Centre for Internet and Society

Token disclosures?

praskrishna — 2013-08-07T09:30:39Z

Snowden’s Xkeyscore expose makes a mockery of Twitter’s transparency revelations.

The article by Deepa Kurup was published in the Hindu on August 4, 2013. Sunil Abraham is quoted.

This week, roughly around the same time, two ‘revelations’ made headlines in the world of technology. The first, the U.S. National Security Agency’s top secret web surveillance programme, codenamed Xkeyscore, another expose from the house of Edward Snowden & Co.; and second, microblogging site Twitter’s third biannual Transparency Report for the first half of 2013.

The former exposed a global surveillance net, cast far and wide to freely (no formal authorisation required) access and mine emails, chats and browsing histories of millions. The content of the latter report not only pales in comparison but also raises fundamental questions on just how much goes on beyond the arguably modest claims made on Twitter’s transparency charts.

Documents published by The Guardian have the NSA claiming that the “widest-reaching” system mining intelligence from the web had, over a month in 2012, retrieved and stored no less than 41 billion records on its Xkeyscore servers. These mind-boggling numbers make a mockery of Twitter’s few hundred access request disclosures, advocates of online privacy and freedom point out. Then, it is hardly surprising that a large chunk of global requests came from the U.S. government: no less than 902 of the total 1,157 requests, accounting for 78 per cent. A far second is Japan at 8 per cent followed by the U.K.

India References

Interestingly, both Twitter’s report and the NSA’s Xkeyscore document have India references. While a map titled 'Where is Xkeyscore' in the training manual released showing India as one of 150 sites (hosting a total of 700 servers) indicates that India's very much on the global surveillance radar of the United States government; the fact that the India is a new entrant on Twitter's ‘Country Withheld Content Tool’ means that the government here is also making active interventions in microblogging content. This is very much in line with stances the Indian government has taken over the last year, swinging indecisively between asking internet firms to pre-screen content and asking service providers to take down what it finds offensive.

India, A Bit-Player

The Twitter report states that over the last six months it has seen an increase in the number of requests received (and eventual withholding of content) in five new countries: India, Brazil, Japan, Netherlands and Russia. In terms of numbers, India is still very much a bit player in the game given it falls under the ‘less than 10 category, a list where the number of requests for user information made by the government during this period is fewer than 10. It appears from the report that Twitter did not honour any of these requests, indicating that either the requests were too broad or failed to identify individual accounts.

In the same period, Twitter received two requests from India to remove content, one from the “government/law enforcement agency” and the other through a court order. In all, three tweets were removed by Twitter. No details on the nature of content removed were available.

Transparency Trends

A late entrant to transparency initiatives, Twitter's bi-annual reports have been applauded by privacy activists as an initiative that at least attempted to offer a glimpse into the otherwise opaque medium/industry. According to 'Who Has Your Back' an initiative by the Electronic Frontier Foundation, which tracks which corporate helps protect your data from the government, only a third of the 18 internet majors publish Transparency Reports – in fact, Facebook, WordPress and Tumblr all don't publish.

This article by Deepa Kurup was published in the Hindu on August 4, 2013. Sunil Abraham is quoted.

While it's definitely good that Twitter's providing data for India, post-Edward Snowden and his revealing PRISM leaks, netizens would question to what extent this data is representative of the magnitude or extent of user data tracking. Do governments like the U.S. need to approach Twitter (or other internet service providers) at all to access detailed user activity logs, content and metadata?

Secret Orders Excluded

Twitter makes it clear that its current report does not include "secret orders" or FISA disclosures. In another blog related to the Transparency Report, Jeremy Kessel, Manager, Legal Policy at Twitter Inc, writes that since 2012, Twitter's seen an uptick in requests to withhold content from two to seven countries. He writes that while Twitter wants to publish “numbers of national security requests – including FISA (Foreign Intelligence Surveillance Act) disclosures – separately from non-secret requests.” It claims it has “insisted” that the United States government allow for increased transparency into “secret orders”. “We believe it’s important to be able to publish numbers of national security requests – including FISA disclosures – separately from non-secret requests." Unfortunately, we are still not able to include such metrics, Twitter states.

'Not the Whole Truth'

In the absence of these metrics, Sunil Abraham, director of Centre for Internet and Society, feels transparency reports “may not tell us the whole truth”. The Xkeyscore revelations then may explain why the U.S. government has made only 902 information requests. “A rogramme like XKeyScore potentially allows them to capture the very same data without having to approach Twitter. This is the very same imperative behind the CMS project in India. Governments across the world want to automate private sector involvement in blanket surveillance measures so that it wont serve as a check on their unbridled appetite for data”

He warns that there's a likely “race to the bottom”, given that an unintended consequence of transparency may be that governments, rather than being shamed into respect for free speech and privacy, would be emboldened by the scale of surveillance and censorship in the so-called democracies such as the US and EU members that are on top of the global blanket surveillance game.

For more details visit https://cis-india.org/news/the-hindu-august-4-2013-deepa-kurup-token-disclosures

TIkTok: It’s time for Biden to make a decision on his digital policy with China

aman — 2021-01-22T06:11:43Z

As the United State's new president comes into office he is faced with creating a cohesive digital relations policy that corrects some of the damage done by his predecessor. This article is the first part of a series analysing his policies and challenges.

While on the campaign trail, now US president elect Joe Biden, made it clear to voters that he viewed Tik Tok as “a matter of genuine concern.” The statement came amidst a growing environment of hostility within the American government against the application. At the helm of the hostility was (now former) president Donald Trump’s passing of an executive order banning Tik Tok in the country and his attempts at forcing its parent company ByteDance to restructure the app under American ownership. Now, as the presidency passes hands, it is worth examining how the government got here and just how concerned the Biden administration should be with Tik Tok and how their strategy with the app could set the tone for digital relations with China going forward

The Road so far: The ban and forced sale of TikTok

America’s motivation to ban and sell the application can be explained by two contrasting factors: the cybersecurity risks that TikTok poses, and the country’s currently ongoing trade war with China. On the security side TikTok has faced immense scrutiny from governments around the world as to the amount of data that the application collects from its users as well as the potential links between Bytedance and the Chinese government. Furthermore there is a belief that due to the Chinese legislation that compels companies to assist the state on matters of national intelligence, there is little TikTok could do should the Chinese state decide to use it as an instrument of data collection. On the side of trade, the TikTok ban represents one of the more landmark blows dealt by the Trump government in its trade war with China. The US, since the start of his presidency has levied exclusive tariffs on specific Chinese commodities totalling to more than $550 billion. China has in response levied its own tariffs on certain American goods, with a total value of those estimated at $185 billion. Beyond these tariffs, the move to ban TikTok extends the trade war by creating clear hurdles for Chinese corporations to exist within the US market and firmly extended Trump’s protectionist trade policies into the digital sphere.

As such, on 6th August 2020, Trump released an executive order banning TikTok (as well as Chinese messaging and social media app Wechat). The ban has, however, since been indefinitely suspended as part of ongoing litigation on the matter at the federal level.

Shortly after the ban, came the attempts at forcing through the sale. While the deal has generally been referred to as ‘the TikTok sale’, it is not actually an outright purchase of the social media platform by an American company (Microsoft attempted such a purchase but was rejected by Byte Dance). Rather, the deal would see the establishment of a new US based subsidiary called TikTok global that would be partly owned (20%) by Oracle and Walmart, with Oracle becoming a trusted technology provider in order to ensure that US user’s data remains within the state. The agreement stipulates that the board of this new entity would have 4 out of 5 of the seats populated by US citizens, and that the company would go public as well. The current agreement would still see Bytedance retain ownership of the algorithms used by TikTok, which is in line with restrictions from the Chinese government preventing the sale of the algorithm to a foriegn owner without a state granted license.

How should the Biden administration handle this situation?

Dealing with the TikTok question must be one of the Biden administration’s top most priorities. The most obvious question they face is whether or not to reverse the ban and to continue to push through the sale between Bytedance and Oracle.

The case for enforcing the ban until the sale to American owners seems one that is straightforward enough. The cybersecurity concerns surrounding Bytedance’s proximity to the Chinese state and the influence of Chinese legislation are reasonable concerns. And any data gained from the application in the hands of a hostile state could be potentially harmful. This threat could be potentially reduced based on the role played by Oracle as a trusted technology partner. However with details of what exactly constitutes the functions of a ‘trusted technology partner’ it is impossible to say this with any great certainty. Simultaneously, there is a slight sense of irony in a Chinese based digital company protesting against another country’s protectionist stance to the internet.

Nonetheless these benefits are in many ways greatly over exaggerated, and in many ways allowing TikTok to return without requiring a sale could prove more beneficial in the long term. Not only would the app’s return be welcomed by its immense audience (estimated 100 million US users), it would also be a clear demonstration of America’s commitment to a less fragmented internet and more open digital economy. Furthermore, revoking the ban would also allow for the opportunity to reassess and reformulate the US’s economic and political strategy with regards to Chinese technology.

On the economic side, a retraction of the ban could signal the beginning of the end of the US-China trade war. Chinese investors are sure to see the shift from a radical republican president to a centrist democrat one as the perfect opportunity to increase foreign investment, which had been steadily declining recently. Such investment could prove significantly more substantial to the United States in a post covid-19 world as opposed to even in 2019. It is not unimaginable that Biden would look to maximise this opportunity to boost the economy.

On the political side, the government has to evaluate the success of sanctions levied against Chinese technology and whether that approach of blanket banning will translate effectively to the digital sphere. Not only has the US’s sanctions against certain chinese technologies proved unsuccessful, tools such as VPNs that can negate a ban make this strategy even less effective in the digital space.

The largest hurdle to revoking the ban would be the genuine cybersecurity concerns with a Chinese corporation having access American citizens’ data. However, dealing with these concerns through a simple ban of the application would only solve this one instance of excessive surveillance and data collection by a foreign app. Rather any solution must look to fix the issue at its root - that being the need for a more cohesive, detailed and overarching national data protection and cybersecurity policy. Such a policy could place clear limitations on data collection, stipulate data localisation policies for sensitive information and outline numerous other means of reducing the threat involved with allowing applications from states such as China to operate in the US.

Ultimately, Biden will be confronted with the reality of this situation the moment he enters office. The decision he makes on TikTok would set the tone for his term and for his government’s relationship with China. Whatever he decides to do, he needs to do it as soon as possible. The clock is ticking.

For more details visit https://cis-india.org/internet-governance/blog/tiktok-it2019s-time-for-biden-to-make-a-decision-on-his-digital-policy-with-china

Through the looking glass: Analysing transparency reports

Torsha Sarkar, Suhan S and Gurshabad Grover — 2019-11-02T05:48:59Z

An analysis of companies' transparency reports for government requests for user data and content removal

Over the past decade, a few private online intermediaries, by rapid innovation and integration, have turned into regulators of a substantial amount of online speech. Such concentrated power calls for a high level of responsibility on them to ensure that the rights of the users online, including their rights to free speech and privacy, are maintained. Such responsibility may include appealing or refusing to entertain government requests that are technically or legally flawed, or resisting gag orders on requests. For the purposes of measuring a company’s practices regarding refusing flawed requests and standing up for user rights, transparency reporting becomes useful and relevant.Making information regarding the same public also ensures that researchers can build upon such data and recommend ways to improve accountability and enables the user to understand information about when and how governments are restricting their rights.

For some time in the last decade, Google and Twitter were the only major online platforms that published half-yearly transparency reports documenting the number of content take down and user information requests they received from law enforcement agencies. In 2013 however, that changed, when the Snowden leaks revealed, amongst other things, that these companies were often excessively compliant with requests from US’ intelligence operations, and allowed them backdoor surveillance access to user information. Subsequently, all the major Silicon Valley internet companies have been attempting to publish a variance or other of transparency reports, in hopes of re-building their damaged goodwill, and displaying a measure of accountability to its users.

The number of government requests for user data and content removal has also seen a steady rise. In 2014, for instance Google noted that in the US alone, they observed a 19% rise for the second half of the year, and an overall 250% jump in numbers since Google began providing this information. As per a study done by Comparitech, India sent the maximum number of government requests for content removal and user data in the period of 2009 - 2018.8 This highlights the increasing importance of accessible transparency reporting.

Initiatives analysing the transparency reporting practices of online platforms, like The Electronic Frontier Foundation (EFF)’s Who Has Your Back? reports, for instance, have developed a considerable body of work tracing these reporting practices, but have largely focused at them in the context of the United States (US). In our research, we found that the existing methodology and metrics to assess the transparency reports of online platforms developed by organisations like the EFF are not adequate in the Indian context. We identify two reasons for developing a new methodology:

Online platforms make available vastly different information for US and India. For instance, Facebook breaks up the legal requests it receives for US into eight different classes (search warrants, subpoenas, etc.). Such a classification is not present for India. These differences are summarised in Annexure
The legal regimes and procedural safeguards under which states can compel platforms to share information or take content down also differ. For instance, in India, an order for content takedown can be issued either under section 79 and its allied rules or under section 69A and its rules, each having their own procedures and relevant authorities. A summary of such provisions for Indian agencies is given in Annexure 3.

These differences may merit differences in the methodology for research into understanding the reporting practices of these platforms, depending on each jurisdiction’s legal context.

In this report, we would be analyzing the transparency reports of online platforms with a large Indian user-base, specifically focusing on data they publish about user information and takedown requests received from Indian governments’ and courts.

