Centre for Internet and Society

CCTV in Universities

merlin — 2011-09-01T09:50:09Z

Basic Closed Circuit Television (CCTV) Infrastructure is used to observe movements from a central room, and consists of one or more video cameras that transmit video and audio images to a set of monitors or video recorders.

A Brief History of CCTV's

Video surveillance as a means of policing gained prominence in the 1950s when the UK police installed two pan-tilt cameras on traffic lights to monitor traffic near the Parliament. Since then the United Kingdom has become the country with the most number of surveillance cameras.[1]

The proliferation of CCTVs has been attributed to the growing radicalization of human behaviour wherein organized groups terrorized entire nations and threatened their internal security. The 1985 terror attack on the then Prime Minister of Britain by the IRA and many such instances thereafter have led many countries to adopt CCTV as a means of policing. In India, terror attacks on the Mumbai stock market and successive instances have pushed the Indian Government to install CCTVs in prominent public areas so that it is possible to monitor suspicious movements.[2]

CCTVs and Public Perspective

Since the 1950'sCCTVs have become ubiquitous and ever present, monitoring our daily movements, and infringing into our personal space. Though governments believe CCTVs are essential security instruments, the public is less convinced. The early anxiety to be safe from an unseen danger has given way to a new unease amongst the people, that of constantly being watched by an unseen eye.

CCTVs in Educational Institutions

CCTVs are typically used by the government or private agencies for surveillance in areas frequented by the public that need monitoring. Recently though, universities across the length and breadth of the country have resorted to the use of CCTVs for policing campus activities and to keep the students in check and under control. Huge budgets are set to wire campuses with CCTV infrastructure, t causing students to protest as well as laud the initiative by the administration. The debate on CCTVs has gained momentum in recent years with students staging huge rallies both in support of and against it.

Example 1:

The most prominent of the agitations against CCTVs was staged by the students of Jadavpur University in Kolkata on the administration’s decision to install 16 CCTVs on the four main exit points of the campus and other strategic locations.[3] The installation cost Rs.20 lakh. The students protested loudly against the decisions and ‘gheraoed’ the office of the vice chancellor for 52 hours. The students claimed that the administration was curbing their individual freedom and robbing the campus of it’s democratic atmosphere. The administration refused to remove the cameras, and claimed that the move was necessitated for the security of the students and to prevent any unforeseen incident.

Example 2:

The girl’s residing in the Women’s Hostel of The University of Pune protested against the setting up of CCTV cameras’ in the entrances of the hostel to check for unauthorized visits from boyfriends and friends. The girl’s vandalized the camera and claimed that they were an infringement to their privacy. The hostel authorities insisted that the cameras did not infringe on the privacy of the women, and were only installed at the entrance gates to keep a tab on visitors.[4] The authorities claimed that this step was taken in congruence with the hostel’s policy of not allowing visitors to stay the night.

Example 3:

The girls of the Churchgate’s Government Law College succeeded in getting the CCTV camera removed from the Girl’s Common Room, as it was seen as an infringement to their privacy. The MNS stepped up the agitation in favor of the students which led the college administration to finally take notice and remove the camera from the common room.[5]

The Flip Side

The issue of CCTVs in campuses takes an interesting turn when the students support the move to install cameras in campuses.

Example 1:

Delhi University installed CCTV cameras in their campuses after the Delhi Police issued an advisory for the same. They claimed that the advisory issued was to monitor the instances of on campus ragging. The Delhi Police also helped fund the setting up of CCTVs in the college. This move was lauded by the students, and the colleges took instant measures to wire their campuses.[6]

Example 2:

Recently, after the murder of a Delhi University student named Radhika Tanwar in broad day light, many student union groups assembled for a candle light vigil. They demanded CCTV cameras near the Satya Niketan bus stop where Radhika was killed which is an isolated stretch of a road. The massive agitation of almost a week brought the National Commission of Women into the foray who seconded the demand put forth by the student body.[7]

Example 3:

The recent instance of an RTI exposing inflated bills for setting up CCTVs in the Punjab University Campus also throws light on an interesting facet to this debate as the students do not mind the CCTVs in their campus. The student’s union of the university demanded the authorities to look into the discrepancies of the budget, and also expressed anger as the CCTVs installed did not work. The students claimed that the rising violence in the campus is because of disinterested security men and non working CCTV cameras.[8]

