.m. – 3.00 p.m.	Participant Presentations
3.00 p.m. – 3.15 p.m.	Tea Break
3.15 p.m. – 4.45 p.m.	Histories, Bodies and Debates around the Internet: Nishant Shah, Director-Research, CIS

This year’s Internet Institute, hosted by the Centre for Internet & Society (CIS), kicked off in Pune to put a start to a week of learnings and discussions surrounding internet usage and its implications on individuals of society. Twenty two attendees from all over India attended this year, from backgrounds of activism, journalism, research and advocacy work.

Attendees were welcomed by Dr. Ravina Aggarwal, Program Officer for Media Rights & Access at the Ford Foundation, the event’s sponsor, who started off the day by introducing the Foundation’s initiatives in pursuit of bridging the digital divide by addressing issues of internet connectivity.

Internet Governance & Privacy, Sunil Abraham
The Institute’s first session was led by Sunil Abraham, Executive Director of CIS, and engaged with issues of internet governance and privacy with reference to four stories: 1) a dispute between tweeters from the US and those in South Africa over the use of hashtag #thingsdarkiesays, which is said not to be as racially derogatory as it is in the US; 2) Facebook’s contested policies on photos featuring users breastfeeding, 3) a lawsuit between Tata and Greenpeace over the organization’s use of Tata’s logo in a video game created for public criticism of their environmentally-degrading practices, and lastly, 4) the case of Savita Bhabhi, an Indian pornographic cartoon character which had been banned by India’s High Court and which had served as a landmark case in expanding the statutory laws for what is considered to be pornographic.

Each of these stories has one major thing in common: due to their nature of taking place over the internet, they are not confined to one geographic location and in turn, are addressed at the international level. The way by which an issue as such is to be addressed cuts across State policies and internet intermediary bodies to create quite a messy case in trying to determine who is at fault. Such complexity illustrates how challenging internet governance can be within today’s society that is no longer restricted to national or geographic boundaries.

Sunil also goes on in explaining the relationship between privacy, transparency, and power, summing it up in a simple formula; privacy protection should have a reverse relationship to power—the more the power, the less the privacy one should be entitled to. On the contrary, a direct correlation goes for power and transparency—the more the power, the more transparent a body should be. Instead of thinking about these concepts as a dichotomy, Sunil suggests to see them as absolute rights in themselves—instrumental in policies and necessary to address power imbalances.

The Web We Want, Bishakha Datta
The Institute’s kickoff was also joined by Indian filmmaker and activist, Bishakha Datta, who had delivered the keynote address. Bishakha bridged together notions of freedom of speech, surveillance, and accessibility, while introducing campaigns that work to create an open and universally accessible web, such as the Web We Want and Sexuality and Disability. Bishakha stresses how the internet as a space has altered how we experience societal constructs, which can be easily exhibited in how individuals experience Facebook in the occurrence of a death, for example. Bishakha initiated discussion among participants by posing questions such as, “what is our expectation of privacy in this brave new world?” and “what is the society we want?” to encompass the need to think of privacy in a new way with the coming of the endless possibilities the internet brings with it.

Histories, Bodies and Debates around the Internet, Nishant Shah
CIS Research Director, Nishant Shah, led a session examining internet as a technology more broadly, and our understandings of it in relation to the human body. Nishant proposes the idea that history is a form of technology, as well as time, itself, for which our understanding only comes into being with the aid of technologies of measurement. Although we are inclined to separate technology from the self, Nishant challenges this notion while suggesting that technology is very integral to being human, and defines a “cyborg” as someone who is very intimate with technology. In this way, we are all cyborgs. While making reference to several literary pieces, including Haraway’s Cyborg: Human, Animus, Technology; Kevin Warwick’s Living Cyborg; and Watt’s small world theory, Nishant challenges participants’ previous notions of how one is to understand technology in relation to oneself, as well as the networks we find ourselves implicated within.

Also brought forth by Nishant, was the fact that the internet as a technology has become integral to our identities, making us accessible (rather than us solely making the technology accessible) through online forms of documentation. This digital phenomenon in which we tend to document what we know and experience as a means of legitimizing it can be summed in the modern version of an old fable: “If a tree falls in a lonely forest, and nobody tweets it, has it fallen?”

Nishant refers to several case studies in which the use of online technologies has created a sense of an extension of the self and one’s personal space; which can then be subject to violation as one can be in the physical form, and to the same emotional and psychological effect—as illustrated within the 1993 occurrence referred to as “A Rape in Cyberspace.”