First, we detail our methodology for this report, including how we selected platforms whose transparency reports we analyse, and then specific metrics relating to information available in those reports. For the latter, we collate relevant metrics from existing frameworks, and propose a standard that can be applicable for our research.

In the second part, we present company-specific reports. We identify general trends in the data published by the company, and then compare the available data to the best practices of transparency reporting that we proposed.

Download the full report. The report was edited by Elonnai Hickok. Research assistance by Keying Geng and Anjanaa Aravindan.

For more details visit https://cis-india.org/internet-governance/blog/torsha-sarkar-suhan-s-and-gurshabad-grover-october-30-2019-through-the-looking-glass

Third South Asian Meeting on the Internet and Freedom of Expression

praskrishna — 2013-01-17T07:16:58Z

Internet Democracy Project, Voices for Interactive Choice & Empowerment and Global Partners & Associates are organizing this event in Dhaka on January 14 - 15, 2013.

Pranesh Prakash is moderating the session on "Understanding cyber security and surveillance in South Asia today". Chinmayi Arun is speaking in this panel.

The Third South Asian Meeting on the Internet and Freedom of Expression seeks to address the question of how freedom of expression on the Internet is best protected by taking as its starting point two of the biggest challenges for freedom of expression online in South Asia today: hate speech online on the one hand, and cyber security and surveillance on the other.

The meeting seeks to investigate how these challenges affect freedom of expression on the Internet as well as how they can be addressed most effectively while protecting free speech online. It will also touch briefly on the important question of what kind of Internet governance processes are most likely to ensure the desired outcomes materialise.

A very short history of the South Asian Meeting on the Internet and Freedom of Expression
The first South Asian Meeting on the Internet and Freedom of Expression took place in March 2011 in Delhi, and mapped the many challenges for free speech online in our region, as an input into the report on the Internet and freedom of expression of UN Special Rapporteur on Freedom of Expression, Mr. Frank La Rue.

The second South Asian Meeting, in Kathmandu in November 2011, assessed the extent to which policy and regulation in the South Asian countries complied with the recommendations Mr. La Rue made in his report.

This third meeting will now build on these earlier efforts by bringing together experts from civil society, business, the research community and other stakeholder groups from across the region to discuss two of the biggest shared challenges for freedom of expression online in South Asia today in detail: the rising visibility of hate speech on the one hand, and the impact of discourses regarding cyber security and surveillance on the other.

Why focus on hate speech and security/surveillance now?
Since UN Special Rapporteur on Freedom of Expression, Mr. Frank La Rue, presented his report on the Internet and freedom of expression to the UN Human Rights Council in June 2011, the complexity of this topic has received growing recognition. However, not all trends that La Rue had pointed out as directly affecting freedom of expression online – from access to the Internet to cyber attacks – are equally important in the South Asian region. Detailed analysis in several South Asian countries has shown that, though Internet penetration rates remain fairly low, most countries do possess, for example, the political will crucial to improve these figures. The two trends that seem to be of greatest concern in our region are that of the fight against hate speech, and the impact on freedom of expression of cyber security and surveillance measures. The latter is foregrounded for a variety of reasons ranging from the safety of individual users to national security.

Incidentally, across the region, as in many parts of the world, hate speech and cyber security have also been among the most important reasons governments have quoted to justify greater government control over the Internet. At the national level, this has at times manifested itself through the approval and implementation of legislation that has far-reaching consequences for freedom of speech online, without consulting many of the stakeholders who are affected at any point in time. At the global level, we see a growing number of proposals by governments that would effectively expand their collective powers to regulate the Internet, though with varying levels of involvement of other stakeholders envisioned.

Yet while governments' intentions when imposing censorship or approving surveillance measures may at times be in doubt, it is difficult to deny that the Internet has facilitated a new proliferation of hate speech, as well as that it has thrown up new security challenges that couldn't even be imagined before.

It is therefore our contention that the challenges of hate speech online and of ensuring cyber security in our region are real, and need to be addressed head-on if we are to strengthen and protect the right to freedom of expression online. For this reason, the meeting seeks to investigate both the precise nature of these challenges and what Internet governance mechanisms we need to evolve to ensure that they can be addressed most effectively whilst upholding and strengthening the right to freedom of expression. If we are to take the challenges the threats of hate speech and cyber security policy embody seriously yet also aim to uphold and strengthen the right to freedom of expression online, then what are the solutions we require? And who will need to be responsible for implementing them?

Participants
Taking into account the many parallels in the shape problems of hate speech and cyber security and surveillance take across the South Asian region as a result of shared cultures and historical legacies alike, participants will be invited from Bangladesh, India, Nepal, Pakistan, Afghanistan, Sri Lanka and the Maldives. Moreover, as solutions to these problems will invariably require collaboration among various stakeholders in the Internet governance field in order to be effective, participants will be drawn from a wide variety of stakeholder groups, including civil society, business, government, academia and the media from across the region. In this way, the meeting hopes tofacilitate a South Asia wide, multistakeholder dialogue, to learn, discuss and evolve more detailed thinking on these topics for one and a half days. The meeting will come to an end with a public event at the end of the second day.

The meeting will use a variety of formats, including key note presentations, panel discussions, case studies and small group conversations.

Agenda

January 14, 2013

9.00-09.45	Welcome and introductions to participants
09.45-10.15	Introduction to the meeting: the challenge that hate speech online and cyber security/surveillance pose to freedom of expression on the Internet – Dixie Hawtin Intro: Internet governance and human rights issues in general Why is this event focussed on hate speech and surveillance?
10.15-10.45	Tea/coffee break
10.45-12.15	The challenge of hate speech on the Internet in South Asia Strengthening the right to freedom of expression to curtail hate speech (Anja Kovacs) Three country perspectives, from the Maldives (Mariyath Mohamed), Pakistan (tbc), and Bangladesh (Salim Khan) Moderator: Bishakha Datta
12.15-13:30	Lunch
13.30-14.00	Keynote: Thinking about a rights-based approach to cyber security and surveillance as it relates to speech – KS Park
14.00-15.30	Understanding cyber security and surveillance in South Asia today With Three country perspectives from Bangladesh (Mohammad Rahman), Nepal (Kailash Prasad Neupane) and India (Chinmayi Arun). Moderator: Pranesh Prakash
15.30-16:00	Tea/coffee break
16.00-17.30	Legal and ethical questions and challenges when addressing cyber security and surveillance: two case studies – Rohan Samarajiva

January 15, 2013

9.00-9.15	Introduction to day 2
9.15-9.45	Cybersecurity, surveillance and hate speech online – key issues that need to be addressed in governance in order to protect Internet freedom of expession. This session will discuss particular issues that have relevance for both cyber security debates and hate speech issues in greater depth. Four topics that will be addressed are: The question of anonimity (KS Park) Cross-border cooperation and other jurisdictional issues in context of cloud computing and crossborder data flows and storage (Aditya Rao) Domain Names and registration (Babu Ram Aryal) Intermediaries as law enforcers (Suman Pradhan) Moderator: Shahzad Ahmed
10.45-11.00	Tea/coffee break
11.00-13.00	What kind of solutions could a rights-based approach throw up to the challenges raised so far in the meeting? Open discussion in groups and plenary, following key note speaker, Bulbul Monjurul Ahsan
13.00-13.30	Summing up and thank you
13.30-15.00	Lunch
15:00 – 16:00	Meeting participants move to venue for public meeting, tea/coffee break and arrival of wider public
16.00-18.30	PUBLIC EVENT: The Internet and freedom of expression Confirmed speakers include: Abu Taher, Info Commissioner; Iftekharuzzaman, Executive Director, Transparency International Bangladesh; Sarah Hossain, Lawyer and Honorary Executive Director, BLAST; Shaheen Anam, Executive Director, Manusher Jonno Foundation; Monjurul Ahsan Bulbul, eminent journalist and CEO, Boishakhi Television; and Rohan Samarajiva, Chair and CEO, LIRNEasia.

List of Participants

Aditya Rao, Senior Associate, Amarchand Mangaldas, India
Ahmed Swapan, Executive Director, VOICE, Bangladesh
Amrit Pant, General Secretary, Computer Association of Nepal & President, Information Technology Development Society, Nepal
Anja Kovacs, Project Director, Internet Democracy Project, India
Babu Ram Aryal, President, Internet Society, Nepal Chapter, Nepal
Binaya Guragain, Coordinator of Programs, Equal Access, Nepal
Bishakha Datta, Wikimedia Foundation Board Member & Co-founder, Point of View, India
Chinmayi Arun, Assistant Professor, National Law University Delhi & Fellow, Centre for Internet and Society, India.
Dixie Hawtin, Project Manager for Digital Communications and Freedom of Expression, Global Partners and Associates, UK
Farhana Rumki, Associate Programme Coordinator, VOICE, Bangladesh
Kailash Prasad Neupane, Chief of Legal Section, Spokesperson, Secretary and Registrar, Nepal Telecommunications Authority, Nepal
Khairuzzaman Kamal, Founder Secretary General of Bangladesh Manobadhikar Sangbadik Forum & Senior Reporter at Bangladesh Sangbad Sangstha, Bangladesh
Khawaza Mainuddin, Executive Editor, ICE Business Times Magazine, Bangladesh
K S Park, Executive Director, the PSPD Public Interest Law Center & Professor, Korea University Law School, South Korea
Mariyath Mohamed, Journalist, Minivan News, Maldives
Mohammad Nazmuzzaman Bhuian Emon, Associate Professor, Department of Law, University of Dhaka, Bangladesh
Mohammad Shahriar Rahman, Assistant Professor, Department of Computer Science and Engineering, University of Asia Pacific & Head, Center for IT Security and Privacy, Bangladesh
Moiyen Zalal Chowdhury, Community Manager, Somewhere.In & Norad Fellow,Bangladesh
Monjurul Ahsan Bulbul, Chair, International Press Institute & Editor-in-chief and CEO,Boiskakhi TV, Bangladesh
Pranesh Prakash, Policy Director, Centre for Internet and Society, India
Prasanth Sunganathan, Counsel, Software Freedom Law Centre, India
Rezaur Rahman Lenin, Research Fellow, VOICE, Bangladesh
Richa Kaul Padte, Writer, India
Rohan Samarajiva, Chair and CEO, LIRNEasia, Sri Lanka
Saleem Samad, Columnist & Correspondent at Reporters without Borders, Bangladesh
Salimullah Khan, Writer and Professor, Stamford University, Bangladesh
Sana Saleem, Director, Bolo Bhi, Pakistan
Santosh Sigdel, Advocate and Vice President, Internet Society, Nepal Chapter, Nepal
Shahzad Ahmed, Country Director, Bytes for All, Pakistan
Shehla Rashid Shora, Project Officer, Internet Democracy Project, India
Shehnaz Banu, Media and Communication Officer, Alliance for Social Dialogue, Bangladesh
Soheil Zafar, Editor, Unmochan Blog & TV Producer and Researcher, 71 Television, Bangladesh
Suman Lal Pradhan, CEO, Websurfer, Nepal
Sushma Luthra, Event Coordinator, India
Syeda Fedous Jana, Managing Director and Co-Founder of Somewhere.In, Bangladesh
Tahmina Rahman, Director Bangladesh and South Asia Region, Article 19, Bangladesh
Vasana Wickremasena, Executive Director, Centre for Integrated Communication Research and Advocacy, Sri Lanka

For more details visit https://cis-india.org/news/third-south-asian-meeting-on-internet-and-freedom-of-expression

Theorizing the Digital Subaltern

sara — 2013-08-06T07:20:41Z

As digital humanities research at CIS proceeds, a number of critical positions have arisen, making it possible to reconcile questions of humanities with the digital realm. This blog entry focusses on race as a factor of research and how it is displayed in the digital.

Digital humanities has been criticized for a lack of content when compared with research in the traditional field of humanities. While humanities work deals mostly with subalternity, politics and what it means to be human, it has been established that a lot of digital humanities work revolves mainly around questions of providing access. Access is a good thing and focussing on it can be helpful. Nonetheless, as has been stated by Nishant Shah, simply providing access only works in an ideal world, where all have the gadgets and knowledges of making use of the research made available through digitalization (Shah: 2012). The internet is not the discrimination-free, post-gendered space that cyber-enthusiasts hoped for it to be. As a matter of fact, as Lisa Nakamura describes, the internet is a space of racial and gendered re-embodiement (Nakamura: 2007). Her argument is that in relation to the advancing biotechnologies, ubiquitous surveillance and pre-emptive profiling, 'racio-visual logic' is reconfiguring the body online (ibid.). Even if there is actually visibility of marginalized groups online, it is not always something that actually results in fruitful engagement with the paradigms of racial discrimination. This means that social inequalities and racial discrimination marginalizing people offline are reproduced online. Nakamura exemplifies this in an example by investigating the website alllooksame.com, where users are encouraged to participate in racial profiling by labeling pictures of Asians to be Korean, Chinese or Japanese. A majority of users falsely label the faces, which shows how the social construction of race can wrongly be mainstreamed to accommodate visual perceptions of eastern stereotypes. In this case, as the obviously problematic title of the website already suggests, simply making spaces for perceived minorities is more harmful than good. Nakamura also exemplifies how race is otherwise fetishized online, for example in video games like Grand Theft Auto, portraying non-white protagonists as thugs, or even all-time favorites like Street Fighter or Tekken, appealing to the western image of Asians as martial arts superpowers.