Conclusion

The decisions to use CCTVs as a means of surveillance evokes mixed responses. On one side of the debate they are seen as a deterrent to crime while on the other side of the debate they are seen as beinggross infringements on privacy. CCTV surveillance remains as a bone of contention amongst students. If they feel that their personal space is being invaded by these cameras then it needs to be addressed by the administration in a manner which appeases their fear. Universities randomly adopt the policy of CCTV surveillance, disregarding any voice of dissent. Kashmir University put up CCTVs in it’s campus to shoo away lovebirds and the Aligarh Muslim University has installed 57 CCTV cameras in it’s campus to keep a check on students. The rise of the CCTVs in colleges relates to not the actual crime but to the fear of crime. Therefore, CCTVs have become a tool of re-assurance [9]which feeds a notion of safety and security to the authority in charge.

There is no black and white regarding the implementation of CCTVs in universities. A policy can only benefit both sides when decisions are taken with the students, and not on behalf of them. Indian Universities have no guidelines and policies regarding the implementation of CCTVs and students remain unaware of any decisions in this regard. The Universities should clearly spell out their take on CCTVs including:

University policy regarding CCTVs policies
The reasons for introducing CCTVs
The proposed uses of CCTV infrastructure
Which areas in the campus will be kept under surveillance
How will the data collected be stored
How long will the data be retained
How will the data be deleted[10]

The Universities should address all these issues to dispel fear from the minds of the students, and the student unions should be included in the discussions regarding the implementation of CCTVs.

Notes

[1].Webster,William; CCTV policy in the UK: Reconsidering the evidence base; sueveillanceandsociety.org.

[2].Norris, Clive;MC Cahill, Mike;Wood, David; The Growth of CCTV: A Global Perspective on the international diffusion of video surveillance in publically accessible space; surveillance-and-society.org.

[3].Timesnow.tv/jadavpuruniversity, www.haata.com.

[4].http://www.ndtv.com/article/cities/female-hostellers-damage-cctv-cameras-to-protect-privacy-83889, http://toostep.com/debate/is-it-right-to-install-a-cctv-in-girls-hostel-to-stop-unauth.

[5].http://www.mumbaimirror.com/index.aspx?page=article§id=2&contentid=201101212011012104560935753ecb888, http://ibnlive.in.com/news/cctv-cameras-in-hostel-rob-pune-women-of-freedom/142681-3.html.

[6].http://www.expressindia.com/latest-news/after-delhi-police-advisory-du-to-install-cctv-cameras/761421/.

[7].http://www.indianexpress.com/news/women-constables-cctv-cameras-in-girl-stude/766083/.

[8].http://www.punjabcolleges.com/5526999-itemdisplay-Misappropriation-of-funds-on-CCTV,-RTI-exposed-it-Chandigarh.htm.

[9].www.surveillance-and-society.org/ojs/index.php/journal/article/view/prozac/prozac.

[10].www.ucl.ac.uk/estates/security/documents/cctvpolicy.doc, http://www.wustl.edu/policies/cctv-monitoring-and-recording.html.

For more details visit https://cis-india.org/internet-governance/blog/privacy/cctv-in-universities

Caught in the Web

praskrishna — 2011-12-12T15:32:28Z

Do we need a cyber Big Brother watching us? A look at both sides of the coin.

In the summer of 2009, a hue and cry was raised by netizens when the Government blocked a hugely popular adult-oriented cartoon site called Savitabhabhi.com. The site was blocked after complaints that Savita Bhabhi's lurid tales were highly offending to the sensibilities of those grounded in Indian traditions. Those who opposed the move said that this was done without granting the creators an opportunity to defend their right to freedom of expression.
Recent ruffles

A similar brouhaha erupted recently when Communication and IT Minister Kapil Sibal, in a hurriedly called press conference, announced that the Government will bring in a law to pre-filter content posted on social networking Web sites. The trigger for this was certain pictures, with religious connotations, uploaded on various social networking sites including Facebook and Google Plus. Sibal claims that despite Government appeals the Web site refused to remove the content. If the new law is implemented, your status updates or videos will be screened by the internet company for objectionable content before it is published.

The move has angered Internet users, promoters of free speech and social networking companies. “As it is the status of freedom of speech in India is in a bad shape. Sibal's new rules will only make it worse,” says Sunil Abraham, Executive Director, Centre for Internet and Society.