Attendee Participation
Participants remained engaged and enthusiastic for the duration of the day, bringing forth their personal expertise and experiences. Several participants presented their own research initiatives, which looked at issues women face as journalists and as portrayed by the media; amateur pornography without the consent of the woman; study findings on the understandings of symptoms of internet addiction; as well as studies looking at how students engage with college confession pages on Facebook.

Day Two

February 12, 2014

Time	Detail
9.30 a.m. – 11.00 a.m.	Wireless Technology: Ravikiran Annaswamy, CEO and Co-founder at Teritree Technologies
11.00 a.m. – 11.15 a.m.	Tea-break
11.15 a.m. – 12.45 p.m.	Wired Technology: Ravikiran Annaswamy
12.45 p.m. – 1.30 p.m.	Lunch
1.30 p.m. – 3.00 p.m.	Network, Threats and Securing Yourself: Kingsley John, Independent Consultant
3.00 p.m. – 3.15 p.m.	Tea Break
3.15 p.m. – 4.45 p.m.	Practical Lab: Kingsley John
4.45 p.m. – 5.00 p.m.	Wrap-up: Sunil Abraham

Day Two of the Institute entailed a more technical orientation to “internet & society” across sessions. Participants listened to speakers introduce concepts related to wired and wireless internet connectivity devices and their networks, along with the network of internet users and how one may secure him or herself while “online.”

Wireless & Wired Technology, Ravikiran Annaswamy
Senior industry practitioner, Ravikiran Annaswamy had aimed to enable the Institute’s participants to “understand the depth and omnipresent of telecom networks” that we find ourselves implicated within. Ravikiran went through the basics of these networks—including fixed line-, mobile-, IP-, and Next Generation IP-networks—as well as the technical structuring of wired and wireless broadband. Many participants found this session to be particularly enriching as their projects aimed to provide increased access to internet connectivity to marginalized areas in India, and had been without the know-how to go about it.

Network, Threats and Securing Yourself, Kinglsey John
An instructional session on how to protect oneself was given by Kingsley John, beginning with a lesson on IP Addresses—what they are and the different generations of such, and how IP addresses fit into a broader internet network. Following, Kingsley demonstrated and explained email encryption through the use of software, Kleopatra, and how it may be used to generate keys to encrypt emails through Thunderbird mail client.

Evening Discussion

A handful of participants voluntarily partook in an evening discussion, looking at the role of big players in the global internet network, such as Google and Facebook, how they collect and utilize users’ data, and what sorts of measures can be taken to minimize the collecting of such. Due to the widely varying backgrounds of interest among participants, those coming from this technical orientation towards the internet were able to inform their peers on relevant information and types of software that may be found useful related to minimizing one’s online presence.

Day Three

February 13, 2014

Time	Detail
9.30 a.m. – 11.00 a.m.	Free Software: Prof. G. Nagarjuna, Chairperson, Free Software Foundation
11.00 a.m. – 11.15 a.m.	Tea-break
11.15 a.m. – 12.45 p.m.	Open Data: Nisha Thompson, Independent Consultant
12.45 p.m. – 1.30 p.m.	Lunch
1.30 p.m. – 3.00 p.m.	Freedom of Expression: Bhairav Acharya, Advocate and Adviser, Centre for Internet and Society
3.00 p.m. – 3.15 p.m.	Tea-break
3.15 p.m. – 4.45 p.m.	Copyright: Nehaa Chaudhari, Program Officer, Centre for Internet and Society

The third day of the Internet Institute incorporated themes presented by speakers ranging from free software, to freedom of expression, to copyright.

Free Software, Prof. G. Nagarjuna
Chairman on the Board of Directors for the Free Software Foundation of India, Professor G. Nagarjuna shared with the Institute’s participants his personal expertise on software freedom. Nagarjuna mapped for us the network of concepts related to software freedom, beginning with the origins of the copyleft movement, and also touching upon the art of hacking, the open source movement, and what role software freedom plays in an interconnected world.

Nagarjuna looks at the free software movement as a political movement in the digital space highlighting the user’s freedoms associated to the use, distribution, and modification of software for the greater good for all. This is said to distinguish this movement from that of Open Source—a technical and more practical development-oriented movement. The free software movement is not set out to compromise the fundamental issues for the sake of being practical and in that sense, ubiquitous. Instead, its objective is “not to make everybody use the software, but to have them understand why they are using the software,” so that they may become “authentic citizens that can also resonate why they’re doing what they’re doing. We want them to understand the ethical and political aspects of doing so,” Nagarjuna says.

