Centre for Internet and Society

Colonial yoke or bureaucratic insouciance?

praskrishna — 2014-09-08T04:21:23Z

‘Blame the British’ is an oft-invoked argument when the subject of India’s outdated laws comes up for discussion. But 68 years since Independence, can we still afford to parrot that old line?

The article by Vidya Venkat (With additional reporting by K.T. Sangameswaran in Chennai) was published in the Hindu on September 7, 2014. Pranesh Prakash gave his inputs.

Moiz Tundawala, a doctoral researcher in law at the London School of Economics and Political Science, feels that it is unfair to blame just the colonial hangover when several opportunities for reforming the legal system in India have been wasted by bureaucrats and judges. He points to Section 377 of the Indian Penal Code (IPC) as an example.

“This law pronounces illegal carnal intercourse against the order of nature, making criminals of gays and transgender persons. But why was a progressive judgment of the Delhi High Court, which struck off this section, upturned later by the Supreme Court? If we continue to bear the burden of colonial era laws, we only have ourselves to blame,” he said.

Though the Constitution-making exercise in India was inspired by the British and other western systems, it was nevertheless an independent process. But the same did not happen with the laws in India that were handed down from the British, Mr. Tundawala said. He felt that several laws enacted in the post-colonial era smacked of a colonial mindset. “Take for instance laws such as the Terrorist and Disruptive Activities (Prevention) Act, the Unlawful Activities Prevention Act, or the Armed Forces Special Powers Act. All of them aim to control and subjugate a population with little regard for their democratic aspirations. So what this country needs is a radical overhaul of the judicial and criminal justice system.”

If we continue to bear the burden of colonial era laws, we only have ourselves to blame.

The Indian Telegraph Act, 1885, continues to presume the state to be the primary owner of telecommunications networks, though the sector was privatised long ago. “The provisions on surveillance in this Act are from a colonial era and are heavy-handed, allowing for spying even without a court warrant. Up until 1998, it spoke of ‘the Provinces’ in some provisions instead of ‘India,’” Pranesh Prakash, Policy Director, Centre for Internet and Society, said.

The Police Act, 1861, is another law that has often been criticised for perpetuating colonial-era institutional practices. Despite numerous commissions and Supreme Court orders advocating reform measures, progress in changing this law has been slow. Lawyer-activist Maja Daruwala, who heads the Commonwealth Human Rights Initiative, New Delhi, said those in establishment were very comfortable with the policing law and the power that it gave them. “When governments find it convenient to use policing as a means to hold down the population, why would they bother to amend it?”

Ms. Daruwala said the main fault lay with the definition of police duties and the overall structure and the spirit of the law itself. “The police in India are often accused of bias against certain communities, such as Dalits and tribal people. This is because the issue of need for diversity in policing in a democratic country such as India has not been addressed by the law. In the U.K., the design of the policing law changed gradually with the changing needs of the population, but this has not been the case here,” she said.

Section 124-A of the IPC on sedition is another provision in the statute book that is seen as promoting the colonial mindset. Several instances of the abuse of sedition law exist in independent India. In 2010, for instance, the BJP government in Chhattisgarh used the law against activist Binayak Sen for which he was imprisoned, only to be let off by the Supreme Court later which found him innocent. S. Prabakaran, Member, Bar Council of India, and president of the Tamil Nadu Advocates’ Association, said it was shameful that India continued to keep the law that was decried by none other than Mahatma Gandhi. “This law was brought in by the British to quell the Independence movement in India. Why have we not bothered to repeal it?”

Efforts to reform the criminal justice system have been fraught with challenges. The Justice Malimath committee, set up in 2000, had recommended reforms in the system, which were met with resistance from the human rights lobby. Cautioning the present government against any sweeping changes that would tinker with the basic structure of the law, V. Suresh, national general secretary, People’s Union for Civil Liberties, said: “The Malimath committee failed in its mission because it involved an effort to change the entire structure of the law itself, which upholds presumption of innocence, burden of proof on the state, and rules on admissible evidence, in order to improve conviction rates. No doubt, it was met with resistance by the legal fraternity as the idea was to do away with essential checks and balances in the legal system.”

For more details visit https://cis-india.org/internet-governance/news/vidya-venkat-the-hindu-september-7-2014-colonial-yoke-or-bureaucratic-insouciance

COAI, Centre for Internet & Society to hold pan-India meetings on privacy issues

praskrishna — 2014-07-07T07:37:34Z

In order to discuss possible legal frameworks to enable surveillance of voice and data communications in India, the Cellular Operators' Association of India (COAI) along with the Centre for Internet and Society (CIS) will hold seven roundtable meetings across the country in the coming weeks on privacy and surveillance issues.

Originally published by IANS on July 4, 2014 the news was mirrored in the Times of India, NDTV, Business Standard, Economic Times, and World News on the same day. Bhairav Acharya gave his inputs.

The recommendations and dialogues from each of these roundtables will be compiled and submitted to the relevant ministries of the government, a statement issued by COAI said here on Friday.

The roundtable meetings will take place in Mumbai, Ahmedabad, Hyderabad, Bangalore, Chennai and twice in New Delhi.

These roundtables are closed-door meetings involving multiple stakeholders such as the industry leaders, policy makers, and experts from the legal fraternity and civil society.

In the era of freedom, when data connectivity via the internet, has emerged as one of the most powerful tools for communications, infringement of customer privacy by government agencies through telecom networks have forced the industry to initiate discussions on the international best practices on communications privacy and surveillance, and the relevant Indian jurisprudence.

"COAI, with the Centre for Internet and Society has taken this initiative by bringing the relevant stakeholders on a common platform to discuss the matter to arrive at an acceptable conclusion," COAI Director General Rajan S Mathews said.

According to Bhairav Acharya, who advises the CIS: "Legal reform is necessary to identify the limits of permissible surveillance, the protection of privacy, the procedure of intercepting communications, the expectations of service providers, and freedom of all Indians. The law must keep up with technological advancements to create a balanced, proportionate and fair mechanism to enable and regulate surveillance. This will serve India’s national interest."

For more details visit https://cis-india.org/news/ians-july-4-2014-coai-cis-to-hold-pan-india-meetings-on-privacy-issues

Cloudy Jurisdiction: Addressing the thirst for Cloud Data in Domestic Legeal Processes

praskrishna — 2012-12-09T01:00:49Z

Elonnai Hickok was a panelist at this workshop held at the IGF in Baku, Azerbaijan on November 7, 2012. The workshop was co-organised by Electronic Frontier Foundation (Peru) and University of Ottawa.

The use of cloud services is rising globally. Cloud computing and storage are uniquely tailored to take full advantage of our increasingly networked environment. However, a move to the cloud also entails tangible challenges as vast repositories of information once kept within the sacrosanct safety of the home computer are placed on a remote server in the control of a third party. While the protections of home storage and processing can be replicated in the cloud, legal norms have been slow to adopt. Jurisdiction, the classic internet governance question, is raised in particularly stark contrast in the move to the cloud, as placing user data can subject that data to the legal access laws of any (or even many) jurisdictions in the world.

While there are indicators that such data is being accessed at increasing and alarming rates, globally, yet even the dimensions of the problem remain obscure. What is needed is a set of shared international norms relating to transparency, data sovereignty and lawful access to private information. In recent years, however, International forums have appeared much more eager to adopt international standards for data access (be it to combat cybercrime, secure critical infrastructure, or help intellectual property holders uncover alleged infringers of their rights) than for data sovereignty. Standards need to be developed that will provide a basis for the special challenges to cross-jurisdictional privacy that the move to the cloud highlights. This panel will examine the need for such a cross-jurisdictional framework, what one might look like, and, importantly, how one might bring such a framework about where the issue appears to be a low priority for many national governments.

Agenda
The objective of this panel is to attempt to resolve some of the trans-border threats to civil liberties that are posed by the move to the cloud. If a baseline of privacy protection can be assured at the international level, concerns over limiting data flows on the basis of jurisdiction will be alleviated. This panel will be divided into two parts. The first part will discuss some of the challenges raised by the cloud environment for traditional civil liberties paradigms. The discussion in part two will be solution-driven—what rules can be put in place at the international level to alleviate the heightened risk to privacy and other civil liberties raised by a cloud-centric model.

Part 1: Cloud-based threats to cross-border civil liberties (45 mins)
This part will discuss some of the challenges to civil liberties arising from a cross-border cloud-based environment. The panel will be further sub-divided into 25-30 minutes of panelist input, followed by 15-20 minutes of general discussion. Panelists will be asked to spend 3-5 minutes highlighting what they view as the most pressing of these challenges may be.

This might include specific recurring problems that have arisen in many comparable online contexts, as they relate to the cloud such as, for example:

legal obligations to build in intercept capacity into Internet services (compare CALEA 2.0 efforts in US, Lawful Access in Canada, and domestic server obligations such as those imposed on RIM by India and others in order to facilitate access to data that is encrypted in transit).
Concerns that many legal regimes permit voluntary conduct without adequate safeguards for political pressure on companies, particularly smaller businesses, to comply with requests.
Inability to challenge surveillance laws because the programs are shrouded in secrecy, because individuals are never made aware they have been surveilled, because of standing issues, etc.
Ability for ‘one-stop access’: cloud centralizes mass amounts of data in one place. This concentration as well as a general erosion of traditional criteria designed to ensure surveillance is targeted in a way that impacts minimally on the general populace.
Nascent suggestions of informal information sharing arrangements through MLATs and less transparent more informal arrangements.

Part 2: Adopting protections at the International level (45 mins.)
The discussion in Part 2 will focus on how some of these problems can be addressed at the international level by adoption of a set of principled protections designed to meet the realities of online and specifically cloud services. The focus is on problem resolution.

Format for Part 2 will mirror that of Part 1. Panelists will be provided with 3-5 minutes each and asked to present their views on one or two solutions that can be adopted at the international level to the problems presented in part 1. The remainder (20-25 minutes) will be dedicated to general discussion.

It is hoped that the discussion will explore specific protections that might be adopted at the international level, how to advance those solutions, and what strategies can generally advance these objectives, on the advocacy front, by use of transparency tools to increase awareness of some of the issues.

Questions to think about:

Historically, interception of communications received the strongest protection at law, but it relied to a great extent on the act of interception coinciding with the communication itself. Should we be expanding this to other means of communications?
Do we have effective mechanisms to immunize private organizations from political pressure to voluntarily share information? Particularly, a lot of small companies can now have a lot of information. Are they well equipped to resist political pressure
Does the content/traffic data distinction still hold? Do we need a new framework for analysing the types of data produced as a natural byproduct of our online activities?
Can the MLAT regime form the basis for ensuring fundamental rights are respected in legitimate cross-border surveillance activities? If so, what would it take to have it reflect a baseline of protections?
Is it feasible to develop and formally adopt detailed limitations on state access at the international or regional level?
Is cloud-based info susceptible to unauthorized state access in new ways? Is this something the law can fix (mandate encryption in storage or other safeguards)? Social engineering concerns?

Background Reading:

The Draft International Principles on Surveillance & Human Rights: http://necessaryandproportionate.org/
Global Network Initiative, "Principles on Freedom of Expression and Privacy", http://www.globalnetworkinitiative.org/sites/default/files/GNI_-_Principles_1_.pdf
I. Brown & D. Korff, “Digital Freedoms in International Law”, GNI 2012, http://wsms1.intgovforum.org/sites/default/files/Digital%20Freedoms%20in%20International%20Law.pdf
J. McNamee, “Internet Intermediaries: The New Cyberpolice?”, GIS Watch, http://www.giswatch.org/sites/default/files/gisw_-_internet_intermediaries_-_the_new_cyber_police_.pdf
A. Escudero-Pascal & G. Hosein, "The Hazards of Technology-Neutral Policy: Questioning Lawful Access to Traffic Data", (2004) 47(3) ACM 77, http://web.it.kth.se/~aep/PhD/docs/paper6-acm-1905-reviewed_20021022.pdf
HRC, “Protect, Respect and Remedy: A Framework for Business and Human Rights”, April 2008, A/HRC/8/5, http://198.170.85.29/Ruggie-report-7-Apr-2008.pdf
HRC, “Guiding Principles on Business and Human Rights: Implementing the United Nations ‘Protect, Respect and Remedy” Framework”, March 2011, A/HRC/7/31, http://www.ohchr.org/Documents/Issues/Business/A-HRC-17-31_AEV.pdf
ACLU, “New Justice Department Documents Show Huge Increase in Warrantless Electronic Surveillance”, Sept 2012, http://www.aclu.org/blog/national-security-technology-and-liberty/new-justice-department-documents-show-huge-increase

Organiser(s) Name:

Katitza Rodriguez, International Rights Director, Electronic Frontier Foundation (Peru)
Tamir Israel, Staff Lawyer, Samuelson-Glushko Canadian Internet Policy and Public Interest Clinic (CIPPIC), University of Ottawa (Canada)

Previous Workshop(s):

Submitted Workshop Panelists:

Chair: Katitza Rodriguez, International Rights Director, Electronic Frontier Foundation; (US/Peru) (Civil Society) / Confirmed

Ian Brown, Senior Research Fellow, Oxford Internet Institute (EU) (Academic) / Confirmed
Bertrand de la Chapelle, Program Director at International Diplomatic Academy (EU) (Civil Society) / Confirmed
Marc Crandall, Global Compliance, Google (US) (Private Sector)
Elonnai Hickok, Policy Associate, Centre for Internet & Society (India) (Civil Society) /Confirmed
Sophie Kwasny, Head of Data Protection Unit, Data Protection & Cybercrime Division, Council of Europe (IGO) / Confirmed
Bruce Schneier, Chief Security Technology Officer of BT (US) (Private Sector) / Confirmed
Wendy Seltzer, Policy Counsel, W3C (US) (Technical Community) / Confirmed

Name of Remote Moderator(s): Paul Muchene, iHub Nairobi (Kenya) (Private Sector) Assigned Panellists: de La Chapelle - Bertrand Rodriguez - Katitza Brown - Ian Schneier - Bruce KWASNY - Sophie Seltzer - Wendy Crandall - Marc

For more details visit https://cis-india.org/news/cloudy-jurisdiction-addressing-the-thirst-for-cloud-data-in-domestic-legeal-processes

Clause 12 Of The Data Protection Bill And Digital Healthcare: A Case Study

amber — 2022-03-01T15:07:44Z

In light of the state’s emerging digital healthcare apparatus, how does Clause 12 alter the consent and purpose limitation model?

The blog post was published in Medianama on February 21, 2022. This is the second in a two-part series by Amber Sinha.

In the previous post, I looked at provisions on non-consensual data processing for state functions under the most recent version of recommendations by the Joint Parliamentary Committee on India’s Data Protection Bill (DPB). The true impact of these provisions can only be appreciated in light of ongoing policy developments and real-life implications.

To appreciate the significance of the dilutions in Clause 12, let us consider the Indian state’s range of schemes promoting digital healthcare. In July 2018, NITI Aayog, a central government policy think tank in India released a strategy and approach paper (Strategy Paper) on the formulation of the National Health Stack which envisions the creation of a federated application programming interface (API)-enabled health information ecosystem. While the Ministry of Health and Family Welfare has focused on the creation of Electronic Health Records (EHR) Standards for India during the last few years and also identified a contractor for the creation of a centralised health information platform (IHIP), this Strategy Paper advocates a completely different approach, which is described as a Personal Health Records (PHR) framework. In 2021, the National Digital Health Mission (NDHM) was launched under which a citizen shall have the option to obtain a digital health ID. A digital health ID is a unique ID and will carry all health records of a person.

A Stack Model for Big Data Ecosystem in Healthcare

A stack model as envisaged in the Strategy Paper, consists of several layers of open APIs connected to each other, often tied together by a unique health identifier. The open nature of APIs has the advantage that it allows public and private actors to build solutions on top of it, which are interoperable with all parts of the stack. It is however worth considering both the ‘openness’ and the role that the state plays in it.

Even though the APIs are themselves open, they are a part of a pre-decided technological paradigm, built by private actors and blessed by the state. Even though innovators can build on it, the options available to them are limited by the information architecture created by the stack model. When such a technological paradigm is created for healthcare reform and health data, the stack model poses additional challenges. By tying the stack model to the unique identity, without appropriate processes in place for access control, siloed information, and encrypted communication, the stack model poses tremendous privacy and security concerns. The broad language under Clause 12 of the DPB needs to be looked at in this context.

Clause 12 allows non-consensual processing of personal data where it is necessary “for the performance of any function of the state authorised by law” in order to provide a service or benefit from the State. In the previous post, I had highlighted the import of the use of only ‘necessity’ to the exclusion of ‘proportionality’. Now, we need to consider its significance in light of the emerging digital healthcare apparatus being created by the state.

The National Health Stack and National Digital Health Mission together envision an intricate system of data collection and exchange which in a regulatory vacuum would ensure unfettered access to sensitive healthcare data for both the state and private actors registered with the platforms. The Stack framework relies on repositories where data may be accessed from multiple nodes within the system. Importantly, the Strategy Paper also envisions health data fiduciaries to facilitate consent-driven interaction between entities that generate the health data and entities that want to consume the health records for delivering services to the individual. The cast of characters involve the National Health Authority, health care providers and insurers who access the National Health Electronic Registries, unified data from different programmes such as National Health Resource Repository (NHRR), NIN database, NIC and the Registry of Hospitals in Network of Insurance (ROHINI), private actors such as Swasth, iSpirt who assist the Mission as volunteers. The currency that government and private actors are interested in is data.

The promised benefits of healthcare data in an anonymised and aggregate form range from Disease Surveillance to Pharmacovigilance as well as Health Schemes Management Systems and Nutrition Management, benefits which have only been more acutely emphasised during the pandemic. However, the pandemic has also normalised the sharing of sensitive healthcare data with a variety of actors, without much thinking on much-needed data minimisation practises.

The potential misuses of healthcare data include greater state surveillance and control, predatory and discriminatory practices by private actors which rely on Clause 12 to do away with even the pretense of informed consent so long as the processing of data is deemed necessary by the state and its private sector partners to provide any service or benefit.

Subclause (e) in Clause 12, which was added in the last version of the Bill drafted by MeitY and has been retained by the JPC, allows processing wherever it is necessary for ‘any measures’ to provide medical treatment or health services during an epidemic, outbreak or threat to public health. Yet again, the overly-broad language used here is designed to ensure that any annoyances of informed consent can be easily brushed aside wherever the state intends to take any measures under any scheme related to public health.

