Centre for Internet and Society

Indian government websites: Gold mine for cybercriminals

praskrishna — 2014-01-31T06:18:12Z

If you are a cybercriminal trying to commit identity theft or digitally impersonate a citizen, you have help from the unlikeliest of sources — the Government of India.

The article by Srutijith KK was published in the Times of India on January 3, 2014. Sunil Abraham is quoted.

Various government agencies have put vast amount of personal information online, often with little barrier to access and with hardly any provision to prevent their misuse.

Combine a few of these databases and you have a gold mine of information on India's citizens, including some of its wealthiest residents, whose bank accounts are of special interest to thieves. "If I want to target someone, I now have access to so much detail that shouldn't have been in public. Hackers with good social engineering skills will be able to call a call centre and impersonate a person. And from a stalking perspective, it has implications for not just celebrities, but anybody with a jilted lover, a political rival, and so on," said Binoo Thomas, a digital security expert at McAfee Labs.

For example, if somebody wants to get personal details of some of India's richest people, he would simply need to click on the LPG transparency links on Indane, Bharat Gas and HP portals and narrow the search to the South Mumbai region. Many gas agencies have their area of service in their names, such as Bandra Gas Agency or Colaba Gas Agency.

Select one of these gas agencies and you have a list of all the customers, with their consumer number, address and, in many cases, a mobile number. This database is also searchable by name. You can quickly search for any famous surname and be rewarded with a consumer number, residence address and in many cases, a mobile phone number.

A cursory search gave ET the mobile number and full residential address of the well-known matriarch of a famous business family. A search under the Bandra Gas Agency promptly showed the full residential address of a famous Bollywood actress. Your next stop could be the website of the Election Commission of India, which has asked all state Election Commissions to place the entire voter rolls online.

The voter roll also has the full residential address, age and gender of a person. A quick search on the MTNL Mumbai directory online will reveal the landline number for a person. With a little bit of luck and time to troll social networks such as Facebook and LinkedIn, a skilled cybercriminal can discern your date of birth and professional details.

Date of birth, phone number, alternate number and billing address are the details many telephone companies and banks use to determine whether a person calling its customer helpline is indeed who she says she is. This kind of information also allows a hacker to design effective phishing attacks, which lures a person into revealing information such as passwords or credit card numbers. An email that lists accurate personal information appears authoritative and has greater likelihood of being trusted by a recipient.

Thread of identity theft
This kind of crime has been on the rise. In December, US Department of Justice estimated that $24.7 billion were lost to identity theft in 2012, as 11.5 million Americans found themselves defrauded. Similar data is unavailable for India. "Privacy has become a matter of personal security. As the state has been pushed to function in a more transparent manner, authorities are making the details about us transparent instead! The data protection principles are well evolved all over the world.

All of these data controllers are in violation of every good principle. We don't need to wait for a law to observe these principles," said Usha Ramanathan, an independent law researcher specialising in privacy, surveillance and related issues. The ministry of rural development, which administers the Mahatma Gandhi National Rural Employment Guarantee Scheme, goes a step further, and places online the bank account numbers and IFSC codes for all its beneficiaries.

RTI requirements
The justification for publishing this kind of data online is typically section 4 of the RTI Act, which requires all government departments to proactively publish details of subsidy programmes, including details of the subsidy availed. However, section 8(1) of the same Act says that personal information that invades privacy of an individual need not be published unless an appellate authority decides that a larger public interest is served by it. It's unclear what public interest is served by the publication of full residential address, mobile number or bank accounts by various agencies.

In some cases, like the MNREGS and the voter rolls, sector-specific laws also apply. "Going by the provisions of the MGNREGA, which mandates proactive disclosures, we keep all processes in the public view... We have not perceived any threat in displaying bank account numbers of wage seekers, most of which have been opened for receiving wages," said R Subrahmanyam, the joint secretary at the ministry of rural development who heads the MNREGA division.

The petroleum ministry did not respond to an email requesting comment. In an emailed response, Chief Election Commissioner VS Sampath referred to Rule 33 of the Registration of Elector Rules, 1960, to establish that the voter roll was a public document. "Thus it can be seen that Electoral Roll is a public document which is available to the public for inspection. The Commission has, therefore, given instructions to put this public document on the website to facilitate inspection by public. When law stipulates that it is a public document, the public has a right to access it," he said. But no law states that anonymising techniques or relevant barriers to accessing private information should not be deployed.

Legal vacuum
India does not have an omnibus privacy law that overrides sector specific legislation. According to Sunil Abraham of the Bangalore-based thinktank Centre for Internet and Society, there are some 50 different laws that have a privacy element in India. The Department of Personnel and Training has been working on a draft privacy law for three years now.

"We need to think of this problem in the light of the privacy law that is being drafted. Traditionally and culturally our view of privacy has been different. A more explicit understanding of the privacy needs of the citizens is certainly welcome. Section 43A of the IT Act has provisions for data protection," said J Satyanarayana, secretary at the department of information technology.

But 43A applies only to corporations, and government agencies are not bound by it. Apart from the central government agencies, several state government agencies and schemes also collect and store personal information. But no standard protocol binds them in deciding who shall have access and who shall not.

For more details visit https://cis-india.org/news/the-times-of-india-january-3-2014-sruthijit-kk-indian-govt-websites-gold-mine-for-cybercriminals

State Surveillance and Human Rights Camp: Summary

elonnai — 2013-07-12T16:02:51Z

On December 13 and 14, 2012, the Electronic Frontier Foundation organized the Surveillance and Human Rights Camp held in Rio de Janeiro, Brazil. The meeting examined trends in surveillance, reasons for state surveillance, surveillance tactics that governments are using, and safeguards that can be put in place to protect against unlawful or disproportionate surveillance.

This research was undertaken as part of the 'SAFEGUARDS' project that CIS is undertaking with Privacy International and IDRC.

The camp also examined different types of data, understanding tools that governments can use to access data, and looked at examples of surveillance measures in different contexts. The camp was divided into plenary sessions and individual participatory workshops, and brought together activists, researchers, and experts from all over the world. Experiences from multiple countries were shared, with an emphasis on the experience of surveillance in Latin America. Among other things, this blog summarizes my understanding of the discussions that took place.

The camp also served as a platform for collaboration on the Draft International Principles on Communications Surveillance and Human Rights. These principles seek to set an international standard for safeguards to the surveillance of communications that recognizes and upholds human rights, and provide guidance for legislative changes related to communications and communications meta data to ensure that the use of modern communications technology does not violate individual privacy. The principles were first drafted in October 2012 in Brussels, and are still in draft form. A global consultation is taking place to bring in feedback and perspective on the principles.

The draft principles were institutionalized for a number of reasons including:

Currently there are no principles or international best standards specifically prescribing necessary and important safeguards to surveillance of communication data.
Practices around surveillance of communications by governments and the technology used by governments is rapidly changing, while legislation and safeguards protecting individual communications from illegal or disproportionate surveillance are staying the same, and thus rapidly becoming outdated.
New legislation that allows surveillance through access to communication data that is being proposed often attempts to give sweeping powers to law enforcement for access to data across multiple jurisdictions, and mandates extensive cooperation and assistance from the private sector including extensive data retention policies, back doors, and built in monitoring capabilities.
Surveillance of communications is often carried out with few safeguards in place including limited transparency to the public, and limited forms of appeal or redress for the individual.

This has placed the individual in a vulnerable position as opaque surveillance of communications is carried out by governments across the world — the abuse of which is unclear. The principles try to address these challenges by establishing standards and safeguards which should be upheld and incorporated into legislation and practices allowing the surveillance of communications.

A summary of the draft principles is below. As the principles are still a working draft, the most up to date version of the principles can be accessed here .

Summary of the Draft International Principles on Communications Surveillance and Human Rights

Legality: Any surveillance of communications undertaken by the government must be codified by statute.

Legitimate Purpose: Laws should only allow surveillance of communications for legitimate purposes.

Necessity: Laws allowing surveillance of communications should limit such measures to what is demonstrably necessary.

Adequacy: Surveillance of communications should only be undertaken to the extent that is adequate for fulfilling legitimate and necessary purposes.

Competent Authority: Any authorization for surveillance of communications must be made by a competent and independent authority.

Proportionality: All measures of surveillance of communications must be specific and proportionate to what is necessary to achieve a specific purpose.

Due process: Governments undertaking surveillance of communications must respect and guarantee an individual’s human rights. Any interference with an individual's human rights must be authorized by a law in force.

User notification: Governments undertaking surveillance of communications must allow service providers to notify individuals of any legal access that takes place related to their personal information.

Transparency about use of government surveillance: The governments ability to survey communications and the process for surveillance should be transparent to the public.

Oversight: Governments must establish an independent oversight mechanism to ensure transparency and accountability of lawful surveillance measures carried out on communications.

Integrity of communications and systems: In order to enable service providers to secure communications securely, governments cannot require service providers to build in surveillance or monitoring capabilities.

Safeguards for international cooperation: When governments work with other governments across borders to fight crime, the higher/highest standard should apply.

Safeguards against illegitimate access: Governments should provide sufficient penalties to dissuade against unwarranted surveillance of communications.

Cost of surveillance: The financial cost of the surveillance on communications should be borne by the government undertaking the surveillance.

Types of Data

The conversations during the camp reviewed a number of practices related to surveillance of communications, and emphasized the importance of establishing the draft principles. Setting the background to various surveillance measures that can be carried out by the government, the different categories of communication data that can be easily accessed by governments and law enforcement were discussed. For example, law enforcement frequently accesses information such as IP address, account name and number, telephone number, transactional records, and location data. This data can be understood as 'non-content' data or communication data, and in many jurisdictions can easily be accessed by law enforcement/governments, as the requirements for accessing communication data are lower than the requirements for accessing the actual content of communications. For example, in the United States a court order is not needed to access communication data whereas a judicial order is needed to access the content of communications.[1]

Similarly, in the UK law enforcement can access communication data with authorization from a senior police officer.[2]

It was discussed how it is concerning that communication data can be accessed easily, as it provides a plethora of facts about an individual. Given the sensitivity of communication data and the ability for personal information to be derived from the data, the ease that law enforcement is accessing the data, and the unawareness of the individual about the access- places the privacy of users at risk.

Ways of Accessing Data

Ways in which governments and law enforcement access information and associated challenges was discussed, both in terms of the legislation that allows for access and the technology that is used for access.

Access and Technology

In this discussion it was pointed out that in traditional forms of accessing data governments are no longer effective for a number of reasons. For example, in many cases communications and transactions, etc., that take place on the internet are encrypted. The ubiquitous use of encryption means more protection for the individual in everyday use of the internet, but serves as an obstacle to law enforcement and governments, as the content of a message is even more difficult to access. Thus, law enforcement and governments are using technologies like commercial surveillance software, targeted hacking, and malware to survey individuals. The software is sold off the shelf at trade shows by commercial software companies to law enforcement and governments. Though the software has been developed to be a useful tool for governments, it was found that in some cases it has been abused by authoritarian regimes. For example in 2012, it was found that FinSpy, a computer espionage software made by the British company Gamma Group was being used to target political dissidents by the Government of Bahrain. FinSpy has the ability to capture computer screen shots, record Skype chats, turn on computer cameras and microphones, and log keystrokes.[3]

In order to intercept communications or block access to sites, governments and ISPs also rely on the use of deep packet inspection (DPI).[4] Deep packet inspection is a tool traditionally used by internet service providers for effective management of the network. DPI allows for ISP's to monitor and filter data flowing through the network by inspecting the header of a packet of data and the content of the packet.[5] With this information it is possible to read the actual content of packets, and identify the program or service being used.[6]

DPI can be used for the detection of viruses, spam, unfair use of bandwidth, and copyright enforcement. At the same time, DPI can allow for the possibility of unauthorized data mining and real time interception to take place, and can be used to block internet traffic whether it is encrypted or not.[7]

Governmental requirements for deep packet inspection can in some cases be found in legislation and policy. In other cases it is not clear if it is mandatory for ISP's to provide DPI capabilities, thus the use of DPI by governments is often an opaque area. Recently, the ITU has sought to define an international standard for deep packet inspection known as the "Y.2770" standard. The standard proposes a technical interoperable protocol for deep packet inspection systems, which would be applicable to "application identification, flow identification, and inspected traffic types".[8]

Access and Legislation

The discussions also examined similarities across legislation and policy which allows governments legal access to data. It was pointed out that legislation providing access to different types of data is increasingly becoming outdated, and is unable to distinguish between communications data and personal data. Thus, relevant legislation is often based on inaccurate and outdated assumptions about what information would be useful and what types of safeguards are necessary. For example, it was discussed how US surveillance law has traditionally established safeguards based on assumptions like: surveillance of data on a personal computer is more invasive than access to data stored in the cloud, real-time surveillance is more invasive than access to stored data, surveillance of newer communications is more invasive than surveillance of older communications, etc. These assumptions are no longer valid as information stored in the cloud, surveillance of older communications, and surveillance of stored data can be more invasive than access to newer communications, etc. It was also discussed that increasingly relevant legislation also contains provisions that have generic access standards, unclear authorization processes, and provide broad circumstances in which communication data and content can be accessed. The discussion also examined how governments are beginning to put in place mandatory and extensive data retention plans as tools of surveillance. These data retention mandates highlight the changing role of internet intermediaries including the fact that they are no longer independent from political pressure, and no longer have the ability to easily protect clients from unauthorized surveillance.