Open Data, Nisha Thompson
Participants learned from Nisha Thompson on Open Data; what it is, its benefits, and how it is involved in central government initiatives and policy, as well as civil society groups—generally for uses such as serving as evidence for decision making and accountability. Nisha explored challenges concerning the use of open data, such as those pertaining to privacy, legitimacy, copyright, and interoperability. The group looked at the India Water Portal as a case study, which makes accessible more than 300 water-related datasets already available in the public space for use from anything from sanitation and agriculture to climate change.

Freedom of Expression, Bhairav Acharya
Bhairav Acharya, a constitutional lawyer, traced the development of the freedom of speech and expression in India. Beginning with a conceptual understanding of censorship and the practice of censorship by the state, society, and the individual herself, Bhairav examines the limits traditionally placed by a nation-state on the right to free speech.

In India, modern free speech and censorship law was first formulated by the colonial British government, which broadly imported the common law to India. However, the colonial state also yielded to the religious and communitarian sensitivities of its subjects, resulting in a continuing close link between communalism and free speech in India today. After Independence, the post-colonial Indian state carried forward Raj censorship, but tweaked it to serve to a nation-building and developmental agenda. Nation-building and nationalism are centrifugal forces that attempt to construct a homogenous 'mainstream'; voices from the margins of this mainstream (the geographical, ethnic, and religious peripheries) and of the marginalised within the mainstream (the poor and disadvantaged), are censored.

Within this narrative, Bhairav located and explained the evolution of the law relating to press censorship, defamation, obscenity, and contempt of court. Free speech law applies equally online. Broadly, censorship on the internet must survive the same constitutional scrutiny that is applied to offline censorship; but, as technology develops, the law must innovate.

Copyright, Nehaa Chaudhari
CIS Programme Officer, Nehaa Chaudhari examined the concept of Copyright as an intellectual property right in discussing its fundamentals, purpose and origins, and Copyright’s intersection with the internet. Nehaa also explained the different exceptions to Copyright, along with its alternatives, such as opposing intellectual property protection regimes, including the Creative Commons and Copyleft. Within this session, Nehaa also introduced several cases in which Copyright came into play with the use of the internet, including Hunter Moore’s “Is Anyone Up?” website, which had showcased pornographic pictures obtained by submission bringing rise to the phenomenon of “revenge porn.” Instances as such blur the lines of what is commonly referred to as intellectual property, and what specific requirements enables one to own the rights to such.

Day Four

February 14, 2014

Time	Detail
9.30 a.m. – 11.00 a.m.	E-Accessibility and Inclusion: Prashant Naik, Union Bank
11.00 a.m. – 11.15 a.m.	Tea-break
11.15 a.m. – 12.45 p.m.	Patents: Nehaa Chaudhari
12.45 p.m. – 1.30 p.m.	Lunch
1.30 p.m. – 2.00 p.m.	Fieldwork Assignment

Day Four of the Internet Institute introduced concepts of eAccessibilty and Inclusion on the internet for persons with disabilities, along with patents as an intellectual property right. Participants were also assigned a fieldwork exercise as a hands-on activity in which they were to employ what they’ve learned to initiate conversation with individuals in public spaces and collect primary data while doing so.

eAccessibility and Inclusion, Prashant Naik

Prashant Naik started off the day with his session on E-Accessibility and Inclusion. Prashant illustrated the importance of accessibility and what is meant by the term. Participants learned of assistive technologies for different disability types and how to create more accessible word and PDF documents, as well as web pages for users. Prashant demonstrated to participants what it is like to use a computer as a visually impaired individual, which provided for an enriching experience.

Patents, Nehaa Chaudhari
Nehaa Chaudhari led a second session at the Internet Institute on intellectual property rights—this one looking at patents particularly and their role within statutory law. Nehaa traced the historical origins of patents before examining the fundamentals of them, and addresses the questions, “Why have patents? And is the present system working for everyone?” Nehaa also introduced notions of the Commons along with the Anticommons, and perspectives within the debate around software patents, as well as different means by which the law can address the exploitation of patents or “patent thickets”—such as through patent pools or compulsory licensing.

Fieldwork Assignment, Groupwork
Participants were split into groups and required to carry out a mini fieldwork assignment in approaching individuals in varying public spaces in Pune in attempts to collect primary data. Questions asked to individuals were to be devised by the group, so long as they pertained to themes examined within the Internet Institute. Areas visited by groups included the Pune Central Mall, MG Road, and FC Road.