Effectively, how does the framework under Clause 12 alter the consent and purpose limitation model? Data protection laws introduce an element of control by tying purpose limitation to consent. Individuals provide consent to specified purposes, and data processors are required to respect that choice. Where there is no consent, the purposes of data processing are sought to be limited by the necessity principle in Clause 12. The state (or authorised parties) must be able to demonstrate necessity to the exercise of state function, and data must only be processed for those purposes which flow out of this necessity. However, unlike the consent model, this provides an opportunity to keep reinventing purposes for different state functions.

In the absence of a data protection law, data collected by one agency is shared indiscriminately with other agencies and used for multiple purposes beyond the purpose for which it was collected. The consent and purpose limitation model would have addressed this issue. But, by having a low threshold for non-consensual processing under Clause 12, this form of data processing is effectively being legitimised.

For more details visit https://cis-india.org/internet-governance/blog/medianama-february-21-2022-amber-sinha-data-protection-bill-digital-healthcare-case-study

Clash of the cyberworlds

praskrishna — 2013-01-15T06:57:48Z

In an increasingly digital world, the issue of Internet freedom and governance has become hugely contested. Censorship and denial of access occur across the political spectrum of nations, even in liberal democracies.

The article by Latha Jishnu, Dinsa Sachan and Moyna was published in Down to Earth magazine's January 15, 2013 issue. Pranesh Prakash is quoted.

In run-up to the just-concluded World Conference on International Telecommunications in Dubai, there was a frenzied campaign to ensure that governments kept their hands off the Internet. It was feared the International Telecommunications Union, a UN body, was aiming to take control of the Internet. That hasn’t happened. But the outcome in Dubai has highlighted once again the double speak on freedom by countries that claim to espouse it and by corporations interested in protecting their interests, says Latha Jishnu, who warns that the major threat to the Internet freedom comes from the wide-ranging surveillance measures that all governments are quietly adopting. Dinsa Sachan speaks to institutions and officials to highlight the primacy of cyber security for nations, while Moyna tracks landmark cases that will have a bearing on how free the Net remains in India.

For months now a little-known UN agency, the International Telecommunication Union (ITU), has been looming large in cyberspace, portrayed as an evil force plotting to take over the Internet and threatening to destroy its freedom by rewriting archaic regulations. ITU, set up in 1865, is primarily a technical body that administers a 24-year-old treaty, International Telecommunication Regulations (ITRs), which are basic principles that govern the technical architecture of the global communication system.

	How did the 193-nation ITU, which regulates radio spectrum, assigns satellite orbits and generally works to improve telecom infrastructure in the developing world, turn into everyone’s favourite monster in the digital world? The provocation was ITU’s World Conference on International Telecommunications (WCIT) in Dubai, where ITRs were proposed to be revised. Leaked documents of the proposals made to ITU had shown that statist countries like Russia and China, known for their crackdown on Internet freedom, had put forward proposals to regulate digital “crime” and “security” aspects that are currently not regulated at the global level for want of consensus on balancing enforcement with protection of individual rights.

Other proposals were about technical coordination and the setting up of standards that enable all the devices, networks and software across the Internet to communicate and connect with one another. Although ITU secretary general Hamadoun I Touré had emphasised that the Dubai WCIT was primarily attempting to chart “a globally agreed-upon roadmap that offers future connectivity to all, and ensures sufficient communications capacity to cope with the exponential growth in voice, video and data”, there was widespread scepticism among developed countries.

Online subversion in India AT the seventh annual meeting of the Internet Governance Forum in Baku, Azerbaijan, last November, Minister for Communications and Information Technology Kapil Sibal was a star turn. He made an elevating speech about the need to put in place a “collaborative, consultative, inclusive and consensual” system for dealing with policies involving the Internet. India, with 125 million Internet users—a number that “is likely to grow to about half a billion over the next few years”—would be a key player in the cyberworld of tomorrow, he promised. According to the minister, Internet governance was an oxymoron because the concept of governance was for dealing with the physical world and had no relevance in cyberspace. These were high sounding words that crashed against the reality of India’s paranoia over online subversion. For starters, Sibal flew into a media blitz over Google’s transparency Report which ranked India second globally in accessing private details of its citizens. Even if it was a far second behind the US, it was an embarrassing revelation for the government which appears to have been rather enthusiastic in seeking information on the users of its various services. Such user data would include social networking profiles, complete gmail accounts and search terms used. In the first half of 2012, India made 2,319 requests related to 3,467 users compared with 7,969 requests by the US. Globally, Google clocked a total of 20,938 requests for user data. A few days down the line there was a public explosion over the arrest of two young women in Palghar, near Mumbai, for posting a prosaic comment on Facebook over Bal Thackeray’s death. Thanks to the deliberately vague wording of Section 66A of the IT Act, such arrests have become common and Rajya Sabha devoted a whole afternoon to discuss the impugned legislation and seek its withdrawal. Sibal’s response has been to issue guidelines on the use of this Section which civil society organisations say will do nothing to sort out matters. Then there are the IT (Intermediaries Guidelines) Rules, 2011, issued under Section 79 of the IT Act, which have been used indiscriminately by business interests to shut down websites, resulting in unbridled censorship of the Internet time and again. Although a motion for its annulment was moved in Parliament by Rajya Sabha member P Rajeeve, it was withdrawn after Sibal promised to talk to all stakeholders. A host of MPs have termed the rules a violation of right to freedom of speech besides going against the laws of natural justice. The promised meeting of stakeholders has not yielded any results and censorship on grounds of possible online piracy continues. In this regard, India is more restrained than the US which has pulled down huge numbers of domains on the ground they were violating intellectual property by selling pirated goods.

Western global powers, behemoth Internet companies, private telecom corporations and almost the entire pack of civil liberties organisations came together in a frenzied campaign to ensure that ITU kept its hands off the Internet. Massive online petitions were launched, backed by Internet companies such as search engine Google and social networking service Facebook. The Internet, they said, should not become an ITU remit because it would change the multi-stakeholder approach, which currently marks the way the Internet is governed, and replace it with government control that would curb digital freedom. Not only did the US administration oppose the revision of ITRs, the US Congress also passed a rare unanimous resolution against the WCIT proposals.

In the end, it was an anti-climax: nothing much came of these proposals. Although WCIT was marked by high drama—a walkout by the US and six European countries, a show of hands on a contested but innocuous resolution and an unexpected vote—the “final acts” (http://www.itu.int/en/wcit-12/Documents/final-acts-wcit-12.pdf) or the changes in ITRs make no mention of the I word. Not once. The 30-page document states at the outset that “these regulations do not address the content-related aspects of telecommunications” —an indirect reference to the Internet.

	Ultimately, it was a triumph of the US-led position even if 89 of the 144 eligible countries signed it. Most of the developed countries refused to sign it. Nor, unexpectedly, did India, and thereby hangs a curious tale. Officials who were privy to the negotiations told Down To Earth that India was all set to sign the new ITRs when its delegation got last-minute instructions from Delhi not to endorse them. “It was unexpected and a let-down for India and our global allies,” confesses an official of the Ministry of Communications & IT. “There was nothing in the final document that we had objections to.” According to the grapevine, Minister for Communications and Information Technology Kapil Sibal was facing pressure from two sides: the US Administration and domestically from civil society, Internet service providers and the private telecom players who had objected to India’s proposals on ITRs. The US is known to be keeping a close eye on what India decides to do on the new treaty which it can still ratify. In the Dubai treaty, the only ITR that does impinge on the Net is (Article 5B) on unsolicited bulk electronic communications or spam. But even here, what it merely states is that member-states should endeavour to take necessary measures to prevent the “propagation of unsolicited bulk electronic communications and minimize its impact on international telecommunication services.”

In many ways, what took place during the hectic days before and during the December 3-14 WCIT was in a broad sense a replay of the Cold War scenario of the good (freedom-loving countries) versus evil (authoritarian or autocratic regimes), although alliance may have shifted in the two blocs. What is clear is that a larger geopolitical fight is playing out with the Internet as disputed terrain. American analysts themselves have pointed out that the “US got most of what it wanted. But then it refused to sign the document and left in a huff.”

Even the innocuous Article 5A, which calls on members “to ensure the security and robustness of international telecommunication networks”, was interpreted by US delegation head Terry Kramer as a means that could be used by some governments to curb free speech!

As an outraged Saudi delegate said, “It is unacceptable that one party to the conference gets everything they want and everybody else must make concessions. And after having made many concessions, we are then asked to suppress the language which was agreed to. I think that that is dangerous. We are on a slippery slope.” The final outcome: all the contentious issues were relegated to resolutions, which have no legal basis.

Indeed, the US has managed to get its way on most issues: protecting the mammoth profits of its Internet companies and ensuring that control of the Internet address system, now done by a group based in the US, will not be shared with other ITU members. And, the likes of Google (2011 profit: $37.9 billion) and Facebook will not have to pay telecom companies for use of their networks to deliver content.

Challenges of securing cyberworld

E-commerce in India, where every tenth person is online, is on the rise—and, consequently, crime on the Internet. In 2011, the country’s nodal agency for handling cyber crime, Indian Computer Emergency Response Team, tackled 13,301 incidences of security breach. The incidents ran the gamut from website intrusions, phishing to network probing and virus attacks. Further, in 2009, 2010, 2011 and 2012 (until October), there were 201, 303, 308 and 294 cyber attacks respectively on sites owned by the Indian government. Most notably, hacker group Anonymous defaced the website of Union Minister of Communications and Information Technology, Kapil Sibal.

To beef up cyber security, the Union ministry plans to pump in Rs 45 crore in 2012-13. It also put up a draft cyber security policy for public comments in 2011. Currently, cases involving cyber security and crime are handled under the IT Act of 2000 (Amendment 2008) and the Indian Penal Code.

But will the government go about its business of securing the Net in a responsible manner? There is scepticism. Section 69 of the Act gives any government agency the right to “intercept, monitor or decrypt” information online. Chinmayi Arun, assistant professor of law at National Law University in Delhi, said at the Internet Governance Conference held at FICCI in October that crimes like defamation are not on the same page as cyber terrorism, and “we have to question whether they warranty invasion of privacy”. She added that the workings of the surveillance system has to be made more open to build public trust.

Pranesh Prakash, policy director at Centre for Internet and Society (CIS) in Bengaluru, draws attention to a fundamental flaw in the section. “Government is allowed to wire tap under the Telegraph Act, 1885. But the Act lays out specific guidelines for such an action. For example, you can only tap phones in the case of a ‘public emergency’ or ‘public safety’ situation. The IT Act does not put such limitations on interception of information,” he says.

Cyber security and ITU

A few months prior to the controversial World Conference on International Telecommunications in Dubai, countries, including Russia and Arab states, had proposed measures that would, through International Telecommunication Union (ITU), grant disproportional power to countries to control the Internet in the name of security measures. Several proposals, most notably those of India and Arab States, explicitly stated in the proposed Article 5A that countries should be able to “undertake appropriate measures, individually or in cooperation with other Member States” to tackle issues relating to “confidence and security of telecommunications/ICTs”. It raised alarm among civil society. US-based think tank Center for Democracy and Technology (CDT) said in its report dated September, 2012, that cyber security does not fall under the ambit of International Telecom Regulations, and some countries would misuse such privileges for “intrusive or repressive measures”.

The proposal by African member states recommended that nations should “harmonise their laws” on data retention. In other words, intermediaries would have to retain public data for a long period so that governments can access it whenever they please. With regard to this, CDT noted, “Not only do national laws on data retention vary greatly, but there is ongoing controversy about whether governments should impose data retention mandates at all.”

A clause in the Arab proposal on routing said, “A Member State has the right to know how its traffic is routed.” Currently, the way Internet works, senders and recipients do not know how data between their computers travels or is routed. However, enabling countries to have control over routing has its dangers. CDT notes, “(This) would simply not work and could fundamentally disrupt the operation of the Internet.” Internet traffic travels over an IP network. While travelling, it is fragmented into small packets. Packets generally take a different path across interconnected networks in many different countries before reaching the recipient’s computer. CDT notes providing routing information to countries would require “extensive network engineering changes, not only creating huge new costs, but also threatening the performance benefits and network efficiency of the current system”. Although routing was not part of India’s proposal, Ram Narain, deputy director general at the department of telecommunications, told Down To Earth it was one of the country’s concerns.

However, to civil society’s partial relief, such draconian cyber security clauses were not adopted in the new itr treaty. Two clauses added to the treaty, Article 5A and 5B, address some cyber security concerns. Titled “Security and robustness of networks”, Article 5A urges countries to “individually and collectively endeavour to ensure the security and robustness of international telecommunication networks”. Article 5B talks about keeping tabs on spam.

Prasanth Sugathan, senior advocate with Software Freedom Law Centre, an international network of lawyers, says while he would have preferred that the two clauses were kept out of the new treaty, they do not seem harmful. “They are a much toned down version of what Arab states and Russia had suggested,” he says.

This is one reason India, Brazil and other democracies from the developing world also want a change in ITRs. They want the Internet behemoths to pay for access to their markets so that such revenues can be used to build their own Internet infrastructure.

In the furious debate on keeping the Net free of international control even hawk-eyed civil society organisations prefer to ignore the monetary aspects of Net control. Some analysts believe that maintaining the status quo is not so much about protecting the values of the Internet as about safeguarding interests, both monetary and hegemonistic. Such an assessment may not be wide of the mark if one joins the dots. Google, says a Bloomberg report of December 10, “avoided about $2 billion in worldwide income taxes in 2011 by shifting $9.8 billion in revenues into a Bermuda shell company, almost double the total from three years before”. It also said that the French, Italian, British and Australian governments are probing Google’s tax avoidance in its borderless operations.

	What is clear, however, is that a number of countries for reasons springing from different motivations, appear determined to undermine America’s control of the outfits that now define how the Internet works. Although the US maintains that ICANN (Internet Corporation for Assigned Names and Numbers) is a private, non-profit corporation, it is overseen by the US Commerce Department. According to People’s Daily, what the US spouts about Net freedom is so much humbug. In an August 2012 report, the leading Chinese daily claimed the US “controls and owns all cyberspaces in the world, and other countries can only lease Internet addresses and domain names from the US, leading to American hegemonic monopoly over the world’s Internet”. It also highlighted a fact that has slipped below the radar. During the Iraq invasion, the US government asked ICANN to terminate services to Iraq’s top-level domain name “.iq” and thereafter all websites with the domain name “.iq” disappeared overnight. It charges the US with having “taken advantage of its control over the Internet to launch an invisible war against disobedient countries and to intimidate and threaten other countries”. While this may be true, the irony is that China, with its great firewall of censorship, is in no shape to position itself as a champion of freedom. Like other authoritarian countries, it will do everything to police the Net and control it.

The right of countries and peoples to access the Net was highlighted in Dubai when some African countries raised the issue of US control of the global Internet. Some of these, such as Sudan, have long been complaining about Washington’s sanctions that entail denial of Internet services. ITU officials point out that Resolution 69, first passed in the 2008 meeting, invoked again in 2010 and dusted off once again for the WCIT negotiations, invoked “human rights” to argue for “non-discriminatory access to modern telecom/ ICT facilities, services and applications”. Says Paul Conneally, head of Communications & Partnership Promotion at ITU, “The real target of these resolutions are US sanctions imposed on nations that are deemed bad actors. These sanctions mean that people in those countries—not just the government, mind you, but everyone, innocent and guilty alike—are denied access to Internet services such as Google, Sourceforge, domain name registrars such as GoDaddy, software and services from Oracle, Windows Live Messenger, etc.”

The catalogue of Sudan’s complaints shows at least 27 instances in 2012 when companies from Google to Microsoft and Paypal to Oracle cut off their services to the African country. This might explain why major companies would be opposed to the resolution on a right to access Internet services. Such a right would allow countries to use ITRs to compel them to provide services they might otherwise have preferred not to. But so far all such sanctions appear to have been a decision of the US Administration.

The problem of the digital divide, in fact, did not get the headlines it should have. Africa accounts for just 7 per cent of the 2.4 billion people who use the Net worldwide and penetration in the region is just 15.6 per cent of the population. Compare this with North America where over 78 per cent are linked to the digital world and Touré’s logic about the ITU’s mandate appears reasonable.

When Apple censors the drone war NETIZENS know that the Internet suffers from the depredations of government, hackers and viruses. But not many are aware that companies are as prone to taking legitimate stuff off the Net on the flimsiest grounds. In the case of Apple it could have been misplaced patriotism or plain business sense that prompted it to block an app which monitors drone strike locations in November last year. The App Store rejected the product, calling it “objectionable and crude”. Drones+ (see photo) is an application that simply adds a location to a map every time a drone strike is reported in the media and added to a database maintained by the UK’s Bureau of Investigative Journalism. Josh Begley, a graduate student at New York University, who developed the app, says it shows no visuals of war or classified information. All it does is to keep its users informed about when and where drone attacks are taking place in Pakistan and Afghanistan. “This is behavior I would expect of a company in a repressive country like China, not an iconic American company in the heart of Silicon Valley,” says a petition to the company CEO. Did Apple’s censorship have anything to do with the fact that it received huge contracts from the Pentagon? US legislators have joined the protests against Apple. The most brazen act of corporate censorship occurred in August 2012 with NASA’s livestream coverage of the Curiosity rover’s landing on Mars in the space agency’s $2.5 billion mission. A news agency, Scripps, coolly claimed as its own the public domain video posted on NASA’s official YouTube channel that documented the epic landing (see our opening visuals). “This video contains content from Scripps Local News, who has blocked it on copyright grounds. Sorry about that,” said a message on NASA’s blackened screen. So much for the strict US laws aimed at curbing online piracy!

Touré noted that the revised ITRs would see greater transparency in global roaming charges, lead to “more investment in broadband infrastructure” and help those with disabilities. But he was hopeful that the new treaty signed in Dubai would make it possible for the 4.5 billion people still offline to be connected. “When all these people come online, we hope they will have enough infrastructure and connectivity so that traffic will continue to flow freely,” Touré said.