Abraham's point is buttressed by a report from the United Nations Democracy Fund called ‘Freedom on the Net 2011' which gives Indian Internet usage a “partly free” status clubbed along with the likes of Egypt, Jordan, Rwanda and Venezuela.

“Pressure on private intermediaries to remove certain information in compliance with administrative censorship orders has increased since late 2009, with the implementation of the amended IT Act. While some observers acknowledge that incendiary online content could pose a real risk of violence, particularly given India's history of periodic communal strife, press freedom and civil liberties advocates have raised concerns over the far-reaching scope of the IT Act, its potential chilling effect, and the possibility that the authorities could abuse it to suppress political speech,” the report says.
User content removal

When Google began reporting government requests for data and content removal in early 2010, India ranked third in the world for removal requests and fourth for data requests. Between July 1, 2009, and December 31, 2009, India had submitted 142 removal requests. By June 2011, the Internet search giant received requests from the Indian government to remove 358 items. In a breakdown of reasons for such requests, 255 items were classified under the “government criticism” category. In May 2008, two men were arrested and charged for posting derogatory comments about Congress party chief Sonia Gandhi on Orkut. There are many other instances of Government intervention over the past 3 years.

Those who support monitoring argue that content on social media network should be scanned because the users are not responsible enough. California-based media commentator Andrew Keen blames the Internet users in a book called The Cult of the Amateur where he writes that technology has fostered a “dictatorship of idiots”. “.....the masses are liable to be further vulgarised by the overwhelming surfeit of their own voluntary contributions, which are inherently without value (otherwise they wouldn't have been offered freely). Without cultural elites empowered to control public discourse and deify their chosen superstars, the monkeys are running the show,” Keen declares.

Abraham says this argument is flawed because there is no empirical evidence to determine that people use the Internet for a single purpose. “There is no cause and effect here. People may use the Internet for anything ranging from pornography to science. One cannot generalise user behaviour. If Internet was a tool for the Egypt uprising, the same may not work in some other country,” says Abraham.
Monitoring issues

Then there are others who want the social network Web sites to take some responsibility. Rajesh Chharia, President of the Internet Service Providers Association thinks that multi-national Internet firms cannot get away by saying that they conform to standards of their country alone.

But experts feel that it is practically impossible for any social networking Web site to monitor everything that's posted on their site due to sheer volume. For instance, YouTube has 48 hours of videos uploaded every minute and Facebook has 38 million users in India posting thousands of pictures and messages every day. “The Internet is like a sea, you just cannot control everything that's thrown into it unless you man the entire coastline. Even if you block someone from posting content on one site, they will find another way to get in,” said one of major Internet firms.

Meanwhile the Savita Bhabhi site is back with all new content at a new address. So much for the Government's desire to monitor the Internet.

This article by Thomas K Thomas was published in the Hindu Business Line. Sunil Abraham was quoted in this article. Read the original here

For more details visit https://cis-india.org/caught-in-web

Capturing Gender and Class Inequities: The CCTVisation of Delhi

Aayush Rathi and Ambika Tandon — 2019-09-27T15:24:10Z

Ambika Tandon and Aayush Rathi generated empirical evidence about the CCTV programme well underway in Delhi. The case study was published by Centre for Development Informatics, Global Development Institute, SEED, in the Development Informatics working paper series housed at the University of Manchester.

Abstract

Cityscapes across the global South, following historical trends in the North, are increasingly being littered by closed-circuit television (CCTV) cameras. In this paper, we study the wholesale implementation of CCTV in New Delhi, a city notorious for incredibly high rates of crime against women. The push for CCTV, then, became one of many approaches explored by the state in making the city safer for women.

In this paper, we deconstruct this narrative of greater surveillance equating to greater safety by using empirical evidence to understand the subjective experience of surveilling and being surveilled. By focussing on gender and utilising work from feminist thought, we find that the experience of surveillance is intersectionally mediated along the axes of class and gender.The gaze of CCTV is cast upon those already marginalised to arrive at normative encumbrances placed by private, neoliberal interests on the urban public space. The politicisation of CCTV has happened in this context, and continues unabated in the absence of any concerted policy apparatus regulating it. We frame our findings utilising an analytical data justice framework put forth by Heeks and Shekhar (2019). This comprehensively sets out a social justice agenda that situates CCTV within the socio-political contexts that are intertwined in the development and implementation of the technology itself.