Day Five

February 15, 2014

Time	Detail
9.30 a.m. – 11.00 a.m.	E-Governance: Manu Srivastav, Vice President, eGovernments Foundation
11.00 a.m. – 11.15 a.m.	Tea-break
11.15 a.m. – 12.45 p.m.	Market Concerns: Payal Malik, Economic Adviser, Competition Commission of India
12.45 p.m. – 1.30 p.m.	Lunch
1.30 p.m. – 3.00 p.m.	Digital Natives: Nishant Shah
3.00 p.m. – 3.15 p.m.	Tea-break
3.15 p.m. – 4.45 p.m.	Fieldwork Presentations

Day Five of the Internet Institute brought with it sessions related to themes of e-governance, market concerns of telecommunications, and so called “Digital Natives.”

eGovernance, Manu Srivastava
Vice President of the eGovernments Foundation, Manu Srivastava led a session on eGovernance—the utilization of the internet as a means of delivering government services communicating with citizens, businesses, and members of government. Manu examined the complexities of the eGovernance and barriers to implementation of eGovernance initiatives. Within discussion, participants examined the nuanced relationship between the government and citizens with the incorporation of other governing bodies in an eGovernance system, as well as new spaces for corruption to take place.

Market Concerns, Payal Malik
Payal Malik, Advisor of the Economics Division of the Competition Commission of India shared her knowledge on market concerns of the telecommunications industry, and exclaimed the importance of competition issues in such an industry as a tool to create greater good for a greater number of people. She demonstrated this importance by stating that affordability as a product of increased access can only be possible once there is enough investment, which generally only happens in a competitive market. In this way, we must set the conditions to make competition possible, as a tool to achieve certain objectives. Payal also demonstrated the economic benefits of telecommunications by stating that for every 10% increase in broadband penetration, increase in GDP of 1.3%. She also examined the broadband ecosystem in India and touched upon future possibilities of increased broadband penetration, such as for formers and the education sector.

Digital Natives, Nishant Shah
Nishant Shah shed some light on one of the areas that the Centre for Internet & Society looks at within their research scope, this being the “Digital Native.” As referred to by Nishant, the Digital Native is not to categorize a specific type of internet user, but can be said for simply any person who is performing a digital action, while doing away with this false dichotomy of age, location, and geography.

Nishant examines varying case studies in which “the digital is empowering natives to not merely be benefactors of change, but agents of change,” from the Blank Noise Project’s “I NEVER Ask for it…” campaign in efforts to rethink sexual violence, to Matt Harding’s foolish dancing with groups of individuals from all over the world.

As occurrences in the digital realm, however, these often political expressions may be rewritten by the network when picked up as a growing phenomenon, in order to make it accessible to online consumers by the masses. In doing so, the expression is removed from its political context and is presented in the form of nothing more than a fad. For this reason, Nishant stresses the need to become aware of the potential of the internet in becoming an “echo-chamber”—in which forms of expression are amplified and mimicked, resulting in a restructuring of the dynamics surrounding the subject—whether it be videos of boys lipsyncing to Backstreet Boys in their dorm room going viral, or a strong and malicious movement to punish the Chinese girl who had taken a video of her heinously and wickedly killing a kitten after locating her using the Human Flesh Search Engine.

Fieldwork Presentations, Groupwork

To end off the day, participant groups presented findings collated from the prior evening’s fieldwork exercise, in which they were to ask strangers in various public places of Pune questions pertaining to themes looked at from within this year’s Institute. Participants were divided into four groups and visited Pune’s FC Road, Mahatma Gandhi Road, and Central Mall.

Groups found that the majority of those interviews primarily accessed the phone via the mobile. There was also a common weariness of using the internet and concern for one’s privacy while doing so, especially with uploading photos to Facebook and online financial transactions. People were also generally concerned about using cyber cafes for fear of one’s accounts being hacked. Generally people suspected that so long as conversations are “private” (i.e. in one’s Facebook inbox), so too are they secure. Just as well, those interviewed shared a sense of security with the use of a password.