Therefore, the question of the quality of that access and visibility concerning subaltern groups should be vitally important to work in the digital humanities, more than the mere quantity of knowledges available. As Moore-Gilbert explains in his work on digital subalternity (Moore-Gilbert: 2000), it is not mainly access and digitalization, which will be equalizing factors in the digital age. The subaltern is a concept by Antonio Gramsci, which tries to describe the marginalized groups of people that do not have access to hegemonic spaces in society. Gayatri Spivak adds to that concept by saying that not only do the subaltern not have access to hegemonic power structures, also this denial of access makes it impossible for the subaltern to express their own knowledges, as they need to adopt Western ways of knowing to be heard. A subaltern's own cultural knowledges are therefore omitted from the discourse and a subaltern can never truly express oneself (Spivak: 1988).

Summarizing subalternity as the oppressed and dispossessed, Mike Kent (2008) defines a new digital divide, which is opening between people with access to the internet and abilities to operate a computer, and people to whom, for some reason, that description does not apply. These people may simply not own or have access to computers on a regular basis (or at all), but also may be excluded from a digital discourse, because they have been marginalized in that discourse from its analog beginnings. One of the examples was shortly addressed in one of the digital humanities blogposts, where it was explained that many people in India seem to believe that the digital is naturally for the english-speaking world and not available in local languages. These are therefore excluded in the building of gadgets and internet infrastructure, leading users to believe that the internet is a hegemonic space with male, white, western, or at the very least english-speaking dominance. Therefore local Indian languages are marginalized and the digital becomes a realm, which marginalizes non-hegemonic culture and people with different language priorities have difficulties finding their way into. The problem with subalternity is that these people are not visibly excluded, and might not even be aware of their exclusion (Kent: 2008). Providing Indian language Wikipedia, for example, is part of the solution, but definitely not all of it. When doing digital humanities work, archiving or creating access through digitalization, the digital divide grows and does so even more, as it is not, and cannot be addressed in such a way that the people being marginalized are put into a position of realizing the disproportion of knowledge access.

So merely providing information online will not result in the diminishment of the priorly addressed knowledge gap. Even when addressing this gap, it happens in terms of academics, intellectuals and people with online access speaking on behalf of people who do not have access to the discursive space in which these gaps are discussed. The experiences of the subaltern are only addressed from the outside and without their presence. This summarizes subalternity under one large, obscure category, ignoring that the subaltern might need to be addressed individually, according to race, class, gender, etc., to be able to gain the knowledges needed to participate in the discourse evolving around questions of digital humanities. Is it therefore substantive to include subaltern positions into digital discourses, even if this means speaking on behalf of certain positions at first to raise awareness. However, the awareness of speaking for someone else should also exist within the discourse and if there is any way of including subaltern positions directly, they should do so.

Within the work field of digital humanities, many projects are discussing the infrastructure and ways of dealing with online knowledges. The project Digital Humanities Q&A (http://digitalhumanities.org/answers/, or @DHanswers on twitter) offers a platform to ask questions regarding anything concerned with digital humanities. The community quickly tries to help the poster to overcome whatever difficulties s_he might be having in 'building'. And even questions of politics and ethics are discussed in the forum. This is an important infrastructure for discourse happening outside of classical academic forms and certainly retains authority through the amount of other work the researchers participating in the project are publishing online and off.

What seems to be missing, however, is the acknowledgement that the digital is not simply something apart from humanity, and is not something simply extractable and usable as a tool without affecting what it means to be human. Technology forms our very being from the first moment of creation in our mother's wombs. It is intrinsic to every life form in human society and even a complete lack of technology surrounding someone (if that is even possible), is technological in a sense that it is perceived as a lack thereof. This does not necessarily mean that all research work results to digital humanities, but it does point to the impossibility of leaving questions of the social, of race, of gender, aside when dealing with technological development.

To make an analytical example, the technologically focussed concept of the 'Internet-Geek' or the 'Hacker' gives an outlook on how questions of race are handled within a digital space. The terms hacker and geek are being used interchangeably, even though the concepts might differ. Not all geeks are hackers, however, they occupy the same space in the mainstream discourse and when speaking of an internet-geek it is often the assumption that they hack as well. While the term geek bore negative connotations for years, it seems to have shaken these with the rise of the digital realm marking the turn from 'geekism' to 'hacktivism', and with that, geekism as a new type of expertise. Geeks are no longer seen as friendless mavericks, who spend their time obsessing about one subject, which the mainstream culture seems to have little interest in or use for. Much more, the internet-geek is a political figure, which is often said to have the best survival skills in the digital age and is able to navigate through the digital realm like 'a fish takes to water'. The discourse around geek-ism focusses on the geek as an anti-intellectual figure, which overcomes classical academia, as “it's unnecessary to get a college degree in order to be a great coder” (Sanger 2011). However, debates around intellectualism are as old as the concept of the intellectual itself. Historically, the discourse on intellectualism has always been paired with antisemitism and the concept of the intellectual was first used as a derogative term to attack the left wing group defending the jewish captain Alfred Dreyfus in late 19^th century France. The captain was sentenced to life imprisonment for the wrongful accusations of having communicated french military secrets to the German embassy. His accusation and life sentence served the sustenance of French national values and enforced nationalism through the 'Othering'¹ of the jewish captain. Anti-intellectualism therefore historically springs from structural antisemitism and it is worth looking into how that concept has been employed in today's digital culture. Unfortunately, dwelling on the concept of the intellectual is not possible within the frame of this short exemplary analysis. The ambivalence of the concept should, however, not go by unnoticed. This polemic of the discourse is lost in the digital age and there seems to be little engagement with historical perceptions, which may lead to essentialists perceptions of knowledges.

In embracing the priorly addressed values of the internet, the figure of the geek is in most discourses portrayed as anarchic and dismissive of any form of singular authority, therefore undermining power-structures and hegemonic knowledges. While these discourses engage in questions of authority and freedom, it is difficult to find engagement with the categorial inequalities existent in the digital realm. The political engagement, which is supposed to be a key feature in the identity of the hacker, limits itself to questions of freedom of data and open-source. As has been described before, these technological concepts restrict themselves to data accessibility, but do not engage in questions of the quality of access to that data, or the quality of that data itself. The work of the geek or hacker is therefore not subversive per se. Rather, hackerism saw the freedom of internet usage as a right, not a privilege, thereby essentializing a 'survival of the fittest' mentality, which benefits and excuses aggressive behaviour and therefore alienating more sensitive positions. This usually results in re-justifying patriarchal structures and affirming the white, male, heterosexual norm.

Within the last couple of years geek feminism blogs and websites have been springing up on the web in an attempt to overcome the existing knowledge gaps, but the linguistic and theoretical reference seems always to be more along the lines of feminism in an online space and how much these discourses actually impact hetero-normative hackerspaces is questionable. Geek feminists therefore seldom perceive themselves to be part of the hacker-identity, but move in the realm of feminist theory, where intersectionality with other categories, such as race, has been established to be a key factor of analysis. In the hacker-realm, however, when referring to color, what is mostly being addressed is the ethical direction, in which the hacker is performing his*² task, as a short search-engine review of the topic implies. So the political questions the geek or hacker faces, evolve around cybersecurity, privacy and open spaces on the internet, but do not engage in what it means to be of a certain race, gender, etc. when writing code, hacking technologies, or processing knowledges online. This practice of obscuring categories of inequality does not make them any less effective, but, as has been shown above, enforce shallow and often fetishized depictions of online spaces and the users occupying them. This results in a naturalization of the white, male perspective and implies every other position to be an aberration. It is often implied that people of color simply don't want to participate, instead of seeing the possibility of the spaces not being inclusive and inviting enough. It has often been said that hackerspaces are alienating towards women, but the stereotypical depiction of any ethnic group influences the notion of the hacker to be of a certain class and race as well. While one might perceive that Asians occupy a great amount of online space, this does not necessarily mean fruitful engagement in a critical discourse around race in cyberspace.

So even if there is no direct racism in online spaces or within the notion of the hacker, the lack of theorizing race as a category which is still being seen as inferior leads to informal discrimination and reinforces a norm that marginalizes people of color. Research and the building of infrastructure follows these normative interests and marginalizes interests of groups that do not fit into the privileged categories. The notions of free internet usage implies a choice which is not always available, especially within marginalized communities. So it is necessary to engage with the questions of freedom, for whom they apply online, and where freedom and access stop being choices.

To reference Marshall McLuhan, the medium may not necessarily be the message, but it does inseparably intertwine itself, so that it is impossible to tell where medium stops and message begins. If we accept the premise that we are all cyborgs and digital technologies are inscribed in our bodies, a mere quantitative approach to these is not possible and believing technology to simply be a methodology, a means to end is not either. It is necessary to find a way to deal with the technological, the data and, in the end, the internet as a cultural phenomenon which forms our society just as other media does, but also creates reality in a more accurate and impacting way than any medium has done before.

Therefore when taking a turn towards visualizations and design, one should remember what it means to visualize and what is being left out in the process. Of course, articulating something is always a process of marginalizing something else, as it is simply impossible to include all positions. However, the necessity to clarify ones own position, vital in humanities, seems lost in the transition towards digital humanities. The necessity of critical digital humanities has been stressed in the past and a number of critical projects have arisen, a number of which are summarized on the design for digital inclusion homepage from the Washington University: https://depts.washington.edu/ddi/research.html. It is necessary to critically engage with concepts that occupy the digital space and this short analysis of the hacker may serve as a starting point for future research.

Annotations:

1'Othering' is a concept introduced by Edward Said, saying that the construction of a norm usually develops through the demarcation of what they are not. In this case, the french nationality was built upon a notion of anti-semitism and the concept of treason as the biggest offense to the nation state. The concept of 'othering' has also been employed by several other theorists and subaltern researchers, amongst them Gayatri Spivak. See Said: 1977, Spivak: 1985

2Unless explicitly feminist, most literature still addresses the hacker as a male figure. Although of course there are several female hackers, the concept is still connoted as a male identity. In following, this connotation will be applied, however the * indicates the critical engagement with the concept, mirroring the differential gap of power and authority according to the concept of hegemonic masculinity.

References:

Deleuze, G./Guattari, F. (1993): A Thousand Plateaus. Capitalism and Schizophrenia. Minnesota: U of Minnesota Press.

Gold, M.K. (2012): Debates in the Digital Humanities. Open Access Edition

Kuhn, T. S.(1996): The Structure of Scientific Revolutions, University of Chicago Press. 3^rd edition.

Kent, M. (2008): Digital Divide 2.0 and the Digital Subaltern. In: Nebula 5.4, 2008. Accessed July 26^th 2013:http://www.nobleworld.biz/images/Kent3.pdf

Moore-Gilbert, B. (2000): Spivak and Bhabha, In: Schwarz/Ray (ed.), A Companion to Postcolonial Studies. Oxford: Blackwell Publishers, 2000, p. 453.

Nakamura, L. (2008): Digitizing Race. Visual Cultures of the Internet. Minnesota: U of Minnesota Press.

Said, E. (1977): Orientalism. London: Penguin

Shah, N. (2012): The Digital Classroom in the Time of Wikipedia. Accessed July 26^th 2013: http://cis-india.org/raw/digital-humanities/blogs/digital-classroom/digital-classroom-in-time-of-wikipedia

Spivak, Gayatri Chakravorty. " Can the Subaltern Speak?" in Marxism and the Interpretation of Culture. Eds. Cary Nelson and Lawrence Grossberg. Urbana, IL: University of Illinois Press, 1988: 271-313.

Sterne, J. (2000): Computer Race goes to Class. How Computers in Schools Helped Shape the Racial Topography of the Internet. In: Kolko/Nakamura/Rodman (ed.): Race in Cyberspace. New York/London: Routledge. Accessed 29^th July 2013: http://sterneworks.org/ComputerRaceGoestoClass.pdf

For more details visit https://cis-india.org/raw/theorizing-the-digital-subaltern

The Fundamental Right to Privacy: Part III SCOPE

amber — 2017-10-02T04:14:00Z

This is the third paper in a series on the recent judgment on the right to privacy by the nine judge constitution bench of the Supreme Court in a reference matter in Puttaswamy and others v. Union of India. The first two papers on the Sources and Structure of the constitutional right to privacy are available here, and here, respectively. While the previous papers dealt with the sources in the Constitution and the interpretive tools used by the bench to locate the right to privacy as a constitutional right, as well as the structure of the right with its various dimensions, this paper will look at the judgment for guidance on principles to determine what the scope of the right of privacy may be.

For more details visit https://cis-india.org/internet-governance/the200b-200bfundamental200b-200bright200b-200bto200b-200bprivacy-200b-200bpart200b-200biii-scope

The War for India's Internet

praskrishna — 2012-06-14T09:12:34Z

Why is the world's biggest democracy cracking down on Facebook and Google? Rebecca Mackinnon's article was published in Foreign Policy on June 6, 2012.

"65 years since your independence," a new battle for freedom is under way in India -- according to a YouTube video uploaded by an Indian member of Anonymous, the global "hacktivist" movement. With popular websites like Vimeo.com blocked across India by court order, the video calls for action: "Fight for your rights. Fight for India." Over the past several weeks, the group has launched distributed denial-of-service attacks against websites belonging to Internet service providers, government departments, India's Supreme Court, and two political parties.

Street protests are being planned for this coming Saturday, June 9, in as many as 18 cities to protest laws and other government actions that a growing number of Indian Internet users believe have violated their right to free expression and privacy online. A lively national Internet freedom movement has grown rapidly across India since the beginning of this year. The most colorful highlight so far was a seven-day Gandhian hunger strike, otherwise known as a "freedom fast," held in early May on a New Delhi sidewalk by political cartoonist Aseem Trivedi and activist-journalist Alok Dixit. Trivedi's website was shut down this year in response to a police complaint by a Mumbai-based advocate who alleged that some of Trivedi's works "ridicule the Indian Parliament, the national emblem, and the national flag."