1]. EFF. Mandatory Data Retention: United States. Available at: https://www.eff.org/issues/mandatory-data-retention/us
[2].Espiner, T. Communications Data Bill: Need to Know. ZDNet. June 18th 2012. http://www.zdnet.com/communications-data-bill-need-to-know-3040155406/
[3]. Perlroth, M. Software Meant to Fight Crime is Used to Spy on Dissidents. The New York Times. August 30th 2012. Available at: http://www.nytimes.com/2012/08/31/technology/finspy-software-is-tracking-political-dissidents.html?_r=0
[4]. Wawro, A. What is Deep Packet Inspection?. PCWorld. February 1st 2012. Available at: http://www.pcworld.com/article/249137/what_is_deep_packet_inspection_.html
[5]. Geere, D. How deep packet inspection works. Wired. April 27th 2012. Available at: http://www.wired.co.uk/news/archive/2012-04/27/how-deep-packet-inspection-works
[6]. Kassner. M. Deep Packet Inspection: What You Need to Know. Tech Republic. July 27th 2008. Available at: http://www.techrepublic.com/blog/networking/deep-packet-inspection-what-you-need-to-know/609
[7]. Anonyproz. How to Bypass Deep Packet Inspection Devices or ISPs Blocking Open VPN Traffic. Available at: http://www.anonyproz.com/supportsuite/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=138
[8].Chirgwin. R. Revealed: ITU's deep packet snooping standard leaks online: Boring tech doc or Internet eating monster. The Register. December 6th 2012. Available at: http://www.theregister.co.uk/2012/12/06/dpi_standard_leaked/

For more details visit https://cis-india.org/internet-governance/blog/state-surveillance-human-rights-camp-summary

December 2012 Bulletin

praskrishna — 2013-01-16T05:15:27Z

We at the Centre for Internet & Society wish you all a great year ahead. In the December 2012 newsletter, we bring you the draft early chapters of our “National Resource Kit” project for persons with disabilities (covering four southern states); and accessibility-related comments on the Twelfth Five Year Plan; the draft research on pervasive technologies and access to knowledge that we presented at the Global Congress on Intellectual Property and the Public Interest in Brazil; our comments on the privacy implications of including RFID tags in the proposed Rule 138A of the Motor Vehicle Rules, a report on the open access lectures delivered by Prof. Leslie Chan during his tour of India, reports of Wikipedia-related workshops conducted across three cities, and news and media coverage.

Jobs

CIS is seeking applications for the posts of Programme Officer (Access to Knowledge — Indic Language Initiatives), Developer (NVDA Project), Research Manager (Digital Humanities project), and Policy Associate (Access to Knowledge and Openness) and Policy Associate (Internet Governance). To apply send your resume to sunil@cis-india.org and pranesh@cis-india.org.

Accessibility

India has an estimated 70 million disabled persons who are unable to read printed materials due to some form of physical, sensory, cognitive or other disability. The disabled need accessible content, devices and interfaces facilitated via copyright law and electronic accessibility policies:

National Resource Kit for Persons with Disabilities
CIS received a grant of INR 54,83,200 from the Hans Foundation for Creating a National Kit of Laws, Policies and Programs for Persons with Disabilities on August 16, 2012. Anandhi Vishwanathan from CIS and Shruti Ramakrishnan from the Centre for Law and Policy Research are the researchers presently working for this project. Early draft chapters have been published. Feedback and comments are invited from the readers:

The Tamil Nadu Chapter (by Shruti Ramakrishnan, December 30, 2012).
The Karnataka Chapter (by Shruti Ramakrishnan, December 30, 2012).
The Kerala Chapter (by Anandi Vishwanathan, December 31, 2012).
The Andhra Chapter (by Anandi Vishwanathan, December 31, 2012).

Access to Knowledge

The Access to Knowledge programme addresses the harms caused to consumers, developing countries, human rights, and creativity/innovation from excessive regimes of copyright, patents, and other such monopolistic rights over knowledge:

Event Organised

2012 Global Congress on Intellectual Property and the Public Interest (FGV Law School, Rio de Janeiro, December 15 – 17, 2012). The Second Global Congress on Intellectual Property and the Public Interest was organized by Fundação Getulio Vargas, American University Washington College of Law, Columbia University, Open AIR, and ICSTD. Sunil Abraham and Pranesh Prakash participated in the event. Pranesh was one of the moderators in the Roundtable Discussion on Priority Policy Forums, Research and Analysis Needs and Commitments.

Research for the Global Congress

For the 2012 Global Congress on Intellectual Property and Public Interest event, CIS conducted research. Jadine Lannon (based on research by Annapoornima and Rohan George and with help from Yogesh Kumar did research on documentation of phones and their patent, Amba Kak did research on copyright and mobile licensing, Vikrant Vasudev conducted research on patent pools and valuation methods, Hans Varghese Mathews did research on mathematical models of patent pools and Nehaa Chaudhuri did research on analysis of 3Gand 4G patent pools.

Openness

The 'Openness' programme critically examines alternatives to existing regimes of intellectual property rights, and transparency and accountability. Under this programme, we study Open Government Data, Open Access to Scholarly Literature, Open Access to Law, Open Content, Open Standards, and Free/Libre/Open Source Software:

Event Report

Random Hacks of Kindness Global December 2012 — A Report (by Yogesh Londhe, December 10, 2012). Event was hosted at CIS office in Bangalore. CIS, Amnesty International India Office, Greenpeace India Office, HasGeek, Yahoo Research & Development and SimpleTechLife sponsored the event held in CIS office in Bangalore on December 1 and 2, 2012.

Events Participated

‘Information & Networks’ Partners’ Meeting (organised by International Development Research Centre, Canada in Rio de Janeiro, December 11 – 12, 2013). Sunil Abraham spoke in session on Open Business and IP.

Open Access Champion Leslie Chan Delivers Five Talks in India (Department of Library & Information Science, University of Kerala, National Institute of Interdisciplinary Science & Technology, CSIR, Indian Institute of Information Technology and Management – Kerala, Manasa Media Centre, Mysore University Library and SDM Institute for Management Development, December 17 – 20, 2012).

Access to Knowledge (Wikipedia Project)
Beginning from September 1, 2012, Wikimedia Foundation has awarded CIS a two-year grant of INR 26,000,000 to support and develop free knowledge in India. The A2K team consists of three members based in Delhi: Nitika Tandon, Subhashish Panigrahi and Noopur Raval.

Events Organised

Wikipedia Workshop at NMAIT (NMAIT, Karkala Taluk, December 21, 2012, co-organised in association with Metawings Institute).
Wikipedia Workshop at SRM (SRM University, Chennai, December 17, 2012, co-organised in association with Metawings Institute).
Marathi Wiki Workshop at TISS (Tata Institute of Social Sciences, Mumbai, December 8, 2012).

Blog Entries

Non Unicode ISCII Text Can be Converted to Unicode Now! (by Subhashish Panigrahi, December 19, 2012).
New Avenues: Media Wiki Groups (by Noopur Raval, December 28, 2012).

News / Media Coverage

A Report of Odia Wikipedia Workshop at IIT, Kharagpur (Samaja, Odia daily, Kolkata edition, December 3, 2012).

Videos

Wikipedia: State of Tech — A Talk by Erik Moeller (CIS, Bangalore, November 12, 2012). Erik Moeller, Vice President of Engineering and Product Development at the Wikimedia Foundation gave a talk.
Art in the Open Source Age — A Talk by Gene Kogan (CIS, Bangalore, November 30, 2012). Gene Kogan, a programmer and digital artist gave a talk.

HasGeek
HasGeek creates discussion spaces for geeks and has organised conferences like the Fifth Elephant, Droidcon India 2011, Android Camp, etc. HasGeek is supported by CIS and works out from CIS office in Bengaluru.

Upcoming Event

Meta Refresh (MLR Convention Centre, JP Nagar, Bangalore, February 22 and 23, 2013).

Internet Governance

The Internet Governance programme conducts research around the various social, technical, and political underpinnings of global and national Internet governance, and includes online privacy, freedom of speech, and Internet governance mechanisms and processes:

Analysis of Central Motor Vehicle Rules

Comments on the Proposed Rule 138A of the Central Motor Vehicle Rules, 1989 Concerning Radio Frequency Identification Tags (by Bhairav Acharya, December 3, 2012).

Columns/Op-eds

Online Censorship: How Government should Approach Regulation of Speech (by Sunil Abraham, Economic Times, December 5, 2012).
The Worldwide Web of Concerns (by Pranesh Prakash, Deccan Chronicle, and Asian Age, December 10, 2012).
The Trouble with Hurried Solutions (by Chinmayi Arun, The Hindu, December 15, 2012).
Tomorrow, Today (Nishant Shah, The Indian Express, December 29, 2012).

Event Organised

Meeting of the Network of Internet & Society Centers (organised by Berkman Center for Internet & Society, Alexander von Humboldt Institute for Internet & Society, Center for Technology & Society, KEIO University SFC, the MIT Media Lab, the MIT Center for Civic Media, NEXA Center for Internet & Society and CIS, Cambridge, Massachusetts, December 6 – 8, 2012).

Upcoming Events

DML Conference 2013 (Sheraton Chicago Hotel & Towers - Chicago, Illinois, March 14 – 16, 2012).

Events Participated

Second International e-Governance Conference (organized by the National Committee for Corporate Governance Electronic Iraq and the United Nations Development Programme, Rashid Hotel, Baghdad, December 2, 2012). Sunil Abraham presented on "Review of the Legal Environment in Iraq for Effective e-Governance".
Seminar/Artist Talks : "Outresourcing" with the Transmediale Collective (organised by the Berlin - Transmediale new media collective, December 3, 2012, Bangalore). Sharath Chandra Ram presented a White Paper.
World Conference on International Telecommunications (organised by ITU, December 3 – 14). Chinmayi Arun participated as a civil society representative.
Internet Driven Developments: Structural Changes and Tipping Points (organised by Berkman Center for Internet & Society, Cambridge, Massachusetts at Harvard University, December 6 – 8, 2012).
Annual Conference on Human Rights 2012 (organised by Estonian Institute of Human Rights and Google). Malavika Jayaram participated as a panelist.
State Surveillance and Human Rights Camp (Sheraton Rio Hotel & Resort, Rio, Brazil, December 13 and 14, 2012). Elonnai Hickok made a presentation on MLATS and International Cooperation for Law Enforcement Purposes.
Economic Impact of Internet in India (organised by Aspen Institute India, December 21, 2012). Chinmayi Arun attended this event.

Blog Entries

Transcripts from WCIT-12 (by Snehashish Ghosh, December 3, 2012).
Section 66-A, Information Technology Act, 2000: Cases (by Snehashish Ghosh, December 3, 2012).
Internet-driven Developments — Structural Changes and Tipping Points (by Elonnai Hickok, December 28, 2012).
State Surveillance and Human Rights Camp: Summary (by Elonnai Hickok, December 31, 2012).
Mining the Web Collective (by Sharath Chandra Ram, December 31, 2012).

Video

Technology Culture and Events in South East Asia — A Presentation by Preetam Rai (CIS, Bangalore, December 18, 2012). Preetam Rai gave a lecture.