Day Six

February 16, 2014

Time	Detail
9.30 a.m. – 11.00 a.m.	Wikipedia: Dr. Abhijeet Safai
11.00 a.m. – 11.15 a.m.	Tea-break
11.15 a.m. – 12.45 p.m.	Open Access: Muthu Madhan (TBC)
12.45 p.m. – 1.30 p.m.	Lunch
1.30 p.m. – 3.00 p.m.	Case Studies Groupwork
3.00 p.m. – 3.15 p.m.	Tea-break
3.15 p.m. – 4.45 p.m.	Case Studies Presentations

As the Institute came closer to its end, participants got the opportunity to hear from speakers on topics pertaining the Wikipedia editing in addition to Open Access to scholarly literature. Participants also worked together in groups to examine specific case studies referenced in previous sessions, and then presented their conclusions.

Wikipedia, Dr. Abhijeet Safai
The Institute was joined by Medical Officer of Clinical Research at Pune’s Symbiosis Centre of Health Care, Dr. Abhijeet Safai, who led a session on Wikipedia. Having edited over 3700 Wikipedia articles, Dr. Abhijeet was able to bring forth his expertise and familiarity in editing Wikipedia to participants so that they would be able to do the same. Introduced within this session were Wikipedia’s different fundamental pillars and codes of conducts to be complied with by all contributors, along with different features and components of Wikipedia articles that one should be aware of when contributing, such as how to cite sources and discuss the contents of an article with other contributors.

Open Access, Muthu Madhan
Muthu Madhan joined the Internet Institute while speaking on Open Access (OA) to scholarly literature. Within his session, Muthu examined the historical context within which the scholarly journal had arisen and how the idea of Open Access began within this space. The presence of Open Access in India and other developing nations was also examined in this session, and the concept of Open Data, introduced.

Case Studies, Groupworks

Participants were split up into groups and assigned particular case studies looked at briefly in previous sessions. Case studies included #thingsdarkiessay, a once trending Twitter hashtag in South Africa which had offended many Americans for its use of “darkie” as a derogatory term; the literary novel, The Hindus, which offers an alternative narrative of Hindu history had been banned in India for obscenity; a case in which several users’ avatars had been controlled by another in a virtual community and forced to perform sexual acts, referred to as A Rape Happened in Cyber Space; and lastly, a pornographic submission website, Is Anyone Up?, for which content was largely derived from “revenge porn.” Each group then presented on the various perspectives surrounding the issue at hand.

The Cyborg, Nishant Shah
Nishant Shah led an off-agenda session in the evening looking more closely at the notion of the human cyborg. Nishant deconstructs humanity’s relationship to technology, in suggesting that we “think of the human as produced with the technologies… not who produces technology.” Nishant explores the Digital Native as an attained identity for those who, because of technology, restructure and reinvent his or her environment—offline as well as online. Among other ideas shared, Nishant refers to works by Haraway on the human cyborg in illustrating our dependency on technology and our need to care for these technologies we depend on.

Day Seven

February 17, 2014

Time	Detail
9.30 a.m. – 11.00 a.m.	Internet Activism: Laura Stein, Associate Professor, University of Texas and Fulbright Fellow
11.00 a.m. – 11.15 a.m.	Tea-break
11.15 a.m. – 12.45 p.m.	Domestic and International Bodies: Chinmayi Arun, Research Director
12.45 p.m. – 1.30 p.m.	Lunch
1.30 p.m. – 3.00 p.m.	Participant Presentations
3.00 p.m. – 3.15 p.m.	Tea-break
3.15 p.m. – 4.45 p.m.	Hot Question Challenge

The last day of the week-long Internet Institute examined concepts of Internet Activism and Domestic and International Bodies. Some participants led presentations on topics of personal familiarity, before a final wrap-up exercise, calling upon individuals to share any new formulations resulting from the Institute.

Internet Activism, Laura Stein

Associate Professor from the University of Texas, Laura Stein, spoke on activism on the internet. Laura examined some grassroots organizations and movements taking place on the online and the benefits that the internet brings in facilitating their impact, such as its associated low costs, accessibility and possibility for anonymity. Despite the positive effects catalyzed by the internet, Laura stresses that the “laying field is still unequal, and movements are not simply transformed by technology.” Some of the websites exemplifying online activism that were examined within this session includes the It Gets Better Project, which aims to give hope to LGBT youth facing harassment, and the national election watch by the Association for Democratic Reforms. Additionally, Laura spoke on public communication policy, comparing that of the US and India, and how this area of policy may influence media content and practice.