Escalating political and legal battles over Internet regulation in India are the latest front in a global struggle for online freedom -- not only in countries like China and Iran where the Internet is heavily censored and monitored by autocratic regimes, but also in democracies where the political motivations for control are much more complicated. Democratically elected governments all over the world are failing to find the right balance between demands from constituents to fight crime, control hate speech, keep children safe, and protect intellectual property, and their duty to ensure and respect all citizens' rights to free expression and privacy. Popular online movements -- many of them globally interconnected -- are arising in response to these failures.

Only about 10 percent of India's population uses the web, making it unlikely that Internet freedom will be a decisive ballot-box issue anytime soon. Yet activists are determined to punish New Delhi's "humorless babus," as one columnist recently called India's censorious politicians and bureaucrats, in the country's media. Grassroots organizers are bringing a new generation of white-collar protesters to the streets to defend the right to use a technology that remains alien to the majority of India's people.

The trouble started with the 2008 passage of the Information Technology (Amendment) Act, whose Section 69 empowers the government to direct any Internet service to block, intercept, monitor, or decrypt any information through any computer resource. Company officials who fail to comply with government requests can face fines and up to seven years in jail. Then, in April 2011, the Ministry of Communications and Information Technology issued new rules under which Internet companies are expected to remove within 36 hours any content that regulators designate as "grossly harmful," "harassing," or "ethnically objectionable" -- designations that are open to a wide variety of interpretations and that free speech advocates argue have opened the door to abuse. It is thanks to these rules that the website of the hunger-striking cartoonist, Trivedi, was taken offline. Also thanks to the 2011 rules, Facebook and Google are facing trial for having failed to remove objectionable content. If found guilty, the companies could face fines, and executives could be sentenced to jail time.

Saturday's protesters are calling for annulment of the 2011 rules and the repeal of part of the 2008 act. They are also calling for Internet service companies to reverse the wholesale blocking of hundreds of websites, including the file-sharing services isoHunt and The Pirate Bay, as well as the video-sharing site Vimeo and Pastebin, which is primarily used for the sharing of text and links. Internet service providers were responding to a court order from the Madras High Court demanding the blockage, which is aimed at preventing the online distribution of pirated versions of one particular film. The Internet companies, fearing that they would not be able to catch every individual instance on every possible site they host, instead chose to block entire services along with all of their content -- which had nothing to do with the film in question.

Such "John Doe" orders, named because they are directed against unknown potential offenders in the present and future, are characterized "by their overly broad and sweeping nature," argue lawyer Lawrence Liang and researcher Achal Prabhala, which extends "to a range of non-infringing activities as well, thus catching a whole range of legal acts in their net." More broadly, as Delhi-based journalist Shivam Vij wrote in a recent essay: "The current mechanisms of internet censorship in India -- blocking, direct removal requests to websites, intermediary rules -- are draconian and unconstitutional. They need to be replaced with a new set of rules that are fair, transparent and accessible for public scrutiny. They should not be amenable to misuse by the powers-that-be for their own private interests."

Not only are the rules abused, but researchers find that they are causing extralegal censorship by companies that overcompensate in order to err on the side of caution. Last year, the Bangalore-based Centre for Internet and Society performed an experiment in which it sent "legally flawed" takedown demands to seven companies that provide a range of online services, including search, online shopping, and news with user-generated comments. The legal flaws in the notices were such that the companies could have rejected them without being in breach of the law. Yet "of the 7 intermediaries to which takedown notices were sent, 6 intermediaries over-complied with the notices, despite the apparent flaws in them," reads the Centre for Internet and Society report.

Despite the growing public opposition, a motion to annul the 2011 rules was defeated by voice vote in the upper house of Parliament last month. Yet the criticism was sufficiently sharp that Communications Minister Kapil Sibal announced that he will hold consultations with all members of Parliament, representatives of industry, and other "stakeholders" to discuss the law's problems and how it might be revised. Many of the law's critics, however, are skeptical that this will eliminate the law's deep flaws and loopholes for abuse, especially given the government's failure to listen so far. Comments on the 2011 rules submitted last year by the Centre for Internet and Society were not even acknowledged as having been received by the Ministry of Communications and Information Technology. "Sibal uses the excuse of national security and hate speech," says the center's director, Sunil Abraham, "but that is not what is happening."

Abraham worries that what is really happening is a government effort at Internet "behavior modification" through a process akin to an experiment involving caged monkeys, bananas, and ice water. Put four monkeys in a cage and hang a bunch of bananas on the ceiling. Every time one of them climbs up to reach the bananas, you drench all of them with ice water. Soon enough, the monkeys will start policing themselves -- attacking anybody who tries to reach the bananas, making it unnecessary for their masters to deploy the ice water. "This is why the government is being so aggressive so early on, with only 10 percent of India's population online," says Abraham. "If you start the drenching early on, by the time you get to 50 percent [Internet penetration], every one will be well-behaved monkeys." Companies will act as private Internet police for fear of legal punishment before the government is called upon to step in and enforce the law. If it works, Indian politicians could have fewer reasons to worry about online critiques or mockery, because companies fearing prosecution will proactively delete speech that could potentially be designated "harassing" or "grossly harmful."

India is not China or Iran, however. Its politicians may be corrupt, and most of its voters may not understand why Internet freedom matters because they've never used the Internet. But it still has an independent press and boisterous civil society that are not going to give up their critiques and protests anytime soon. India also has a strong, independent judiciary, with a record of ruling against censorship and surveillance measures when a strong case can be made that they conflict with constitutional protections of individual rights. "On free speech I have high faith in the Indian judiciary," says Abraham. "There is a good chance to launch a constitutional challenge."

If Google and Facebook lose at their impending trial -- now scheduled for July -- they will most certainly appeal, which activists hope could provide just such an opportunity to prevent the sort of "behavior modification" process that Abraham warns against. Now India's burgeoning Internet freedom movement needs its own reverse "behavior modification" strategy -- imposing consistent and regular doses of political and legal ice water upon India's bureaucrats, politicians, and companies whenever they do things that threaten to corrode the rights of India's Internet users. Saturday's protest is just the beginning.

Sunil Abraham is quoted in this article. Read the original here

For more details visit https://cis-india.org/news/war-of-india-internet

The Walls Have Ears

praskrishna — 2011-07-06T06:26:25Z

The proposed Privacy Bill seems skewed towards the state rather than the citizen, writes Saikat Datta. This news was published in the Outlook magazine, issue, July 11, 2011.

Sometimes the best of intentions can camouflage the worst of motives. On the face of it, the government’s bid to bring in a privacy bill is a welcome move, a long-overdue measure. But after an initial approach paper prepared by lawyers and bureaucrats in November last year, the government went into a secretive huddle. Now a leaked April 19, 2011, version of the bill raises several disturbing questions.

"The idea behind it was to protect privacy but not short-circuit the current systems to combat terror."

K.M. Chandrashekhar, Ex-cabinet secretary

While recognising the need for privacy, the government has also slipped in several clauses that could severely restrict the freedom of the press if enacted in its current form. Worse, it could actually make journalists liable for prosecution as well as imprisonment up to five years. And if that was not bad enough, it does little or nothing to prevent the government from invading a citizen’s privacy. In fact, it will legitimise all forms of intrusion by the state and collection of a wide variety of data from individuals.

TV news channels could be the most affected by this. Sting operations could become a very risky thing in the future, with section four of the proposed bill saying that any form of filming/recording can be deemed as surveillance and anyone doing so without proper authorisation would be liable for prosecution. So if someone was to secretly catch on camera MPs accepting cash for posing questions in Parliament, or record a bureaucrat demanding bribes, chances are he/she will be doing time in jail.

While the proposed draft draws a distinction between data and personal information, it still leaves little room for journalists. For instance, if a reporter were to use "personal information" of an individual for an article without his/her written consent, it will amount to a civil offence and immediately attract a penalty of up to Rs. 1 lakh. If the journalists were to repeat the "offence" by publishing another story using the same material, the penalty goes up to Rs. 5 lakh. So, is the UPA government, under the scanner for a plethora of scams, trying to muzzle the media? It certainly seems so.

"The bill, in its current form, brings an element of pre-censorship that violates our right to speech. It’s disturbing."

Now when it comes to the government’s right to invade a citizen’s privacy, the proposed legislation offers little immunity. It will uphold all existing laws of phone-tapping, interception of communications, collection of statistics and personal data with impunity. "The proposed bill doesn’t change any system or structure of surveillance that are in place today," says Usha Ramanathan, a law researcher who has worked extensively on privacy issues. "Look at the Collection of Statistics Act passed by Parliament last year. You can be penalised for not sharing the information that the government seeks from you. This is very disturbing."

Usha Ramanathan, Law Researcher

Ramanathan’s discomfiture has its reasons. "In the past three years, the government has become far more intrusive than it ever was. All this is asserting the sovereignty of the state over the citizen when the Constitution says that the citizen is supreme. This bill, in its current form, also brings in an element of pre-censorship that violates our fundamental right to speech as well as several judgements of the Supreme Court that ruled against pre-censorship."

On the other hand, former cabinet secretary K.M. Chandrashekhar, a prime mover behind the bill during his tenure, feels that the security needs of the state warrant "lawful" intrusion by it. “The idea was to protect privacy but not short-circuit the current surveillance systems in place for combating terrorism."

"While we accept the primacy of public interest, we must be very, very careful about what is public interest."
Satyananda Mishra, CIC

As far as protecting privacy is concerned, of course all is not bad with the proposed bill. Prashant Iyengar, a researcher with the Centre for Internet and Society (CIS), a Bangalore-based NGO that has played a leading role in shaping the public discourse on this issue, is hopeful. "For the first time, this bill creates a strong liability for the government. This means that the government can be held liable and penalised for the violation of privacy. It also establishes a routine civil liability against the government for all its lapses in protecting the privacy of citizens... which is very good.” But Prashant also feels that the bill has a long way to go before it resolves some inherent contradictions. “The proposed Act must recognise the concept of public interest while it protects privacy. That is an element missing from the current discourse."

Satyananda Mishra, the chief information commissioner and a former secretary, DoPT, has a nuanced view of the proposed bill. He feels public interest must outweigh privacy in every case. "But while we accept the primacy of public interest, we must be very, very careful about what is public interest," he says.

Mishra, in many ways the country’s biggest trustee of transparency in public life today, suggests a few key modifications in the conditions in the proposed legislature. "We need to understand that after the enactment of the RTI Act, it has become incumbent upon us to have some form of inherent disclosure in all our public dealings. This will also safeguard our privacy from the government."

The relationship between citizen and government, says Mishra, is guided by a social contract. "People elect governments and trust them with their lives and liberty in the promise that the government will exercise its powers for their welfare. But there could be instances where the government breaks that promise. It could legitimately tap someone’s phone through legal means, but with malicious intent."

To prevent this, Mishra suggests a modification to the proposed Privacy Act. "Let there be disclosure of all such events, after a reasonable period of time, of any effort by the government to invade the privacy of citizens. For instance, if it needs to tap the phones of a person, then it must be disclosed after a period of time. After all, phones can be tapped legally only to protect the interests of the state. So it should either lead to a criminal prosecution or a disclosure after a reasonable amount of time has elapsed. That is the only way we will be able to curb the intrusive powers of the state and protect the privacy of citizens." Prashant of CIS agrees with Mishra’s suggestion. "In the United States, all wire-tapping laws have a clause for disclosure. This way, a citizen will know if his privacy has been violated lawfully or not."

Now if a reporter were to use "personal info" without consent, it will mean a civil offence, a penalty of Rs. 1 lakh.

While the government will take its time to introduce the bill in Parliament, it needs to be more transparent in its deliberations. Right now two ministries are working simultaneously on the same bill. While the ministry of law and justice under Veerappa Moily is busy shaping its draft, the ministry of personnel, training and public grievances under the prime minister is busy formulating its own version. While they work on it, what both ministries must recognise is that nothing is private about public policy.

Click here to see the story originally published by Outlook

For more details visit https://cis-india.org/news/walls-have-ears

The Trouble with Hurried Solutions

chinmayi — 2012-12-20T04:23:08Z

The World Conference on International Telecommunication showed that countries are not yet ready to arrive at a consensus on regulation and control of the Internet

Chinmayi Arun's Op-ed was published in the Hindu on December 15, 2012.

The World Conference on International Telecommunication (WCIT) that concluded on December 14 saw much heated debate. Some countries wanted to use the International Telecommunication Union (ITU) to gain intergovernmental control of the World Wide Web. Some saw it as an opportunity to democratise the Internet, by replacing U.S. and corporate domination of Internet policy, with a more intergovernmental process. Others insisted that the Internet must be left alone.

The result is that after many days’ deliberations, there was no consensus. The amended International Telecommunication Regulations (ITRs) document has not yet been signed by over 50 countries, of which some like the United States have refused to sign altogether, while others have said that they will need to consult with their national governments before signing.

This article discusses the broader issue under question, which is, whether ITU is the best forum to solve the cross-border problems that arise in relation to the Internet.

WCIT, ITU and ITRs

The ITU has been creating international policy from the days in which the telegraph was prevalent. Although it is now a United Nations agency, its existence predates the U.N. As technology evolved, forcing the telegraph to give way to the telephone, the ITU created new standards for telephony. It even rechristened itself from ‘International Telegraph Union’ to ‘International Telecommunications Union’.