Media Coverage

66A ‘cut & paste job’ (by GS Mudur, Telegraph, December 3, 2012). Pranesh Prakash and Snehashish Ghosh are quoted.
Ayodhya trending on Twitter sparks censorship concerns (by Surabhi Agarwal, December 6, 2012). Sunil Abraham is quoted.
Debate on Section 66A rages on (Vasudha Venugopal, The Hindu, December 10, 2012). Pranesh Prakash is quoted.
Hacktivists deface BSNL website (by Kim Arora, The Times of India, December 13, 2012).
Govt likely to issue guidelines to clarify IT rules soon (by Surabhi Agarwal, LiveMint, December 16, 2012).
The freedom of expression debate: The State must mend fences with The Web (by Rahul Jayaram, India Today, December 18, 2012).
‘The IT Act is fine, but its interpretation is not’ (DNA, December 19, 2012).
No fear of losing internet freedom till Jan 15: Experts (by Kim Arora, The Times of India, December 22, 2012). Pranesh Prakash is quoted.
UN agrees to review agencies governing Internet (by Surabhi Agarwal, LiveMint, December 27, 2012). Pranesh Prakash is quoted.
Delhi gang rape: What Facebook, Twitter expose about govt (The Times of India, December 31, 2012). Pranesh Prakash is quoted.
A note of dissent on cash transfers and UID (The Hindu, December 31, 2012). Sunil Abraham was one of the signatories.
The year social media came of age in India (by Javed Anwer and Rukmini Shrinivasan, The Times of India, December 31, 2012). Sunil Abraham is quoted.

Telecom

While the potential for growth and returns exist for telecommunications in India, a range of issues need to be addressed. One aspect is more extensive rural coverage and the other is a countrywide access to broadband which is low. Both require effective and efficient use of networks and resources, including spectrum:

Newspaper Column

Inflation Control Through Structural Reforms (by Shyam Ponappa, Business Standard, December 11, 2012).

Building Knowledge and Capacity around Telecommunication Policy in India
Ford Foundation has given a grant of USD 2,00,000 to CIS to build expertise in the area of telecommunications in India. The knowledge repository deals with these modules: Introduction to Telecommunications, Telecommunications Infrastructure and Technologies, Government of India Regulatory Framework for Telecom, Telecommunication and the Market, Universal Access and Accessibility, The International Telecommunications Union and other international bodies, Broadcasting, Emerging Topics and Way Forward. Dr. Surendra Pal, Satya N Gupta, Paranjoy Guha Thakurta, Payal Malik, Dr. Rakesh Mehrotra and Dr. Nadeem Akhtar are the expert reviewers.

The following are the new outputs:

Licensing Framework for Telecom: A Historical Overview (by Snehashish Ghosh, December 31, 2012).
Market Structure in the Telecom Industry (by Snehashish Ghosh, December 31, 2012).

Digital Natives

Digital Natives with a Cause? examines the changing landscape of social change and political participation in light of the role that young people play through digital and Internet technologies, in emerging information societies. Consolidating knowledge from Asia, Africa and Latin America, it builds a global network of knowledge partners who critically engage with discourse on youth, technology and social change, and look at alternative practices and ideas in the Global South:

Book Review

Not Just Fancy Television (by Nishant Shah, Indian Express, December 8, 2012): Nishant Shah reviews Ben Hammersley's book "64 Things You Need to Know for Then: How to Face the Digital Future Without Fear ", published by Hodder & Stoughton.

Media Coverage

What does it mean to be a digital native? (by Oliver Joy, CNN, December 8, 2012).

About CIS

CIS was registered as a society in Bangalore in 2008. As an independent, non-profit research organisation, it runs different policy research programmes such as Accessibility, Access to Knowledge, Openness, Internet Governance, and Telecom. The policy research programmes have resulted in outputs such as the e-Accessibility Policy Handbook for Persons with Disabilities with ITU and G3ict, and Digital Alternatives with a Cause?, Thinkathon Position Papers and the Digital Natives with a Cause? Report with Hivos, etc. We conducted policy research for the Ministry of Communications & Information Technology, Ministry of Human Resource Development, Ministry of Personnel, Public Grievances and Pensions, Ministry of Social Justice and Empowerment, etc., on WIPO Treaties, Copyright Bill, NIA Bill, etc. CIS is accredited as an observer at WIPO, and has given policy briefs to delegations from various countries, our Programme Manager, Nirmita Narasimhan won the National Award for Empowerment of Persons with Disabilities from the Government of India and also received the NIVH Excellence Award.

Follow us elsewhere

Get short, timely messages from us on Twitter
Join the CIS group on Facebook
Visit us at http://cis-india.org

Support Us
Please help us defend consumer / citizen rights on the Internet! Write a cheque in favour of ‘The Centre for Internet and Society’ and mail it to us at No. 194, 2nd ‘C’ Cross, Domlur, 2nd Stage, Bengaluru – 5600 71.

Request for Collaboration
We invite researchers, practitioners, and theoreticians, both organisationally and as individuals, to collaboratively engage with Internet and society and improve our understanding of this new field. To discuss the research collaborations, write to Sunil Abraham, Executive Director, at sunil@cis-india.org or Nishant Shah, Director – Research, at nishant@cis-india.org

CIS is grateful to its donors, Wikimedia Foundation, Ford Foundation, Privacy International, UK, Hans Foundation and the Kusuma Trust which was founded by Anurag Dikshit and Soma Pujari, philanthropists of Indian origin, for its core funding and support for most of its projects.

For more details visit https://cis-india.org/about/newsletters/december-2012-bulletin

Bangalore CryptoParty!

praskrishna — 2013-01-06T13:47:02Z

Care about your privacy and online security? Want to fight against pervasive governmental surveillance and corporate invasions of privacy? The Centre for Internet & Society invites you to the CryptoParty tonight (Friday) at 6.00 p.m. Make sure to bring friends (and your laptop and smart phones)!

We will discuss, install and use digital security and privacy tools and practices.

Hosts

Thejesh GN
Kaustubh Srikanth
Pranesh Prakash

Details

We Will Provide

Food and drinks: Snacks - Samosas + Kachoris + Biscuits + Tea + Soft Drinks
Software: Security-in-a-box toolkits + Ubuntu Live USBs + software + internet connection
Expertise: Kaustubh Srikanth + Thejesh GN + Pranesh Prakash

You need to bring

Your own laptop (highly recommended)
Desire to learn about secure and private communications and storage (mandatory! :D)
Expertise, to share with others (if possible)

Intro

(20 mins)

Privacy vs. convenience
Importance of Free and Open Source Software and Open Standards
Basics of Passwords

Choosing secure passwords

Dropbox Register Page

Storing comes later
2FA - Google Authenticator

Securing online Identities

Show and tell

Browsing (45 mins)
(5 mins)

Firefox (multiple platforms) / offline

(15 mins):

AdBlockPlus
RequestPolicy
HTTPSEverywhere
Ghostery / DoNotTrackMe
Noscript

(5 mins)

Anti-Google Surveillance

DuckDuckGo
GoogleSharing

(10 mins)

Password management

Keepass + Password Safe
Cloud Services

LastPass
Keepass + Dropbox

Email + IM (1 hour)
(10 mins)

Thunderbird (multiple platforms) / available offline

Enigmail

(30 mins)

GPG4Win + GPGTools / offline
Seahorse (on Ubuntu Fresh Install)
Enigmail + Key Management (Kaustubh)
Key-signing party!

(15 mins)

Instant Messaging with OTR

Pidgin + Adium / offline
OTR / offline

Tell (27 mins)
(5 mins)

Tor (Pranesh)

(5 mins)

VPNs and SSH tunnel

RiseUp (Kaustubh)
SSH tunneling using AWS / RackSpace (Thej)

(12 mins)

Mobiles

APG + K9 (Pranesh)
WhisperCore (Kaustubh mentions)
Text Secure (Thej)
Gibbberbot (Pranesh)

(3 mins)

Full-disk encryption

Ubuntu (Pranesh demoes quickly)
BitLocker
TrueCrypt

(2 mins)

Virtual machines

VirtualBox (Kaustubh demoes quickly)

For more details visit https://cis-india.org/internet-governance/events/bangalore-crypto-party

State Surveillance and Human Rights Camp

praskrishna — 2012-12-21T07:19:55Z

A two-day conference was held in Rio on December 13 and 14 at Sheraton Rio Hotel & Resort. Elonnai Hickok participated in the event and made a presentation on MLATS and International Cooperation for Law Enforcement Purposes.

Click here to see the Wiki page of the event. See Elonnai's presentation here [PDF, 313 Kb].

DAY 1: Mapping Out Government Surveillance Problems

8:30 - 9:00 Registration

9:00 - 9:10 Welcome/Introduction

Katitza Rodriguez, Electronic Frontier Foundation [Peru, ES]

Simultaneous interpretation from Spanish to English and Portuguese.

Plenary: Kinds of Data, Ways of Getting It

09:10 - 10:30

Chair: Enrique Chaparro, Fundacion Via Libre [Argentina, ES]

Metadata, online identifiers, and technologies of surveillance

Seth Schoen, Electronic Frontier Foundation [United States, EN]

Simultaneous interpretation from English to Spanish and Portuguese.

Surveillance is getting easier and cheaper for many reasons, not least because people are using electronic communications more than ever before, and there are so many facts out there to be noticed about the ways devices are talking to each other.
I will talk about the kinds of things that refer to people and their devices, with a particular focus on telecommunications metadata and transactional records that are described as "non-content" and may receive lower levels of legal protection. I'll discuss who is in a position to record this information, some of the things that can be learned from it, and why traffic analysis is powerful and difficult to defend against.
I'll try to explain concepts like MAC address, IP address, account name and number, telephone number, IMEI, IMSI, transient identifiers, log files, transactional records, locational privacy, and associational privacy.

How law enforcement agencies use cell phone location tracking technology in criminal cases

Hanni Fakhoury, Electronic Frontier Foundation [United States, EN]

With the rise of smartphones, the U.S. government's use of cell site location data to pinpoint our exact location has grown more widespread (and precise) over time. For years, U.S. courts permitted the government to get this location data without a search warrant under a tortured interpretation of federal electronic privacy statutes and an even more alarming constitutional argument: that we don't have any privacy in data we turn over to third parties, like cell phone companies. This talk will review what location data is and why the police want it, how they can get it under U.S. law, and legal and practical steps that need to be taken to safeguard our privacy.

Simultaneous interpretation from English to Spanish and Portuguese.

Deep packet inspection: What it is, how it works, and how it is used for surveillance

Chris Parsons, Doctoral Candidate, University of Victoria [Canada, EN]

Simultaneous interpretation from English to Spanish and Portuguese.

We are in the midst of a standardization revolution, a mass translation of discordant analogue signal types to interoperable digital transmission standards. All this digitized consumer traffic passes through the gateways of Internet Service Providers’ (ISPs). ISPs function as communicative bottlenecks, ideally positioning them to monitor, mine, and modify data using the Deep Packet Inspection (DPI) appliances situated within their networks. Some uses of these appliances could reshape the conditions of communication in democracies, blocking or modifying data transmissions in near real time.
In this presentation I discuss the technical capabilities of deep packet inspection and its significance for increased private and public surveillance capabilities. Drawing from case material from academic and advocacy work, I identify how the technology has been used for ISP-level surveillance, for copyright purposes, for national security purposes, and for advertising purposes. Moreover, I address how advocates in differing nations have opposed various uses of the technology, why they have done so, and conditions that facilitate domestic resistance to deep packet inspections' uses.

Advances in online spying: Commercial surveillance software, targeted hacking and beyond

Morgan Marquis-Boire, Google [New Zealand, EN]

Eva Galperin, Electronic Frontier Foundation [United States, EN]

Simultaneous interpretation from English to Spanish and Portuguese.

Against an increasingly security-aware online community, the traditional tools of blocking, filtering, and wiretapping have become less effective. Nervous regimes turn to the largely unregulated $5 billion a year industry in Internet surveillance tools.
Once the realm of the black market and intelligence agencies, the latest computer spyware is now sold at trade shows for dictator pocket change.
This talk will detail the cat and mouse game between authoritarian regimes and dissidents, as well as ongoing efforts to map out the relationship between surveillance software companies and governments.

10:30 - 10:40 Coffee Break

Workshops: Round I

10:40 - 11:50

Format: Interactive sessions with active participat0ion from the audience.

Workshop 1: Mobile privacy threats

This workshop addresses the ways governments are tracking mobile devices’ location and use, and why it’s been harder to protect communications privacy on mobile devices than on PCs.

Facilitators:
Hanni Fakhoury, Electronic Frontier Foundation [United States, EN]
Seth Schoen, Electronic Frontier Foundation [United States, EN/PT]

Rapporteur:
Enrique Chaparro, Fundación Vía Libre [Argentina, EN/ES]

Workshop 2: Training activists about state surveillance capabilities

In this workshop we’ll talk about some of new surveillance technologies that states are deploying, and the tactics that are used to legitimize the surveillance.
Going beyond just ‘what is used and how’, we speak to some political tactics that advocates have used to resist these tools on practical and principled levels, some of the conditions that contribute to successes, and ways of mobilizing effective strategies against expansions of state surveillance.