But should ITU govern the Net? Not in its entirety, according to experts. For one, ITU until the Dubai meeting was far from being transparent and does not allow participation of civil society or other stakeholders in its negotiations unless they are part of the official delegation of the member-states. In fact, even critics of the current system, who think the system is lopsided and hypocritical, believe ITU needs to reform itself and confine to the carrier/infrastructure layer of the Internet. Nor should it get into laying down standards which is done by Internet Engineering Task Force (IETF) and the naming and numbering that is managed by ICANN.

But Conneally counters this by asking what would happen if the US decided to deny domain name root zone to Iran because of its bad human rights record. “Suppose it ordered Verisign to remove .IR from the DNS root and make it non-functional. Would we want ICANN/the Internet governance regime to be used as a political/strategic tool to reform Iran? What happens to global interoperability when the core infrastructure gets used in that way?”

Who then should ensure that the Internet is run in a free and open manner? Should it be the Internet Governance Forum (IGF)? But IGF is to be an open consultative forum that cannot by itself govern. It brings in participation for any or all Internet-related policy processes but it by itself was never supposed to do policy or governance.

Parminder Jeet Singh, executive director of ItforChange, says whoever governs is the government for that purpose. “This truism is significant in the present context, because there is an attempt by those who really control/ govern the Internet at present, largely through illegitimate and often surreptitious ways, to confuse issues around Internet governance in all ways possible, including through abuse of established language and political principles and concepts.”

ITforChange is a Bengaluru institution working on information society theory and practice, especially from the standpoint of equity, social justice and gender equality, and it is that perspective which informs Singh’s suggestions. “What we need are safeguards as, for instance, with media regulation. The Internet, of course, is much more than media. It is today one of the most important factors that can and will influence distribution of economic, social and political power. Without regulation it will always be that those who currently dominate it will take away the biggest pie.

Surveillance club

Eight Indian companies are among the 700 members of European Telecommunications Standards Institute. The group works with government and law enforcement agencies to integrate surveillance capabilities into communications infrastructure. It also hosts regular meetings on lawful interception

Wipro Technologies	Associate Service Providers
• HCL Technologies Limited	• Associate Consultancy for Co./Partnership
• Accenture Services Pvt Ltd	• Observers
• CEWiT	• Associate Research Body
• Saankhya Labs Pvt Ltd	• Associate Manufacturers
• Sasken Communication	• Associate Manufacturers
• Technologies
• SmartPlay Technologies	Associate Consultancy for Co./Partnership
• TEJAS NETWORKS LTD	• Associate Manufacturers

Other critics of the current system concede that bringing governments on board, especially authoritarian and statist powers which the digital world threatens, would give them perverse incentives to control it. But this threat should be met not by insisting that the Internet needs no governance or regulation, but by safeguards that ensure equitable access and benefits, Singh stresses.

While the jury is out on the question whether the new ITRs will make any material difference to the way, and if at all, the Net will come under added government oversight and intervention, developments elsewhere show that ITU is not the main threat to digital freedom.

The irony is that while cyber security is contentious in ITU, other international organisations, such as the UN Office on Drugs and Crime (UNODC) and a clutch of influential telecom industry associations, are pushing for surveillance programmes that ensure policing of a high order with sophisticated infrastructure to monitor online communications. A host of countries already have such systems in place and are pressuring countries like India to fall in line.

A UNODC report, titled ‘The use of the Internet for terrorist purposes’, has detailed how countries can and should use new technology for online surveillance—all in the name of anti-terrorism. The report discusses sensitive issues such as blocking websites and using spyware to bypass encryption and also urges countries to cooperate on an agreed framework for data retention.

At the same time, powerful industry bodies, such as ATIS (Alliance for Telecommunications Industry Solutions) and the European Telecommunications Standards Institute (ETSI), are reported to be working with government and law enforcement agencies to integrate surveillance capabilities into communications infrastructure, according to Future Tense, a project which looks at emerging technologies and how these affect society, policy and culture. It says India is under pressure from another industry organisation, the Telecommunications Industry Association (TIA), “to adopt global standards for surveillance”, calling on the country’s government to create a “centralized monitoring system” and “install state-of-the-art legal intercept equipment”.

TIA is a Washington-based trade group which brings together companies such as Nokia, Siemens Networks and Verizon Wireless, and is focused on issues related to electronic surveillance and is developing standards for intercepting VOIP and data retention alongside with ETSI and ATIS. At least seven Indian companies are members of ETSI, which is said to hold international meetings on data interception thrice a year.

Add to this chilling list the International Chamber of Commerce. It is reported to be seeking the establishment of surveillance centre hubs of several countries to help governments intercept communications and obtain data that is stored in cloud servers in foreign jurisdictions. Given this backdrop why are the US and its cohorts creating a ruckus on ITRs?

It would also mean that by focusing on ITRs and ITU as a major threat to Internet freedom civil society may be jousting at windmills.

Malice and freedom of speech

Two suits highlight the challenge of treading between the two

Among the many legal cases in India related to the use and misuse of the world wide web, two stand out for involving web giants and provoking sharp reaction. These are the cases registered in Delhi district courts in December 2011, objecting to chunks of content—portraying prominent political figures and religious places among others in a certain light—hosted on websites. One was filed by a Delhi journalist, Vinai Rai, requesting the court to press criminal charges against 21 web agencies, including Google, Facebook and Yahoo! India. The other, filed by a social activist, M A A Qasmi, was a civil suit requesting action against 22 web agencies. Both mentioned that the content on the websites was inflammatory, threat to national integrity, unacceptable, and created enmity, hatred and communal discord.

A year on, tangible impact has not been much. The number of accused in the civil case has come down to seven web agencies and in the criminal case the government is yet to issue summons to the companies concerned (see ‘The case so far’). However, these litigations are seen as landmarks in the recent history of the Internet and its interaction with societies and governments. The cases—especially off-the-record comments by the judiciary suggesting blanket ban and pre-screening of all content—provoked a debate on the freedom of expression and Indian cyber laws.

The case so far

JANUARY 13, 2012: Delhi High Court dismisses petition by Google and Facebook asking to be absolved of criminal charges filed in district court

JANUARY 20: High Court asks for reply from Delhi Police in response to plea by Yahoo! India challenging district court summons

FEBRUARY 16: Court refuses to stay proceedings against Facebook and Google but allows them to be represented by counsel

MARCH: Court dismisses criminal charges against Yahoo! India and Microsoft but says the charges can be revived if new evidence comes to light. Sets aside summons

Malicious content exists on the web and may even need to be taken down, but the laws used to remove malicious content can also be used to curb political speech, thus, infringing on the right to freedom of expression, says Prasanth Sugathan, senior advocate with Software Freedom Law Centre, an international network of lawyers.

Some like Pranesh Prakash of non-profit Centre for Internet and Society believe the IT Rules are at odds with the IT Act and give powers for censorship. He explains that the IT Act, 2000, provides for protection of intermediaries; web browsers, social networking sites and websites cannot be held responsible for what a third party publishes on their forums—“similar to the way in which we cannot sue a telephone agency or a post office for someone else making use of these platforms to harass or defame another person”. But the IT rules of 2011 watered down this protection.

Supreme Court advocate and cyber law expert Pavan Duggal explains how. The Act states once a complaint is made against certain content, the web agency hosting it must notify the person who put up the content, verify the content and judge whether it needs to be removed. But the rules state that once the web agency is notified it must remove the content within 36 hours or it could be prosecuted for not acting on the complaint. The rules have gone beyond the Act’s scope, especially vis-a-vis privacy and data protection, leaving no scope for hearing out the accused, he says.

The disjunct between the Act and the rules is being contested in various spheres, including Parliament. But there is a bright side too. Duggal believes the cases have brought pertinent issues, like free speech and privacy concerns, into the public domain. Ramanjeet Chima, policy adviser for Google, says freedom of expression is paramount for Google but the recognition of local sentiments is also being given equal weightage.

Senior advocate Sidharth Luthra, who was representing Facebook in the Delhi High Court, wonders whether the existing Indian laws are in tune with the ever-changing online world. Unwilling to comment on the case, he says the law is limited in its scope, while technology is not. Refusing to comment on the cases, the Google adviser emphasised the need to use the existing provisions of big web agencies to address grievances regarding content.

The Internet “is not the wild wild west”; all content, users and viewers can be traced, Duggal cautions. Since the Internet can impact political issues government is increasingly looking for ways to control it. “There is no ideal solution but it is evident that some monitoring and regulation are required, and in all parts of the world all regimes are in the process of addressing this,” he says.

For more details visit https://cis-india.org/news/down-to-earth-latha-jishnu-dinsa-sachan-moyna-january-15-2013-clash-of-the-cyber-worlds

Civil Society Pushes for Privacy Panel

praskrishna — 2014-05-27T11:39:20Z

The article was published in the Times of India on May 6, 2014. Sunil Abraham is quoted.

Civil society organizations are pushing for a 'privacy commission' to provide protection to individuals from illegal breach of their privacy, with guidelines imposing penal sanction against the violators. This assumes significance

This assumes significance at a time when the Centre has decided to set up a judicial panel to probe the snoopgate scandal wherein the BJP government in Gujarat was allegedly involved in illegal surveillance of a woman architect and especially when the Right to Privacy Bill is pending in Parliament.

However, industry consortia, including CII and FICCI, prefer lesser regulation, though calling for a cautious approach.

Among civil society organizations pressing for a stringent privacy bill is the International Centre for Free and Open Source Software (ICFOSS), the only representative from Kerala to attend the NETmundial conference held recently in Brazil. The meet focused on privacy issues to ensure basic human rights, including freedom of expression.

NETmundial is the first step towards pushing for a privacy law against the snooping and spying on individuals by those in power, including agencies within and outside the country Privacy guidelines should be clear as to what data can be collected without infringing on the dignity of an individual as 'data' represents the duration of a call, while 'metadata' reveals the content of the caH," said ICFOSS director SatishBabu.

Bangalore-based Centre for Internet and Society (CIS), another NETmundial participant, also stands for a strong privacy law. "The two-day conference that concluded on April 24 was a baby step towards a privacy law with a road map for global internet governance. It is the first step towards a multi-stakeholder model offering an equal footing for all civil society organizations, academia, government, private sector and the UN fora," said CIS executive director Sunil Abraham

“We are pushing for a privacy law in the country aimed at national privacy regulation and constituting a privacy commission on the lines of the information commission," he added.

Click to read the full story

For more details visit https://cis-india.org/news/the-times-of-india-may-6-2014-laxmi-ajai-prasanna-civil-society-pushes-for-privacy-panel

Civil Society Organisations and Internet Governance in India - Open Review

sumandro — 2015-11-13T05:51:03Z

This is a book section written for the third volume (2000-2010) of the Asia Internet History series edited by Prof. Kilnam Chon. The pre-publication text of the section is being shared here to invite suggestions for addition and modification. Please share your comments via email sent to raw[at]cis-india[dot]org with 'Civil Society Organisations and Internet Governance in India - Comments' as the subject line. This text is published under Creative Commons Attribution-NoDerivatives 4.0 International license.

You are most welcome to read the pre-publication drafts of other sections of the Asia Internet History Vol. 3, and share your comments: https://sites.google.com/site/internethistoryasia/book3.

Early Days

The overarching context of development interventions and rights-based approaches have shaped the space of civil society organizations working on the topics of information and communication technologies (ICTs) and Internet governance in India. Early members of this space came from diverse backgrounds. Satish Babu was working with the South Indian Federation of Fishermen Societies (SIFFS) in mid-1990s, when he set up a public mailing list called 'FishNet,' connected to Internet via the IndiaLink email network, (then) run by India Social Institute to inter-connect development practitioners in India. He went on to become the President of Computer Society of India during 2012-2013; and co-founded Society for Promotion of Alternative Computing and Employment (SPACE) in 2003, where he served as the Executive Secretary during 2003-2010 [Wikipedia 2015]. Anita Gurumurthy, Executive Director of IT for Change and one of the key actors from Indian civil society organizations to take part in the World Summit on the Information Society (WSIS) process, had previously worked extensively on topics related to public health and women's rights [ITfC b], which deeply shaped the perspectives she and IT for Change have brought into the Internet governance sphere, globally as well as nationally [Gurumurthy 2001]. Arun Mehta initiated a mailing list titled 'India-GII' in 2002 to discuss 'India's bumpy progress on the global infohighway' [India-GII 2005]. This list played a critical role in curating an early community of non-governmental actors interested in the topics of telecommunication policy, spectrum licensing, Internet governance, and consumer and communication rights. As Frederick Noronha documents, the mailing list culture grew slowly in India during the late 1990s and early 2000s. However, they had a great impact in organizing early online communities, sometimes grouped around a topical focus, sometimes functioning as a bridge among family members living abroad, and sometimes curating place-specific groups [Noronha 2002].

The inaugural conference of the Free Software Foundation of India [FSFI] in Thiruvananthapuram, on 20 July 2001, galvanized the Free/Libre and Open Source Software (FLOSS) community in India. The conference was titled 'Freedom First,' and Richard Stallman was invited as the chief guest. It was a vital gathering of actors from civil society organizations, software businesses, academia, and media, as well as the Secretary of the Department of Information Technology, Government of Kerala (the state where the conference was held). The conference laid the basis for sustained collaborations between the free software community, civil society organizations, emerging software firms in the state, and the Government of Kerala for the years to come. Two early initiatives that brought together free software developers and state government agencies were the Kerala Trasportation Project and the IT@School project, which not only were awarded to firms promoting use of FLOSS in electronic governance project, but facilitated a wider public dialogue regarding the need think critically about the making of information society in India [Kumar 2007]. The inter-connected communities and overlapping practices of the FLOSS groups, civil society organizations involved in ICT for Development initiatives, telecommunication policy analysts and advocates, and legal-administrative concerns regarding life in the information society – from digital security and privacy, to freedom of online expressions, to transparency in electronic governance infrastructures – have, hence, continued to shape the civil society space in India studying, discussing, responding, and co-shaping policies and practices around governance of Internet in India.

Key Organizations

IT for Change was established in 2000, in Bengaluru, as a non-governmental organization that 'works for the innovative and effective use of information and communication technologies (ICTs) to promote socio-economic change in the global South, from an equity, social justice and gender equality point of view' [ITfC]. It has since made important contributions in the field of ICTs for Development, especially in integrating earlier communication rights practices organised around old media forms with newer possibilities of production and distribution of electronic content using digital media and Internet [ITfC e], and in that of Internet governance, especially through their participation in the WSIS and Internet Governance Forum (IGF) processes and by co-shaping the global Souther discourse of the subject [ITfC d]. It has also done significant works in the area of women's rights in the information society, and have been a core partner in a multi-country feminist action research project on using digital media to enhance the citizenship rights and experiences of marginalized women in India, Brazil, and South Africa [ITfC c]. IT for Change has co-led the formation of Just Net Coalition in February 2014 [JNC].

Digital Empowerment Foundation (DEF) was founded by Osama Manzar, in New Delhi in 2002, with a 'deep understanding that marginalised communities living in socio-economic backwardness and information poverty can be empowered to improve their lives almost on their own, simply by providing them access to information and knowledge using digital tools' [DEF c]. DEF has contributed to setting up Community Information Resource Centres across 19 states and 53 districts in India, with computers, printers, scanners, and Internet connectivity [DEF]. DEF organises one of the biggest competitions in Asia to identify, foreground, and honour significant contributions in the area of ICT for Development [DEF d]. This annual competition series, titled 'Manthan Award' (Translation: 'manthan' means 'churning' in Sanskrit), started in 2004. It has alllowed DEF to create a detailed database of ICT for Development activities and actors in the South Asia and Asia Pacific region. Since 2011, DEF has started working with Association for Progressive Communications on a project titled 'Internet Rights' to take forward the agenda of 'internet access for all' in India [DEF b].

The Society for Knowledge Commons was formed in New Delhi 2007 by 'scientists, technologists, researchers, and activists to leverage the tremendous potential of the ‘collaborative innovation’ model for knowledge generation that has lead to the growth of the Free and Open Source Software community (FOSS) around the world' [Society for Knowledge Commons]. It has championed integration of FOSS into public sector operations in India – from electronic governance systems to use of softwares in educational institutes – and has made continuous interventions on Internet governance issues from the perspective of the critical importance of shared knowledge properties and practices for a more democratic information society. It is a part of the Free Software Movement of India [FSMI], an alliance of Indian organizations involved in advocating awareness and usage of FOSS, as well as a founding member of the Just Net Coalition [JNC].

The Centre for Internet and Society (CIS) was established in Bengaluru in 2008 with a research and advocacy focus on topics of accessibility of digital content for differently-abled persons, FOSS and policies on intellectual property rights, open knowledge and Indic Wikipedia projects, digital security and privacy, freedom of expression and Internet governance, and socio-cultural and historical studies of Internet in India [CIS]. In one of the key early projects, CIS contributed to the making of web accessibility policy for government websites in India, which was being drafted by the Department of Information Technology, Government of India [CIS 2008]. In the following years it took part in the Internet Governance Forum summits; submitted responses and suggestions to various policies being introduced by the government, especially the Information Technology (Amendment) Act, 2008, National Identification Authority of India (NIA) Bill, 2010, and the Approach Paper for a Legislation on Privacy, 2010; produced a report on the state of open government data in India [Prakash 2011b], and undertook an extensive study on the experiences of the young people in Asia with Internet, digital media, and social change [Shah 2011].

Software Freedom Law Centre has undertaken research and advocacy interventions, since 2011, in the topics digital privacy, software patents, and cyber-surveillance [SFLC]. The Internet Democracy Project, an initiative of Point of View, has organised online and offline discussions, participated in global summits, and produced reports on the topics of freedom of expression, cyber security and human rights, and global Internet governance architecture since 2012 [IDP].

The first Internet Society chapter to be established in India was in Delhi. The chapter began in 2002, but went through a period of no activity before being revived in 2008 [Delhi]. The Chennai chapter started in 2007 [Chennai], the Kolkata one in 2009 [Kolkata], and the Bengaluru chapter came into existence in 2010 [Bangalore]. Asia Internet Symposium have been organised in India twice: 1) the Kolkata one, held on on 1 December 2014, focused on 'Internet and Human Rights: Empowering the Users,' and 2) the Chennai symposium, held on 2 December 2014, discussed 'India in the Open and Global Internet.' The newest Internet Society chapter in India is in the process of formation in Trivandrum [Trivandrum], led by the efforts of Satish Babu (mentioned above).