The ITU performs an essential role in ensuring that multiple states with their varying technology, standards and legal systems, are able to interconnect and co-ordinate. Its harmonising rules and standards make co-ordination easier and cheaper than having each state come to an agreement with every other state. The ITRs within the ITU framework facilitate co-ordination by creating binding rules for member states.

Some countries’ proposals for the amendment of the ITRs would have affected content on the Internet substantially. However, after prolonged negotiation, the final draft that was under consideration contained an explicit statement excluding such content from the ITRs’ purview. This draft also came with a resolution that made reference to states’ elaborating their Internet related public policy positions in ITU fora, which was a source of controversy.

Some of the initial suggestions like Russia’s controversial proposal would have given the ITU greater sway over the Internet, permitting it to lay down global standards. These standards may have encouraged countries to inspect data transmitted across the Internet to check whether it is undesirable content raising serious privacy and freedom of speech concerns, especially in countries that do not protect these rights.

The global standards created by the ITU would have permeated to the companies that create the web-based applications that we use, and the resulting law and technological choices would have affected individual users.

Internet governance

The ITU makes its decisions using a traditional model that only seeks consensus between governments, and this is far removed from the way in which the Internet has been governed thus far. Therefore, although expanding the ITU’s mandate to the Internet may seem natural to those who have followed its evolution mirroring the evolution of information technology, the ITU’s manner of functioning is viewed by many as being at odds with the more multi-stakeholder and ad hoc system used to build Internet policy.

In the 1990s, John Perry Barlow proclaimed that cyberspace was outside national borders, and questioned the authority and legitimacy of a national government’s attempts to govern it. Over the years, it has become clear that national governments can exert jurisdiction in cyberspace: filtering content, launching surveillance of users, and creating law that impacts citizens’ behaviour online directly and indirectly.

However, governments’ exertion of will on Internet users is tempered greatly by the other forces that have a strong influence on the Internet. User-behaviour and content often depend on the policies of major service providers like Google, Yahoo, Twitter and Facebook.

Key standards and functions like the allocation of domain names and developing of Internet standards are managed by organisations like ICANN and IETF, which are not governmental organisations. Features like user anonymity are based on technological choices on the World Wide Web. Therefore, governments face significant obstacles and counterbalancing power when they attempt to impose their will on citizens online.

The ITU can weigh this power balance in favour of governments. Many fear that more government power will lead to more censorship, surveillance and stifling of the innovation that is integral to the evolution of Internet. But others support ITU intervention, in the belief that an international inter-governmental regulatory body would be more accountable, and would prevent corporate abuse of power.

Several of the aforementioned corporations, as well as regulatory bodies under question, are headquartered in the United States. There are those who see this as excessive U.S. influence on the Internet, eroding the sovereignty of other states, which have relatively limited influence over what their citizens can transmit and access online. These people see the ITU as a forum that can democratise Internet Governance, giving states shared influence over the web. However, this shared influence is resisted by those who find that the U.S. influence offers them more leverage and protection for their freedom of speech, than increased influence of countries that threaten this internationally accepted human right.

Powerful arguments in favour of increased ITU involvement include highlighting the dangers of abandoning the Internet to the free market. It is true that markets need some regulation to guard against malfunction and abuse of power by stronger players. However, the significant question is not whether these markets should be regulated, but how they should be regulated. Unfortunately, many of the arguments that supported expansion of the ITU’s mandate failed to establish why the ITU is the best solution to the problems plaguing the Internet, rather than being the most readily available reaction.

Any regulatory intervention must have very clear objectives, and some estimate of its likely impact. The intervention must not be considered in isolation but in contrast with other ways to achieve the same goals. Although some of the serious transnational issues plaguing the Internet need international solutions, the ITU, at least in its current avatar, is not necessarily the best remedy. It also remains unclear exactly what effect ITU intervention would have on the Internet — whether it would really offer solutions as intended, or whether it would prove more detrimental than useful, condoning of human rights violations and slowing the blistering innovation that is characteristic of the Internet.

Lack of consensus

Therefore, some of the initial concerns expressed by the countries that refused to sign the ITRs were legitimate. However, the final ITRs document addressed many of these concerns. The dissent emerged over the insertion of text in the preamble that recognised member states’ rights to access international telecommunication networks. These rights, being expressed only in the preamble, are not enforceable, even if they express intentions that are unacceptable to some.

The debates at the WCIT made it clear that the world is not yet ready to come to a unified position on this subject. Perhaps the ITU’s continuation in its path towards increasing, and making effective, multi-stakeholder participation will be the unifying factor some day, if it evolves into a forum which everyone sees as sufficiently democratic, transparent and accountable for Internet policy.

(The writer is Assistant Professor of Law at National Law University, Delhi, and a Fellow of the Centre for Internet and Society, Bangalore. She attended the WCIT from December 3-14)

For more details visit https://cis-india.org/internet-governance/blog/the-hindu-opinion-lead-december-15-2012-chinmayi-arun-the-trouble-with-hurried-solutions

The Take Down of Free Speech Online

praskrishna — 2014-04-06T05:19:50Z

As part of a study to access rate of compliance, in 2011, the Centre for Internet and Society Bangalore sent frivolous “take down” requests to seven prominent intermediaries. The study showed exactly how easy it is to take down online content.

This was published in Newslaundry on April 1, 2014. CIS research on Intermediary Liabilities is quoted.

CIS found that six out of the seven intermediaries “over complied” with the notices. Facts such as these about intermediary liability were discussed in a panel discussion “Intermediary Liability & Freedom of Expression in India” in Delhi on March 27, 2014 organised by Centre for Communication Governance at National Law University in collaboration with the Global Network Initiative.

The panel also included Professor Ranbir Singh, Vice Chancellor of NLU, Jermyn Brooks (Independent Chair – Global Network Initiative, Washington DC), Shyam Divan (Senior Advocate, Supreme Court of India) and SiddharthVaradarajan (Journalist). They discussed proxy censorship by government through private players and how e-business’ lose out on opportunities because of the current legal framework in the country within which intermediaries have to function.

According to Section 2(1)(w) of The Information Technology Act, 2000, “intermediary”- with respect to any particular electronic message -signifies any person who on behalf of another person receives, stores or transmits that message or provides any service with respect to that message.According to Rishab Dara, recipient of the Google policy Fellowship 2011, in an article titled, Intermediary Liability in India: Chilling Effects on Free Expression on the Internet, “intermediaries are widely recognised as essential cogs in the wheel of exercising the right to freedom of expression on the Internet. Most major jurisdictions around the world have introduced legislations for limiting intermediary liability in order to ensure that this wheel does not stop spinning”.

The “safe harbor”or what is also known asIntermediary Liability Laws according to Section 79 of the Information Technology Act are given below:

Intermediaries not to be Liable in Certain Cases

(1) Notwithstanding anything contained in any law for the time being in force but subject to the provisions of sub-sections (2) and (3), an intermediary shall not be liable for any third party information, data, or communication link made available or hosted by him.

(2) The provisions of sub-section (1) shall apply if—

(a) the function of the intermediary is limited to providing access to a communication system over which information made available by third parties is transmitted or temporarily stored or hosted; or

(b) the intermediary does not—

(i) initiate the transmission,

(ii) select the receiver of the transmission, and

(iii) select or modify the information contained in the transmission;

(c) the intermediary observes due diligence while discharging his duties under this Act and also observes such other guidelines as the Central Government may prescribe in this behalf.

(3) The provisions of sub-section (1) shall not apply if—

(a) the intermediary has conspired or abetted or aided or induced, whether by threats or promise or othorise in the commission of the unlawful act;

(b) upon receiving actual knowledge, or on being notified by the appropriate Government or its agency that any information, data or communication link residing in or connected to a computer resource controlled by the intermediary is being used to commit the unlawful act, the intermediary fails to expeditiously remove or disable access to that material on that resource without vitiating the evidence in any manner.

Under the Act, the intermediary needs to act on a complaint within 36 hours of a take down notice -failing which they will be liable to legal action if the case is taken to the court.

Shyam Divan spoke about the absurdity of the 36-hour turnaround time that an intermediary has between receiving a complaint and taking down the content. According to him, without any kind of legal option to fall back on, intermediaries decide to comply with such take down notices fearing “serious penalties and possibility of prosecution” which results in “indirect censorship”. He also said, “Domestic constitution in itself is not going to be sufficient”. “Meta-constitutions” which are transnational and have uniform laws across countries could be a possible solution to the current confusion as the internet is a global phenomenon and it would ensure that “the extent of our online rights would not be limited to the constitution of the country”.

Giving the example of hate speech, Siddharth Varadarajan, mentioned the Indian executive’s different approaches towards different mediums. Referring to hate speeches made during the 1993 Bombay riots by Shiv Sena leaders and those made during the 2002 Gujarat riots, he said, “Hate speech never gets prosecuted when made amid a physical crowd in a volatile situation.I can understand why politicians won’t be prosecuted but why so much sensitivity on online content. This paradox is worth reflecting on.Despite its limited reach, the executive reacts in such a hyper-sensitive manner”.He adds that as the editor of a news website one faces daily problems in taking decisions on online content especially on comment moderation and whether the website would be responsible for a certain comment made by a reader. Echoing Shyam Divan’s views,he said that in India more than the punishment, when a case is filed, the legal process itself becomes a punishment, which forces Internet Service Providers to comply with requests of blocking online content.

The Global Network Initiative is a Washington-based organisation that provides a framework for companies to deal with governments requesting censorship or surveillance of online content, “rooted in international standards legal framework also interesting people”. According to a report released by it, “provided that the existing safe harbour regime is improved, intermediaries can become a significant part of the economy and their GDP contribution may increase to more than 1.3 per cent by 2015. The potential corresponds to $41 billion by 2015”.Jermyn Brooks,Independent Chair of GNI,argued that instead of focusing all efforts on ensuring that the Information Technology (Intermediaries Guidelines) Rules, 2011 gets struck down by Courts for its unconstitutionality, there should also be a movement to effect policy changes through the amendment of the law. According to him, such a proposition would be more lucrative for a government looking for “re-invigoration of economic growth in India”.

The discussion was significant in the light that a number of cases related to the IT Act and freedom of online speech will be heard in the Supreme Court in the coming months. A petition by Mouthshut.com challenges the Information Technology (Intermediaries Guidelines) Rules 2011 “which effectively creates a notice and takedown regime for content hosted by intermediaries”. Another important case up for hearing is a petition by Member of Parliament Rajeev Chandrashekhar,“which also challenges these rules on grounds that they are ambiguous, require private parties to subjectively assess objectionable content, and that they undermine the safe harbour exemptions from liability granted to intermediaries by section 79 of the IT Act”. The People’s Union for Civil Liberties (PUCL) has challenged the Intermediaries Guidelines rules as well as the Procedure and Safeguards for Blocking for Access of Information by the Public Rules 2009. “This petition has pointed to the lack of transparency in the blocking procedure, which does not currently offer the public any notice or reasons for the blocking.”

“The cases pending before the Supreme Court will have a significant impact on the freedom of expression. We should never take our rights for granted – the interpretation of these rights needs to be consistent with their spirit”, said Professor Ranbir Singh.

Citing the recent example of the Wendy Doniger episode, Varadarajan says, “If Penguin chooses to pack up at the District court level, you know how Internet Service Providers would react to take down notices…Specific targeting of online speech would ultimately have a negative impact on the traditional media”. And that is the crux of the matter. In the absence of intermediate liability not being limited, online censorship and the curtailment of the freedom of speech will become far easier and will only worsen.

For more details visit https://cis-india.org/news/newslaundry-april-1-2014-somi-das-the-take-down-of-free-speech-online

The Surveillance Industry in India: At Least 76 Companies Aiding Our Watchers!

maria — 2013-07-12T11:59:10Z

Maria Xynou is conducting research on surveillance technology companies operating in India. So far, 76 companies have been detected which are currently producing and selling different types of surveillance technology. This post entails primary data on the first ever investigation of the surveillance industry in India. Check it out!

This blog post has been cross-posted in Medianama on May 8, 2013. This research was undertaken as part of the 'SAFEGUARDS' project that CIS is undertaking with Privacy International and IDRC.

So yes, we live in an Internet Surveillance State. And yes, we are constantly under the microscope. But how are law enforcement agencies even equipped with such advanced technology to surveille us in the first place?

Surveillance exists because certain companies produce and sell products and solutions which enable mass surveillance. Law enforcement agencies would not be capable of mining our data, of intercepting our communications and of tracking our every move if they did not have the technology to do so. Thus an investigation of the surveillance industry should be an integral part of research for any privacy advocate, which is why I started looking at surveillance technology companies. India is a very interesting case not only because it lacks privacy legislation which could safeguard us from the use of intrusive technologies, but also because no thorough investigation of the surveillance industry in the country has been carried out to date.

The investigation of the Indian surveillance industry has only just begun and so far, 76 surveillance technology companies have been detected. No privacy legislation...and a large surveillance industry. What does this mean?

A glimpse of the surveillance industry in India

In light of the UID scheme, the National Intelligence Grid (NATGRID), the Crime and Criminal Tracking Network System (CCTNS) and the Central Monitoring System (CMS), who supplies law enforcement agencies the technology to surveille us?