Facilitator:
Chris Parsons, University of Victoria [Canada, EN]

Rapporteur:
Katarzyna Szymielewicz, European Digital Rights [Poland, EN]

Workshop 3: Tactics for opposing state sponsored malware and surveillance

This workshop will review the different tactics government and non-government actors have employed to stop authoritarian regimes from making use of surveillance technology built in the United States and Europe to spy on their citizens.
We will discuss corporate responsibility, export controls, as well as the role of security research and user education campaigns. The workshop will end with a brainstorm of at least one concrete action each workshop attendee can take.

Facilitators:

Eva Galperin, Electronic Frontier Foundation [United States, EN]
Morgan Marquis-Boire [New Zealand, EN]

Rapporteur:
Silvio Rhatto, Sarava Group [Brazil, PT]

Reporting Back Session

11:50 - 12:40 Chair:

Katitza Rodriguez, Electronic Frontier Foundation [Peru, ES]

Rapporteurs:
Enrique Chaparro, Fundación Vía Libre [Argentina, EN/ES]
Katarzyna Szymielewicz, European Digital Rights [Poland, EN]

Report: Training Activists about State Surveillance Capabilities

Silvio Rhatto, Sarava Group [Brazil, PT]

Format: Each rapporteur has 10 minutes to report back about the results of their workshop discussion and 20 minutes to answer questions.

12:40 - 2:00 Lunch

Legal and Policy Plenary: Government Access to People’s Data

2:00 - 3:20

Chair: Pedro Paranaguá, Advisor for Internet Policy to the Workers’ Party in the Brazilian Chamber of Deputies [Brazil, PT/EN]

Different data, different rules? How the law has assigned varying levels of privacy protection to different categories of personal information

Kevin Bankston, Center for Democracy and Technology [United States, EN]

Using the example of US law, this presentation will map the different legal protections that have traditionally been applied to different types surveillance of different types of data, and consider how to redraw that map in light of new technologies.
Speaking generally, US surveillance law has been written based on the assumptions that: (1) surveillance of data on your computer is more invasive than access to your data in the cloud;(2) real-time surveillance is more invasive than access to stored data; (3) surveillance of the content of communications is more invasive than surveillance of non-content meta-data; (4) surveillance of newer communications is more invasive than surveillance of older communications.
These assumptions have long defined which types of surveillance are most strongly regulated against and which types of data are most strongly protected by law. Changing technology has made these assumptions about invasiveness and privacy increasingly obsolete, assuming that they ever made sense at all. But if these distinctions are outdated, what if any legal distinctions between different types of surveillance or data should replace them? How, if at all, can the law sensibly distinguish between personal communications and communications data in which we have a reasonable expectation of privacy, and that which we do not?

Simultaneous interpretation from English to Spanish and Portuguese.

Internet companies as an agent of the state & european mandatory telecommunications data retention

Katarzyna Szymielewicz, European Digital Rights [Poland, EN]

In this short presentation I will introduce European (i.e. based on EU legislation) regime of mandatory retention of telecommunication data for law enforcement purposes, explaining its political context, implementation and negative impact on human rights standards (not just privacy-related!).
Using case studies of Poland and Germany I will present two strikingly different approaches to storing telecommunication data and law enforcement, thus questioning the necessity and proportionality of this controversial measure. I will also touch briefly on pending political developments (including the revision of the Data Retention Directive and the reform of data protection law in the EU), explaining what the stakes are, what European civil society organisations are fighting for and why it is such an important fight. Finally, I will explain how the debate about mandatory data retention feeds into a broader discussion about the role of Internet intermediaries, including both their independence from political pressure and protection of their clients from surveillance executed by “private police.”

Simultaneous interpretation from English to Spanish and Portuguese.

Crossborder access to citizen's data and cloud computing in the investigation of criminal cases: Regional trends

Marcos Salt, profesor de derecho penal y procesal penal de la universidad de Buenos Aires (UBA) [Argentina, ES]

During the brief presentation, I will present practical examples of the problems caused by the application by analogy of the rules on physical evidence to obtain digital evidence.
I try to show that this trend is inconvenient to both for efficiency in the investigation of crimes by the state as to the validity of individual rights. I will place special reference to cross-border access to citizen's data in the cloud.

Simultaneous interpretation from Spanish to English and Portuguese.

Background on lawful interception mandates and government access to encryption keys

Seth Schoen, Electronic Frontier Foundation [United States, EN]

Simultaneous interpretation from English to Spanish and Portuguese.

In this session, I'll discuss some of the history of fights over government surveillance powers and government access in the United States, starting in the early 1990s and continuing to the present day. These issues have centered on three main themes: restrictions on cryptography and privacy tools, obligations for communications intermediaries to acquire and implement surveillance capabilities, and mandatory retention of telecommunications data.
One interesting point is that many of the same themes keep recurring: the powers that the government is seeking today are often similar to those it sought two decades ago.
Another interesting point is that the government has not always been successful in expanding its surveillance powers. Many of its proposals never became law and there are still plenty of issues left to fight over. But governments around the world are continuing to having a major effect on the design of technology, getting wiretapping interfaces and backdoors added to communications systems and discouraging deployments of strong encryption.

MLATS and International Cooperation for Law Enforcement Purposes

Elonnai Hickok, Center for Internet & Society India [India, EN]

In this session I will be looking at the challenges, requisite safeguards, and possible solutions in the context of international cooperation for fighting crime. In doing so I will look closely at the proposed principle of safeguards for international cooperation.
The objective of this session will be to explore ways of improving MLATS and international law enforcement cooperation in order to ensure that basic safeguards can be built into the process of international cooperation.

Simultaneous interpretation from English to Spanish and Portuguese.

Format: 10-15 minutes for each five speakers to introduce legal issues and 20 minutes of discussions

3:10 - 3:20 Coffee Break

Workshops: Round II

3:20 - 4:30

Workshop 1: Electronic surveillance demonstrations

In this workshop, we'll take a look at a few electronic surveillance devices (including an ordinary laptop) and look at some of what they can intercept. Technological infrastructure permitting, we may have a live demonstration of intercepting or modifying users' Internet communications.
We'll also consider low-cost surveillance techniques and discuss what kinds of demonstrations have the most pedagogical value for making users aware of particular threats.

Facilitator:
Seth Schoen, Electronic Frontier Foundation [United States, EN]

Rapporteur:
Eva Galperin, Electronic Frontier Foundation [United States, EN/ES/PT]

Simultaneous interpretation from English to Spanish and Portuguese.

Workshop 2: Legal framework regarding compelled disclosure of communications, subscriber information, and cryptographic keys

In this workshop we will cover various examples of compelled disclosure of private information (from subscriber information and content of communication to cryptographic keys) in the context of law enforcement, focusing on their legal aspects. We will briefly present various legal frameworks, discussing both the examples of legal safeguards (“good practices”) and their shortcomings that allow for government surveillance.
We will also look at various human rights implications of these measures and (potential / existing) role of private companies from the perspective of their compliance with such measures (incl. when requested by non-democratic regimes).

Facilitators:
Katarzyna Szymielewicz, European Digital Rights [Poland, EN]
Elonnai Hickok, Center for Internet & Society India [India, EN]

Rapporteur:
Hanni Fakhoury, Electronic Frontier Foundation [United States, EN]

Workshop 3: What data is most private? What surveillance is most invasive? How if at all should laws treat them differently?

This workshop will build on the discussion that began in the law & policy plenary, discussing how certain surveillance laws have applied different legal protections to different types of data and surveillance, and questioning whether such distinctions make sense in light of new technology.
The workshop will address that question from legal, personal, and political perspectives. Participants will share with each other details of how the laws in their countries treat different types of data and different types of surveillance, to facilitate shared understanding of the existing legal frameworks and to identify existing gaps and discrepancies in current legal protections.
Based on their own personal experiences as Internet users and as advocates, participants will then discuss what data in their lives they consider most private and what types of surveillance they find most invasive, and reflect on how if at all the law should distinguish between them. Finally, participants will discuss the politics of these different frameworks: both how gaps and weaknesses in existing frameworks threaten the ability of advocates to politically organize in the face of government surveillance, and how we can best work through the political process and change those frameworks to better reflect current technology and human rights norms.

Facilitators:
Kevin Bankston, Center for Democracy and Technology [United States, EN]
Danilo Doneda, Fundação Getúlio Vargas [Brazil, PT/EN]

Rapporteur:
Beatriz Busaniche, Fundación Vía Libre [Argentina, ES]

Reporting Back Session & Closing Meeting Day 1

4:30 - 5:20

Chair:
Katitza Rodriguez, Electronic Frontier Foundation [Peru, ES]

Rapporteurs:
Eva Galperin, Electronic Frontier Foundation [United States, EN/ES/PT]

Report: Demonstrating Surveillance

Hanni Fakhoury, Electronic Frontier Foundation [United States, EN]

Report: Compelled Disclosure of Communications, Subscriber Information & Cryptographic Keys

Beatriz Busaniche, Fundación Vía Libre [Argentina, ES]

Report: What Data is Most Private? What Surveillance is Most Invasive? Should Laws Treat Different Data Differently?

8:30 pm Dinner

DAY 2: Challenges and Mapping Out Possible Solutions
8:55 - 9:00 Welcome

Plenary: Surveillance in Latin America
9:00 - 10:20

Chair: Camila Marques, Lawyer, ARTIGO 19 [Brazil, PT]

Surveillance in Colombia
Carlos Eduardo Huertas, Semana [Colombia, ES]

Surveillance in Cuba
“Mario Hernandez” [Cuba, ES]

Surveillance in the Northern Triangle
Renata Avila, Global Voices [Guatemala, ES]

Surveillance in Peru
Yonsi Solis, Global Voices [Peru, ES]

Surveillance in Mexico
Caracol Azul, [Mexico, ES]
This session will have simultaneous interpretation from Spanish to English and Portuguese

Keynote: Challenges Posed By Electronic Surveillance

10:20 - 10:40
Frank La Rue, United Nations Special Rapporteur on Freedom of Expression [Guatemala, ES]
Increasing pressure (legal and political) on private parties to help carry out the state’s surveillance mandate.

Simultaneous interpretation from Spanish to English and Portuguese

10:40 - 11:00 Coffee Break

Plenary: International Surveillance & Human Rights Principles: Challenges and Opportunities in Latin America

11:00 - 11:50

Chair: Carly Nyst, Privacy International [Australia/UK, EN]
Simultaneous interpretation from English to Spanish and Portuguese.

Explanation of the Principles: Background, purpose, need, challenges and opportunities

Chilean and Latin American perspectives

Alberto Cerda, Derechos Digitales [Chile, ES]
Simultaneous interpretation from Spanish to English and Portuguese

Expansion of Brazilian law enforcement powers to access users’ digital information

Pablo Ortellado, GPOPAI [Brasil, PT/EN]
Simultaneous interpretation from Portuguese to Spanish and English

Surveillance and regional human rights standards

Juan Camilo Rivera, Comisión Colombiana de Juristas [Colombia, ES]
Simultaneous interpretation from Spanish to English and Portuguese

Workshops: Round III

11:50 - 1:00

Workshop 1: International surveillance and human rights principles: Perspectives from Latin America

Facilitator:
Alberto Cerda, Derechos Digitales [ES] & Carly Nyst, Privacy International [UK, EN]

Rapporteur:
Juan Camilo Rivera, Comisión Colombiana de Juristas [Colombia, ES]

Workshop 2: Technical community activism
What is the technology community doing to defend privacy?

Facilitators:

Enrique Chaparro, Fundación Vía Libre [Argentina, ES ]
João Carlos Caribé, Movimento Mega (aka Mega Não) [Brazil, PT/EN]

Rapporteur:
Eva Galperin, Electronic Frontier Foundation [USA, EN]

Plenary: Hands-on Activism

2:40 - 3:50 p.m.

Chair: Rebecca Bowe, Electronic Frontier Foundation [United States, EN]

Simultaneous interpretation from English to Spanish and Portuguese.

What is meant by Hands-On Activism? As you’ll learn from our panelists, there are many strategies that can be utilized to push back against a surveillance practice or proposal. We’ll cover the most effective ways to obtain public records; strategies for generating interest in digital rights issues; fresh and extraordinary approaches to creative campaigning, and tactics used by an international nonprofit to tackle privacy issues with online campaigns.

Raising digital awareness in Peru

Marco Sifuentes, Instituto Prensa y Sociedad [Peru, ES]

Peru has a very active and influential online community. It can affect the course of elections, prove the president wrong and stop law projects. It can work very well on "real world" matters. But when it comes to online issues, it's been hard to raise awareness on the Peruvian general public and even on the media. What went wrong? However, in the past year, some digital topics have received a lot of coverage. Some not. What changed? I’ll share Peru's experience in the hope that every participant can compare it with his or her own country's situation.