Global and National Events

The first World Summit on the Information Society (WSIS) conference in Geneva, held on 10-12 December 2003, was not attended by many civil society organizations from India. Several Indian participants in the conference were part of the team of representatives from different global civil society organizations, like Digital Partners, Development Alternatives with Women for a New Era (DAWN), and International Centre for New Media [ITU 2003]. Between the first and the second conference, the engagement with the WSIS process increased among Indian civil society organizations increased of the WSIS process, which was especially led by IT for Change. In early 2005, before the second Preparatory Committee meeting of the Tunis conference, it organized a discussion event titled 'Gender Perspectives on the Information Society: South Asia Pre-WSIS Seminar' in partnership with DAWN and the Indian Institute of Management, Bangalore, which was supported by UNIFEM and the UNDP Asia-Pacific Development Information Programme [Gurumurthy 2006]. In a separate note, Anita Gurumurthy and Parminder Jeet Singh of IT for Change have noted their experience as a South Asian civil society organization engaging with the WSIS process [Gurumurthy 2005]. The second WSIS conference in Tunis, held on 16-18 November 2005, however, neither saw any significant participation from Indian civil society organizations, except for Ambedkar Centre for Justice and Peace, Childline India Foundation / Child Helpline International, and IT for Change [ITU 2005]. This contrasted sharply with the over 60 delegates from various Indian government agencies taking part in the conference [ITU 2005].

Two important events took place in India in early 2005 that substantially contributed to the civil society discourses in India around information technology and its socio-legal implications and possibilities. The former is the conference titled 'Contested Commons, Trespassing Publics' organized by the Sarai programme at the Centre for the Study of Developing Societies, Alternative Law Forum, and Public Service Broadcasting Trust, in Delhi on 6-8 January 2005. The conference attempted to look into the terms of intellectual property rights (IPR) debates from the perspectives of experiences in countries in Asia, Latin America, and Africa. It was based on the research carried out by the Sarai programme and Alternative Law Forum on contemporary realities of media production and distribution, and the ways in which law and legal instruments enter into the most intimate spheres of social and cultural life to operationalise the IPRs. The conference combined academic discussions with parallel demonstrations by media practitioners, and knowledge sharing by FLOSS communities [Sarai 2005]. The latter event is the first of the Asia Source workshop that took place in Bengaluru during 28 January - 4 February 2005 . It brought together more than 100 representatives from South and South-East Asian civil society organizations and technology practitioners working with them, along with several leading practitioners from Africa, Europe, North America, and Latin America, to promote adoption and usage of FLOSS across the developmental sector in the region. The workshop was organized by Mahiti (Bengaluru) and Tactical Technology Collective (Amsterdam), with intellectual and practical support from an advisory group of representatives from FLOSS communities and civil society organizations, and financial support from Hivos, the Open Society Institute, and International Open Source Network [Asia Source].

While the participation of representatives from Indian civil society organizations at the IGFs in Athens (2006) and Rio de Janeiro (2007) was minimal, the IGF Hyderabad, held on 3-6 December 2008, provided a great opportunity for Indian civil society actors to participate in and familiarize themselves with the global Internet governance process. Apart from various professionals, especially lawyers, who attended the Hyderabad conference as individuals, the leading civil society organizations participating in the event included: Ambedkar Center for Justice and Peace, Centre for Internet and Society, Centre for Science, Development and Media Studies, Digital Empowerment Foundation, Internet Society Chennai chapter, IT for Change, and Mahiti. The non-governmental participants from India at the event, however, were predominantly from private companies and academic institutes [IGF 2008].

IT for Change made a critical intervention into the discourse of global Internet governance during the Hyderabad conference by bringing back the term 'enhanced cooperation,' as mentioned in the Tunis Agenda for the Information Society [ITU 2005 b]. At IGF Sharm El Sheikh, held during 15-18 November 2009, Parminder Jeet Singh of IT for Change explained:

[E]nhanced cooperation consists of two parts. One part is dedicated to creating globally applicable policy principles, and there is an injunction to the relevant organizations to create the conditions for doing that. And I have a feeling that the two parts of that process have been conflated into one. And getting reports from the relevant organizations is going on, but we are not able to go forward to create a process which addresses the primary purpose of enhanced cooperation, which was to create globally applicable public policy principles and the proof of that is that I don't see any development of globally applicable public policy principles, which remains a very important need. [IGF 2009]

This foregrounding of the principle of 'enhanced cooperation' have since substantially contributed to rethinking not only the global Internet governance mechanisms and its reconfigurations, but also the Indian government's perspectives towards the same. It eventually led to the proposal made by a representative of Government of India at the UN General Assembly session on 26 October 2011 regarding the establishment of a UN Committee for Internet-Related Policies [Singh 2011].

Internet Policies and Censorship

One of the earliest instances of censorship of online content in India is the blocking of several websites offering Voice over IP (VoIP) softwares, which can be downloaded to make low-cost international calls, during late 1990s. The India-GII mailing list initiated by Arun Mehta, as mentioned above, started almost as a response to this blocking move by Videsh Sanchar Nigam Limited (VSNL), the government-owned Internet Service Provider (ISP). Additionally, Mehta filed a case against VSNL for blocking these e-commerce websites, which might be identified as the first case of legal activism for Internet-related rights in India [India-GII 2001]. During the war between India and Pakistan during 1999, the Indian government instructed VSNL to block various Pakistani media websites, including that of Dawn. Like in the case of websites offering VoIP services, this blocking did not involve direct intervention with the websites concerned but only the ability of Indian users to access them [Tanna 2004]. The first well-known case of the Government of India blocking digital content for political reasons occurred in 2003, when a mailing list titled 'Kynhun' was banned. Department of Telecommunications instructed all the But the previously deployed URL-blocking strategy did not work in the new situation of mailing lists. Blocking the URL of the group did not stop it from being used by members of the group to continue sharing email through it. Government of India then approached Yahoo directly to ensure that the mailing list is closed down, which Yahoo declined to implement. This resulted in imposing of a blanket blocking of all Yahoo Groups pages across ISPs in India during September 2003. By November, Yahoo decided to close down the mailing list, and the blanket blocking was repealed [Tanna 2004]. Further blocking of several blogs and websites continued through 2006 and 2007, where the government decided to work in collaboration with various platforms offering hosted blog and personal webpage services to remove access to specific sub-domains. In resistance to this series of blocking orders by the government, there emerged an important civil society campaign titled 'Bloggers Against Censorship' led by Bloggers Collective Group, a distributed network of bloggers from all across India [Bloggers 2006].

A few weeks after the IGF Hyderabad, the Government of India passed the Information Technology (Amendment) Act 2008 on 22 December 2008 [MoLaJ 2009], although it was notified and enforced much later on 27 October 2009 [MoCaIT 2009]. This amendment attempted to clarify various topics left under-defined in the Information Technology Act of 2000. However, as Pranesh Prakash of the Centre for Internet and Society noted, the casual usage of the term 'offensive content' in the amendment opened up serious threats of broad curbing of freedom of online expression under the justification that it caused 'annoyance' or 'inconvenience' [Prakash 2009]. The sections 66 and 67 of the amended Information Technology Act, which respectively address limits to online freedom of expression and legally acceptable monitoring of digital communication by government agencies, have since been severely protested against by civil society organizations across India for enabling a broad-brushed censorship and surveillance of the Internet in India. The section 66A has especially allowed the government to make a series of arrests of Internet users for posting and sharing 'offensive content' [Pahwa 2015].

In 2011, the Government of India introduced another critical piece of policy instrument for controlling online expressions – the Information Technology (Intermediary Guidelines) Rules, 2011 [MoCaIT 2011] – targeted at defining the functions of the intermediaries associated with Internet-related services and communication, and how they are to respond to government's directives towards taking down and temporary blocking of digital content. The draft Rules were published in early 2011 and comments were invited from the general public. One of the responses, submitted by Privacy India and the Centre for Internet and Society, explicitly highlighted the draconian implications of the (then) proposed rules:

This rule requires an intermediary to immediately take steps to remove access to information merely upon receiving a written request from “any authority mandated under the law”. Thus, for example, any authority can easily immunize itself from criticism on the internet by simply sending a written notice to the intermediary concerned. This is directly contrary to, and completely subverts the legislative intent expressed in Section 69B which lays down an elaborate procedure to be followed before any information can be lawfully blocked. [Prakash 2011]

The policy apparatus of controlling online expression in India took its full form by the beginning of the decade under study here. The 'chilling effect' of this apparatus was made insightfully evident by a study conducted by Rishabh Dara at the Centre for Internet and Society, where fake takedown notices (regarding existing digital content) were sent to 7 important Internet intermediaries operating in India, and their responses were studied. The results of this experiment demonstrated that:

[T]he Rules create uncertainty in the criteria and procedure for administering the takedown thereby inducing the intermediaries to err on the side of caution and over-comply with takedown notices in order to limit their liability; and as a result suppress legitimate expressions. Additionally, the Rules do not establish sufficient safeguards to prevent misuse and abuse of the takedown process to suppress legitimate expressions. [Dara 2012]

Reference

[Bloggers 2006] Bloggers Collective Group, Bloggers Against Censorship. Last updated on April 30, 2009‎. Accessed on July 08, 2015, from http://censorship.wikia.com/wiki/Bloggers_Against_Censorship.

[Dara 2012] Dara, Rishabh, Intermediary Liability in India: Chilling Effects on Free Expression on the Internet. The Centre for Internet and Society. April 27. Accessed on July 08, 2015, from http://cis-india.org/internet-governance/chilling-effects-on-free-expression-on-internet.

[DEF] Digital Empowerment Foundation (DEF). Community Information Resource Centre. Accessed on July 08, 2015, from http://defindia.org/circ-2/.

[DEF b] Digital Empowerment Foundation (DEF). Internet Rights. Accessed on July 08, 2015, from http://internetrights.in/.

[DEF c] Digital Empowerment Foundation (DEF). Our Story. Accessed on July 08, 2015, from http://defindia.org/about-def/.

[DEF d] Digital Empowerment Foundation (DEF). Manthan Awards. Accessed on July 08, 2015, from http://defindia.org/manthan-award-south-asia-masa/.

[FSFI] Free Software Foundation of India. Accessed on July 08, 2015, from http://fsf.org.in/.

[FSMI] Free Software Movement of India. Accessed on July 08, 2015, from http://www.fsmi.in/node.

[Gurumurthy 2001] Gurumurthy, Anita, A Gender Perspective to ICTs and Development: Reflections towards Tunis. January 15. Accessed on July 08, 2015, from http://www.worldsummit2003.de/en/web/701.htm.

[Gurumurthy 2005] Gurumurthy, Anita, and Parminder Jeet Singh, WSIS PrepCom 2: A South Asian Perspective. Association for Progressive Communications. April 01. Accessed on July 08, 2015, from https://www.apc.org/en/news/hr/world/wsis-prepcom-2-south-asian-perspective.

[Gurumurthy 2006] Gurumuthy, Anita et al (eds.), Gender in the Information Society: Emerging Issues. UNDP Asia-Pacific Development Information Programme. Accessed on July 08, 2015, from http://www.genderit.org/sites/default/upload/GenderIS.pdf.

[India-GII 2001] India-GII, Status of VSNL Censorship of IP-Telephony Sites. Accessed on July 08, 2015, from http://members.tripod.com/~india_gii/statusof.htm.

[India-GII 2005] India-GII. 2005. Last modified on May 24. Accessed on July 08, 2015, from http://india-gii.org/.

[IDP] Internet Democracy Project. Accessed on July 08, 2015, from http://internetdemocracy.in/.

[ITU 2003] International Telecommunication Union (ITU), Geneva Phase of the WSIS: List of Participants. Accessed on July 08, 2015, from http://www.itu.int/wsis/docs/geneva/summit_participants.pdf.

[ITU 2005] International Telecommunication Union (ITU), List of Participants (WSIS) – Update 5 Dec 2005. Accessed on July 08, 2015, from http://www.itu.int/wsis/docs2/tunis/final-list-participants.pdf.

[ITU 2005 b] International Telecommunication Union (ITU), Tunis Agenda for the Information Society. November 18. Accessed on July 08, 2015, from http://www.itu.int/wsis/docs2/tunis/off/6rev1.pdf.

[IGF 2008] Internet Governance Forum, Hyderabad Provisional List of Participants. Accessed on July 08, 2015, from http://www.intgovforum.org/cms/index.php/component/content/article/385-hyderabad-provisional-list-of-participants.

[IGF 2009] Internet Governance Forum, Managing Critical Resources. IGF Sharm El Sheikh, Egypt . November 16. Accessed on July 08, 2015, from http://www.intgovforum.org/cms/2009/sharm_el_Sheikh/Transcripts/Sharm%20El%20Sheikh%2016%20November%202009%20Managing%20Critical%20Internet%20Resources.pdf.

[Bangalore] Internet Society Bangalore Chapter. Accessed on July 08, 2015, from http://www.isocbangalore.org/.

[Delhi] Internet Society Delhi Chapter. Accessed on July 08, 2015, from http://www.isocbangalore.org.

[Chennai] Internet Society Chennai Chapter. Accessed on July 08, 2015, from http://www.isocbangalore.org.

[Kolkata] Internet Society Kolkata Chapter. Accessed on July 08, 2015, from http://isockolkata.in/.

[Trivandrum] Internet Society Trivandrum Chapter. Accessed on July 08, 2015, from http://www.internetsociety.org/what-we-do/where-we-work/chapters/india-trivandrum-chapter.

[ITfC] IT for Change, About IT for Change. Accessed on July 08, 2015, from http://www.itforchange.net/aboutus.

[ITfC b] IT for Change, Anita Gurumurthy. Accessed on July 08, 2015, from http://www.itforchange.net/Anita.

[ITfC c] IT for Change, Gender and Citizenship in the Information Society: Southern Feminist Dialogues in Practice and Theory. Accessed on July 08, 2015, from http://www.gender-is-citizenship.net/.

[ITfC d] IT for Change, Internet Governance. Accessed on July 08, 2015, from http://www.itforchange.net/Techgovernance.

[ITfC e] IT for Change, Our Field Centre. Accessed on July 08, 2015, from http://www.itforchange.net/field_centre.

[JNC] Just Net Coalition (JNC). Accessed on July 08, 2015, from http://justnetcoalition.org/.

[Kumar 2007] Kumar, Sasi V. 2007. The Story of Free Software in Kerala, India. Accessed on July 08, 2015, from http://swatantryam.blogspot.in/2007/08/story-of-free-software-in-kerala-india.html.

[MoLaJ 2009] Ministry of Law and Justice (MoLaJ), The Information Technology (Amendment) Act, 2008. The Gazette of India. February 05. Accessed on July 08, 2015, from http://deity.gov.in/sites/upload_files/dit/files/downloads/itact2000/it_amendment_act2008.pdf.

[MoCaIT 2009] Ministry of Communications and Information Technology (MoCaIT), Notification. The Gazette of India. October 27. Accessed on July 08, 2015, from http://deity.gov.in/sites/upload_files/dit/files/downloads/itact2000/act301009.pdf.

[MoCaIT 2011] Ministry of Communications and Information Technology (MoCaIT), Information Technology (Intermediaries Guidelines) Rules, 2011. The Gazette of India. April 11. Accessed on July 08, 2015, from http://deity.gov.in/sites/upload_files/dit/files/GSR314E_10511%281%29.pdf.

[Noronha 2002] Noronha, Frederick, Linking a Diverse Country: Mailing Lists in India. The Digital Development Network. May 22. Accessed on July 08, 2015, from http://www.comminit.com/ict-4-development/content/linking-diverse-country-mailing-lists-india.

[Pahwa 2015] Pahwa, Nikhil, A List of Section 66A Arrests in India through the Years. Medianama. March 24. Accessed on July 08, 2015, from http://www.medianama.com/2015/03/223-section-66a-arrests-in-india/.

[Prakash 2009] Prakash, Pranesh, Short Note on IT Amendment Act, 2008 . The Centre for Internet and Society. February. Accessed on July 08, 2015, from http://cis-india.org/internet-governance/publications/it-act/short-note-on-amendment-act-2008/.

[Prakash 2011] Prakash, Pranesh, CIS Para-wise Comments on Intermediary Due Diligence Rules, 2011. The Centre for Internet and Society. Accessed on July 08, 2015, from http://cis-india.org/internet-governance/blog/intermediary-due-diligence.

[Prakash 2011 b] Prakash, Pranesh, et al, Open Government Data Study. The Centre for Internet and Society. Accessed on July 08, 2015, from http://cis-india.org/openness/blog/open-government-data-study.

[SFLC] Software Freedom Law Centre (SFLC). Accessed on July 08, 2015, from http://sflc.in/.

[Shah 2011] Shah, Nishant. 2011. Digital AlterNatives with a Cause? The Centre for Internet and Society. Accessed on July 08, 2015, from http://cis-india.org/digital-natives/blog/dnbook.

[Singh 2011] Singh, Dushyant, India's Proposal for a United Nations Committee for Internet-Related Policies. Sixty Sixth Session of the UN General Assembly, New York. October 26. Accessed on July 08, 2015, from http://www.itforchange.net/sites/default/files/ItfC/india_un_cirp_proposal_20111026.pdf.

[SKC] Society for Knowledge Commons. About Us. Accessed on July 08, 2015, from http://www.knowledgecommons.in/about-us/.

[Asia Source] Tactical Technology Collective, Asia Source. Accessed on July 08, 2015, from https://tacticaltech.org/asiasource.

[Tanna 2004] Tanna, Ketan, Internet Censorship in India: Is It Necessary and Does It Work?. Sarai-CSDS Independent Fellowship. Accessed on July 08, 2015, from http://www.ketan.net/INTERNET_CENSORSHIP_IN_INDIA.html.

[CIS] The Centre for Internet and Society. About Us. Accessed on July 08, 2015, from http://cis-india.org/about/.

[CIS 2008] The Centre for Internet and Society. 2008. Annual Report. Accessed on July 08, 2015, from http://cis-india.org/accessibility/annual-report-2008.pdf.

[Sarai 2005] The Sarai Programme, Contested Commons, Trespassing Publics. January 12. Accessed on July 08, 2015, from http://sarai.net/contested-commons-trespassing-publics/.