Domestic and International Bodies, Chinmayi Arun
As the Internet Institute’s final speaker, Research Director for Communication Governance at National Law University , Chinmayi Arun, explores the network of factors that affect one’s behavior on the internet—these including: social norms, the law, the markets, and architecture. In referring to Lawrence Lessig’s pathetic dot theory, Chinmayi illustrates how individual’s—the pathetic dots in question—are functions of the interactions of these factors, and in this sense, regulated, and stresses the essential need to understand the system, in order to effectively change the dynamics within it. It is worth noting that not all pathetic dots are equal, and Google’s dot, for example, will be drastically bigger than a single user’s, having more leveraging power within the network of internet bodies. Also demonstrated, is the fact that we must acknowledge the need for regulation by the law to some extent, otherwise, the internet would be a black box where anything goes, putting one’s security at risk of violation.

Hot Question Challenge
The very last exercise of the Institute entailed participants asking each other questions on demand, relating back to different themes looked at within the last week. Participants had the chance, here, to bridge together concepts across sessions, as well as formulate their own opinions, while posing questions to others that they, themselves, were still curious about.

For more details visit https://cis-india.org/telecom/blog/institute-for-internet-society-2014-pune

RightsCon 2014

praskrishna — 2014-04-08T05:04:09Z

RightsCon Silicon Valley 2014 was an incredible mixture of more than 700 attendees from more than 65 countries and 375 institutions. Pranesh Prakash and Malavika Jayaram were speakers at this event organized by RightsCon at San Francisco on March 3 and 4, 2014.

This incredible union of expertise has led to real outcomes, many of which are viewable here or as a PDF report here. Missed a session? A special thanks to all our speakers and sponsors who made 2014 so smart and productive.

Missed a session in San Francisco? Many of the videos are available for viewing. To learn more about past RightsCon conferences, head here.

Even as we continue to work diligently on the the work generated from RightsCon Silicon Valley 2014, we are looking ahead to 2015 and Southeast Asia, where we will convene civil society and key decision-makers in this rapidly evolving region. Click here to learn more about the planning for RCSEA2015.

Pranesh was invited to be on five panels, and spoke in three.

He spoke in the following sessions:

March 3 from 14:00-15:15 - Nicolas Seidler's panel on "Localizing the Global Internet: Data Centers, Traffic Rerouting, and the Implications of Post-Surveillance Policy Proposals"

March 4 from 12:00-13:15 - Paul & Bertrand's panel on "Internet and Jurisdiction: How Can Heterogenous Laws Coexist in Cross-Border Online Spaces?"

March 4 from 14:30-15:45 - Amie Stepanovich's panel on "The NSA Strikes Back: Who Really Won the Crypto Wars?"

He was also invited to the following panels:

"Toward Accountability: Reflecting on ICT Industry Action To Protect User Rights"

"Policy Laundering: Hacking the International Innovation Policy Machine"

For more info on the conference, click here. For the full list of speakers, see here.

Video

For more details visit https://cis-india.org/news/rights-con-2014

Spreadsheet data on sample of 50 security companies

maria — 2014-02-28T16:13:39Z

For more details visit https://cis-india.org/internet-governance/blog/data-on-surveillance-technology-companies

Big Democracy, Big Surveillance: India's Surveillance State

maria — 2014-02-28T10:35:09Z

In India, surveillance is on the rise by the state to tackle crime and terrorism, and private companies are eager to meet the demand.

This article by Maria Xynou was published by OpenDemocracy on 10 February 2014.

Worried about the secret, mass surveillance schemes being carried out by the NSA? While we should be, some of the surveillance schemes in the world's largest democracy, India, are arguably in the same league.

Surveillance is being globalised to the extent that even India, a country with huge poverty issues, is investing millions of dollars in creating an expansive surveillance regime. However, why would communications monitoring interest Indian authorities, when the majority of the population lives below the line of poverty and only 17% of the population has access to the Internet?

The official political motivation behind surveillance in India appears to be the government's determination to tackle terrorism in the country. The 2008 Mumbai terrorist attacks were arguably a similar landmark to the 9/11 terrorist attacks in the US, and both governments officially announced their intention to carry out surveillance as a counter-terrorism measure. However, unlike in the west, terrorist attacks in India are much more common, and the National Security Adviser reported in 2008 that 800 terrorist cells were operational in the country. With India’s history of major terror attacks in India over the last 25 years, it's easy for one to be persuaded that terrorism is actually a major threat to national security.

India's surveillance schemes

India’s surveillance programs mostly started following the 2008 Mumbai terror attacks. That was when the Ministry of Home Affairs first proposed the creation of a National Intelligence Grid (NATGRID), which will give 11 intelligence and investigative agencies real-time access to 21 citizen data sources to track terror activities. These citizen data sources will be provided by various ministries and departments, otherwise called “provider agencies”, and will include bank account details, telephone records, passport data and vehicle registration details, among other types of data.