Online organizing for human rights

Fabiola Carrion, Access [Peru, ES/EN]

A recent addition to the Access Team, Fabiola will begin her presentation by talking about her own experiences in organizing and advocacy, arguing that the struggle for human rights is increasingly moving online. She will discuss new tools of organizing, and the importance of combining technology, policy, and grassroots advocacy tactics to affect holistic change in internet policy debates. Her presentation will include a series of short case studies from around the world where Access, along with its various allies, have successfully campaigned for a free and open internet. Her presentation will conclude with a discussion of lessons learned and best practices for online organizing, particularly around issues of surveillance and due process.

Surveillance and secrecy: Strategy and tactics - Using the law to uncover abuse of LEAs’ surveillance powers

Geoff King, Lawyer [United States, EN]

Open government laws, though riddled with exemptions, are powerful tools for shedding light on the governmental operations. One way in which these laws can be used is to uncover the existence of law enforcement surveillance, as well details about the tools used to achieve such surveillance. This portion of the presentation will explore how journalists and activists can employ successful transparency strategies in the face of various procedural pitfalls. It will also give concrete examples of how such strategies have paid off in the recent past.
Presentation Materials

Creative campaigning: tactical media mashup
Vladan Joler, Share Foundation [Serbia, EN]

Explore the beautiful world of tactical media as a creative tool for getting your message out there.
From creative campaigning during Serbian protests in the 90s to “lo fi” media interventions, protests inside computer games, media pranks and parasite media tactics to social media bots and Twitter bombs.
Presentation Materials

Simultaneous interpretation from English to Spanish and Portuguese Return to Top

3:50 - 4:10 Coffee Break

Workshops: Round IV

4:10 - 5:10

Workshop 1: What the international surveillance and human rights principles are asking the governments to do?

This session will be used to call out exactly what the International Surveillance and Human Rights Principles are asking governments to change or legislative/policy actions they are asking governments to take. This will hopefully be useful in helping individuals and organizations understand what aspects to highlight and push when proposing the principles and why.

Facilitators:

Katitza Rodriguez, Electronic Frontier Foundation [Peru, ES]
Elonnai Hickok, Center for Internet & Society India [India, EN]

Rapporteur:
Graciela Selaimen, NUPEF [Brasil, EN/ES/PT]

Workshop 2: Creative campaigning: tactical media mashup & anti-surveillance campaigns

What are activists around the world doing to counter surveillance proposals and practices? And what could they be doing, with just a little more knowledge and inspiration? At this session, workshop facilitators will share stories about successful campaigns launched around the world in response to government surveillance. How did a humorous Twitter hashtag about a proponent of surveillance legislation rise to “trending” status on Twitter? How did a small team of digital rights activists in Argentina manage to position themselves as one of the most trusted media sources on issues relating to privacy in the digital realm? How did a small group of activists manage to reach biggest world media and how are activists creating their own media? We’ll then open it up for a group discussion in which participants can share their own stories of effective tactics from around the world, and explore ideas for collaborating and harnessing the knowledge gleaned from our collective experiences.

Facilitators:

Rebecca Bowe, Electronic Frontier Foundation [United States, EN]
Vladan Joler, Share Foundation [Serbia, EN]

Rapporteur:
Hisham Almiraat, Global Voices Advocacy [Morocco, EN]

Reporting Back Session & Closing Remarks

5:10 - 6:00

Chair:
Katitza Rodriguez, Electronic Frontier Foundation [Peru, ES]

Rapporteurs:
Graciela Selaimen, NUPEF [Brasil, EN/ES/PT]

Renzo Lavin, Asociación Civil por la Igualdad y la Justicia [Argentina, ES]
Hisham Almiraat, Global Voices Advocacy [Morocco, EN]

Each breakout session will have one designated rapporteur, one note-taker, and a module to work around.

For more details visit https://cis-india.org/news/state-surveillance-and-human-rights-camp

Presentation on MLATS

praskrishna — 2012-12-21T07:11:08Z

For more details visit https://cis-india.org/internet-governance/blog/presentation-on-mlats.pdf

The Trouble with Hurried Solutions

chinmayi — 2012-12-20T04:23:08Z

The World Conference on International Telecommunication showed that countries are not yet ready to arrive at a consensus on regulation and control of the Internet

Chinmayi Arun's Op-ed was published in the Hindu on December 15, 2012.

The World Conference on International Telecommunication (WCIT) that concluded on December 14 saw much heated debate. Some countries wanted to use the International Telecommunication Union (ITU) to gain intergovernmental control of the World Wide Web. Some saw it as an opportunity to democratise the Internet, by replacing U.S. and corporate domination of Internet policy, with a more intergovernmental process. Others insisted that the Internet must be left alone.

The result is that after many days’ deliberations, there was no consensus. The amended International Telecommunication Regulations (ITRs) document has not yet been signed by over 50 countries, of which some like the United States have refused to sign altogether, while others have said that they will need to consult with their national governments before signing.

This article discusses the broader issue under question, which is, whether ITU is the best forum to solve the cross-border problems that arise in relation to the Internet.

WCIT, ITU and ITRs

The ITU has been creating international policy from the days in which the telegraph was prevalent. Although it is now a United Nations agency, its existence predates the U.N. As technology evolved, forcing the telegraph to give way to the telephone, the ITU created new standards for telephony. It even rechristened itself from ‘International Telegraph Union’ to ‘International Telecommunications Union’.

The ITU performs an essential role in ensuring that multiple states with their varying technology, standards and legal systems, are able to interconnect and co-ordinate. Its harmonising rules and standards make co-ordination easier and cheaper than having each state come to an agreement with every other state. The ITRs within the ITU framework facilitate co-ordination by creating binding rules for member states.

Some countries’ proposals for the amendment of the ITRs would have affected content on the Internet substantially. However, after prolonged negotiation, the final draft that was under consideration contained an explicit statement excluding such content from the ITRs’ purview. This draft also came with a resolution that made reference to states’ elaborating their Internet related public policy positions in ITU fora, which was a source of controversy.

Some of the initial suggestions like Russia’s controversial proposal would have given the ITU greater sway over the Internet, permitting it to lay down global standards. These standards may have encouraged countries to inspect data transmitted across the Internet to check whether it is undesirable content raising serious privacy and freedom of speech concerns, especially in countries that do not protect these rights.

The global standards created by the ITU would have permeated to the companies that create the web-based applications that we use, and the resulting law and technological choices would have affected individual users.

Internet governance

The ITU makes its decisions using a traditional model that only seeks consensus between governments, and this is far removed from the way in which the Internet has been governed thus far. Therefore, although expanding the ITU’s mandate to the Internet may seem natural to those who have followed its evolution mirroring the evolution of information technology, the ITU’s manner of functioning is viewed by many as being at odds with the more multi-stakeholder and ad hoc system used to build Internet policy.

In the 1990s, John Perry Barlow proclaimed that cyberspace was outside national borders, and questioned the authority and legitimacy of a national government’s attempts to govern it. Over the years, it has become clear that national governments can exert jurisdiction in cyberspace: filtering content, launching surveillance of users, and creating law that impacts citizens’ behaviour online directly and indirectly.

However, governments’ exertion of will on Internet users is tempered greatly by the other forces that have a strong influence on the Internet. User-behaviour and content often depend on the policies of major service providers like Google, Yahoo, Twitter and Facebook.

Key standards and functions like the allocation of domain names and developing of Internet standards are managed by organisations like ICANN and IETF, which are not governmental organisations. Features like user anonymity are based on technological choices on the World Wide Web. Therefore, governments face significant obstacles and counterbalancing power when they attempt to impose their will on citizens online.

The ITU can weigh this power balance in favour of governments. Many fear that more government power will lead to more censorship, surveillance and stifling of the innovation that is integral to the evolution of Internet. But others support ITU intervention, in the belief that an international inter-governmental regulatory body would be more accountable, and would prevent corporate abuse of power.

Several of the aforementioned corporations, as well as regulatory bodies under question, are headquartered in the United States. There are those who see this as excessive U.S. influence on the Internet, eroding the sovereignty of other states, which have relatively limited influence over what their citizens can transmit and access online. These people see the ITU as a forum that can democratise Internet Governance, giving states shared influence over the web. However, this shared influence is resisted by those who find that the U.S. influence offers them more leverage and protection for their freedom of speech, than increased influence of countries that threaten this internationally accepted human right.

Powerful arguments in favour of increased ITU involvement include highlighting the dangers of abandoning the Internet to the free market. It is true that markets need some regulation to guard against malfunction and abuse of power by stronger players. However, the significant question is not whether these markets should be regulated, but how they should be regulated. Unfortunately, many of the arguments that supported expansion of the ITU’s mandate failed to establish why the ITU is the best solution to the problems plaguing the Internet, rather than being the most readily available reaction.

Any regulatory intervention must have very clear objectives, and some estimate of its likely impact. The intervention must not be considered in isolation but in contrast with other ways to achieve the same goals. Although some of the serious transnational issues plaguing the Internet need international solutions, the ITU, at least in its current avatar, is not necessarily the best remedy. It also remains unclear exactly what effect ITU intervention would have on the Internet — whether it would really offer solutions as intended, or whether it would prove more detrimental than useful, condoning of human rights violations and slowing the blistering innovation that is characteristic of the Internet.

Lack of consensus

Therefore, some of the initial concerns expressed by the countries that refused to sign the ITRs were legitimate. However, the final ITRs document addressed many of these concerns. The dissent emerged over the insertion of text in the preamble that recognised member states’ rights to access international telecommunication networks. These rights, being expressed only in the preamble, are not enforceable, even if they express intentions that are unacceptable to some.

The debates at the WCIT made it clear that the world is not yet ready to come to a unified position on this subject. Perhaps the ITU’s continuation in its path towards increasing, and making effective, multi-stakeholder participation will be the unifying factor some day, if it evolves into a forum which everyone sees as sufficiently democratic, transparent and accountable for Internet policy.

(The writer is Assistant Professor of Law at National Law University, Delhi, and a Fellow of the Centre for Internet and Society, Bangalore. She attended the WCIT from December 3-14)

For more details visit https://cis-india.org/internet-governance/blog/the-hindu-opinion-lead-december-15-2012-chinmayi-arun-the-trouble-with-hurried-solutions

The freedom of expression debate: The State must mend fences with The Web

praskrishna — 2013-01-07T10:30:21Z

A fortnight after her arrest, Renu Srinivasan spends her free time singing Ashley Tisdale's number Suddenly. The lyrics - Suddenly people know my name, suddenly, everything has changed - resonate with the story of her life ever since she 'liked' and 'shared' her friend, Shaheen Dhada's, 21, controversial post regarding Shiv Sena chief Bal Thackeray's funeral on Facebook on November 18 and got arrested for it.

The article by Rahul Jayaram was published in India Today on December 18, 2012. Pranesh Prakash is quoted.

She's now flooded with "hundreds" of messages on FB; some congratulatory, others abusive and gets at least a dozen friend requests on the social networking site. When Renu went to the doctor last week, two constables accompanied her.

"All of a sudden, there's too much attention on me," says the Botany graduate from Dandekar College and a budding singer who is making new friends in the virtual world. There's, however, a word from caution from her father P.A. Srinivasan: "Don't comment on controversial issues you don't understand."

Bloggers are careful. Krish Ashok, a well-known blogger is disappointed with the government's lack of engagement with India's surging online community. In a blog post in August 2010, he made fun of the Ramayana and the fact that women couldn't enter the Sabarimala temple in Kerala. A group called Hindu Janajagruti Samiti threatened to take him to court. Ashok spoke to his lawyer.

"I was amazed. She said no individual could take action against me. But a group or organisation could," he says. Since then, he has become more aware of his Internet rights.

Gursimran Khamba, who has over 30,000 followers on Twitter, kept his cool during Thackeray's death and funeral. When all the media went gaga over him, televising his family photo albums, Khamba, re-tweeted reports and accounts of the Shiv Sena's role during the Mumbai riots of 1992-93. "In my head, I am not courageous to say anything about it myself," he says. He didn't want to incite. He'd rather help his followers get a more nuanced picture of a venerated leader.

Palghar and after, has made Ashok think. "I would reduce the number of provocative posts I might make," he says. Khamba says he will stick to comedy and doesn't believe in offence for the sake of offending although "taking offence is our national sport."

It is a shame, for the Internet is growing in India like nobody's business. It's the medium of the age.

According to comScore, a company that measures Internet trends, India is the fastest growing online market in the last 12 months among BRIC nations. There were 44.5 million unique visitors in July 2011 and in July 2012 there were 62.6 million unique visitors. That is, a growth of 44 per cent in one year. The total Internet usage of 124.7 million users in July 2012, that is, a 41 per cent growth from last year (July 2011).