[Wikipedia 2015] Satish Babu. Wikipedia. Last modified on June 25. Accessed on July 08, 2015, from https://en.wikipedia.org/wiki/Satish_Babu.

For more details visit https://cis-india.org/raw/civil-society-organisations-and-internet-governance-in-india-open-review

Civil Society Organisations and Internet Governance in Asia - Open Review

sumandro — 2015-11-13T05:54:33Z

This is a book section written for the third volume (2000-2010) of the Asia Internet History series edited by Prof. Kilnam Chon. The pre-publication text of the section is being shared here to invite suggestions for addition and modification. Please share your comments via email sent to raw[at]cis-india[dot]org with 'Civil Society Organisations and Internet Governance in Asia - Comments' as the subject line. This text is published under Creative Commons Attribution-NoDerivatives 4.0 International license.

You are most welcome to read the pre-publication drafts of other sections of the Asia Internet History Vol. 3, and share your comments: https://sites.google.com/site/internethistoryasia/book3.

Preparations for the World Summit on the Information Society

The World Summit on the Information Society (WSIS) conferences organized by the United Nations in Geneva (2003) and Tunis (2005) initiated crucial platforms and networks, some temporary and some continued, for various non-governmental actors to intensively and periodically take part in the discussions of governance of Internet and various related activities towards the goals of inclusive development and human rights. Many of the civil society organizations taking part in the WSIS conferences, as well as the various regional and thematic preparatory meetings and seminars, had little prior experience in the topic of Internet governance. They were entering these conversations from various perspectives, such as local developmental interventions, human and cultural rights activism, freedom and diversity of media, and gender and social justice. With backgrounds in such forms of applied practice and theoretical frameworks, members of these civil society organizations often faced a difficult challenge in articulating their experiences, insights, positions, and suggestions in terms of the (then) emerging global discourse of Internet governance and that of information and communication technologies (ICTs) as instruments of development. At the WSIS: An Asian Response Meeting in 2002, Susanna George, (then) Executive Director of Isis International, Manila, succinctly expressed this challenge being faced by the members of civil society organizations:

For some feminist activists however, including myself, it has felt like trying to squeeze my concerns into a narrow definition of what gender concerns in ICTs are. I would like it to Cinderella’s ugly sister cutting off her toe to fit into the dainty slipper of gender concerns in ICTs. The development ball, it seems, can only accommodate some elements of what NGO activists, particularly those from the South, are concerned about in relation to new information and communications technologies. (George 2002)

The above mentioned seminar, held in Bangkok, Thailand, on November 22-24, 2002, was a crucial early meeting for the representatives from Asian civil society organizations to share and shape their understanding and positions before taking part in the global conversations during the following years. The meeting was organised by Bread for All (Switzerland), Communication Rights in the Information Society Campaign (Netherlands), Forum-Asia (Thailand), and World Association for Christian Communication (United Kingdom), as a preparatory meeting before the Asia-Pacific Regional Conference of WSIS, with 34 organizations from 16 Asian countries taking part in it. The Final Document produced at the end of this seminar was quite a remarkable one. It highlighted the simultaneity of Asia as one of the global centres of the information economy and the everyday reality of wide-spread poverty across the Asian countries, and went on to state that the first principle for the emerging global information society should be that the '[c]ommunication rights are fundamental to democracy and human development' (The World Summit on the Information Society: An Asian Response 2002). It proposed the following action items for the efforts towards a global inclusive information society: 1) strengthen community, 2) ensure access, 3) enhance the creation of appropriate content, 4) invigorate global governance, 5) uphold human rights, 6) extend the public domain, 7) protect and promote cultural and linguistic diversity, and 8) ensure public investment in infrastructure (ibid.).

Immediately after this Conference, several Asian civil society organizations attended the Asian Civil Society Forum, organised as part of the Conference of Non-governmental Organizations in Consultative Relations with the United Nations (CONGO), held in Bangkok, Thailand, during December 9-13, 2002. Representatives of Dhaka Ahsania Mission (Bangladesh), OneWorld South Asia (India), GLOCOM (Japan), Foundation for Media Alternative (Philippines), Korean Progressive Network – JINBONET (Republic of Korea), Friedrich Naumann Foundation (Singapore), International Federation of University Women (Switzerland), and Forum Asia (Regional) drafted a Joint Statement emphasising that a 'broad-based participation of civil society, especially from those communities which are excluded, marginalized and severely deprived, is critical in defining and building such a [true communicative, just and peaceful] society' (Aizu 2002). In the very next month, the Asia-Pacific Regional Conference was held in Tokyo during January 13-15, 2003, 'to develop a shared vision and common strategies for the “Information Society' (WSIS Executive Secretariat 2003: 2). The conference saw participation of representatives from 47 national governments, 22 international organizations, 54 private sector agencies, and 116 civil society organizations across the Asia-Pacific region. The Tokyo Declaration, the final document prepared at the conclusion of the Conference, recognized that:

[T]he Information Society must ... facilitate full utilization of information and communication technologies (ICT) at all levels in society and hence enable the sharing of social and economic benefits by all, by means of ubiquitous access to information networks, while preserving diversity and cultural heritage. (Ibid.: 2)

Further, it highlighted the following priority areas of action: 1) infrastructure development, 2) securing affordable, universal access to ICTs, 3) preserving linguistic and cultural diversity and promoting local content, 4) developing human resources, 5) establishing legal, regulatory and policy frameworks, 6) ensuring balance between intellectual property rights (IPR) and public interest, 7) ensuring the security of ICTs, and 8) fostering partnerships and mobilizing resources. It is not difficult to see how the focus of necessary actions shifted from an emphasis on concerns of community and human rights, and public investments and commons, towards those of legal and policy mechanisms, multi-partner delivery of services, and intellectual property rights. Civil society organizations, expectedly, felt sidelined in this Conference, and decided to issue a join statement of Asian civil society organizations to ensure that their positions are effectively presented. The first two topics mentioned in this document were: 1) '[c]ommunication rights should be fully recognized as a fundamental and universal human right to be protected and promoted in the information society,' and 2) '[t]he participation of civil society in the information society at all levels should be ensured and sustained, from policy planning to implementation, monitoring and evaluation' (UNSAJ et al 2003). The joint statement was endorsed by 30 civil society organizations: UDDIPAN (Bangladesh); COMFREL (Cambodia); ETDA (East Timor); The Hong Kong Council of Social Services (Hong Kong); Food India, IT for Change (India); Indonesian Infocom Society (Indonesia); Active Learning, CPSR, Forum for Citizens' Television and Media, JTEC, Kyoto Journal, Ritsumeikan University Media Literacy Project, UNSAJ (Japan); Computer Association Nepal, Rural Area Development Programme (Nepal); APC Women's Networking Support Programme, Foundation for Media Alternatives, ISIS International (Philippines); Citizens' Action Network, Korean Progressive Network – Jinbonet, Labor News Production, ZAK (Republic of Korea); e-Pacificka Consulting (Samoa); National University of Singapore (Singapore); Public Television Service, Taiwan Association for Human Rights (Taiwan); Asian-South Pacific Bureau for Adult Education, FORUM ASIA, and TVE Asia Pacific (Regional) (Ibid.).

Participation in the WSIS Process

The first WSIS conference was held in Geneva in December 2003. Through the processes of organizing this conference, and the second one in Tunis in November 2005, United Nations expressed a clear intention of great participation of actors from the private companies, civil society, academia, and media, along with the governmental organizations. During the first meeting of the WSIS Preparatory Committee (PrepCom-1) in Geneva, during July 1-5, 2002, the civil society organizations demanded that they should be allowed to co-shape the key topics to be discussed during the first conference (2003). There was already an Inter-Governmental Subcommittee on Contents and Themes, but no equivalent platform for the civil society organizations was available. With the approval of the Civil Society Plenary (CSP), the Civil Society Subcommittee on Content and Themes (WSIS-SCT) was instituted during PrepCom-1 (WSIS-SCT 2003b). At the second WSIS Preparatory Committee meeting (PrepCom-2) in Geneva, during February 17-28, 2003, the WSIS-SCT produced a summary of the views of its members titled 'Vision and Principles of Information and Communication Societies,' and also a one page brief titled 'Seven Musts: Priority Principles Proposed by Civil Society' to be used for lobbying purposes (Ibid.). This brief mentioned seven key principles of Internet governance identified by the civil society organization taking part in the WSIS process: (1) sustainable development, (2) democratic governance, (3) literacy, education, and research, (4) human rights, (5) global knowledge commons, (6) cultural and linguistic diversity, and (7) information security (WSIS-SCT 2003a).

Asian civil society organizations that took part in the PrepCom-2 meeting included United Nations Association of China (China); CASP - Centre for Adivasee Studies and Peace, C2N - Community Communications Network (India); ICSORC - Iranian Civil Society Organizations Resource Center (Iran); GAWF - General Arab Women Federation (Iraq); Daisy Consortium, GLOCOM - Center for Global Communications (Japan); Association for Progressive Communication, Global Knowledge Partnership (Malaysia); Pakistan Christian Peace Foundation (Pakistan); WFEO - World Federation of Engineering Organization (Palestine); Asian South Pacific Bureau of Adult Education, Foundation for Media Alternatives, ISIS International – Manila (Philippines); Korean Progressive Network - Jinbonet (Republic of Korea); IIROSA - International Islamic Relief Organization (Saudi Arabia); and Taking IT Global (India, Indonesia, Malaysia, Philippines, and Turkey) (ITU 2003a).

All these efforts led to development of the Civil Society Declaration to the World Summit on the Information Society, which was prepared and published by the Civil Society Plenary at the Geneva conference, on December 08, 2003. The Declaration was titled 'Shaping Information Societies for Human Needs' (WSIS Civil Society Plenary 2003). The Asian civil society organization that took part in the Geneva conference were BFES - Bangladesh Friendship Education Society, Drik, ICTDPB - Information & Communication Technology Development Program, Proshika - A Center for Human Development (Bangladesh); China Society for Promotion of the Guangcai Programme, Chinese People's Association for Friendship with Foreign Countries, United Nations Association of China (China); The Hong Kong Council of Social Service (Hong Kong); CASP - Centre for Adivasee Studies and Peace, Childline India Foundation / Child Helpline International, DAWN - Development Alternatives with Women for a New Era (India); Communication Network of Women's NGOs in Iran, Green front of Iran, ICTRC - Iranian Civil Society Organizations Training and Research Center, Islamic Women's Institute of Iran, Institute for Women's Studies and Research, Organization for Defending Victims of Violence (Iran); ILAM - Center for Arab Palestinians in Israel (Israel); Citizen Digital Solutions, Forum for Citizens' Television and Media, GLOCOM - Center for Global Communications, JCAFE - Japan Computer Access for Empowerment, Soka Gakkai International (Japan); LAD-Nepal - Literary Academy for Dalit of Nepal (Nepal); Asia-Pacific Broadcasting Union, Global Knowledge Partnership (Malaysia); PAK Educational Society / Pakistan Development Network, SMEDA - Small & Medium Enterprise Development Authority (Pakistan); Palestine IT Association of Companies (Palestine); Isis International – Manila, Ugnayan ng Kababaihan sa Pulitika / Philippine Women's Network in Politics and Governance (Philippines); Citizen's Alliance for Consumer Protection of Korea, Korean Civil Society Network for WSIS (Republic of Korea); Youth Challenge (Singapore); Association for Progressive Communications (India and Philippines), CITYNET - Regional Network of Local Authorities for the Management of Human Settlements (India. Mongolia, and Philippines), Taking IT Global (India and Philippines) (ITU 2003b).

As the preparatory meetings and consultations towards the second WSIS conference advanced during the next year, the Asian civil society organizations attempted to engage more directly with the global Internet governance processes on one hand, and the national Internet and ICT policy situations on the other. Writing about their encounters at and before the second Preparatory Committee meeting of the Tunis conference, held in Geneva during February 17-25, 2005, Anita Gurumurthy and Parminder Jeet Singh made several early observations that have continued to resonate with the experiences of Asian civil society organizations throughout the decade (Gurumurthy & Singh 2005). Firstly, they indicated that the government agencies present in the dialogues tend to take diverging positions in international events and domestic contexts. Secondly, there was a marked absence of formal and informal discussions between the governmental and the civil society representatives of the same country present at the meeting. The government agencies were clearly disinterested in involving civil society organizations in the process. Thirdly, the civil society actors present in the meeting were mostly from the ICT for Development sector, and the organizations working in more 'traditional' sectors – such as education, health, governance reform, etc. – remained absent from the conversations. This is especially problematic in the case of such developing countries where there does not exist strategic linkages between civil society organizaions focusing on topics of technologized developmental interventions, and those involved in more 'traditional' development practices. Rekha Jain, in a separate report on the Indian experience of participating in the WSIS process, re-iterates some of these points (Jain 2006). She notes that '[w]hile the Secretary, [Department of Telecommunications, Government of India] was involved in (PrepCom-1) drafting the initial processes for involvement of NGOs, at the national level, this mechanism was not translated in to a process for involving the civil society or media' (Ibid.: 14).

The frequent lack of interest of national governments, especially in the Asian countries, to engage with civil society organizations on matters of policies and projects in Internet governance and ICTs for development (Souter 2007), further encouraged these organization to utilise the global discussion space opened up by the WSIS process to drive the agendas of democratisation of Internet governance processes, and protection and advancement of human rights and social justice. The second WSIS conference held in Tunis, during November 16-18, 2005, however, did not end in a positive note for the civil society organizations as a whole. The sentiment is aptly captured in the title of the Civil Society Statement issued after the Tunis Conference: 'Much more could have been achieved' (WSIS Civil Society Plenary 2005). Apart from producing this very important critical response to the WSIS process, within a month of its conclusions, the civil society organization contributed effectively in one of the more longer-term impacts of the process – the establishment of the Internet Governance Forums (IGFs). Immediately after the publication of the Report of the Working Group on Internet Governance (Desai et al) in June 2005, the Center for Global Communications (GLOCOM), Japan, acting on behalf of the Civil Society Internet Governance Caucus, came forward with public support for 'the establishment of a new forum to address the broad agenda of Internet governance issues, provided it is truly global, inclusive, and multi-stakeholder in composition allowing all stakeholders from all sectors to participate as equal peers' (WSIS Civil Society Internet Governance Caucus 2005: 3).

Asian Civil Society Organizations at the IGFs

In 2006, the WSIS Civil Society Internet Governance Caucus was reformed and established as a permanent 'forum for discussion, advocacy, action, and for representation of civil society contributions in Internet governance processes' (Civil Society Internet Government Caucus 2006). Representatives from Asian civil society organizations have consistently played critical roles in the functionings of this Caucus. Youn Jung Park of the Department of Technology and Society, SUNY Korea, co-founded and co-coordined the original Caucus in 2003. Adam Peake of the Center for Global Communications (GLOCOM), International University of Japan, was co-coordinator of the original Caucus from 2003 to 2006. Parminder Jeet Sing of IT for Change, India, was elected as one of the co-cordinators of the newly reformed Caucus in 2006, with the term ending in 2008. Izumi Aizu of the Institute for HyperNetwork Society and the Institute for InfoSocinomics, Tama University, Japan served as the co-coordinator of the Caucus during 2010-2012.

The first Internet Governance Forum organized in Athens, October 30 – November 2, 2006, saw participation from a very few Asian civil society organizations, mostly from Bangladesh and Japan (IGF 2006). The second Internet Governance Forum in Rio de Janeiro, November 12-15, 2007 had a wider representation from Asian civil society organizations: Bangladesh NGOs Network for Radio and Communication, BFES - Bangladesh Friendship Education Society, VOICE – Voices for Interactive Choice and Empowerment (Bangladesh); China Association for Science and Technology, Internet Society of China (China); University of Hong Kong (Hong Kong); Alternative Law Forum (via Association for Progressive Communications - Women's Networking Support Programme), Indian Institute of Technology in Delhi, IT for Change (India); GLOCOM, Kumon Center, Tama University (Japan); Sustainable Development Networking Programme (Jordan); Kuwait Information Technology Society (Kuwait); Assocation of Computer Engineers – Nepal, Rural Area Development Programme, Nepal Rural Information Technology Development Society (Nepal); Bytesforall – APC / Pakistan, Pakistan Christian Peace Foundation (Pakistan); Foundation for Media Alternatives, Philippine Resources for Sustainable Development Inc. (Philippines); and LIRNEasia (Sri Lanka). At the Open IGF Consultations in Geneva, on February 26 2008, the Internet Governance Caucus made two significant submissions: 1) that, although structuring the IGF sessions in Athens and Rio de Janeiro around the large themes of access, openness, diversity, and security have been useful to open up the multi-stakeholder dialogues, it is necessary to begin focused discussions of specific public policy issues to take the IGF process forward (Civil Society Internet Governance Caucus 2008a), and 2) that the Multi-Stakeholder Advisory Group (MAG), which drives the IGF process and events, should be made more proactive and transparent, and expanded in size so as to better include the different stakeholder groups who may self-identify their representatives for the MAG (Civil Society Internet Governance Caucus 2008b).