The Ministry of Home Affairs has sought over Rs. 3,400 crore (around USD 540 million!) for the implementation of NATGRID, which aims to create comprehensive patterns of intelligence by collecting sensitive information from databases of departments like the police, banks, tax and telecoms to supposedly track any terror suspect and incident.

But NATGRID is far from India's only data sharing scheme. In 2009 the Cabinet Committee on Economic Affairs approved the creation and implementation of the Crime and Criminal Tracking Network & Systems (CCTNS), which would facilitate the sharing of databases among 14,000 police stations across all 35 states and Union Territories of India, excluding 6,000 police offices which are high in the police hierarchy. Rs. 2,000 crore (around USD 320 million) have been allocated for the CCTNS, which is being implemented by the National Crime Records Bureau under the national e-governance scheme. The CCTNS not only increases transparency by automating the function of police stations, but also provides the civil police with tools, technology and information to facilitate the investigation of crime and detection of criminals.

But apparently, sharing data and linking databases is not enough to track criminals and terrorists. As such, in the aftermath of the 2008 Mumbai terror attacks, the Indian government also implemented various interception systems. In September 2013 it was reported that the Indian government has been operating Lawful Intercept & Monitoring (LIM) systems, widely in secret. In particular, mobile operators in India have deployed their own LIM systems allowing for the so-called “lawful interception” of calls by the government. And possibly to enable this, mobile operators are required to provide subscriber verification to the Telecom Enforcement, Resource and Monitoring (TERM) cells of the Department of Telecommunications.

In the case of Internet traffic, the LIM systems are deployed at the international gateways of large Internet Service Providers (ISPs) and expand to a broad search across all Internet traffic using “keywords” and “key-phrases”. In other words, security agencies using LIM systems are capable of launching a search for suspicious words, resulting in the indiscriminate monitoring of all Internet traffic, possibly without court oversight and without the knowledge of ISPs.

India has also automated and centralized the interception of communications through the Central Monitoring System (CMS). This project was initially envisioned in 2009, following the 2008 Mumbai terror attacks and was approved in 2011. The CMS intercepts all telecommunications in India and centrally stores the data in national and regional databases. The CMS will be connected with the Telephone Call Interception System (TCIS) which will help monitor voice calls, SMS and MMS, fax communications on landlines, CDMA, video calls, GSM and 3G networks. Agencies which will have access to the CMS include the Intelligence Bureau (IB), the Central Bureau of Investigation (CBI), the Directorate of Revenue Intelligence (DRI), the Research and Analysis Wing (RAW) and the National Investigation Agency (NIA).

Unlike mainstream interception, where service providers are required to intercept communications and provision interception requests to law enforcement agencies, the Central Monitoring System will automate the entire process of interception. This means that the CMS authority will have centralized access to all intercepted data and that the authority can also bypass service providers in gaining such access. Once security agencies have access to this data, they are equipped with Direct Electronic Provisioning, filters and alerts on the target numbers, as well as with Call Details Records (CDR) analysis and data mining tools to identify the personal information of target numbers.

Given that roughly 73% of India's population uses mobile phones, this means that the Central Monitoring System can potentially affect about 893 million people, more than double the population of the United States! However, how is it even possible for Indian authorities to mine the data of literally millions of people? Who supplies Indian authorities with the technology to do this and what type of technology is actually being used?

India's surveillance industry

India has the world's second largest population, consisting of more than a billion people and an expanding middle class. Undoubtedly, India is a big market and many international companies aspire in investing in the country. Unfortunately though, along with everything else being imported into India, surveillance technologies are no exception.

Some of the biggest and most notorious surveillance technology companies in the world, such as ZTE, Utimaco and Verint, have offices in India. Even FinFisher command and control servers have been found in India. However, in addition to allowing foreign surveillance technology companies to create offices and to sell their products and solutions in the country, local companies selling controversial spyware appear to be on the rise too.

Kommlabs Dezign is an Indian company which loves to show off its Internet monitoring solutions at various ISS trade shows, otherwise known as “the Wiretapper's Ball”. In particular, Kommlabs Dezign sells VerbaNET, an Internet Interception Solution, as well as VerbaCENTRE, which is a Unified Monitoring Centre that can even detect cognitive and emotional stress in voice calls and flag them! In other words, Kommlabs Dezign makes a point that not only should we worry about what we text and say over our phones, but that we should also worry about what we sound like when on the phone.