With 124 million users as of July 2012, India has an Internet penetration of 10 per cent. 75 per cent of India's online users are below the age of 35 making it one of the youngest Net-connected populations. 39.3 per cent of India's Internet population consists of females. It has the highest growth seen among 15 to 24 male and female segments. India has 56.2 million Facebook users and 4.1 million Twitter users. Facebook had 35.3 million users in July 2011 and it jumped to 52.1 million in July 2012. That's a growth of 47% in just one year!

Growth of the Internet is one thing. Freedom of the Internet is another. Freedom House, an American organisation that tracks political and civil liberties worldwide, is blunt in its assessment. India is third in terms of Internet penetration, after the United States and China. Before November 2008, government control over the Internet was limited. All that changed after the November 2008 Mumbai attacks.

Since then it says, "The need, desire, and ability of the Indian government to monitor, censor, and control the communication sector have grown. Given the range of security threats facing the country, many Indians feel that the government should be allowed to monitor personal communications such as telephone calls, email messages, and financial transactions. It is in this context that Parliament passed amendments to the Information Technology Act (ITA) in 2008, expanding censorship and monitoring capabilities. This trend continued in 2011 with the adoption of regulations increasing surveillance in cyber cafes. Meanwhile, the government and non-state actors have intensified pressure on intermediaries, including social media applications, to remove upon request a wide range of content vaguely defined as "offensive" and potentially pre-screen user-generated content. Despite new comprehensive data protection regulations adopted in 2011, the legal framework and oversight surrounding surveillance and interception remains weak, and several instances of abuse have emerged in recent years."

Over this year we have had the cases of cartoonist Aseem Trivedi being put in jail and later released in September. In April, Ambikesh Mahaptra of Jadavpur University in Kolkata was arrested for a cartoon poking fun at West Bengal chief minister Mamta Banerjee and Railway Minister Mukul Roy. In October, Ravi, owner of plastic packaging material factory was arrested and let off on bail for joking about Finance Minister P. Chidambaram's son, Karti. The list gets longer. The Web and the State are at loggerheads. Why?

Lawyers and bloggers haul up Internet laws. And for such a community, we have laws like Section 66 (A) of the Information Technology Act of 2000. The law states that "any person who sends by means of a computer resource or a communication device, any information that is grossly offensive or has menacing character," can be booked for online crime.

Legal experts think Section 66 (A) and the whole of the IT Act of 2000, needs revisiting. According to cyber lawyer Pavan Duggal, Section 66 (A) "is a vanilla provision that can be used for anything online."

Section 66(A) seeks to empower the police and the complainant. "The words 'grossly offensive' and 'menacing character' of Section 66 (A) have no definition given. Normal, legitimate bona fide conversation between boyfriend and girlfriend at noble times online is fine. Once relationship sours, and they are gone."

"It's not clear what the purpose of Section 66A is. It's like having a single provision covering murder, assault, intimidation, and nuisance, and prescribing the same penalty for all of them," says Pranesh Prakash of the Center for Internet and Society, Bangalore. Terminology and the law's purpose are massive concerns.

"The extent of the ambiguity of Section 66A is worrying. Laws need to be very clear about what they want to achieve. If it is murder, then it must say murder. If its attempted murder, it must be clear it is attempted murder. Section 66 A is trying to do too many things at the same time. Its canvas is too vast," says Rajeev Chandrasekar.

As a country, we look to imitate the West, and often copy it badly. Some wonder if we need to mime the West. Pranesh Prakash thinks the Indian Constitution is stronger on free speech grounds than the (unwritten) UK Constitution, and the judiciary has wide powers of judicial review of statutes (i.e., the ability of a court to strike down a law passed by Parliament as 'unconstitutional').

Judicial review of statutes does not exist in the UK (with review under its EU obligations being the exception) as they believe that Parliament is supreme, unlike India. Putting those two aspects together, a law that is valid in the UK might well be unconstitutional in India for failing to fall within the eight octagonal walls of the reasonable restrictions allowed under Article 19(2).

Rajeev Chandrasekar thinks the Brits got it right. During the London riots of June 2011, "the UK government kept a tab on social media networking sites so as to check incitement, he says. It was a good example of clear legislation and effective execution, in an extreme scenario." To defuse online paranoia he wants the government to have a multi-stakeholder arrangement in fixing IT laws. This must involve users, IT companies, cyber cafe owners and the government. The State must mend fences with the Web.

For more details visit https://cis-india.org/news/india-today-rahul-jayaram-december-18-2012-the-freedom-of-expression-debate

Online Censorship: How Government should Approach Regulation of Speech

sunil — 2012-12-05T07:06:52Z

Why is there a constant brouhaha in India about online censorship? What must be done to address this?

Sunil Abraham's article was published in the Economic Times on December 2, 2012.

Of course, we must get the basics right â€” bad law has to be amended, read down by courts or repealed, and bad implementation of law should be addressed via reform and capacity building for the police. But most importantly those in power must understand how to approach the regulation of speech.

To begin with, speech is regulated across the world. Even in the US â€” contrary to popular impression in India â€” speech is regulated both online and offline.

However, law is not the basis of most of this regulation. Speech is largely regulated by social norms. Different corners of our online and offline society have quite complex forms of self-regulation.

The harm caused by speech is often proportionate to the power of the person speaking â€” it maybe unacceptable for a politician or a filmstar to make an inflammatory remark but that very same utterance from an ordinary citizen may be totally fine.

To complicate matters, the very same speech by the very same person could be harmful or harmless based on context. A newspaper editor may share obscene jokes with friends in a bar, but may not take similar liberties in an editorial.

The legal scholar Alan Dershowitz tells us, "The best answer to bad speech is good speech." More recently the quote has been amended, with "more speech" replacing "good speech".

Censorship by the state has to be reserved for the rarest of rare circumstances. This is because censorship usually results in unintended consequences.

The "Streisand Effect", named after the singer-actor Barbra Streisand, is one of these consequences wherein attempts to hide or censor information only result in wider circulation and greater publicity.

The Maharashtra police's attempt to censor the voices of two women has resulted in their speech being broadcast across the nation on social and mainstream media. If the state had instead focused on producing good speech and more speech, nobody would have even heard of these women.

Circumventing Censorship

Peer-to-peer technologies on the internet mimic the topology of human networks and can also precipitate unintended consequences when subject to regulation. John Gilmore, a respected free software developer, puts it succinctly: "The Net interprets censorship as damage and routes around it."

Most of the internet censorship in the US is due to IPR-enforcement activities. This is why Christopher Soghoian, a leading privacy activist, attributes the massive adoption of privacy-enhancing technologies such as proxies and VPNs (virtual private networks) by American consumers to the crackdown on online piracy.

In India, and even when the government has had legitimate reasons to regulate speech, there have been unintended consequences.

During the exodus of people from the North-east, the five SMS per day restriction imposed by the government resulted in another exodus from SMS to alternative messaging platforms such as BlackBerry Messenger (BBM), WhatsApp and Twitter.

In both cases the circumvention of censorship by the users has resulted in a worsening situation for law-enforcement organisations â€” VPNs and applications like WhatsApp are much more difficult to monitor and regulate.

Mixed Memes

Regulation of speech also cannot be confused with cyber war or security. Speech can occasionally have security implications but that cannot be the basis for enlightened regulation.

A cyber war expert may be tempted to think of censored content as weapons, but unlike weapons that usually remain lethal, content that can cause harm today may become completely harmless tomorrow. This is unlike a computer virus or malware. For example, during the exodus, the online edition of ET featured the complete list of 309 URLs that were in the four block orders issued by the government to ISPs.

However, this did not result in fresh harm, demonstrating the fallacy of cyber war analogies. A cyber security expert, on the other hand, may be tempted to implement a 360Â° blanket surveillance to regulate speech, but as Gilmore again puts it, "If you're watching everybody, you're watching nobody."

In short, if your answer to bad speech is more censorship, more surveillance and more regulation, then as the internet meme goes, "You're Doing It Wrong".

For more details visit https://cis-india.org/internet-governance/blog/economic-times-december-2-2012-sunil-abraham-online-censorship

Indians Rank Second For Online Snooping

praskrishna — 2012-11-30T06:10:24Z

Indians rank second globally when it comes to seeking details of private individuals online, as per Google transparency report.

The blog post was published in Indolink on November 23, 2012. Pranesh Prakash is quoted.

India recorded for 2,319 requests for the entire period of 2012, where various government agencies have been looking for individual user details contained in online records, as reported by Dailybhaskar.com. U.S. topped the list with 7,969 requests, while Brazil was on the third spot with 1,566 requests.

It was seen that in the first six months this year, India made 2,319 requests involving 3,467 users, while the U.S. made 7,969 requests in the same period. Globally, it was seen that there were 20,938 requests for user data in the period of January-June. The data includes an individual’s complete Gmail account, chat logs, Orkut profile and search terms among others. Google prepares this report every six months, and was started in July-December 2009.

The report also stated that the percentage of data requests fully or partially complied with by India stood at 64 percent.

The Director for policy at Centre for Internet and Society (CIS), Pranesh Prakash said "Though India is a large country with a significant number of internet users, this data is nonetheless an indicator of growing surveillance," as reported by Daily Bhaskar.com.Apart from snooping on user details, Indian authorities are also known to send requests for taking down certain web content, which is considered to be sensitive for national security or defamatory in general. A new trend also revealed that untrue court orders are being used as a key instrument for the same.

On one hand the nation is seeking to go net savvy, while on the other hand authorities are looking to stamp authority on freedom of a larger population.

If was also noted that there were 20 court orders and 64 requests from executive/police that resulted in 596 items being taken down from the web between January and June this year. Comparatively, there were only eight court orders and 22 executive/police requests in January-June 2010, resulting in 125 items being taken down.

Google said “In response to a court order, we removed 360 search results. The search results were linked to 360 web pages that had adult videos, which allegedly violated an individual’s personal privacy,” as reported by Business Standard.

For more details visit https://cis-india.org/news/indolink-november-2012-indians-rank-second-for-online-shopping

Fixing India’s anarchic IT Act

pranesh — 2012-11-30T06:33:58Z

Section 66A of the Information Technology (IT) Act criminalizes “causing annoyance or inconvenience” online, among other things. A conviction for such an offence can attract a prison sentence of as many as three years.

Pranesh Prakash's article was published in LiveMint on November 28, 2012.

How could the ministry of communications and information technology draft such a loosely-worded provision that’s clearly unconstitutional? How could the ministry of law allow such shoddy drafting with such disproportionate penalties to pass through? Were any senior governmental legal officers—such as the attorney general—consulted? If so, what advice did they tender, and did they consider this restriction “reasonable”? These are some of the questions that arise, and they raise issues both of substance and of process.

When the intermediary guidelines rules were passed last year, the government did not hold consultations in anything but name. Industry and non-governmental organizations (NGOs) sent in submissions warning against the rules, as can be seen from the submissions we retrieved under the Right to Information Act and posted on our website. However, almost none of our concerns, including the legality of the rules, were paid heed to.

Earlier this year, parliamentarians employed a little-used power to challenge the law passed by the government, leading communications minister Kapil Sibal to state that he would call a meeting with “all stakeholders”, and will revise the rules based on inputs. A meeting was called in August, where only select industry bodies and members of Parliament were present, and from which a promise emerged of larger public consultations. That promise hasn’t been fulfilled.

Substantively, there is much that is rotten in the IT Act and the various rules passed under it, and a few illustrations—a longer analysis of which is available on the Centre for Internet and Society (CIS) website—should suffice to indicate the extent of the malaise.

Some of the secondary legislation (rules) cannot be passed under the section of the IT Act they claim as their authority. The intermediary guidelines violate all semblance of due process by not even requiring that a person whose content is removed is told about it and given a chance to defend herself. (Any content that is complained about under those rules is required to be removed within 36 hours, with no penalties for wilful abuse of the process. We even tested this by sending frivolous complaints, which resulted in removal.)

The definition of “cyber terrorism” in section 66F(1)(B) of the IT Act includes wrongfully accessing restricted information that one believes can be used for defamation, and this is punishable by imprisonment for life. Phone-tapping requires the existence of a “public emergency” or threat to “public safety”, but thanks to the IT Act, online surveillance doesn’t. The telecom licence prohibits “bulk encryption” over 40 bits without key escrow, but these are violated by all, including the Reserve Bank of India, which requires that 128-bit encryption be used by banks. These are but a few of the myriad examples of careless drafting present in the IT Act, which lead directly to wrongful impingement of our civil and political liberties. While we agree with the minister for communications, that the mere fact of a law being misused cannot be reason for throwing it out, we believe that many provisions of the IT Act are prone to misuse because they are badly drafted, not to mention the fact that some of them display constitutional infirmities. That should be the reason they are amended, not merely misuse.