On one hand, the IGF Hyderabad, December 3-6, 2008, experienced a decline in the percentage of participants from civil society organizations and a rather modest increase in the percentage of participants from Asian countries (see: 6.1.5. Annexe – Tables), especially since this was the first major international Internet governance summit held in an Asian country. On the other hand, the Civil Society Internet Governance Caucus succeeded to bring forth the term 'enhanced cooperation,' as mentioned in the Tunis Agenda, to be addressed and discussed in one of the main sessions of the Forum (IGF 2008). The next IGF held in Sharm El Sheikh, November 15-18, 2009, saw further decline of participation from both the representatives of civil society organizations, and the attendees from Asian countries (see: 6.1.5. Annexe – Tables). In this context, Youn Jung Park made the following statement in the Stock Taking session of the summit:

As a cofounder of WSIS Civil Society Internet Governance Caucus in 2003, I would like to remind you ... [that] Internet Governance Forum was created as a compromise between those who supported the status quo Internet governance institution under one nation's status provision, and those who requested for more balanced roles for governments under international supervision of the Internet. While IGF has achieved a great success of diluting of such political tension between those who have different views of how to institutionalize Internet governance, ironically Internet governance forum became a forum without governance... [We] have to admit [that] IGF failed to deliver another mandate of the U.N. WSIS: Continuing discussion of how to design Internet governance institutions... The current IGF continues to function as knowledge transfer of ICANN's values to other stakeholders, while those who want to discuss and negotiate on how to design Internet governance institutions should have another platform for that specific U.N. WSIS mandate. (IGF 2009)

The first Asia Pacific Regional Internet Governance Forum (APrIGF) was held in Hong Kong on June 14-16, 2010. The organising committee included three civil society / acadmic organizations – Center for Global Communications (GLOCOM), Internet Society Hong Kong, and National University of Singapore – and three indpendent experts – Kuo-Wei Wu (Taiwan), Norbert Klein (Cambodia), and Zahid Jamil (Pakistan). Though the Forum had dominant presence from government and private sector participants, several representatives from Asian civil society / academic organizations spoke at the sessions: Ang Peng Hwa (Singapore Internet Research Centre, Nanyang Technological University), Charles Mok (Internet Society Hong Kong), Christine Loh (Civic Exchange), Chong Chan Yau (Hong Kong Blind Union), Clarence Tsang (Christian Action), Ilya Eric Lee (Taiwan E-Learning and Digital Archives Program, and Research Center for Information Technology Innovation), Izumi Aizu (Institute for HyperNetwork Society, and Institute for InfoSocinomics, Kumon Center, Tama University), Oliver “Blogie” Robillo (Mindanao Bloggers Community), Parminder Jeet Singh (IT for Change), Priscilla Lui (Against Child Abuse in Hong Kong), Tan Tin Wee (Centre for Internet Research, National University of Singapore), and Yap Swee Seng (Asian Forum for Human Rights and Development). As Ang Peng Hwa noted at the beginning of the summit, its key objective was to provide a formal space for various stakeholders from the Asia-Pacific region to discuss and provide inputs to the IGF process (APrIGF 2010). The regional forum was successful in enabling newer civil society entrants from the Asia-Pacific region to familiarize themselves with the IGF process, and to contribute to it. Oliver “Blogie” Robillo, represented and submit recommendations from Southeast Asian civil society organizations at IGF Vilnius, September 14-17, 2010, which was the first time he took part in the summit series. He emphasised the following topics: 1) openness and freedom of expression are the basis of democracy, and state-driven censorship of Internet in the region is an immediate threat to such global rights, 2) coordinated international efforts need to address and resolve not only global digital divides, but also the divides at regional, national, and sub-nationals scales, 3) the right to privacy is an integral part of cybersecurity, as well as a necessary condition for exercising human rights, 4) global Internet governance efforts must ensure that national governments do not control and restrict abilities of citizens to express through digital means, and it should be aligned with the universal human rights agenda, and 5) even after 5 years of the IGF process, a wider participation of civil society organizations, especially from the Asia-Pacific regions, remains an unachieved goal, which can only be achived if specific resources are allocated and processes are implemented (IGF 2010).

Internet Censorship and Civil Society Responses

Throughout the decade of 2000-2010, censorship of Internet and restriction of digital expression remained a crucial Internet rights concern across the world, and especially the Asian countries. One of the earliest global reports on the matter was brought out by the Reporters without Borders. In 2006, it published a list of countries marked as 'Internet Enemies' that featured 16 countries, out of which 11 were from Asia: China, Iran, Maldives, Myanmar (then, Burma), Nepal, North Korea, Saudi Arabia, Syria, Turkmenistan, Uzbekistan, and Vietnam (Reporters without Borders 2006). The list was updated in 2007, and three of these countries – Libya, Maldives, and Nepal – were taken off (Ibid.). The unique contradictions of the Asian region were sharply foregrounded in the 2006-07 report on Internet censorship by OpenNet Initiative, which noted:

Some of the most and least connected countries in the world are located in Asia: Japan, South Korea, and Singapore all have Internet penetration rates of over 65 percent, while Afghanistan, Myanmar, and Nepal remain three of thirty countries with less than 1 percent of its citizens online. Among the countries in the world with the most restricted access, North Korea allows only a small community of elites and foreigners online. Most users must rely on Chinese service providers for connectivity, while the limited number North Korean–sponsored Web sites are hosted abroad... [T]hough India’s Internet community is the fifth largest in the world, users amounted to only about 4 percent of the country’s population in 2005. Afghanistan, Myanmar, and Nepal are among the world’s least-developed countries. Despite the constraints on resources and serious developmental and political challenges, however, citizens are showing steadily increasing demand for Internet services such as Voice-over Internet Protocol (VoIP), blogging, and chat. (Wang 2007)

The report further described the strategy used by various Asian governments of 'delegation of policing and monitoring responsibilities to ISPs, content providers, private corporations, and users themselves' (Ibid.) These mechanisms enforce self-surveillance and self-censorship in the face of threats of loss of commercial license, denial of services, and even criminal liability. Defamation suits and related civil and criminal liability have also been used by several Asian governments to silence influential critics and protesters. Direct technical filtering of Internet traffic (especially inwards traffic) and blocking of URLS via government directives sent to Internet Service Providers (ISPs) have also been common practice in key Asian countries (Ibid.). Expectedly, such experiences of oppression led to widespread campaigns and communications by the Asian civil society organizations, as can be sensed from the above mentioned submission by Oliver “Blogie” Robillo at IGF Vilnius.

Among the Asian countries, the comprehensive technologies of censorship developed and deployed by China has been studied most extensively. The Golden Shield Project was initiated by the Ministry of Public Security of China in 1998 to undertake blanket blocking of incoming Internet traffic based on specific URLs and terms. Evidences of the project getting operationalised became available in 2003 (Garden Networks for Freedom of Information 2004). Censorship of Internet in China, however, has not only been dependent on such sophisticated systems. In 2003, it was made mandatory for all residents of Lhasa, Tibet, to use a specific combination and password to access Internet, which was directly linked to their names and address. An Internet ID Card was issued by the government to implement this (International Campaign for Tibet. 2004). Tibet Action Institute has been a key civil society organization at the forefront of cyber-offensive of the Chinese government. A recent documentary by the Institute, titled 'Tibet: Frontline of the New Cyberwar,' has narrated how it has worked closely with the Citizen Lab, Munk School of Global Affairs, University of Toronto, to identify, trace, and resist the malware- and other cyber-attacks experienced by the civil society actors and websites in favor of independence of Tibet (Tibet Action Institute 2015). Not only activists supporting the Tibetan cause, digital security training emerged as an important aspect of the life of civil society organizations during the decade. Asian organizations like Bytes for All (Pakistan) and Myanmar ICT for Development Organization (Mynamar), as well as international organizations like Front Line Defenders and Citizen Lab have educated and supported civil society activities much beyond the Internet governance sphere with tools and techniques for effectively using digital channels of communications, and defending themselves for cyber-threats.

Combination of traditional forms of civil society mobilizations and digital techniques have often been used resist attempts by Asian governments to control the online communication space. Huma Yusuf has extensively studied the emergence of hybrid media strategies, using both old media channels like newspapers and new media channels like blogs and video sharing platforms, among citizen journalists and civil society activists in Pakistan as the government took harsh steps towards control of both traditional and online media during 2007-2008 (Yusuf 2009). She has carefully traced how possibilities of new forms of information and media sharing enabled by Internet were initially identified and implemented by citizen journalists and student activists, which was quickly learned and re-deployed by more formal organisation, such as print and electronic news companies, and civil society organizations like those involved in election monitoring (Ibid.). Malaysia also experienced fast-accelerating face-off between the government and the civil society during 2007-2010, as the former started intervening directly into censoring blogs and newspaper websites. On one hand, the government took legal actions against critical bloggers, either directly or indirectly, and on the other it instructed ISPs to block 'offensive content.' It also borrowed the 'Singapore-model' to mandate registration of bloggers with government authorities, if they are identifed as writing on socio-political topics. The civil society actors responded to these oppressive steps by setting up a new blog dedicated to coverage of the defamation cases (filed against prominent bloggers), and publicly sharing instructions for circumvention of the blocks imposed by ISPs. The National Alliance of Bloggers was soon formed, which organised the “Blogs and Digital Democracy” forum on October 3, 2007 (Thien 2011: 46-47). Similarly, Bloggers Against Censorship campaign took shape in India in 2006 as the government first directed ISPs to block specific blogs hosted on Blogspot, TypePad, and Yahoo! Geocities, and then went for complete blocking of Yahoo! Geocities as the ISPs failed to block specific sub-domains of the platform (Bloggers Collective Group 2006). Learning from this experience, the following year Indian government decided to work directly with Orkut to take down 'defamatory content' about a politician (The Economic Times 2007). This is common for other Asian governments too, as they have continued to develop more legally binding and technically sophisticated measures to monitor and control online expression.

In the 'Internet Enemies Report 2012,' Reporters without Borders listed 12 countries as 'enemies of the Internet,' out of which 10 were from Asia – Bahrain, China, Iran, Myanmar, North Korea, Saudi Arabia, Syria, Turkmenistan, Uzbekistan, and Vietnam – and it named 14 countries that are conducting surveillance on its citizens, out of which 7 were from Asia – India, Kazakhstan, Malaysia, South Korea, Sri Lanka, Thailand, and United Arab Emirates (Reporters without Borders 2012). At the APrIGF held in Tokyo, July 18-20, 2012, a group of delegates from civil society organizations working in the South-East Asian region issued a joint statement with a clear call for global action against the shrinking space for freedom of (digital) expression in the region (Thai Netizen Network et al 2012). They specifically noted the following national acts as examples of the legislative mechanisms being used by different Asian governments to criminalize online speech and/or to harass public dissenters:

Burma – The 2004 Electronic Transactions Act
Cambodia – The 2012 Draft Cyber-Law, the 1995 Press Law, and the 2010 Penal Code
Malaysia – The 2012 Amendment to the Evidence Act and the 2011 Computing Professionals Bill
Indonesia – The 2008 Law on Information and Electronic Transaction and the 2008 Law on Pornography
The Philippines – The 2012 Data Privacy Act
Thailand – The 2007 Computer Crimes Act, the Article 112 of the Penal Code, and the 2004 Special Case Investigation Act
Vietnam – The 1999 Penal Code, the 2004 Publishing Law, the 2000 State Secrets Protection Ordinance, and the 2012 Draft Decree on Internet Management. (Ibid.)

The statement was co-signed by Thai Netizen Network, Thai Media Policy Centre, The Institute for Policy Research and Advocacy (ELSAM), Southeast Asian Press Alliance (SEAPA), Southeast Asian Centre for e-Media (SEACeM), Victorius (Ndaru) Eps, Community Legal Education Center (CLEC), Sovathana (Nana) Neang, Asian Forum for Human Rights and Development (FORUM-ASIA), and was endorsed by ICT Watch (Indonesian ICT Partnership Association).

Annexe – Tables

Table 1: Participation from Asian Countries and of representatives from Asian civil society organisations in IGFs, 2006-2010

Event	Participants from Asian Countries	Participants from Civil Society Organizations
IGF Athens 2006	11%	29%
IGF Rio de Janeiro 2007	13%	32%
IGF Hyderabad 2008	56% from India, and 15% from other Asian countries	25%
IGF Sharm El Sheikh 2009	17%	19%
IGF Vilnius 2010	Not Available	Not Available

Source: Reports available on Internet Governance Forum website (http://igf.wgig.org/cms).

Table 2: Internet Society Chapters in Asia

Chapter	Year of Establishment	URL
Afghanistan	In formation	Not available
Bahrain	2001	http://www.bis.org.bh/
Bangladesh	2011	http://www.isoc.org.bd/dhaka/
Hong Kong	2005	http://www.isoc.hk/
India (Bangalore)	2010	http://www.isocbangalore.org/
India (Chennai)	2007	http://www.isocindiachennai.org/
India (Delhi)	2002. Rejuvenated in 2008.	http://www.isocdelhi.in/
India (Kolkata)	2009	http://isockolkata.in/
India (Trivandrum)	2015	Not available
Indonesia	2014	http://www.isoc.or.id/
Israel	1995	http://www.isoc.org.il/
Japan	1994	http://www.isoc.jp/
Lebanon	2010	http://www.isoc.org.lb/
Malaysia	2010	http://www.isoc.my/
Nepal	2007	http://www.internetsociety.org.np/
Pakistan (Islamabad)	2013	http://www.isocibd.org.pk/
Palestine	2002	http://www.isoc.ps/
Philippines	1999. Rejuvenated in 2009.	https://www.facebook.com/isoc.ph/
Qatar	2011	http://www.isoc.qa/
Republic of Korea	2014	Not available
Singapore	2011	http://isoc.sg/
Sri Lanka	2010	http://www.isoc.lk/
Taipei	1996	http://www.isoc.org.tw/
Thailand	1996	http://www.isoc-th.org/
United Arab Emirates	2007	http://www.isocuae.com/
Yemen	2013	http://isoc.ye/

Source: Details of chapters available on Internet Society website (http://www.internetsociety.org/).

Reference

Aizu, Izumi et al. 2002. Joint Statement from Asia Civil Society Forum Participants on World Summit on the Information Society (WSIS). December 13. Accessed on July 08, 2015 from http://www.wsisasia.org/wsis-acsf2002/wsis-acsfdec13f.doc.

Asia Pacific Regional Internet Governance Forum (APrIGF). 2010. APrIGF Roundtable – June 15th, 2010: Session 1 – Welcome Remarks and Introduction – Real Time Transcript. Accessed on July 08, 2015 from http://2010.rigf.asia/aprigf-roundtable-june-15th-2010-session-1/.

Bloggers Collective Group. 2006. Bloggers Against Censorship. Last updated on April 30, 2009‎. Accessed on July 08, 2015, from http://censorship.wikia.com/wiki/Bloggers_Against_Censorship.

Civil Society Internet Governance Caucus. 2006. Internet Governance Caucus Charter. October 14. Accessed on July 08, 2015, from http://igcaucus.org/old/IGC-charter_final-061014.html.

Civil Society Internet Governance Caucus. 2008a. Inputs for the Open IGF Consultation, Geneva, 26th February, 2008 – Statement II: Main Session Themes for IGF, Hyderabad. February 26. Accessed on July 08, 2015, from http://igcaucus.org/old/IGC%20-%20Main%20themes%20for%20IGF%20Hyd.pdf.

Civil Society Internet Governance Caucus. 2008b. Inputs for the Open IGF Consultation, Geneva, 26th February, 2008 – Statement III: Renewal / Restructuring of Multi-stakeholder Advisory Group. February 26. Accessed on July 08, 2015, from http://igcaucus.org/old/IGC%20-%20MAG%20Rotation.pdf.

Desai, Nitin, et al. 2005. Report of the Working Group on Internet Governance. United June. Accessed on July 08, 2015 from http://www.wgig.org/docs/WGIGREPORT.pdf.

Garden Networks for Freedom of Information. 2004. Breaking through the “Golden Shield.” Open Society Institute. November 01. Accessed on July 08, 2015 from https://www.opensocietyfoundations.org/sites/default/files/china-internet-censorship-20041101.pdf.

George, Susanna. 2002. Women and New Information and Communications Technologies: The Promise of Empowerment. Presented at The World Summit on the Information Society: An Asian Response Meeting, November 22-24. Accessed on July 08, 2015 from http://www.wsisasia.org/materials/susanna.doc/.

Gurumurthy, Anita, & Parminder Jeet Singh. 2005. WSIS PrepCom 2: A South Asian Perspective. Association for Progressive Communications. April 01. Accessed on July 08, 2015, from https://www.apc.org/en/news/hr/world/wsis-prepcom-2-south-asian-perspective.

Internet Governance Forum (IGF). 2006. Athens 2006 – List of Participants. Accessed on July 08, 2015, from http://www.intgovforum.org/PLP.html.

Internet Governance Forum (IGF). 2008. Arrangements for Internet Governance, Global and National/Regional. IGF Hyderabad, India. December 5. Accessed on July 08, 2015, from https://web.archive.org/web/20130621205004/http://www.intgovforum.org/cms/hyderabad_prog/AfIGGN.html [Original URL: http://www.intgovforum.org/cms/hyderabad_prog/AfIGGN.html].

Internet Governance Forum (IGF). 2009. Taking Stock and Looking Forward – On the Desirability of the Continuation of the Forum, Part II. IGF Sharm El Sheikh, Egypt. November 18. Accessed on July 08, 2015, from http://www.intgovforum.org/cms/2009/sharm_el_Sheikh/Transcripts/Sharm%20El%20Sheikh%2018%20November%202009%20Stock%20Taking%20II.txt.

Internet Governance Forum (IGF). 2010. Taking Stock of Internet Governance and the Way Forward. IGF Vilnius, Lithuania. September 17. Accessed on July 08, 2015, from http://igf.wgig.org/cms/component/content/article/102-transcripts2010/687-taking-stock.

International Campaign for Tibet. 2004. Chinese Authorities Institute Internet ID Card System in Tibet for Online Surveillance. April 30. Accessed on July 08, 2015, from http://www.savetibet.org/chinese-authorities-institute-internet-id-card-system-in-tibet-for-online-surveillance/.

International Telecommunication Union (ITU). 2003a. PrepCom-2 / 17-28 February 2003 – Final List of Participants. February 28. Accessed on July 08, 2015, from http://www.itu.int/wsis/participation/prepcom2/prepcom2-cl.pdf.

International Telecommunication Union (ITU). 2003b. Geneva Phase of the WSIS: List of Participants. Accessed on July 08, 2015, from http://www.itu.int/wsis/docs/geneva/summit_participants.pdf.

Jain, Rekha. 2006. Participation of Developing Countries in the World Summit on the Information Society (WSIS) Process: India Case Study. Association for Progressive Communications. March. Accessed on July 08, 2015 from http://rights.apc.org/documents/wsis_india.pdf.

Reporters without Borders. 2006. List of the 13 Internet Enemies. Last updated on August 28, 2007. Accessed on July 08, 2015 from http://en.rsf.org/list-of-the-13-internet-enemies-07-11-2006,19603.

Reporters without Borders. 2012. Internet Enemies Report 2012. Accessed on July 08, 2015 from http://en.rsf.org/IMG/pdf/rapport-internet2012_ang.pdf.