Click to download the full research paper

For more details visit https://cis-india.org/internet-governance/blog/development-informatics-paper-number-81-aayush-rathi-and-ambika-tandon-capturing-gender-and-class-inequities

Can the Matters Dealt with in the Aadhaar Act be the Objects of a Money Bill?

Pooja Saxena — 2016-04-24T14:15:06Z

In this infographic, we highlight the matters dealt with in the Aadhaar Act 2016, recently tabled in and passed by the Lok Sabha as a money bill, and consider if these can be objects of a money bill. The infographic is designed by Pooja Saxena, based on information compiled by Sumandro Chattapadhyay and Amber Sinha.

Download the infographic: PDF and JPG.

License: It is shared under Creative Commons Attribution 4.0 International License.

For more details visit https://cis-india.org/internet-governance/blog/can-matters-dealt-with-in-aadhaar-act-be-objects-of-money-bill

Can the Judiciary Upturn the Lok Sabha Speaker’s Decision on Aadhaar?

amber — 2017-02-27T15:44:56Z

When ruling on the petition filed by Jairam Ramesh challenging passing the Aadhaar Act as a money Bill, the court has differing precedents to look at.

The article was published in the Wire on February 21, 2017.

In an earlier article, I had argued that the characterisation of the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, as a money Bill by Sumitra Mahajan, speaker of the Lok Sabha, was erroneous. Specifically, I had argued that upon perusal of Article 110 (1) of the constitution, the Aadhaar Act does not satisfy the conditions required of a money Bill. For a legislation to be classified as a money Bill, it must comprise of ‘only’ provisions dealing with the following matters: (a) imposition, regulation and abolition of any tax, (b) borrowing or other financial obligations of the government of India, (c) custody, withdrawal from or payment into the Consolidated Fund of India (CFI) or Contingent Fund of India, (d) appropriation of money out of CFI, (e) expenditure charged on the CFI or (f) receipt or custody or audit of money into CFI or public account of India; or (g) any matter incidental to any of the matters specified in sub-clauses (a) to (f).

Article 110 is modelled on Section 1(2) of the UK’s Parliament Act, 1911, which also defines money Bills as those only dealing with certain enumerated matters. The use of the word ‘only’ was brought up by Ghanshyam Singh Gupta during the constituent assembly debates. He pointed out that the use of the word ‘only’ limits the scope money Bills to only those legislations which did not deal with other matters. His amendment to delete the word ‘only’ was rejected, clearly establishing the intent of the framers of the constitution to keep the ambit of money Bills extremely narrow. G.V. Mavalankar, the first speaker of Lok Sabha, had stated that the word ‘only’ must not be construed so as to give an overly restrictive meaning. For instance, a Bill which deals with taxation could have provisions which deal with the administration of the tax. The finance minister, Arun Jaitley, referred to these words by Mavalankar, justifying the classification of the Aadhaar Act as a money Bill.

While the Aadhaar Bill does makes references to benefits, subsidies and services funded by the CFI, even a cursory reading of the Bill reveals its main objectives as creating a right to obtain a unique identification number and providing for a statutory apparatus to regulate the entire process. Any reasonable reading of the legislation would be hard pressed to view all provisions in the Aadhaar Act, aside from the one creating a charge on the CFI, as merely administrative provisions incidental to the creation such charge. The mere fact of establishing the Aadhaar number as the identification mechanism for benefits and subsidies funded by the CFI does not give it the character of a money Bill. The Bill merely speaks of facilitating access to unspecified subsidies and benefits rather than their creation and provision being the primary object of the legislation. Erskine May’s seminal textbook, Parliamentary Practice, is instructive in this respect and makes it clear that a legislation which simply makes a charge on the consolidated fund does not becomes a money Bill if otherwise its character is not that of one. Further, the subordinate regulations notified under the Aadhaar Act deal almost entirely with matters to do with enrolment, updation, authentication of the Aadhaar number and related matters such as data security regulations and sharing of information collected, rather than the provision of benefits or subsidies or disbursal of funds otherwise from the CFI.

However, in the context of the petition filed by former Union minister Jairam Ramesh challenging the passage of the law on Aadhaar as a money Bill, the more important question is whether the judiciary has a right to question the speaker’s decision in such a matter. If not, any other questions about whether the legislation is a money Bill will remain merely academic in nature.