What can be done? First, the IT Act and its rules need to be fixed. Either a court-appointed amicus curiae (who would be a respected senior lawyer) or a committee with adequate representation from senior lawyers, Internet policy organizations, government and industry must be constituted to review and suggest revisions to the IT Act. The IT Act (in section 88) has a provision for such a multi-stakeholder advisory committee, but it was filled with mainly government officials and became defunct soon after it was created, more than a decade ago. This ought to be reconstituted. Importantly, businesses cannot claim to represent ordinary users, since except when it comes to regulation of things such as e-commerce and copyright, industry has little to lose when its users’ rights to privacy and freedom of expression are curbed.

Second, there must be informal processes and platforms created for continual discussions and constructive dialogue among civil society, industry and government (states and central) about Internet regulation (even apart from the IT Act). The current antagonism does not benefit anyone, and in this regard it is very heartening to see Sibal pushing for greater openness and consultation with stakeholders. As he noted on the sidelines of the Internet Governance Forum in Baku, different stakeholders must work together to craft better policies and laws for everything from cyber security to accountability of international corporations to Indian laws. In his plenary note at the forum, he stated: “Issues of public policy related to the Internet have to be dealt with by adopting a multi-stakeholder, democratic and transparent approach” which is “collaborative, consultative, inclusive and consensual”. I could not have put it better myself. Now is the time to convert those most excellent intentions into action by engaging in an open reform of our laws.

Pranesh Prakash is policy director at the Centre for Internet and Society.

For more details visit https://cis-india.org/internet-governance/blog/livemint-opinion-november-28-2012-pranesh-prakash-fixing-indias-anarchic-it-act

Civil society & industry oppose India’s plans to modify ITRs

praskrishna — 2012-11-30T09:42:17Z

Industry fears ITU control over Internet; excessive content control and surveillance an issue for civil society.

Shalini Singh's article was published in the Hindu on November 23, 2012.

India’s proposal on International Telecommunications Regulations (ITRs), submitted last month to the International Telecommunications Union (ITU), the U.N. agency responsible for information and communication technologies, has drawn opposition from, and fears of content control among, civil society and the industry alike.

Sunil Abraham, Executive Director, Centre for Internet Society, told The Hindu: “The Indian government’s position on the ITRs can be improved, particularly with regard to the proposed definitions, approach to cyber security, scope of regulation.” However, he said, “we are confident that the Indian position will protect consumer and citizen interest once the government implements changes based on inputs from all… stakeholders.”

The National Association of Software and Services Companies (NASSCOM), which represents the $100-billion IT and BPO industry, has strong views against the Internet governance model of the Internet Corporation for Assigned Numbers and Names (ICANN), but favours self-regulation. Its president Som Mittal says: “NASSCOM does not favour oversight by an existing U.N. organisation like ITU. Internet and infrastructure have to be in the hands of expert organisations with proven experience.” NASSCOM has also expressed discomfort with the inclusion of “ICTs along with processing” in Section 21E of India’s proposal, since this would subject IT and BPO industries to inter-governmental regulation through the ITRs.

The Cellular Operators Association of India (COAI), which represents India’s largest mobile operators with nearly 700 million subscribers, has also opposed any role for ITU in the areas of international roaming and Internet governance, fearing a direct impact on domestic network architecture, costs and technology choices. COAI director-general Rajan Mathews said: “We are already regulated by the Department of Telecom (DoT) and the Telecom Regulatory Authority of India (TRAI). Placing the ITU’s jurisdiction over us — where we neither have voice nor recourse — is unacceptable.” The COAI’s position is consistent with the GSM Association (GSMA), the world’s largest association of mobile companies representing 800 operators spanning 220 countries. The COAI further alleges that most of its inputs “have been rejected without reasons assigned or even a meeting.” It has lodged a protest with the DoT.

The Internet Service Providers Association of India (ISPAI) has similarly protested against ITU’s jurisdiction over issues of Internet governance, architecture and cost.

Subho Ray, president, Internet & Mobile Association of India (IAMAI), said: “We represent a vast majority of Internet companies but have not been consulted by the DoT. We are completely opposed to ITU’s jurisdiction in any area related to Internet policy.”

The FICCI has also given detailed inputs on the dangers of allowing ITU’s jurisdiction, especially in areas of Internet policy and governance. It supports a bottom-up consultative and consensus-led multi-stakeholder approach, similar to the one propounded by Telecom Minister Kapil Sibal at the Internet Governance Forum, the world’s largest multi-stakeholder conference, held in Baku.

Several prominent civil society groups and members of academia involved in Internet governance also have apprehensions about expanding the ITU’s reach to Internet regulation through the ITRs. In a November 15, 2012 letter to Telecom Secretary R. Chandrashekhar, Society for Knowledge Commons, Internet Democracy Project, Free Software Movement of India, Delhi Science Forum, Media for Change and Software Freedom Law Center have complained about not having been consulted, while warning that India’s proposal “could have far reaching implications for the Internet.”

On the issue of cyber security, industry associations and several civil society groups are unanimously against any role for ITU, pointing out that including ill-defined terms such as ‘spam’ and ‘network fraud’ in a binding treaty is a terrible idea. Further, cyber security commitments can force India to cooperate with countries whose military and strategic interests are against it.

Kamlesh Bajaj, CEO, Data Security Council of India, and head of NASSCOM’s security initiatives, said: “Cyber security is sought to be taken over by ITU — an area in which it has little experience. Cyber security includes areas of application security, identity and access management, web security, content filtering, cyber forensics, data security, including issues such as cyber espionage and cyber warfare. The ITU has had no involvement in these matters over the last two decades, and should therefore stay out of them.”

Similar views have been expressed in varying degrees by the COAI, the IAMAI, the ISPAI and the FICCI. Dr. Ray of the IAMAI says: “cyber security is essentially a state prerogative and should not be part of an external treaty obligation. Any attempt to channel it through the ITU may be counter productive.”

Mr. Sibal, who has already been challenged by opposition to the domestic IT rules, is aware that if left unaddressed, opposition to India’s stance on ITRs will only escalate at a national and global level, and that if corrections have to be made in India’s position, those will have to be done consensually within the governance structure. Mr. Sibal confirmed that while cyber security was an area of discussion with the ITU, “the ITU does not have any role in Internet governance.”

According to him, either he or the Department will hold meetings on these issues with the industry to further evolve India’s position.

Mr. Chandrashekhar further confirmed that similar to several global national delegations, the government would include media and industry experts as part of its delegation to Dubai, the World Conference on International Telecommunications (WCIT-12) will be held from December 3 to 14. The final decisions on the ITRs and the composition of the delegation would be announced the coming week.

A deeply divided house in Dubai is a strong possibility, with countries which favour democracy and free speech taking a stance against those who, due to political compulsions, have proposed inter-governmental control through the ITRs by the ITU, not just on Internet policy, but also its traffic and content, most of which automatically fall under the definitions of the ICTs.

The 193-countries at THE WCIT may well spend 11 days discussing national proposals to separate issues that can be addressed nationally from those which require inter-governmental cooperation, while further debating which platforms may be best to address global cooperation.

It is equally clear that the existing Internet governance system is unacceptable to most countries, and therefore a more evolved democratic and internationally equitable system, which is managed through a multi-stakeholder process and yet with a definite role for countries like India, appears the only way forward.

Mr. Sibal, at meetings with global Internet governance bodies in Baku, is learnt to have bargained hard for India’s explicit role in the existing Internet governance processes.

For more details visit https://cis-india.org/news/the-hindu-nov-23-2012-shalini-singh-civil-society-and-industry-oppose-indias-plans-to-modify-itrs

India ranks second globally in accessing private details of users

praskrishna — 2012-11-19T04:49:23Z

According to the latest transparency report released by Google, India ranks second in the world for accessing private details of its citizens, only after the U.S. The Google report lists out requests it received from governments across the world to access details of users of its various services.

Kul Bhushan's blog post was published in thinkdigit on November 15, 2012. Pranesh Prakash is quoted.

Google's data reveals India had made 2,319 requests involving 3,467 users in the first six months. The U.S. made 7,969 requests, while Brazil, which ranks third, made 1,566 requests during the same period. Worldwide 20,938 requests were made during the January-June period. The report says the information shared included complete Gmail account, chat logs, Orkut profile and search terms among others.

The requests for accessing user data from India had grown two-fold from 1,061 in July-December 2009 to 2,207 in July-December 2011, the report points out.

According to the report, India has been consistently sending requests to remove content which it brands as defamatory and against national security. The court orders, however, to take down content has remained almost stagnant over the years; though requests from the executive and police have grown.

In the first six months this year, there were 20 court orders and 64 requests from executive/police that resulted in 596 items being taken down from the web. During the January-June 2010 period, there were only eight court orders and 22 executive/police requests, resulting in 125 items being taken down. Read about Google's previous transparency report here.

"Though India is a large country with a significant number of internet users, this data is nonetheless an indicator of growing surveillance," Times of India quotes Pranesh Prakash, policy director at Centre for Internet and Society ( CIS), a Bangalore-based organization looking at issues of public accountability, internet freedom and openness, as saying.

"India lacks a general privacy law that helps set guidelines for such user requests, despite privacy being a constitutional right as part of the right to life," added Prakash.

For more details visit https://cis-india.org/news/thinkdigit-internet-kul-bhushan-nov-15-2012-india-ranks-second-globally-in-accessing-private-details-of-users

Privacy in the Social Networked World

praskrishna — 2012-12-04T16:19:51Z

The Asian Privacy Scholars Network 2nd International Conference was hosted by the Centre for Business Information Ethics, Meiji University, Tokyo, Japan, on behalf of the Asian Privacy Scholars Network, November 19 - 20, 2012. Elonnai Hickok is speaking at the event.

Monday, November 19, 2012

09:00—09:30	Registration and Welcome
09:30—10:30	Keynote Speaker: Pirongrong Ramasoota (Chulalongkorn University, Thailand) The Future of Privacy in the World's Largest Democracy
10:30—11:00	Break
11:00—12:30	Whon-Il Park (Kyung Hee University, Korea) How to Protect, or Utilize, Personal Visual Information in Korea Sinta Dewi Rosadi (University Padjadjaran, Indonesia) Constitutional Privacy Protection: The Indonesian Experience Takato Natsui (Meiji University, Japan) Censorship, Burying and Mental Health in Business Office
12:30—14:00	Lunch
14:00—15:00	Lilian Edwards (Strathclyde University, UK) International Implications of the Proposed Revision of the EU Data Protection Directive Graham Greenleaf (UNSW, Australia and Meiji University, Japan) 100 Data Privacy Laws: Their Significance and Origins
15:00—15:30	Break
15:30—16:30	Kiyoshi Murata/Yohko Orito (Meiji University/Ehime University, Japan) Japanese Youngsters' Social Attitude towards Privacy Ryoko Asai/Iordanis Kavathatzopoulos (Meiji University, Japan/Uppsala University, Sweden) The Paradoxical Nature of Privacy
18:00—20:00	Conference Banquet (Salon San, 23rd Floor, Liberty Tower, Meiji University)

Tuesday, November 20, 2012

09:00—09:45	Keynote Speaker: Roger Clarke (Xamax Consultancy, UNSW and ANU, Australia) Consumer-Oriented Social Media as Market Opportunity
09:45—10:00	Video Presentation from David Lyon (Queens University, Canada)
10:00—10:30	Break
10:30—12:00	Daniel Trottier (Uppsala University, Sweden) Social Networking Sites and Crowd-sourced Surveillance Colin Bennett (University of Victoria, Canada) Social Networking and Privacy Jurisdiction Andrew Adams (Meiji University, Japan) Facebook Code: SNS Platform Affordances and Privacy
12:00—13:00	Lunch
13:00—14:30	Elonnai Hickok (Centre for Internet and Society, India) Transparency and Privacy in India Fumio Shimpo (Keio University, Japan) Current Developments in Japanese Data Protection Policy Panel: Chen, Greenleaf, Hickok, Shimpo
14:30—15:00	Break
15:00—17:00	Ian Brown (University of Oxford, UK) Data Protection and Social Networking Services Shirley Williams (University of Reading, UK) Do Computer Science Scholars Consider Issues of Privacy when Studying Large Twitter Data Sets? Final Panel: Adams, Bennett, Brown, Clarke, Williams

Organisers

Prof Andrew A. Adams, Meiji University, Tokyo, Japan
Prof Kiyoshi Murata, Meiji University, Tokyo, Japan
Prof Graham Greenleaf, UNSW, Sydney, Australia
(JSPS Visiting Fellow, Meiji University Sep-Dec 2012)

Read the original here

For more details visit https://cis-india.org/news/privacy-in-social-networked-world

Government Policy and Guidelines

snehashish — 2013-03-15T06:27:26Z

In this unit Snehashish dwells upon the four main policy guidelines that were formulated by the Government of India.