Vehere is another Indian company which sells various surveillance solutions and notably sells vCRIMES, which is a Call Details Records (CDR) analysis system. VCRIMES is used to analyse and gather intelligence and to unveil hidden interconnections and relations through communications. This system also includes a tool for detecting sleeper cells through advanced statistical analysis and can analyse more than 40 billion records in less than 3 seconds.

Paladion Networks is headquartered in Bangalore, India and sells various Internet Monitoring Systems, Telecom Operator Interception Systems, SSL Interception and Decryption Systems and Cyber Cafe Monitoring Systems to law enforcement agencies in India and abroad. In fact, Paladion Networks even states in its website that its customers include India's Ministry of Information Technology and the U.S Department of Justice.

ClearTrail Technologies is yet another Indian company which not only sponsors global surveillance trade shows but also sells a wide range of monitoring solutions to law enforcement agencies in India and abroad. ComTrail is a solution for the centralised mass interception and monitoring of voice and data networks, including Gmail, Yahoo, Hotmail, BlackBerry, ICQ and GSM voice calls. Furthermore, ComTrail is equipped to handle millions of communications per day, correlating identities across multiple networks, and can instantly analyse data across thousands of terabytes.

ClearTrail also sells xTrail, which is a solution for the targeted interception, decoding and analysis of data traffic over IP networks and which enables law enforcement agencies to intercept and monitor targeted communications without degrading the service quality of the IP network. Interestingly, xTrail can filter based on a “pure keyword”, a URL/Domain with a keyword, a mobile number or even with just a user identity, such as an email ID, chat ID or VoIP ID.

Apparently, some the biggest challenges that law enforcement agencies face when monitoring communications include cases when targets operate from public Internet networks and/or use encryption. However, it turns out that ClearTrail's QuickTrail solution is designed to gather intelligence from public Internet networks, when a target is operating from a cyber cafe, a hotel, a university campus or a free Wi-Fi zone. This device can remotely deploy spyware into a target's computer and supports protocol decoding, including HTTP, SMTP, POP3 and HTTPS.

Additionally, QuickTrail can identify a target machine on the basis of metadata, such as an IP address, and can monitor Ethernet LANs in real time, as well as monitor Gmail, Yahoo and all other HTTPS-based communications. ClearTrail's mTrail is designed for the passive 'off-the-air' interception of GSM communications, including the interception of targeted calls from pre-defined suspect lists and the monitoring of SMS and protocol information. MTrail also identifies a target's location by using signal strength, target numbers, such as IMSI, TIMSI, IMEI or MSI SDN, which makes it possible to listen to the conversation of so-called “lawfully intercepted” calls in near real-time.

In short, it looks like India is reaching the top league when it comes to surveillance technologies, especially since many of its companies and their products appear to be just as scary as some of the most sophisticated spying gear sold by the West. India may be the world's largest (by population) democracy, but that means that it has a huge population with way too many opinions...and apparently, the private and public sectors in India appear to be joining forces to do something about it.

So do Indians have nothing to hide?

A very popular rhetoric in both India and the west is that citizens should not be concerned about surveillance because, after all, if they are not terrorists, they should have nothing to hide. However, privacy advocate Caspar Bowden has rightfully stated that this rhetoric is fundamentally flawed and that we should all indeed “have something to hide”. But is privacy just about “having something to hide”? Jacob Appelbaum has stated that this rhetoric is merely a psychological copying mechanism when dealing with security.

It's probably rather comforting and reassuring to think that we are not special or important enough for surveillance to affect us personally. But is that really up to us to decide? Unfortunately not. The very point of data mining is to match patterns, create profiles of individuals and to unveil hidden interconnections and relations. A data analyst can uncover more information about us than what we are even aware of and it is they who decide if our data is “incriminating” or not. Or even worse: in many cases it's up to data mining software to decide how “special” or “important” we are. And unfortunately, technology is not infallible.

The world's largest democracy, which is also one of the most corrupt countries in the world, is implementing many controversial surveillance schemes which lack transparency, accountability and adequate legal backing, and which are largely being carried out in secret. And to make matters worse, India lacks privacy legislation. Over a billion people in a democratic regime are exposed to inadequately regulated surveillance schemes, while a local surveillance industry is thriving without any checks or balances whatsoever. What will this mean for the global future of democracy?

For more details visit https://cis-india.org/internet-governance/blog/big-democracy-big-surveillance-indias-surveillance-state