Irregularity vs illegality

Article 110 (3) clearly states that with regard to the question whether a legislation is a money Bill or not, the decision of the speaker is final and binding. The question is whether such a clause completely excludes any judicial review. Further, Article 122 prohibits the courts from questioning the validity of any proceedings in parliament on the ground of any alleged irregularity of procedure.

During the arguments in the court, the attorney general questioned the locus standi of Ramesh. The petition has been made under Article 32 of the constitution and the government argued that no fundamental rights of Ramesh were violated. However, the court has asked Ramesh to make his submission and adjourned the hearing to July. The petition by Ramesh would hinge largely on the powers of the judiciary to question the decision of the speaker of the Lok Sabha.

The powers of privilege that parliamentarians enjoy are integral to the principle of separation of powers. The rationale behind parliamentary privilege is to prevent interference in the lawmakers’ powers to perform essential functions. The ability to speak and vote inside the legislature without the fear of punishment is certainly essential to the role of a lawmaker. However, the extent of this protection lies at the centre of this discussion. During the constituent assembly debates, H.V. Kamath and others had argued for a schedule to exhaustively codify the existing privileges. However, B.R. Ambedkar pointed to the difficulty of doing so and parliamentary privilege on the lines of the British parliamentary practice was retained in the constitution. In the last few decades, a judicial position has emerged that courts could exercise a limited degree of scrutiny over privileges, as they are primarily responsible for interpreting the constitution.

In the matter of Raja Ram Pal vs The Hon’ble Speaker, Lok Sabha, it had been clarified that proceedings of the legislature were immune from questioning by courts in the case of procedural irregularity but not in the case of illegality. In this case, the Supreme Court while dealing with Article 122 stated that it does not oust review by the judiciary in cases of “gross illegality, irrationality, violation of constitutional mandate, mala fides, non-compliance with rules of natural justice and perversity.”

In 1968, the speaker of the Punjab legislative assembly adjourned the proceedings for a period of two months following rowdy behaviour. Subsequently, an ordinance preventing such a suspension was promulgated and the legislature was summoned by the governor to consider some expedient financial matters. The speaker disagreed with the decision and after some confusion, the deputy speaker passed a few Bills as money Bills. While looking into the question of what was protected from judicial review, the court stated that the protection did not extend to breaches of mandatory provisions of the constitution, only to directory provisions. By that logic, if Article 110 (1) is seen as a mandatory provision, a breach of its provisions could lead to an interpretation that the Supreme Court may well question an erroneous decision by the speaker of the Lok Sabha to certify a legislation as a money Bill. The use of the word “shall” in Article 110 (1), the nature and design of the provision, its overriding impact on the other constitutional provisions granting the Rajya Sabha powers are ample evidence of its mandatory nature. Based on the above, Anup Surendranath has argued that the passage of the Aadhaar Act as a money Bill when it does not satisfy the constitutional conditions for it does amount to a gross illegality.

The judicial precedent in Mohd. Saeed Siddiqui vs State of Uttar Pradesh where the matter of the court’s power to question the decision of a speaker was considered, though, leans in the other direction. In 2012, the Uttar Pradesh Lokayukta and Up-Lokayuktas (Amendment) Act, 2012 was passed as money Bill by the Uttar Pradesh state legislature. Subsequently, a writ petition was filed challenging its constitutional validity. A three-judge bench of the Supreme Court looked into the application of Article 212. It is the provision corresponding to Article 122, dealing with the power of the courts to inquire into the proceedings of the state legislature. The court held that Article 212 makes “it clear that the finality of the decision of the Speaker and the proceedings of the State Legislature being important privilege of the State Legislature, viz., freedom of speech, debate and proceedings are not to be inquired by the Courts.” Importantly, ‘proceedings of the legislature’ were deemed to include within its scope everything done in transacting parliamentary business, including the passage of the Bill. While the court did acknowledge the limitations of parliamentary privilege as established in the Raja Ram Pal case, it did not adequately take into account the reasoning in it.

The Aadhaar Act is a legislation which makes it mandatory of all residents to enrol for a biometric identification system in order to avail certain subsidies, benefits and services. It has huge potential risks for individual privacy and national security and has been the subject of an extremely high profile Public Interest Litigation. Its passage as a money Bill, without any oversight from the Rajya Sabha and an opportunity for substantial debate and discussion, is a fraud on the Constitution. Whether or not the court chooses to see it that way remains to be seen.