The above were the four main telecom policies formulated by the government.

One of the main functions of DoT is to issue guidelines with respect to issuing of licence, allocation of spectrum, interconnection, etc. These guidelines operate as additional conditions, laid down by DoT with respect to conduct and functioning of telecom operators. For example, the DoT issued guideline for radiation standards in respect of electromagnetic radiations (EMR) for mobile towers, which came into effect on September 1, 2012.

The DoT has issued numerous guidelines across the years. However, it is important to discuss the DoT guidelines with respect to issuance of telecom service licences.

Basic Telephone Services Licences (BTS)
Cellular Mobile Telephone Service Licence (CMTS)
Unified Access Service Licence (UASL)
National Long Distance (NLD) and
International Long Distance Licence (ILD)

Guidelines on issuing of Basic Telephone Services

DoT issued guideline for issuing of BTS licences in January, 2001. The key features of the guidelines are:

The applicant must be an Indian company. There was no restriction on the number of BTS licensees in a circle. The applicants were also required to have a minimum amount of paid up equity capital. This varied from circle to circle. There was a cap of 49 per cent foreign equity on companies applying for the BTS licence
BTS licences were issued for a period of 20 years on a non-exclusive basis
The licences had to pay an entry fee before the grant of the licence. Consequently, the basic telecom service operators had to pay an annual licence fee based on their annual gross revenue
The basic telecom service operators also had to submit two bank guarantee as an assurance to meet the contractual and roll out obligation under the BTS licence
The Guideline also laid down that the license holders can also provide limited mobility services, by using the spectrum allocated to them for last mile delivery. However, service operators provided limited mobility services had to pay additional 2 per cent fee.
The Guidelines declared that a CMTS licensee can also provide fixed services using GSM networks within their service area. *This was done to satisfy cellular operators who were protesting against permission given to the basic telephone operators to provide limited mobility services.
The basic operators could carry intra-circle long distance traffic. However, the operators had to provide the subscribers, the option to choose their own long distance carriers. For this purpose, BTS licensee could enter into an arrangement with the national long distance licensee.
Basic operators were required to make their own arrangements for the installation of infrastructure, network equipment and, right of way. They were also allowed to enter into agreements related to interconnection with other licensee in other service areas. The terms and conditions of such interconnectivity agreement were subject to TRAI regulations and directions.

Guidelines on issuing of Cellular Mobile Telephone Service Licences

The DoT issued Guidelines for CMTS licences along with guidelines for the issuing of the basic telecom licences. These two sets of guidelines are generally similar to each other but they vary in certain issues.

In the light of the criticism of the previous licensing policy, the DoT guidelines on issuing CMTS licence proposed “informed ascending bidding process”[1] for auctioning of CMTS licence.
The CMTS licence was issued for a period of 20 years on a non-exclusive basis, extendable by 10 years.
The licensee can transfer; assign the licence only with the permission of the DoT, the licensor.
The prospective cellular operator had to submit roll-out plans and financial arrangements with the application.
The licence period was set at 20 years, extendable by another 10 years.
The winning bidder had to pay an entry fee. They also had to pay an annual fee which is a percentage of the annual gross revenue.
The cellular operator also had to pay an additional sum for spectrum.
The cellular operator, were given freedom to use any kind of network equipment as long as they satisfied certain international and domestic standards.
The cellular operators were allowed to enter into any interconnection arrangements subject to TRAI regulations.
The guideline also laid down that cellular operators will fully co-operate with law enforcement and government agencies in providing access to their infrastructure.
The licensees have to make their own arrangement for installing infrastructure and equipment and for right of way.

Guidelines for issuing Unified Access Service Licences

The UASL Guidelines were issued in November, 2003. They were consistent with the TRAI recommendations. Option was given to the existing licensees to continue under their basic telecom and cellular mobile telecom licences or migrate to the new unified access service licence regime. The main highlights of the Guidelines on issuing of UASL were:

Cellular licensees can offer limited mobility service within their short distance coverage areas.
Basic telecom service operators had to pay an entry fee for the UASL which was equal to the entry fee paid by the fourth cellular operator for the specific service area or the entry fee paid by the basic telecom provider in that circle, whichever is higher.
No additional entry fee had to be paid by the cellular mobile service providers.
The basic telecom service operator, who choose not to completely migrate to full mobility regime may pay additional licence fee for providing services in wireless in local loop (WLL). However, such service will be restricted to the short distance charging areas.
There was no additional spectrum allotted to the licensee for migrating to the UASL regime.
The unified access service providers can use any technology without any restrictions.

Additional Entry fee to be paid by the existing Basic Service Operators for migration to Unified Access Service License[2]

S.No.	Name of the operator	Service Area of the basic service operator (BSO)	Date of signing of licence agreements	Entry fee paid by BSO (in crores)	Entry fee paid by 4^th cellular operator(in crores)	Additional entry fee to be paid for migration to UASL(in crores)
1.	Reliance Infocomm Ltd.	Rajasthan	20.7.2001	20	32.25	12.25
		UP(East)	20.7.2001	15	45.25	30.25
		Maharashtra	20.7.2001		189+203.66*
				115	392.66	277.66
		Karnataka	20.7.2001	35	206.83	171.83
		Punjab	20.7.2001	20	151.75	131.75
		Andhra Pradesh	20.7.2001	35	103.01	68.01
		Haryana	20.7.2001	10	21.46	11.46
		Kerala	20.7.2001	20	40.54	20.54
		Uttar Pradesh (West)	20.7.2001	15	30.55	15.55
		West Bengal	20.7.2001		0+78.01*
				25	78.01	53.01
		Madhya Pradesh	20.7.2001	20	17.4501	0
		Bihar	20.7.2001	10
		Himachal Pradesh	20.7.2001	2	1.1	0
		Orissa	20.7.2001	5
		Tamil Nadu	26.9.2001		79+154*
				50	233	183
		Delhi	20.7.2001	50	170.7	120.7
		Andaman & Nicobar **	20.7.2001	1		0
2.	RTL	Gujarat	18.3.1997	179.0859030	109.01	0
3.	Tata Teleservices Ltd.	Gujarat	31.8.2001	40	109.01	69.01
		Karnataka	31.8.2001	35	206.83	171.83
		Andhra Pradesh	4.11.1997	161.47(old)	103.01	0
		Tamil Nadu	31.8.2001		79+154*
				50	233	183
		Delhi	31.8.2001	50	170.7	120.7
4.	TTL (Mah.) Ltd.	Maharashtra	31.8.2001		189+203.66*	-
5.	Bharti Telenet Ltd.	Karnataka	29.10.2001	35	206.83	171.83
		Madhya Pradesh	28.2.1997	35.33 (old)	17.4501	0
		Tamil Nadu	29.10.2001	50	79+154*
					233	183
		Delhi	29.10.2001	50	170.7	120.7
6.	Shyam Telelink	Rajasthan	4.3.1998	29.29(old)	32.25	2.96
7.	HFCL Infotel Ltd.	Punjab	7.11.1997	177.59(old)	151.75	0

Guidelines on issuing of National Long Distance (NLD) Services Licence

The DoT issued guidelines for NLD operations along with the licences. The main aspects of the Guidelines are:

Unlimited entry for carrying inter-circle and intra-circle calls
Total foreign equity of the operator should not exceed 74 per cent.
Private operators had to enter into an agreement with fixed service providers with in a circle for traffic between long distance and short distance charging centres
A timeframe of seven years was set for rolling out services. This timeframe was divided into four phases. If in any of the phases the operator failed to achieve its network coverage target then it would result in encashment and forfeiture of the bank guarantee of that phase
Private operators had to pay an entry fee of 25 million and a financial bank guarantee of Rs. 200 million.
Under the revenue sharing agreement, the DoT would charge maximum 6 per cent revenue generated by the private operator.
Private operators were allowed to set up landing facilities for accessing submarine cables and make use of available excess bandwidth.

Guidelines on issuing of International Long Distance (ILD) Services licences

The DoT issued new guidelines for ILD licences in December, 2005. This was done to implement licence simplification measures and also to allow higher foreign investment. The key features of the Guidelines were:

The ILD service, under the Guidelines was defined as network carriage or bearer service which allows NLD licensees international connectivity to foreign networks
The ILD service provider was allowed to provide all kinds of bearer services from an integrated platform. However, a separate licence was required for satellite and global mobile personal communication services.
The terms for the license: (i) the applicant must be an Indian company; (ii) the company must have net-worth and paid up capital of 2.5 crores; (ii) the total foreign equity should not exceed 74 per cent
The ILD licence was issued for a period of 20 year on a non-exclusive basis, and it would be automatically renewed for another term of five year subject to satisfactory performance.
The entry fee for the ILD licence was Rs. 2.5 crores and an unconditional bank guarantee of the same amount has to be submitted, which could be forfeited subject to failure in fulfilling the roll out obligations. The licensee had to also submit an additional financial bank guarantee of Rs. 20 crores. The ILD operators also had to pay a 6 per cent of the annual adjusted gross revenue as annual licence fee. The Guideline also laid down that an additional fee will be charged for the universal service obligation and use of spectrum
The ILD operator has to submit to the DoT detailed plan of the rollout obligation and also commission at least one gateway switch in order to interconnect with NLD licensees. Such networks must be in conformity with the international and national standards.
For provide ILD services, the operator may obtain leased lines from other access providers.
The ILD operators can provide lower-than-toll quality service, provided that there is no degradation in the quality of services.
The gateway and landing stations may be established. However, this will be subject to security and monitoring requirements.
The ILD operator had to furnish detailed accounts periodically and furnish any such information requested by TRAI.
An ILD operator, must co-operate provide facilities to law enforcement and government agencies for monitoring and surveillance. However, the licensee must also ensure protection of privacy of communication.

[1]. The auction process consisted of three rounds of bidding. A minimum bid price was prescribed for each round. The highest bid in the first round was declared the minimum reserve price in the second round. Subsequently the highest bid in the second round was set as the reserve price in the third round. The lowest bidders in each round were rejected to participate in the next round of bidding.

[2]. Annexure 1, Guidelines for Unified Access (Basic and Cellular) Service Licence, November 11, 2003 available at www.dot.gov.in/uas/Guidelines-Unified_License111103.doc

For more details visit https://cis-india.org/telecom/resources/govt-policy-and-guidelines

Centre for Internet and Society

Indian government websites: Gold mine for cybercriminals

State Surveillance and Human Rights Camp: Summary

Summary of the Draft International Principles on Communications Surveillance and Human Rights

Types of Data

Ways of Accessing Data

Access and Technology

Access and Legislation

December 2012 Bulletin

Accessibility

Feedback

Media Coverage

Blog Entry

Access to Knowledge

Event Organised

Research for the Global Congress

Openness

Event Report

Events Participated

Events Organised

Blog Entries

News / Media Coverage

Videos

Upcoming Event

Internet Governance

Analysis of Central Motor Vehicle Rules

Columns/Op-eds

Event Organised

Upcoming Events

Events Participated

Blog Entries

Video

Media Coverage

Telecom

Newspaper Column

Digital Natives

Book Review

Media Coverage

About CIS

Bangalore CryptoParty!

Hosts

Details

We Will Provide

You need to bring

Intro

Show and tell

State Surveillance and Human Rights Camp

Presentation on MLATS

The Trouble with Hurried Solutions

WCIT, ITU and ITRs

Internet governance

Lack of consensus

The freedom of expression debate: The State must mend fences with The Web

Online Censorship: How Government should Approach Regulation of Speech

Circumventing Censorship

Mixed Memes

Indians Rank Second For Online Snooping

Fixing India’s anarchic IT Act

Civil society & industry oppose India’s plans to modify ITRs

India ranks second globally in accessing private details of users

Privacy in the Social Networked World

Monday, November 19, 2012

Tuesday, November 20, 2012

Organisers

Government Policy and Guidelines

Guidelines on issuing of Basic Telephone Services

Guidelines on issuing of Cellular Mobile Telephone Service Licences

Guidelines for issuing Unified Access Service Licences

Guidelines on issuing of National Long Distance (NLD) Services Licence

Guidelines on issuing of International Long Distance (ILD) Services licences