In an attempt to answer this question and to uncover the surveillance industry in India, I randomly selected a sample of 100 companies which appeared to produce and sell surveillance technology. This sample consisted of companies producing technology ranging from internet and phone monitoring software to biometrics, CCTV cameras, GPS tracking and access control systems. The reason why these companies were randomly selected was to reduce the probability of research bias and out of the 100 companies initially selected, 76 of them turned out to sell surveillance technology. These companies vary in the types of surveillance technology they produce and it should be noted that most of them are not restricted to surveillance technologies, but also produce other non-surveillance technologies. Paradoxically enough, some of these companies simultaneously produce internet monitoring software and encryption tools! Thus it would probably not be fair to label companies as ´surveillance technology companies´ per se, but rather to acknowledge the fact that, among their various products, they also sell surveillance technologies to law enforcement agencies.

Companies selling surveillance technology in India are listed in Table 1. Some of these companies are Indian, whilst others have international headquarters and offices in India. Not surprisingly, the majority of these companies are based in India's IT hub, Bangalore.

Table 2 shows the types of surveillance technology produced and sold by these 76 companies.

The graph below is based on Table 2 and shows which types of surveillance are produced the most by the 76 companies.

Graph on types of surveillance sold to law enforcement agencies by 76 companies in India

Out of the 76 companies, the majority (32) sell surveillance cameras, whilst 31 companies sell biometric technology; this is not a surprise, given the UID scheme which is rapidly expanding across India. Only one company from the sample produces social network analysis software, but this is not to say that this type of technology is low in the Indian market, as this sample was randomly selected and many companies producing this type of software may have been excluded. Moreover, many companies (13) from the sample produce data mining and profiling technology, which could be used in social networking sites and which could have similar - if not the same - capabilities as social network analysis software. Such technology may potentially be aiding the Central Monitoring System (CMS), especially since the project would have to monitor and mine Big Data.

On countless occasions I have been told that surveillance is an issue which concerns the elite and which does not affect the poorer classes, especially since the majority of the population in India does not even have Internet access. However, the data in the graph above falsifies this mainstream belief, as many companies operating in India produce and sell phone and SMS monitoring technology, while more than half the population owns mobile phones. Seeing as companies, such as ClearTrail Technologies and Shoghi Communications, sell phone monitoring equipment to law enforcement agencies and more than half the population in India has mobile phones, it is probably safe to say that surveillance is an issue which affects everyone, not just the elite.

Did you Know:

CARLOS62 on flickr

WSS Security Solutions Pvt. Ltd. is north India´s first CCTV zone
Speck Systems Limited was the first Indian company to design, manufacture and fly a micro UAV indigenously
Mobile Spy India (Retina-X Studios) has the following mobile spying features:

SniperSpy: remotely monitors smartphones and computers from any location

Mobile Spy: monitors up to three phones and uploads SMS data to a server using GPRS without leaving traces

4. Infoserve India Private Limited produces an Internet monitoring System with the following features:

Intelligence gathering for an entire state or a region
Builds a chain of suspects from a single start point
Data loss of less than 2%
2nd Generation Interception System
Advanced link analysis and pattern matching algorithms
Completely Automated System
Data Processing of up to 10 G/s
Automated alerts on the capture of suspicious data (usually based on keywords)

5. ClearTrail Technologies deploys spyware into a target´s machine
6. Spy Impex sells Coca Cola Tin Cameras!
7. Nice Deal also sells Coca Cola Spy Cameras, as well as Spy Pen Cameras, Wrist Watch Cameras and Lighter Video Cameras to name a few...
8. Raviraj Technologies is an Indian company which supplies RFID and biometric technology to multiple countries all around the world... Countries served by Raviraj Technologies include non-democracies, such as Zimbabwe and Saudi Arabia...as well as post-revolutionary countries, such as Egypt and Tunisia... Why is this concerning?

Non-democracies lack adequate privacy and human rights safeguards and by supplying such regimes with biometric and tracking technology, the probability is that this will lead to further oppression within these countries

Egypt and Tunisia had elections to transit to democracy and by providing them biometric technology, this could lead to further oppression and stifle efforts to increase human rights safeguards

“I´m not a terrorist, I have nothing to hide!”

r1chardm on flickr

It´s not a secret: Everyone knows we are being surveilled, more or less. Everyone is aware of the CCTV cameras (luckily there are public notices to warn us...for now). Most people are aware that the data they upload on Facebook is probably surveilled...one way or the other. Most people are aware that mobile phones can potentially be wiretapped or intercepted. Yet, that does not prevent us from using our smartphones and from disclosing our most intimate secrets to our friends, from uploading hundreds of photos on Facebook and on other social networking sites, or from generally disclosing our personal data on the Internet. The most mainstream argument in regards to surveillance and the disclosure of personal data today appears to be the following:

“I´m not a terrorist, I have nothing to hide!”

Indeed. You may not be a terrorist...and you may think you have nothing to hide. But in a surveillance state, to what extent does it really matter if you are a terrorist? And how do we even define ´risky´ and ´non-risky´ information?

Last year at the linux.conf.au, Jacob Appelbaum stated that in a surveillance state, everyone can potentially be a suspect. The argument “I´m not a terrorist, I have nothing to hide” is merely a psychological coping mechanism when dealing with surveillance and expresses a lack of agency. Bruce Schneier has argued that the psychology of security does not necessarily reflect the reality of security. In other words, we may feel or think that our data is secure because we consider it to ential ´non-risky´ information, but the reality of security may indicate that our data may entail ´risky information´ depending on who is looking at it, when, how and why. I disagree with the distinction between ´risky´ and ´non-risky´ information, as any data can potentially be ´risky´ depending on the circumstances of its access.

That being said, we do not necessarily need to disclose nude photos or be involved in some criminal organization in order to be tracked. In a surveillance society, we are all potentially suspects. The mining and profiling of our data may lead to us somehow being linked to someone who, for whatever reason, is a suspect (regardless of whether that person has committed an actual offence) and thus may ultimately end us up being suspects. Perhaps one of our interests (as displayed in our data), our publicly expressed ideas or even our browsing habits may fall under ´suspicious activity´. It´s not really an issue of whether we are involved in a criminal organisation per se or if we are disclosing so-called ´risky information´. As long as our data is being surveilled, we are all suspects, which means that we can all potentially be arrested, interrogated and maybe even tortured, just like any other criminal suspect.

But what fuels a surveillance society? How can law enforcement agencies mine such huge volumes of data? Many companies, such as the 76 listed in this research, equip law enforcement agencies with the technology to monitor the Internet and our phones, to deploy malware to our computers, to mine and profile our data on social networking sites and to track our vehicles and movement. A main reason why we currently live in a Surveillance State is because the surveillance industry is blooming and currently equipping law enforcement agencies with the technology to watch our every move. Thus companies producing and selling surveillance technologies play an essential role in maintaining the surveillance state and should be accountable for the implications their products have on individuals´ right to privacy and other human rights.

Surveillance technologies, however, are not the only factor which fuels a surveillance state. Companies produce technologies based on the market´s demand and without it, the surveillance industry would not exist. The market appears to demand for surveillance technologies because a pre-existing surveillance culture has been established which in turn may or may not have been created by political interests of public control. Nonetheless, surveillance appears to be socially integrated. The fact that some of the most profitable businesses in the world, such as 3M, produce and sell surveillance technologies, as well as the fact that, in most countries in the world, it is considered socially prestigious to work in such a company is minimum proof that surveillance is being socially integrated. In other words, companies should be accountable in regards to the technologies they produce and who they sell them to, but we should also take into consideration that the only reason why these companies exist to begin with is because there is a demand for them.

By not opposing to repressive surveillance laws, to the CCTV cameras in every corner, to surveillance schemes -such as NATGRID and the CMS in India- or by handing over our data, we are fuelling the surveillance state. Unlike Orwell's totalitarian state described in 1984, surveillance today does not appear to be imposed in a top-down manner, but rather it appears to be a product of both the Information Revolution and of our illusionary sense of control over our personal data. Our ´apathy´ enables surveillance laws to be enacted and companies to produce the technology which will aid law enforcement agencies in putting us all under the microscope. As easy as it would be to blame companies for producing surveillance technologies, the reality of surveillance appears to be much more complicated than that, especially if surveillance is socially integrated.

Yet, the reality in India is that at least 76 companies are producing and selling surveillance technologies and equipping law enforcement agencies with them. This is extremely concerning because India lacks privacy legislation which could safeguard individuals from potential abuse. The fact that India has not enacted a privacy law ultimately means that individuals are not informed when their data is collected, who has access to it, whether it is being processed, shared, disclosed and/or retained. Furthermore, the absence of privacy legislation in India also means that law enforcement agencies are not held liable and this has an impact on accountability and transparency, as it is not possible to determine whether surveillance is effective or not. In other words, there are currently absolutely no safeguards for the individual in India and simultaneously, the rapidly expanding surveillance industry poses major threats to human rights.

Not only does India urgently need privacy legislation to be enacted to safeguard citizens from potential abuse, but the use of all surveillance technologies should be strictly regulated now. As previously mentioned, some companies, such as Raviraj Technologies, are exporting biometric technology to non-democratic countries and to fragile states transitioning to democracy. This should be prevented, as equipping a country - which lacks adequate safeguards for its citizens - with the technology to ultimately control its citizens can potentially have severe effects on human rights within the country. Thus export controls are necessary to prevent the expansion of surveillance technologies to countries which lack legal safeguards for their citizens. This also means that there should be some restrictions to international companies selling surveillance technologies from creating offices in India, since the country currently lacks privacy legislation.

Surveillance technologies can potentially have very severe effects, such as innocent people being arrested, interrogated, tortured...and maybe even murdered in some states. Should they be treated as weapons? Should the same export restrictions that apply to arms apply to surveillance technologies? Sure, the threat posed by surveillance technologies appears to be indirect. But don't indirect threats usually have worse outcomes in the long run? We may not be terrorists and we may have nothing to hide...but we have no privacy safeguards and a massively expanding surveillance industry in India. We are exposed to danger...to say the least.

For more details visit https://cis-india.org/internet-governance/blog/the-surveillance-industry-in-india-at-least-76-companies-aiding-our-watchers

The Surveillance Industry in India – An Analysis of Indian Security Expos

divij — 2015-03-08T12:25:15Z

The author talks about the surveillance industry in India and analyses Indian security expos.

Introduction

The 'Spy Files', a series of documents released by whistleblower website WikiLeaks over the last few years, exposed the tremendous growth of the private surveillance industry across the world - a multi-billion dollar industry thriving on increasing governmental and private capabilities for mass surveillance of individuals.[1] These documents showed how mass surveillance is increasingly made possible through new technologies developed by private players, often exploiting the framework of nascent but burgeoning information and communication technologies like the internet and communication satellites. Moreover, the unregulated and undiscerning nature of the industry means that it has enabled governments (and also private agencies) across the world - from repressive dictatorships to governments in western democracies with a growing track record of privacy and civil liberties infringements - to indulge in secretive, undemocratic and often illegal surveillance of their citizens. The Spy Files and related research have revealed how the mass surveillance industry utilizes the rhetoric of national security and counter-terrorism to couch technologies of surveillance.

'Security' and the Normalization Of Surveillance

New technologies undoubtedly create a potential for both malicious as well as beneficial use for society. Surveillance technologies are a prime example, having both enabled improvements in law enforcement and security, but at the same time creating unresolved implications for privacy and civil liberties. These technologies expose what Lawrence Lessig describes as 'latent ambiguities' in the law - ambiguities that require us to assess the implications and effects of new technologies and how to govern them, and most importantly, to choose between conflicting values regarding the use of technologies, for example, increased security as against decreased privacy.[2]

Unfortunately, In India, the ambiguity seems to have been resolved squarely in favour of surveillance - under the existing regulatory regime, surveillance is either expressly mandated or unregulated, and requires surveillance to be built into the architecture and design of public spaces like internet and telephone networks, or even public roads and parks. Most of these regulations or mechanisms are framed without democratic debate, through executive mechanisms and private contracts with technology providers, without and public accountability or transparency.

For example, under the telecom licensing regime in India, the ISP and UASL licenses specifically require lawful interception mechanisms through hardware or software to be installed by the licensees, for information (Call Data Records, Packet Mirroring, Call Location) to be provided to 'law enforcement agencies', as specified by the Government.[3] Section 69 of the Information Technology Act, the main legislation governing the Internet in India, read with the rules framed under the Act, makes it incumbent upon 'intermediaries' to provide surveillance facilities at the behest of government agencies.[4]

Beyond this, the State and its agencies Section 69 and 69B of the IT Act empower the government to intercept and monitor any data on the Internet. The Telegraph Act also permits wiretapping of telephony.[5] The proposed Central Monitoring System by the Central Government would give state agencies centralized access to all telecommunications in real time, on telephony or on the Internet. Other surveillance schemes include the Keyword Tracking system NETRA, as well as several state government proposed comprehensive CCTV-surveillance schemes for cities. [6] Clearly, therefore, there is a massive market for surveillance technologies in India.

Tracking the Surveillance Market

The Mass surveillance industry by its very nature is closed, secretive and without democratic oversight, Insights into the prevalence, nature and scope of the companies that form this industry, or the technologies that are utilized are far and few. No democratic debate about surveillance can take place in such a paradigm. In this context, security expos and exhibitions provide critical insight into this industry. Several of the important revelations about the industry in the past have been from examinations of large exhibitions in which the various governmental and industry actors participate, and therefore, such analysis is critical to the debate surrounding mass surveillance. Such exhibitions are a logical starting point because they are one of the few publically accessible showcases of surveillance-ware, and are also a congregation of most major players who are part of this market both as suppliers and purchasers.