Souter, David. 2007. WSIS and Civil Society. In: Whose Summit? Whose Information Society? Developing Countries and Civil Society at the World Summit on the Information Society. With additional research by Abiodun Jagun. Association for Progressive Communications. Pp. 72-89. Accessed on July 08, 2015 from http://rights.apc.org/documents/whose_summit_EN.pdf.

Thai Netizen Network et al. 2012. Southeast Asian Civil Society Groups Highlight Increasing Rights Violations Online, Call for Improvements to Internet Governance Processes in the Region. Statement of Civil Society Delegates from Southeast Asia to 2012 Asia-Pacific Regional Internet Governance Forum (APrIGF). July 31. Accessed on July 08, 2015 from https://freedomhouse.org/sites/default/files/AprIGF-Joint%20Statement-FINAL.pdf.

The Economic Times. 2007. Orkut's Tell-All Pact with Cops. May 01. Accessed on July 08, 2015 from http://articles.economictimes.indiatimes.com/2007-05-01/news/28459689_1_orkut-ip-addresses-google-spokesperson.

The World Summit on the Information Society: An Asian Response. 2002. Final Document. Accessed on July 08, 2015 from http://www.wsisasia.org/materials/finalversion.doc.

Thien, Vee Vian. 2011. The Struggle for Digital Freedom of Speech: The Malaysian Sociopolitical Blogosphere’s Experience. In: Ronald Deibert et al. (eds.) Access Contested. OpenNet Initiative. Pp. 43-63. Accessed on July 08, 2015 from http://access.opennet.net/wp-content/uploads/2011/12/accesscontested-chapter-03.pdf.

Tibet Action Institute. 2015. Tibet: Frontline of the New Cyberwar. YouTube. January 27. Accessed on July 08, 2015 from https://www.youtube.com/watch?v=yE3AQqbGVkk.

UNSAJ et al. 2003. Civil Society Observations and Response to the Tokyo Declaration. Asia-Pacific Regional Conference on the World Summit on the Information Society. January 15. Accessed on July 08, 2015 from http://www.wsisasia.org/wsis-tokyo/tokyo-statement.html.

Wang, Stephanie. 2007. Internet Filtering in Asia in 2006-2007. OpenNet Initiative. Accessed on July 08, 2015, from https://opennet.net/studies/asia2007.

WSIS Civil Society Internet Governance Caucus. 2005. Initial Reactions to the WGIG Report. Contribution from GLOCOM on behalf of the WSIS Civil Society Internet Governance Caucus. July 19. Accessed on July 08, 2015, from www.itu.int/wsis/%20docs2/pc3/contributions/co23.doc.

WSIS Civil Society Plenary. 2003. “Shaping Information Societies for Human Needs” – Civil Society Declaration to the World Summit on the Information Society. December 8. Accessed on July 08, 2015, from http://www.itu.int/wsis/docs/geneva/civil-society-declaration.pdf.

WSIS Civil Society Plenary. 2005. “Much more could have been achieved” – Civil Society Statement on the World Summit on the Information Society. December 18. Accessed on July 08, 2015, from https://www.itu.int/wsis/docs2/tunis/contributions/co13.pdf.

WSIS Civil Society Subcommittee on Content and Themes. 2003a. “Seven Musts”: Priority Principles Proposed by Civil Society. February 25. Accessed on July 08, 2015, from http://www.movimientos.org/es/foro_comunicacion/show_text.php3%3Fkey%3D1484.

WSIS Civil Society Subcommittee on Content and Themes. 2003b. Final Report on Prepcom-2 Activities of the Civil Society on Content and Themes. March 27. Accessed on July 08, 2015, from http://www.itu.int/wsis/docs/pcip/misc/cs_sct.pdf.

WSIS Executive Secretariat. 2003. Report of the Asia-Pacific Regional Conference for WSIS (Tokyo, 13-15 January 2003). WSIS. Accessed on July 08, 2015, from http://www.itu.int/dms_pub/itu-s/md/03/wsispc2/doc/S03-WSISPC2-DOC-0006!!PDF-E.pdf.

Yusuf, Huma. 2009. Old and New Media: Converging during the Pakistan Emergency (March 2007 - February 2008). MIT Centre for Civic Media. January 12. Accessed on July 08, 2015, from https://civic.mit.edu/blog/humayusuf/old-and-new-media-converging-during-the-pakistan-emergency-march-2007-february-2008.

For more details visit https://cis-india.org/raw/civil-society-organisations-and-internet-governance-in-asia-open-review

Civil society and Internet Governance: practices from Southeast Asia and beyond

praskrishna — 2013-11-19T09:29:44Z

On 21 October, the day before the opening of the 2013 Internet Governance Forum in Indonesia, Hivos’ Southeast Asia Regional Office co-organised a pre-event workshop with ID-CONFIG, “Civil Society and Internet Governance: Multi-Stakeholder Engagement Practices from Southeast Asia and Beyond,” at the Bali Nusa Dua Convention Centre.

Click to read the original published by Hivos on October 31.

Recognising that the IGF has been a global project for the past eight years, the workshop provided a critical perspective to the forum’s impact on local civil society organisations. In the past, the IGF has been criticised for focusing on policy-level IG debates that lack grassroots, on-the-ground applications. Additionally, it is has been challenged to demonstrate the relevance of IG policies for civil society organisations, which frequently have limited understanding of and involvement in the issue.

By drawing empirical case studies from different regions of Asia, the aim of the workshop was to help civil society organisations find a relevant role in IG and explore how IG frameworks with a focus on the role of civil society can be applied in developing regions to uphold the right of citizens to express themselves through the Internet.

Five speakers discussed the intersections between Internet Freedom and Internet Governance: Arthit Suriyawongkul (Thai Netizen Network, Thailand), Shahzad Ahmad (Bytes 4 All, Pakistan), Donny Budhi Utoyo (ICTWatch, Indonesia), Lobsang Gyatso Sither (Tibet Action Institute), and Pranesh Prakash (Center for Internet and Society, India). Attended by approximately 70 participants, the discussions revolved around the varying feasibility of a multi-stakeholder platform in different political contexts.

The speakers represent civil society organisations in vastly different political environments in South Asia, Southeast Asia and East Asia. They all continuously pointed out how emerging democratic movements are often counterbalanced by political power concentrated in existing state institutions. In such state-centric Internet Governance contexts, civil society organisations are often pitted against official censorship and filtering attempts. While speakers from relatively more democratic countries, namely India and Indonesia, showcased examples of how civil society organisations have engaged the government in Internet policy-making, those from Thailand and Pakistan illustrated the need for a strong litigation capacity for public interests in order to defend citizens from state infringement of their rights. At the other end of the spectrum, Gyatso Sither emphasised the importance of safeguarding Tibetan activists in the homeland and in the diaspora from surveillance by the Chinese state, whose latest strategies have included interceptions, targeted malware, and cyber attacks.

Nonetheless, civil society organisations are uniquely placed to engage both government agencies, as providers of regulatory frameworks, and the private sector, as the primary provider of ICT infrastructure, to demand equitable access to the Internet and maintain the freedom to expression online. Through an ideal multi-stakeholder framework, civil society organisations can empower communities by strategically using ICT to uphold transparency and accountability.

For more details visit https://cis-india.org/news/hivos-october-31-2013-civil-society-and-internet-governance-practices-southeast-asia-and-beyond

Civil society & industry oppose India’s plans to modify ITRs

praskrishna — 2012-11-30T09:42:17Z

Industry fears ITU control over Internet; excessive content control and surveillance an issue for civil society.

Shalini Singh's article was published in the Hindu on November 23, 2012.

India’s proposal on International Telecommunications Regulations (ITRs), submitted last month to the International Telecommunications Union (ITU), the U.N. agency responsible for information and communication technologies, has drawn opposition from, and fears of content control among, civil society and the industry alike.

Sunil Abraham, Executive Director, Centre for Internet Society, told The Hindu: “The Indian government’s position on the ITRs can be improved, particularly with regard to the proposed definitions, approach to cyber security, scope of regulation.” However, he said, “we are confident that the Indian position will protect consumer and citizen interest once the government implements changes based on inputs from all… stakeholders.”

The National Association of Software and Services Companies (NASSCOM), which represents the $100-billion IT and BPO industry, has strong views against the Internet governance model of the Internet Corporation for Assigned Numbers and Names (ICANN), but favours self-regulation. Its president Som Mittal says: “NASSCOM does not favour oversight by an existing U.N. organisation like ITU. Internet and infrastructure have to be in the hands of expert organisations with proven experience.” NASSCOM has also expressed discomfort with the inclusion of “ICTs along with processing” in Section 21E of India’s proposal, since this would subject IT and BPO industries to inter-governmental regulation through the ITRs.

The Cellular Operators Association of India (COAI), which represents India’s largest mobile operators with nearly 700 million subscribers, has also opposed any role for ITU in the areas of international roaming and Internet governance, fearing a direct impact on domestic network architecture, costs and technology choices. COAI director-general Rajan Mathews said: “We are already regulated by the Department of Telecom (DoT) and the Telecom Regulatory Authority of India (TRAI). Placing the ITU’s jurisdiction over us — where we neither have voice nor recourse — is unacceptable.” The COAI’s position is consistent with the GSM Association (GSMA), the world’s largest association of mobile companies representing 800 operators spanning 220 countries. The COAI further alleges that most of its inputs “have been rejected without reasons assigned or even a meeting.” It has lodged a protest with the DoT.

The Internet Service Providers Association of India (ISPAI) has similarly protested against ITU’s jurisdiction over issues of Internet governance, architecture and cost.

Subho Ray, president, Internet & Mobile Association of India (IAMAI), said: “We represent a vast majority of Internet companies but have not been consulted by the DoT. We are completely opposed to ITU’s jurisdiction in any area related to Internet policy.”

The FICCI has also given detailed inputs on the dangers of allowing ITU’s jurisdiction, especially in areas of Internet policy and governance. It supports a bottom-up consultative and consensus-led multi-stakeholder approach, similar to the one propounded by Telecom Minister Kapil Sibal at the Internet Governance Forum, the world’s largest multi-stakeholder conference, held in Baku.

Several prominent civil society groups and members of academia involved in Internet governance also have apprehensions about expanding the ITU’s reach to Internet regulation through the ITRs. In a November 15, 2012 letter to Telecom Secretary R. Chandrashekhar, Society for Knowledge Commons, Internet Democracy Project, Free Software Movement of India, Delhi Science Forum, Media for Change and Software Freedom Law Center have complained about not having been consulted, while warning that India’s proposal “could have far reaching implications for the Internet.”

On the issue of cyber security, industry associations and several civil society groups are unanimously against any role for ITU, pointing out that including ill-defined terms such as ‘spam’ and ‘network fraud’ in a binding treaty is a terrible idea. Further, cyber security commitments can force India to cooperate with countries whose military and strategic interests are against it.

Kamlesh Bajaj, CEO, Data Security Council of India, and head of NASSCOM’s security initiatives, said: “Cyber security is sought to be taken over by ITU — an area in which it has little experience. Cyber security includes areas of application security, identity and access management, web security, content filtering, cyber forensics, data security, including issues such as cyber espionage and cyber warfare. The ITU has had no involvement in these matters over the last two decades, and should therefore stay out of them.”

Similar views have been expressed in varying degrees by the COAI, the IAMAI, the ISPAI and the FICCI. Dr. Ray of the IAMAI says: “cyber security is essentially a state prerogative and should not be part of an external treaty obligation. Any attempt to channel it through the ITU may be counter productive.”

Mr. Sibal, who has already been challenged by opposition to the domestic IT rules, is aware that if left unaddressed, opposition to India’s stance on ITRs will only escalate at a national and global level, and that if corrections have to be made in India’s position, those will have to be done consensually within the governance structure. Mr. Sibal confirmed that while cyber security was an area of discussion with the ITU, “the ITU does not have any role in Internet governance.”

According to him, either he or the Department will hold meetings on these issues with the industry to further evolve India’s position.

Mr. Chandrashekhar further confirmed that similar to several global national delegations, the government would include media and industry experts as part of its delegation to Dubai, the World Conference on International Telecommunications (WCIT-12) will be held from December 3 to 14. The final decisions on the ITRs and the composition of the delegation would be announced the coming week.

A deeply divided house in Dubai is a strong possibility, with countries which favour democracy and free speech taking a stance against those who, due to political compulsions, have proposed inter-governmental control through the ITRs by the ITU, not just on Internet policy, but also its traffic and content, most of which automatically fall under the definitions of the ICTs.

The 193-countries at THE WCIT may well spend 11 days discussing national proposals to separate issues that can be addressed nationally from those which require inter-governmental cooperation, while further debating which platforms may be best to address global cooperation.

It is equally clear that the existing Internet governance system is unacceptable to most countries, and therefore a more evolved democratic and internationally equitable system, which is managed through a multi-stakeholder process and yet with a definite role for countries like India, appears the only way forward.

Mr. Sibal, at meetings with global Internet governance bodies in Baku, is learnt to have bargained hard for India’s explicit role in the existing Internet governance processes.

For more details visit https://cis-india.org/news/the-hindu-nov-23-2012-shalini-singh-civil-society-and-industry-oppose-indias-plans-to-modify-itrs

Civil Liberties and the amended Information Technology Act, 2000

Malavika Jayaram — 2012-03-21T10:13:53Z

This post examines certain limitations of the Information Technology Act, 2000 (as amended in 2008). Malavika Jayaram points out the fact that when most countries of the world are adopting plain English instead of the conventional legal terminology for better understanding, India seems to be stuck in the old-fashioned method thereby, struggling to maintain a balance between clarity and flexibility in drafting its laws. The present Act, she says, is although an improvement over the old Act and seeks to address and improve on certain areas in the right direction but still comes up short in making necessary changes when it comes to fundamental rights and personal liberties. The new Act retains elements from the previous one making it an abnormal document and this could have been averted if there had been some attention to detail.

After close to a decade of dealing with English statutes, European directives and pan-European regulations, I was struck anew by the antique style of Indian draftsmanship on my return. Much of the world is moving away from stiff legal speech and towards plain English. Even England has converted to a simpler, more concise legal rhetoric. India, however, has a peculiar genius for imprecision and euphemism that makes the purpose and implications of the law hard to understand and apply. While it may seem quaint, to pepper a law with terms like ‘inconvenience’, ‘nuisance’ or ‘annoyance’, the language fails to convey the seriousness of the offences being defined. A reading of the Information Technology Act, 2008, in its new incarnation incorporating the latest amendments and rules (ITA), is a case in point.

Legal draftsmen inevitably wrestle with the age-old dilemma of the generic versus the specific, the potential dangers of a broad definition versus the built-in obsolescence of a narrow spotlight. The crafters of the ITA, in their admittedly admirable attempts to redress some of the gaps and ambiguity in the original law, appear to have struggled in their efforts to strike a balance between clarity and flexibility. While the new avatar is certainly an improvement in some areas, one can’t help but regret the missed opportunity to make necessary changes. Most importantly is the negative impact of the occasionally sloppy and sometimes overly wide drafting on deeply cherished fundamental rights and personal liberties.

Among other things, the ITA has sought to address and improve aspects such as technology neutrality, data protection, phishing and spam, child pornography, the liability of intermediaries and cyber terrorism. While many of these amendments are a step in the right direction, the actual drafting that implements the high level objectives suffers in many respects. For example, the previous emphasis on ‘digital signatures’ has shifted to the technologically neutral ‘electronic signatures’ but the changes have not been carried out thoroughly enough to expunge the old concept entirely. The current law is a bit of an abnormal document in that it contains elements of both concepts, which some attention to detail could easily have averted. Another example is that the provisions meant to combat spam and phishing end up using the dreaded ‘annoyance’ and ‘inconvenience’ terminology with the effect of casting the net of criminality over far more than is appropriate. For example, mail sent with the purpose of causing ‘annoyance’ or ‘inconvenience’ (not exactly the worst offence in the offline world) could put someone behind bars.

An important set of well intentioned but woefully inadequate provisions are those relating to the protection of data. The absence of a specific law on data protection had, in itself, garnered much criticism both within the country as well as in the context of international transactions and outsourcing. The old Act offered the feeble protection of a single provision (section 43) that dealt with unauthorised access and damage to data. In an attempt to meet industry demands and international market standards, the ITA introduced two sections that address civil and criminal sanctions. While this exercise understandably falls far short of a comprehensive law relating to data (being squeezed into an omnibus piece of technology related legislation, rather than one geared up only to deal with data), there was considerable anticipation of its role in papering over the existing cracks and provide a workable, if temporary, data protection regime.

However, the attempt is such a limited one, and so replete with shortcomings that the need for a ‘proper’ data protection law still stands. Given the proposed initiation of the UID scheme, in particular, there is a compelling need for a robust and intelligent law in this regard. Most other countries’ regimes clearly do at least the following:

define and classify types of data (for example, in most European countries, ‘personal data’ is any data that identifies an individual, ‘sensitive personal data’ is data that reveals details of ethnicity, religion, health, sexuality, political opinion, etc.),
fine-tune the nature of protection to the categories of data (i.e., greater standards of care around sensitive personal data),
apply equally to data stored offline and manually as to data stored on computer systems,
distinguish between a data controller (i.e., one who takes decisions as to data) and a data processor (i.e., one who processes data on the instructions of the data controller),
impose clear restrictions on the manner of data collection (for example, must be obtained fairly and lawfully),
give clear guidelines on the purposes for which that data can be put to and by whom (often involving a consent requirement that gives the individual a great degree of control over their data),
require certain standards and technical measures around the collection, storage, access to, protection, retention and destruction of data,
ensure that the use of data is adequate, relevant and not excessive given the purpose for which it was gathered,
cater for opt-in and opt-out type regimes, again to provide individuals with a measure of control over the use of their data even after the stage of initial collection (which has a huge impact on invasive telemarketing or unsolicited written communication)
impose a knowledge requirement and procedures for allowing individuals to seek information on what data is held on them, and
create safeguards and penalties that are well tailored to breaches of any of the above.

Unfortunately, and perhaps understandably, the ITA barely begins to scratch the surface of what a good data protection regime entails. The provisions that it does introduce (sections 43-A and 72-A) have glaring inadequacies. Briefly:

the term ‘sensitive personal data or information’ is used indiscriminately without any definition,
the provisions only cover electronic data and records, not data stored in non-electronic systems or media,
they offer no guidance on most of the principles set out above such as in relation to accuracy, adequacy, consent, purpose, etc.,
in the absence of the controller-processor distinction, liability is imposed on persons, who are not necessarily in a position to control data, even if it is in their possession,
civil liability for data breaches only arises where ‘negligence’ is involved (i.e., failure to have security procedures or failure to implement them correctly will not automatically result in damages unless negligence is proven),
similarly, criminal liability only applies to cases of information obtained in the context of a service contract, and requires an element of ‘wilfulness’, or a disclosure without consent or in breach of a lawful contract – this is a very limited remit aimed largely at preventing disgruntled or unscrupulous employees from dealing in company/customer data.

For these broad reasons, we can see that even the amended ITA disappoints those who expected a greatly improved regime in relation to data. It is widely anticipated that the UID scheme, which poses so many potential data protection issues, will serve as a catalyst for a standalone law that is on par with the more sophisticated regimes that function very well in other countries. One great feature common to most of those regimes is that they are consumer/individual focused. The freedom and privacy of the individual is the central concern of protection. Our ITA seems far more concerned with providing corporates with a stick to beat errant employees with, and with catering to the needs of the outsourcing and IT industries. It remains to be seen whether the UID scheme will merely galvanise some targeted legal action covering UIDs rather than generating a broad based piece of legislation.

In addition to the criticisms levelled at the data protection provisions, the other large subset of concerns has been in relation to the civil liberties implications of the ITA. There has been some horror expressed in various forums and media about the ITA contributing to the growth of a police state, to severe curtailment of the freedom of speech and expression, to the invasion of privacy, and to the disproportionate severity of penalisation for offences that are placed on crimes committed in cyberspace compared to crimes committed in the hear and now. Sadly, this is true to a large extent given the clunky treatment of ‘cyber terrorism’, the intolerable pre-censorship that is enabled by the blocking of websites, the broad approach to the monitoring and collection of data, and the demanding obligations of intermediaries to cooperate with interception, monitoring and decryption of data for poorly defined reasons.

While our Constitution’s fundamental rights chapter, which enshrines certain basic, democratic, and profound rights, might not have the same vocabulary of due process as we see in the US, it nevertheless requires restrictions to be reasonable. Precedents and the wider jurisprudence in the field have further developed the concepts of checks and balances, procedural safeguards and legitimacy of restraints that a functioning democracy like India must accord to its people. It can be argued that several provisions of the ITA cause significant tension with the right to freedom of speech and expression, the right against self-incrimination, the right to equality before the law, and the right to practice a trade or profession. To briefly deal with the worst offenders in the IT Act, I have divided them into some broader topics:

Pre-censorship

Some of the most excessive provisions relate to the free hand with which public access to websites can be blocked. Previously, there was some hope that the rules yet to be formulated in connection with section 69-A would offer some procedural safeguards. The recently notified rules do contain details – in the bureaucratese that we have come to expect – of the process to be followed by the designated functionaries. They also permit the concerned person or intermediary to submit a reply and clarifications to the committee before the decision to block access is taken.

These rules are to a large extent undermined by rule 9 (“Blocking of information in cases of emergency”), which provides that, “…in any case of an emergency nature, for which no delay is acceptable…”, the process will turn into an internal escalation within the department of IT and interim directions relating to blocking access may be issued without giving (him) an opportunity of hearing. There are those who think that, given the events of 26/11, this is wholly justified but the prospect of abuse fills others with dread. The rules may offer detailed time-frames within which orders are made and approved, require reasons to be recorded in writing, provide that emergency orders may be revoked and information unblocked, etc. Regardless, the nature of the process (executive rather than judicial), the ease with which it can be abused, and the fact that the review committee will only meet once in two months to check for compliance, set aside incorrect orders and unblock information, does not offer much comfort. If a site is incorrectly blocked, it could take up to two months for this to be rectified, which could cause a great damage to the owner of the site, and indeed to the wider public that has an interest in uncensored, free speech.

Given that any person can submit a request, it is not unreasonable to anticipate a certain level of frivolous and malicious requests for blocking sites, especially given that the grounds for blocking are very wide (the often repeated set that we are familiar with, namely, in the interest of sovereignty and integrity of India; relating to defence of India/ security of State/ friendly relations with foreign states/ public order and for preventing incitement to commission of any cognizable offences). Without a review committee constantly monitoring and policing the unbridled use of the provisions, the backlog of blocking decisions that may need to be reversed can become a mountain very quickly. The dangers of pre-censorship and the curtailment of dialogue, debate and free speech are even greater in a country with an increasingly thin-skinned populace. Faced with a volatile backdrop of great diversity of religion, political opinions, views on sexuality, morality, obscenity and other highly subjective values and beliefs, there is immense extra-legal pressure on free speech. Thus, there is now a need for greater vigilance so that the thought police do not wield the stick of harsh penalties under the ITA without reason and due process.

Privacy and surveillance

This topic pulls together concerns around the blanket monitoring and collecting of traffic data or information, the interception and decryption (under duress) by intermediaries (now a large superset of ISPs, search engines, cyber cafes, online auction sites, online market places, etc.) and the wide definition of ‘cyber terrorism’ (which ludicrously even casts defamation as a terrorist activity).

Some of the broad concerns in relation to interception, monitoring and decryption in (section 69) are that:

there is no provision for a clear nexus between an intermediary and the information or resource sought to be monitored or intercepted,
the usual internationally recognised exception to liability where an intermediary operates purely as a conduit and has no control over data flowing through its network is not clearly spelt out,
the penalties for non-cooperation are extremely harsh, especially given the absence of a) and b) above,
these onerous penalties can be said to be in violation of Article 14 as they seem entirely disproportionate. Similar offences and remedies in the Code of Criminal Procedure or the Indian Penal Code prescribe less severe penalties, by an order of magnitude in fact. When the only difference between the offences is the medium in which information is contained, it seems arbitrary to impose a much harsher punishment on an online intermediary than on a member of the public who, for example, furnishes false information to the police in connection with a trial or enquiry.
the rules made in relation to monitoring, interception and decryption, offer some procedural safeguards, in that they impose a time limit on how long a directive for interception or monitoring can remain in force, a ceiling on how long data can be kept before it is required to be destroyed, etc. However, the effect of these is greatly diluted by exceptions “for functional requirements”, etc. The astonishing irony is that rule 20 requires the intermediary to maintain “…extreme secrecy…” and “…utmost care and precaution…” in the matter of interception, monitoring or decryption of information “…as it affects the privacy of citizens…”!!!!

In a similar vein, there are concerns around the monitoring and collection of traffic data (section 69B) as the section contains an unreasonably long list of grounds for monitoring. These include such extreme excesses as “forecasting of imminent cyber incidents”, “monitoring network application with traffic data or information on computer resource”, “identification and determination of viruses/computer contaminant”, and the catch-all “any other matter relating to cyber security”.

Finally, the main criticism of the ITA approach to ‘cyber terrorism’ is the very wide net that it seeks to cast, looking for a game that has little or nothing to do with the named offence. Amongst the cast of creatures unwittingly caught during this fishing expedition, we find some unlikely victims. In addition to the usual grounds of offence against sovereignty, national security, defence of India, etc., which we have seen in relation to other sections, the ITA considers the following as acts of cyber terrorism – broadly speaking, unauthorised access to information that is likely to cause:

injury to decency,
injury to morality,
injury in relation to contempt of court, and
injury in relation to defamation.

This would almost be laughable if these grounds were not enacted unto law, posing a threat to civil liberties by their very existence. Other countries have some notion of political ideology, religious case, etc. in their view of terrorism. That (a) to (d) above have been shoehorned into a clause that imposes the stiffest penalty within the entire ITA (life imprisonment) gives even more cause for concern.

In closing, I should reiterate that the ITA includes other deficiencies and worthwhile improvements alike, but an article focusing largely on the data protection and civil liberties aspects cannot reference them all.

For more details visit https://cis-india.org/internet-governance/blog/information-technology-act

Citizens’ Draft Privacy Bill Seeks To Revolutionise Data Collection, Storage In India

Admin — 2018-06-11T02:47:46Z

A draft privacy bill proposes sweeping reforms to the way personal data is collected, processed and stored in India.

The blog post by Arpan Chaturvedi was published in Bloomberg Quint on June 9, 2018. CIS research was quoted.

Titled Indian Privacy Code, 2018, the draft proposes that “all data collected, processed and stored by data controllers and data processors prior to the date on which this Act comes into force shall be destroyed within a period of two years from the date on which this Act comes into force”.

The draft has been put together by a group of lawyers and policy analysts and uploaded on the website of ‘Save our Privacy’ — a public initiative to put forth a model law on data protection. The initiative is backed by the India Privacy Foundation.

No person, including a data controller and data processor, shall collect any personal data without obtaining the consent of the data subject to whom it pertains, the draft bill says. Collection of personal data without consent can happen only when:

It’s necessary for the provision of an emergency medical service.
Prevent, investigate or prosecute a cognizable offence.
Exempted by a privacy commission that the draft seeks to institute

Also, the draft bill proposes that no person shall store any personal data for a period longer than is necessary to achieve the purpose for which it was collected or received. The same applies to the processing of personal data.

The draft bill has been submitted to the Justice Sri Krishna Committee — which will deliberate on a data-protection framework for the country. The committee’s first draft is likely to be submitted this month.

The bill prescribes punishment for offenses related to interception of communication, surveillance, abetment, repeat offenders and offenses by companies.

The bill, according to information on the website, is based on seven principles, foremost of which is the importance of individual rights. The others are:

A data protection law must be based on privacy principles and guidelines discussed in the report of Justice AP Shah Committee of Experts; the Supreme Court judgement on Right to Privacy and European Union’s General Data Protection Regulation.
A strong privacy commission must be created to enforce privacy principles. The commission should be granted wide powers of investigation, adjudication, rule-making and enforcement. The privacy commission must have jurisdiction over the government as well as private bodies.
The government must respect user privacy. The government cannot deny essential services to citizens if they choose not to share data with it. The draft says government withholding services on pretext of collection of information effectively amounts to “extortion of consent”.
A complete privacy code must come with surveillance reform. Even when individual interception and surveillance is carried out this should be severely limited in substance and practiced through procedural safeguards.
Strengthen the Right To Information Act and exempt information commissioners from interference or control by the privacy commissioner
International protection and harmonisation is a must to protect the open internet. The group suggests the law must have extraterritorial effect and apply to web services and platforms which are accessible in India and gather personal data of Indians.

The bill takes inspiration from the Privacy (Protection) Bill, 2013 which was drafted over a series of roundtable discussions and inputs conducted by the Centre for Internet and Society, Bengaluru.

The individuals who were involved in the drafting of the model law are Raman Jit Singh Cheema, Apar Gupta, Gautam Bhatia, Kritika Bhardwaj, Maansi Verma, Naman N Aggarwal, Praavita Kashyap, Prasanna S, Ujjwala Uppaluri, Vrinda Bhandari.

For more details visit https://cis-india.org/internet-governance/news/bloomberg-quint-june-9-2018-draft-bill-seeks-to-revolutionise-data-collection-storage-in-india

Citizen Activism the Past Decade

Nilofar Ansher — 2015-04-24T11:52:44Z

Call for Contributions to the ‘Digital Natives with a Cause?’ newsletter, ‘Citizen Activism the Past Decade’. Deadline: August 15, 2012.

The past decade (2001 – 2011) has been marked by unprecedented democratic protests across the globe. Not only have citizens risen against autocratic regimes or systemic corruption, which is not unprecedented in itself, but also, a spark in one region inflamed solidarity among neighbouring nations to pick up the placards and march for change. Plenty has been written about the strategic deployment of social media, Web 2.0 platforms and Smart-gadgets by the digital natives (the youth and the old alike) to rewrite the rules of citizen activism.

In this issue of the newsletter, we explore the mechanics of activism aided by media: web, social, digital, and traditional. What do we understand by a cause and how does it find resonance at the local and global platforms? Is the digital native a community player or a global citizen? How do digital natives connect, collaborate, mobilize and bring about their visions of change? The aim is to not establish or reinforce these dichotomies, if indeed they exist, but to understand the dimensions of the stage the digital natives operate on and if that stage is a synecdoche for global youth-led civic action. A case in point: ‘Slut Walk’ moved from being a one-off march in Toronto to becoming a global movement and came full circle when small towns and cities across the world organized protest marches with a local ‘twist’.

Topics that contributors can explore:

What do we understand by citizen activism? How has citizen activism changed over the last 10 years with the advent of new media tools?
Youth as 'change agents'. Are protest movements youth oriented today? How are civil rights movements of the past decade different from the wave of movements that marked the 60s? (women's lib, LGBT rights, civil rights, disability rights). Explore the mechanics of organizing, mobilizing and measuring the success of a campaign in both the cases.
Participatory Politics and Web 2.0 | Value and power of the Network in effecting change | Mobilizing support and consensus within the network |studies on politically active youth using social media | digital natives as apathetic citizens | Is Slacktivism still a misunderstood term?
Kony 2012 video campaign | interviews | what went wrong and what did they do right? | Rise of DIY activism | mechanics of digital activism | resources, tools and strategies
Rise of the ‘Glocal’ (global with local resonance) cause | Slut Walk and Co – global protests inspiring local campaigns | Children of globalization with global stakes supporting local causes – how does this work?
Role of new media as a vehicle for civic engagement | Are new media and traditional media mutually exclusive in influencing citizen action? | How are new media strategies deployed by citizens in comparison with traditional media engagement?
Learning from past campaigns: citizen activism initiates and strategies in history that inspire modern campaigns (The ‘Walk to Work’ protest in Uganda protesting against fuel price hike and removal of subsidies is similar to Mahatma Gandhi’s Dandi March in pre-independence India to protest against Salt Tax).
Finding commonalities in citizen activism across Asia, Africa and Middle East | Explore the citizen action campaigns that have shaped political discourse in the past decade | Explore some of the most successful youth action campaigns of the past decade
How do we measure value, quality and success of campaigns? When does a protest officially end? Studies that explore the life-cycle of a protest or movement
The future of activism: new technologies, new demography, new forms of engagement | art and activism | Gamification
Role of non-governmental organizations and civil society networks in fostering political change | collaboration between NGOs and social media activists / independent protesters
State and the empowered citizen | State response to protest | surveillance and censorship
Technologies of protest
Studying citizen activism | digital native research methodology to study citizen activism

To know more about the topics you can write about, please write to: nilofar.ansh@gmail.com (Nilofar Ansher, Community Manager). Contributions can be in the form of essays, notes, commentaries, reviews (book or paper), dialogues and chat transcript, poems, sketches / graphics. Essay word count between 800-1,600 words. Send your entries along with a brief bio and a profile picture by August 15, 2012.

View previous issues of the 'Digital Natives with a Cause?' newsletter here: http://cis-india.org/digital-natives/newsletter

For more details visit https://cis-india.org/digital-natives/citizen-activism-the-past-decade

CIS_BD4D_Guideline04_PT+PB_BigDataAIEthicsReview_ExtendedNotes PDF

pranav — 2020-05-19T10:58:54Z

For more details visit https://cis-india.org/raw/bd4d-guideline-documents/ExtendedNotes

CIS@IGF 2014

geetha — 2014-10-08T10:31:47Z

The ninth Internet Governance Forum (“IGF2014”) was hosted by Turkey in Istanbul from September 2 to 5, 2014.

A BestBits pre-event, which saw robust discussions on renewal of the IGF mandate, the NETmundial Initiative and other live Internet governance processes, flagged off a week of many meetings and sessions. At IGF2014, the ICANN-led processes of IANA transition and ICANN accountability found strong presence. Human rights online, access and net neutrality were also widely discussed. Centre for Internet and Society, India participated in multiple workshops and panels.

Workshops and Panel Discussions

WS206: An evidence-based framework for intermediary liability
CIS organized a workshop on developing an evidence-based framework for intermediary liability in collaboration with the Stanford Center for Internet and Society. By connecting information producers and consumers, intermediaries serve as valuable tool for growth and innovation, and also a medium for realisation of human rights. The workshop looked to a concerted approach to understanding intermediaries’ impact on human rights demands our urgent attention. Jyoti Panday of CIS was contributed to the workshop’s background paper and organisation. Elonnai Hickok of CIS was a speaker. At this workshop, a zero-draft of international principles for intermediary liability was released. The zero-draft is the interim outcome of an ongoing, global intermediary liability project, undertaken by CIS in collaboration with Article 19 and Electronic Frontier Foundation. See the video.

WS112: Implications of post-Snowden Internet localization proposals
Organised by ISOC and Center for Democracy and Technology, this panel questioned the distinctions between Internet-harmful and Internet-beneficial Internet and data localization. As a speaker at this workshop, Sunil Abraham of CIS identified state imperatives for Internet localization, such as taxation, network efficiency and security. See video.

WS63: Preserving a universal Internet: Costs of fragmentation
Internet and Jurisdiction Project organized this workshop to explore potential harms to Internet architecture, universality and openness as a result of Internet balkanisation. Sunil Abraham was one of the speakers.

WS2: Mobile, trust and privacy
Organised by GSMA, this panel discussed methods, benefits and harms of use of mobile transaction generated information and data. Sunil Abraham was a speaker. See video.

WS188: Transparency reporting as a tool for Internet governance
This GNI workshop examined transparency reporting by Internet intermediaries and companies, and sought to identify its strengths and shortcomings as a tool for Internet governance. Pranesh Prakash of CIS was a speaker. See video.

WS149: Aligning ICANN policy with the privacy rights of users
This Yale ISP panel examined ICANN’s obligations for data protection, in light of international standards and best practices. This discussion is particularly relevant as ICANN’s WHOIS policy, Registrar Accreditation Agreement, and other policies have attained the status of a global standard for the handling of personal data. Pranesh Prakash moderated this panel.

Other Participation

Launch of the GISWatch Report

Association for Progressive Communications (APC) and the Humanist Institute for Cooperation with Developing Countries (Hivos) released the Global Information Society Watch Report (GISWatch) on national and global mass surveillance. The report “explores the surveillance of citizens in today's digital age by governments with the complicity of institutions and corporations”. Elonnai Hickok of CIS contributed a thematic chapter on Intermediary Liability and Surveillance to this report.

For more details visit https://cis-india.org/internet-governance/blog/cis-at-igf-2014