Our research identified at least 13 exhibitions in India that specifically cater to the surveillance industry. A brief outline of each of these exhibitions is provided below:

1. Secutech India (Brochures: 2015 -http://www.secutechindia.co.in/pdf/secutech%20brochure.pdf)

The Secutech Expo is an exhibition held in Bombay and Delhi since 2011, to showcase Information Security, Electronic Security and Homeland Security technologies. Secutech also organizes the Global Digital Surveillance Forum, a conference amongst the stakeholders of digital surveillance industry in India.[7]

Exhibitors: Ivis; Matrix Comsec; Neoteric; Smartlink; Kanoe; Micro Technologies; Aditya Infrotech; CoreTech Solutions; Merit Lilin; Schneider Electric; Pash systems; Nettrack Technologies Pvt Ltd.; QNAP; Axxonsoft; Hk Vision (China); Alhua; Axis; Vivotech (Taiwan); Endroid (USA); Vantge (UK); Pelco (France); Advik; Hi Focus (UK); ESMS; Keeper (China); Neoteric; Vizor, etc

Visitors: The visitor profile and target audience consists of government and defense agencies, besides private agencies.

Technologies on display: Digital surveillance, biometrics, CCTV and RFID are some categories of the technologies which are showcased here.

2. IFSEC India (Brochures: 2013 - http://www.ifsecindia.com/uploads/IFSEC%20INDIA%20brochure%202013.pdf; 2014 - http://www.ubmindia.in/ifsec_india/uploads/IFSEC_INDIA_Brochure_CS5_new_low.pdf.)

IFSEC India, an extension of IFSEC UK, the 'worlds largest security exhibition', proclaims to be South Asia's largest security exhibition with 15,000 participants in its latest edition, including a special segment on surveillance. It has been held in either Bombay or Delhi since 2007.

Exhibitors: Honeywell; Infinova; Radar Vision; QNAP; Ensign; Winposee; Bosch; Comguard; Verint; ACSG; Ensign etc.

Visitors: Visitors include government agencies such as the Central Industrial Security Force, Border Security Force, Department of Internal Security, Railway Protection Force and the Department of Border Management.

Technologies on display: RFID, Video Surveillance, Surveillance Drones, IP Surveillance, Digital Surveillance and Monitoring were some of the categories of technologies on display.

3. India International Security Expo (Brochures: 2014 - http://www.indiasecurityexpo.com/images/e_brochure.pdf)

Held in New Delhi since 1996, and organized by the Ministry of Home Affairs, the expo is described as "India's largest show case of goods and services related to Homeland Security, Fire Safety, Traffic Management, Industrial Safety and Public Safety, Hospitality and Reality Security." With specific reference to the changing 'modus operandi of crime by using technology', the Expo focuses on using surveillance technologies for law enforcement purposes.

Exhibitors: Intellivision (USA); Intex (India); ESC Baz (Israel); Sparsh Securitech; Source Security (USA); Intellivision (USA); Interchain Solutions; ESSI; Kritikal; Matrix; Pace Solutions etc.

Visitors: According to the show's brochure, visitors include Central & State Police Organisations, Paramilitary Forces, Policy-makers from the Government, Industrial Establishments, Security Departments of Educational, Retail, Hospitality, Realty & other sectors, Colonisers, Builders, RWAs, System Integrators Large business houses and PSU's.

Technologies on display: Access control systems, surveillance devices, RFID, traffic surveillance and GPS Tracking.

4. Secure Cities Expo (Brochures: 2013 - http://securecitiesindia.com/Secure_Cities_2013_Brochure.pdf; 2014 - http://securecitiesindia.com/images/2014/SC_2014_Brochure.pdf.)

Secure Cities Expo has been organized since 2008, on the platform of providing homeland security solutions and technologies to government and private sector participants.

Exhibitors: Dell; Palo Alto Networks; Motorola; Konnet; Vian Technologies; Quick Heal; Intergraph, GMR, Tac Technologies, Steria, Teleste, Elcom, Indian Eye Security; Mirasys; CBC Group; Verint (USA); IBM (USA); Digitals; EyeWatch; Kanoe; NEC (Japan); ACSG Corporate; ESRI (USA), etc.

Visitors: Visitors include government and law enforcement agencies including the Ministry of Home Affairs as well as systems integrators and private firms including telecom firms.

Technologies on display: CCTV, Biometrics, Covert Tracking and Surveillance Software, Communication Interception, Location and Tracking systems, and IT Security.

5. Defexpo India (Brochures: No publically available brochures)

By far India's largest security exposition, the Ministry of Defense has organized Defexpo India since 1999, showcasing defense, border, and homeland security systems from technology providers internationally.

Exhibitors: Aurora Integrated; Airbus Defence (France); Boeing (USA); Hacking Team (Italy); Kommlabs (Germany); Smoothwall; Atlas Electronik; Cyint; Audiotel International; Cobham; Tas-Agt; Verint; Elsira (Elbit) (Israel); IdeaForge; Comint; Controp; Northrop Gruman; Raytheon; C-DoT; HGH Infrared (Israel); Okham Solutions (France); Septier (Israel); Speech Technology Centre (Russia); Aerovironment (USA); Textron; Sagem (France); Amesys (France); Exelis; ITP Novex (Israel), etc.

Visitors: The latest edition of the Expo saw participation from governmental delegations from 58 countries, besides Indian governmental and law enforcement authorities.

Technologies on display: The entire spectrum of surveillance and homeland security devices is on display at Defexpo, from Infrared Video to Mass Data Interception.

6. Convergence India Expo (Brochures: 2012 - http://convergenceindia.org/download/CI2012-PSR.pdf; 2014 -http://www.convergenceindia.org/pdf/CI-2014-Brochure.pdf; 2015 - http://www.convergenceindia.org/pdf/brochure-2015.pdf.)

Convergence India, being held in New Delhi since 1991, is a platform for interaction between Information and Communication Technology providers and purchasers in the market. In recent years, the expo has catered to the niche market for IT surveillance.

Exhibitors: ELT (UK); Comguard; Fastech; Synway (China); Saltriver; Anritsu (Japan); Cdot; Fastech; Rahul Commerce; Deviser Electronics; RVG Diginet; Blue Coat (USA); Cyberoam (USA); ZTE (China); Net Optics (USA); Controp; Comint etc.

Visitors: Visitors include Paramilitary Forces, Cable Operators, Government Ministries and PSU's and Telecom and Internet Service Providers.

Technologies on Display: Biometrics, Content Filtering, Data Mining, Digital Forensics, IP-Surveillance, Embedded Softwares, Network Surveillance and Satellite Monitoring were some of the technologies on display.

7. International Police Expo (Brochures: 2014 - http://www.nexgengroup.in/exhibition/internationalpoliceexpo/download/International_Police_Expo_2014.pdf.)

The International Police Expo held in New Delhi focuses on providing technologies to police forces across India, with specific focus on IT security and communications security.

Exhibitors: 3G Wireless Communications Pvt Ltd; Motorola Solutions; Cyint; Matrix Comsec; Cellebrite; Hayagriva; MKU; CP Plus etc.

Visitors: Visitors include State Police, Procurement Department, CISF, CRPF, RAF, BSF, Customs, GRPF, NDRF, Special Frontier Force, Para Commandos, Special Action Group, COBRA and PSU's and educational institutes, stadiums and municipal corporations, among others.

Technologies on display: Technologies include RFID and surveillance for Internal Security and Policing, CCTV and Monitoring, Vehicle Identification Systems, GPS, Surveillance for communications and IT, Biometrics and Network surveillance.

8. Electronics For You Expo (EFY Expo) ( 2014 - http://2013.efyexpo.com/wp-content/uploads/2014/03/efy_PDFisation.pdf; 2015 - http://india.efyexpo.com//wp-content/uploads/2014/03/5th%20EFY%20Expo%20India_Brochure.pdf.)

EFY Expo is a electronics expo which showcases technologies across the spectrum of electronics industry. It has been held since 2010, in New Delhi, and is partnered by the Ministry of Communications and IT and the Ministry of Electronics and IT.

Exhibitors: Vantage Security; A2z Securetronix; Avancar Security; Digitals security; Securizen Systems; Vision Security; Mangal Security Systems, etc.

Visitors: The visitors include Government Agencies and ministries as well as systems integrators and telecom and IT providers.

Technologies on display: Identification and Tracking Products and Digital Security Systems are a specific category of the technologies on display.

9. Indesec Expo (Brochures: 2009 - http://www.ontaero.org/Storage/14/897_INDESEC_Oct11-13_2009.pdf. )

An exhibition focused on homeland security, and sponsored by the Ministry of Home Affairs, the expo has been held since 2008 in New Delhi, which includes a specific category for cyber security and counter terrorism.

Exhibitors: Rohde and Schwarz; Salvation Data; AxxonSoft; KritiKal; Shyam Networks; Teledyne Dalsa; Honeywell; General Dynamics; Northrop Grumman; Interchain Solutions, etc.

Visitors: Visitors include officials of the central government, central police and paramilitary forces, Ministry of Defence, central government departments, institutes and colleges, state government and police and ports and shipping companies.

10. Next Generation Cyber Threats Expo

Held since 2012 in New Delhi and Mumbai, the Next Generation Cyber Threats Expo focuses on securing cyber infrastructure and networks in India.

Exhibitors: Ixia, CheckPoint, etc.

Visitors: Visitors include Strategic Planning Specialists, Policy Makers and Law Enforcement among others.

11. SmartCards/RFID/e-Security/Biometrics expo (Brochures: 2013 - http://cis-india.org/internet-governance/blog/brochures-from-expos-in-india-2013 ; 2015 - http://www.smartcardsexpo.com/pdf/SmartCards_Expo_2015_Brochure_$.pdf)

These expos are organized by Electronics Today in Delhi or Mumbai since 1999 and supported by the Ministries of Commerce, Home Affairs and External Affairs. They showcase various identification solutions, attended by hundreds of domestic and international exhibitors.

Visitors: Target audiences include central and local level law enforcement and government organizations, Colleges and Universities, and defense forces.

12. Com-IT Expo (Brochure: 2014 - http://www.comitexpo.in/doc/Brochure.pdf)

This expo has been organized by the Trade Association of Information and Technology in Mumbai since 2008, and focuses on software and hardware Information Technology, with specific focus on IT security and surveillance.

Visitors: Visitors include Government Agencies, Airport Authorities, Police and Law Enforcement, Urban Planners, etc.

Technologies Displayed: CCTV's, Surveillance Devices and IP Cameras, etc.

13. GeoIntelligence India (Brochures: 2013 - http://www.geointelligenceindia.org/2013/Geointelligence%20India%20Brochure.pdf; 2014 - http://geointworld.net/Documents/GeoInt_Brochure_2014.pdf.)

It is an exposition held in New Delhi since 2014, organized by Geospatial Media and Communications Pvt Ltd, and is 'dedicated to showcasing the highest levels of information exchange and networking within the Asian defense and security sector.'

Exhibitors: ESRI (USA); BAE Systems (UK); Leica (Switzerland); Helyx (UK); Digital Globe; Intergraph; Trimble (USA); RSI Softech; Silent Falcon etc.

Visitors: Visitors included the Director General of Information Systems, CRPF, Manipur, Delhi, Haryana and Nagaland Police, CBI, ITBP, NSDI, SSB, National Investigation Agency, Signals Intelligence Directorate among others.

Surveillance Wares in India - The Surveillance Exhibits and what they tell us about the Indian Surveillance Industry

An analysis of the above companies and their wares give us some insight into what is being bought and sold in the surveillance industry, and by whom. Broadly, the surveillance technologies can be grouped in the following categories:

Video Surveillance and Analysis

IP Video Surveillance and CCTV are quickly becoming the norm in public spaces. Emerging video surveillance tools allow for greater networking of cameras, greater fields of vision, cheaper access and come with a host of tools such as facial recognition and tracking as well as vehicle tracking. For example, IBM has developed an IP Video Analytics system which couples monitoring with facial recognition.[8] USA's Intellivision also offers analytics systems which enable licence plate tracking, facial recognition and object recognition.[9] HGH Infrared's Spynel system allows infrared wide-area surveillance,[10] and CBC's GANZ allows long-range, hi-resolution surveillance. [11]

Video surveillance is gradually infiltrating public spaces in most major cities, with Governments promoting large-scale video surveillance schemes for security, with no legal sanctions or safeguards for protecting privacy.

Companies showcasing Video Surveillance: 3G Wireless Communications Pvt Ltd, Motorola Solutions (USA), Bosch, CP Plus, Ivis, Aditya Infotech, Micro technologies, Core Tech (Denmark), Merit Lilin , Schneider Electric, Shyam Systems, Dalsa, Honeywell, Teleste, Mirasys, CBC Group, Infinova, Radar Vision, QNAP, Ensign, Winposee, Bosch, Hik Vision (China), Alhua, Axis Communications, Vivotech (Taiwan), Endroid (USA), Vantge (UK), Pelco (France), Advik, Hi Focus (UK), ESMS, Keeper (China), Neoteric, Vizor, Verint (USA), IBM (USA), Digitals Security, Intellivision (USA), Intex, Esc Baz (Israel), Sparsh Securitech, A2zsecuretronix, Avancar Security, Securizen Systems, Vision Security, HGH Infrared (Israel).

RFID/Smart Cards/Biometric Identification

India has begun the implementation of the Unique Identification Programme for its 1.2 billion strong population, combining a host of identification technologies to provide a unique identification number and Aadhar Card - promoted as an all-purpose ID. However, this remains without legislative sanction, and continues in the face of severe privacy concerns. Such centralized, accessible databases of ostensibly private information present a grave threat to privacy. RFID, Smart Cards and Biometric Identification technologies (like the Aadhar) all make individual monitoring and surveillance significantly easier by enabling tracking of individual movements, consumer habits, attendance, etc.

Companies showcasing Identification Technologies:

AxxonSoft, Matrix Comsec, Ensign, Hi focus, Intellivision (USA), Interchain solutions, Inttelix, Kanoe, NEC (Japan), Pace, Realtime, Secugen, Source Security (USA), Spectra, Speech technology centre (Russia), BioEnable Technologies.

(For a more detailed list, see the Smart Cards Expo Brochures, linked above)

Mass Data Gathering, Monitoring and Analysis

The age of Big Data has led to big surveillance. Information and communication technologies now host significant amounts of individual data, and the surveillance industry makes all of this data accessible to a surveyor. Government mandated surveillance means any and all forms of communication and data monitoring are being implemented in India - there are network taps on telephony and deep packet inspection on internet lines, which makes telephone calls, SMS, VoIP, Internet searches and browsing and email all vulnerable to surveillance, constantly monitored through systems like the Central Monitoring System. Moreover, centralized information stores enable data mining - extracting and extrapolating data to enable better surveillance, which is what India's NATGRID aims to do.

Hacking Team Italy, Blue Coat USA and Amesys France, three of the five companies identified as 'enemies of the internet' for enabling dictatorships to use surveillance to quell dissent and violate human rights,[12] have all presented surveillance solutions at Defexpo India. Cyberoam USA and ZTE China also market Deep Packet Inspection technology,[13] while ESRI's Big Data suite allows analysis through mass surveillance and analysis of social media and publically available sources. [14]

Indian companies showcasing mass data monitoring technologies include Cyint, Fastech DPI tools,[15] Kommlabs VerbaProbe packet switching probes,[16] and ACSG's OSINT, which allows Big Data social media surveillance and Call Data Record analysis.[17]

Companies showcasing Data Gathering and Monitoring technologies:

Cobham, Comguard, Cyint, ELT (UK), Fastech, Hacking Team (Italy), Smoothwall (USA), Verint Systems (USA), Cyint technologies, Atlas Electronik (Germany), Audiotel International (UK), Avancar, Cobham (UK), ELT (UK), Eyewatch, Kommlabs, Mangal Security Systems, Merit Lilin (Taiwan), Ockham Solutions (France), Septier (Israel), Synway (China), ACSG Corporate, Amesys (France), Anritsu (Japan), Axis (Sweden), BAE Systems (UK), Blue Coat (USA), C-dot, Comint, Cyberoam (USA), Deviser Electronics, Elsira (Elbit) (Israel), Esri (USA), Exelis, General Dynamics (USA), Helyx (UK), ITP Novex (Israel), Leica (Switzerland), Net Optics (Ixia) (USA), Northrop Gruman (USA), Rahul Commerce, Rohde And Schwarz (Germany), RVG Diginet, Tas-Agt, Trueposition (USA), Zte Technologies (China).

Cell-Phone Location Tracking and Vehicle Monitoring

A number of technologies enable location tracking through vehicle GPS, GLONASS or other location technologies. RFID or optical character recognition further enables Automatic Number Plate Recognition, which can be exploited to enable vehicle surveillance to track individual movements. Embedded hardware and software on mobile phones also allows constant transmission of location data, which is exploited by surveillance agencies to track individual movements and location.

Companies showcasing Cell-Phone Location Tracking technologies: Verint, Eyewatch, Septier (Israel), True Position (USA),

Companies showcasing Vehicle Monitoring technologies: Hi-techpoint technologies pvt ltd, Axxonsoft, Essi, Fareye, Intellivision (USA), Interchain Solutions, ITP Novex (Israel), Kaneo, Kritikal, NEC (Japan), Saltriver Infosystems, Vision Security Systems.

Air/Ground Drones and Satellite Surveillance

The use of unmanned drones for security purposes is being adopted for law enforcement and surveillance purposes across the world, and India is no exception, using UAV's for surveillance in insurgency-hit areas,[18] amongst other uses, while still having no regulations for their use.[19] Drones, both aerial and ground level, are capable of large-scale territorial surveillance, often equipped with high-technology video surveillance that allows for efficient monitoring at the ground level.

Digital Globe offers satellite reconnaissance surveillance coupled with Big Data analysis for predictive monitoring. [20] Controp offers cameras specifically for aerial surveillance, while Sagem's Patroller Drone and Sperwer, and Silent Falcon's Solar Powered surveillance drone are Unmanned Aerial Vehicles (UAV's) for aerial video surveillance. Auruora Integrated, [21] and IdeaForge are Indian companies which have developed UAV surveillance drones in collaboration with Indian agencies.[22]

Companies showcasing Drone Surveillance: Aurora Integrated, Controp (Israel), Aerovironment (USA), Digital Globe (USA), ESRI (USA), Intergraph (USA), RSI Softech, Sagem (France), Silent Falcon (UAS), Textron (USA), Trimble (USA), Northrop Grumman (USA).

[1] Wikileaks, The Spy Files, available at https://www.wikileaks.org/the-spyfiles.html.

[2] Lawrence Lessig, Code V 2.0.

[3] For more information on the licensing regime, see 'Data Retention in India', available at http://cis-india.org/internet-governance/blog/data-retention-in-india.

[4] Rule 13, Information Technology (Procedure and Safeguards for Interception, Monitoring and Decryption of Information) Rules, 2009.

[5] Section 5, Indian Telegraph Act, 1885.

[6] See, for example, the Bangalore Traffic Police CCTV Scheme, http://www.bangaloretrafficpolice.gov.in/index.php?option=com_content&view=article&id=66&btp=66 ; the surveillance scheme supported by the MPLAD Scheme, http://mplads.nic.in/circular08112012.pdf; Mumbai's proposed video surveillance scheme, http://www.business-standard.com/article/companies/wipro-tata-ibm-reliance-among-31-bids-for-cctv-scheme-in-mumbai-112112600160_1.html.

[7] Information on the Forum is available at http://gdsf-india.com/Global-Digital-Surveillance-Forum1/images/GDSF-Bengaluru-Conference-program.pdf.

[8] http://www-01.ibm.com/support/knowledgecenter/SS88XH_1.6.0/iva/int_i2frs_intro.dita

[9] http://www.intelli-vision.com/products/recognition-suite

[10] http://www.hgh-infrared.com/Products/Optronics-for-security

[11] http://www.ifsecglobal.com/cbc-high-end-surveillance-tech-on-display-at-ifsec-india/

[12] http://surveillance.rsf.org/en/category/corporate-enemies/

[13] http://www.cyberoam.com/firewall.html

[14] http://www.esri.com/products/arcgis-capabilities/big-data

[15] http://www.fastech-india.com/packetBrokers.html

[16] http://www.kommlabs.com/products-verbaprobe.asp

[17] http://www.acsgcorporate.com/osint-software.html

[18] http://timesofindia.indiatimes.com/india/UAV-proves-ineffective-in-anti-Maoist-operations/articleshow/20400544.cms

[19] http://dronecenter.bard.edu/drones-in-india/

[20] https://www.digitalglobe.com/products/analytic-services

[21] http://www.aurora-is.com/

[22] http://www.ideaforge.co.in/home/

For more details visit https://cis-india.org/internet-governance/blog/surveillance-industry-in-india-analysis-of-indian-security-expos

The Surveillance Industry in India

maria — 2015-03-14T03:20:42Z

For more details visit https://cis-india.org/internet-governance/blog/surveillance-industry-india.pdf

The Surveillance and Security Industry in India - An Analysis of Indian Security Expos

divij — 2015-03-14T02:56:35Z

For more details visit https://cis-india.org/internet-governance/blog/surveillance-and-security-industry-in-india.pdf

The Stranger with Candy

nishant — 2015-04-17T11:00:04Z

Beware of online threats, as the distinction between friends and foes is false on the internet.

Nishant Shah's column was published in the Indian Express on June 16, 2013.

My parents and I were in Oslo, when after a long day in the city, we returned to an intriguing situation. My father, who is quite a digital migrant and uses the internet for daily exchanges, found an email from an uncle waiting in his inbox. The email begins with the uncle travelling to Madrid, Spain, to help an ailing cousin who needs a surgery and requested that my father help the writer, his cousin, with €2,500. The email ended with a note of urgency, "I will check my email every 30 minutes for your reply".

My father, who was by now rather agitated, asked my brother and me what could be done. People asking for money over email is the modern day equivalent of strangers bearing candy in a car. We were both immediately wary and when we saw the mail, we knew that it was a scam. Somebody had cracked into somebody's account and was now sending out emails to everybody in their contact list, hoping to make a quick buck. The only action we took was to inform the relative that his account seemed to have been compromised and that he needed to protect it.

This incident, in the context of disallowing children below 13 years on Facebook in India, got me thinking. How do we trust somebody, or something online? There is a presumption that digital natives instinctively know how to deal with dubious situations online. True, one seldom hears of a digital native falling for scams of Nigerian princes offering their inheritance or widows of bank managers in Saudi Arabia wanting to transfer millions to their bank accounts. But that might be because digital natives live more in gift and attention economies and have always been suspicious of anybody waving a wad of notes.

However, we do know that the young are often susceptible to other predators on the Web. While it might occasionally seem that the West's paranoia around paedophiles online, preying on young children as sexual victims might have reached the limits of logical absurdity, it remains indisputable that young adults haven't yet developed the codes to trust somebody online. We encounter countless stories of the young who endanger their futures by documenting their follies and foibles in the unforgiving and unforgetting space of the internet. Let us not forget the names of Adnan Patrawala and Koushambi Layek, who fell prey to strangers pretending to be friends and lovers on the social networking site Orkut.

I am not suggesting that the World Wide Web is any more dangerous than the brick and mortar world that we live in. Our flesh- and-bone bodies are under equal danger in our everyday lives. But over time, we have learned and have been taught how to decode conditions that might harm us. We have learned to distance ourselves from strangers with grins, and people who look hostile. The authorities have created visible signposts of danger all around us — from red traffic lights to surveillance cameras — that constantly remind us that safety is not the default mode of our existence but something that we need to incessantly create for ourselves.

The digital world has no such guidelines. The mammoth corporations, which now govern a large part of the cyberspace, individually try to create structures that would save us from falling victim to such attacks. So the filter on your Gmail account is an intelligent system that scans every byte of information that goes in and out of your inbox, learning both your behaviour patterns and your interaction modes, to filter out not only the obvious hoax emails but also things that you might deem as clutter. Smart browsers like Firefox identify IP addresses that are regularly abusive and warn us about installing any software that might originate there. On Facebook, certain pictures and posts with offensive content are censored even before they get into your data stream. The friendship algorithm, further ensures that you increasingly see content from your 'close friends' rather than strangers. In all these mechanisms, which use big data mining tools to recognise harmful patterns as well as encourage you to devise your own vouchsafes, there is an implicit understanding that the people we know will do us less harm. They are designed to keep out unwanted or potentially harmful people because it might lead to danger or conflict.

However, as we saw in the case of the email to my father, the distinctions between strangers and friends on the internet, is a forced one. When all digital avatars are a performance of a kind, it becomes easy for an imposter to take on that identity. The only credentials we have of somebody's authenticity are often their user accounts and email — data which can be stolen and manipulated effortlessly. And increasingly, we have learned that when it comes to the online world, the people who infect us with viruses, rob us of our money and crash our digital worlds are people who are our 'friends'.

While we shall learn through experience and through stories, there remains a need to develop a larger social discussion around trust online. This debate cannot be whether content needs to be censored online or whether certain groups should be allowed to get on to social network systems. Instead, it has to be a debate that realises the notions of friendship and trust, of networks and connections, are not merely extensions of the physical into the digital. On the infobahn, these are new modes of operation and being and it is not going to be easy to create a handbook of online safety. What we will need is an involved and inter-generational debate about the social, political and economic safety online and create signposts that remind us of the dangers of being online.

For more details visit https://cis-india.org/digital-natives/blog/indian-express-june-16-2013-nishant-shah-the-stranger-with-candy

Centre for Internet and Society

Token disclosures?

India References

India, A Bit-Player

Transparency Trends

Secret Orders Excluded

'Not the Whole Truth'

TIkTok: It’s time for Biden to make a decision on his digital policy with China

The Road so far: The ban and forced sale of TikTok

How should the Biden administration handle this situation?

Through the looking glass: Analysing transparency reports

Third South Asian Meeting on the Internet and Freedom of Expression

Agenda

January 14, 2013

January 15, 2013

List of Participants

Theorizing the Digital Subaltern

The​ ​Fundamental​ ​Right​ ​to​ ​Privacy:​ ​Part​ ​III SCOPE

The War for India's Internet

The Walls Have Ears

The Trouble with Hurried Solutions

WCIT, ITU and ITRs

Internet governance

Lack of consensus

The Take Down of Free Speech Online

Intermediaries not to be Liable in Certain Cases

The Surveillance Industry in India: At Least 76 Companies Aiding Our Watchers!

A glimpse of the surveillance industry in India

Did you Know:

“I´m not a terrorist, I have nothing to hide!”

The Surveillance Industry in India – An Analysis of Indian Security Expos

The Surveillance Industry in India

The Surveillance and Security Industry in India - An Analysis of Indian Security Expos

The Stranger with Candy

The Fundamental Right to Privacy: Part III SCOPE