For more details visit https://cis-india.org/internet-governance/blog/the-wire-amber-sinha-february-21-2017-can-the-judiciary-upturn-the-lok-sabha-speakers-decision-on-aadhaar

Can the Aadhaar Act 2016 be Classified as a Money Bill?

Pooja Saxena — 2016-04-25T13:48:41Z

In this infographic, we show if the Aadhaar Act 2016, recently tabled in and passed by the Lok Sabha as a money bill, can be classified as a money bill. The infographic is designed by Pooja Saxena, based on information compiled by Amber Sinha and Sumandro Chattapadhyay.

Download the infographic: PDF and JPG.

License: It is shared under Creative Commons Attribution 4.0 International License.

For more details visit https://cis-india.org/internet-governance/blog/can-the-aadhaar-act-2016-be-classified-as-a-money-bill

Can India Trust Its Government on Privacy?

pranesh — 2013-07-15T10:35:33Z

In response to criticisms of the Centralized Monitoring System, India’s new surveillance program, the government could contend that merely having the capability to engage in mass surveillance won’t mean that it will. Officials will argue that they will still abide by the law and will ensure that each instance of interception will be authorized.

Pranesh Prakash's article was published in the New York Times on July 11, 2013.

In fact, they will argue that the program, known as C.M.S., will better safeguard citizens’ privacy: it will cut out the telecommunications companies, which can be sources of privacy leaks; it will ensure that each interception request is tracked and the recorded content duly destroyed within six months as is required under the law; and it will enable quicker interception, which will save more lives. But there are a host of reasons why the citizens of India should be skeptical of those official claims.

Cutting out telecoms will not help protect citizens from electronic snooping since these companies still have the requisite infrastructure to conduct surveillance. As long as the infrastructure exists, telecom employees will misuse it. In a 2010 report, the journalist M.A. Arun noted that “alarmingly, this correspondent also came across several instances of service providers’ employees accessing personal communication of subscribers without authorization.” Some years back, K.K. Paul, a top Delhi Police officer and now the Governor of Meghalaya, drafted a memo in which he noted mobile operators’ complaints that private individuals were misusing police contacts to tap phone calls of “opponents in trade or estranged spouses.”

India does not need to have centralized interception facilities to have centralized tracking of interception requests. To prevent unauthorized access to communications content that has been intercepted, at all points of time, the files should be encrypted using public key infrastructure. Mechanisms also exist to securely allow a chain of custody to be tracked, and to ensure the timely destruction of intercepted material after six months, as required by the law. Such technological means need to be made mandatory to prevent unauthorized access, rather than centralizing all interception capabilities.

At the moment, interception orders are given by the federal Home Secretary of India and by state home secretaries without adequate consideration. Every month at the federal level 7,000 to 9,000 phone taps are authorized or re-authorized. Even if it took just three minutes to evaluate each case, it would take 15 hours each day (without any weekends or holidays) to go through 9,000 requests. The numbers in Indian states could be worse, but one can’t be certain as statistics on surveillance across India are not available. It indicates bureaucratic callousness and indifference toward following the procedure laid down in the Telegraph Act.

In a 1975 case, the Supreme Court held that an “economic emergency” may not amount to a “public emergency.” Yet we find that of the nine central government agencies empowered to conduct interception in India, according to press reports — Central Board of Direct Taxes, Intelligence Bureau, Central Bureau of Investigation, Narcotics Control Bureau, Directorate of Revenue Intelligence, Enforcement Directorate, Research & Analysis Wing, National Investigation Agency and the Defense Intelligence Agency — three are exclusively dedicated to economic offenses.

Suspicion of tax evasion cannot legally justify a wiretap, which is why the government said it had believed that Nira Radia, a corporate lobbyist, was a spy when it defended putting a wiretap on her phone in 2008 and 2009. A 2011 report by the cabinet secretary pointed out that economic offenses might not be counted as “public emergencies,” and that the Central Board of Direct Taxes should not be empowered to intercept communications. Yet the tax department continues to be on the list of agencies empowered to conduct interceptions.

India has arrived at a scary juncture, where the multiple departments of the Indian government don’t even trust each other. India’s Department of Information Technology recently complained to the National Security Advisor that the National Technical Research Organization had hacked into National Informatics Center infrastructure and extracted sensitive data connected to various ministries. The National Technical Research Organization denied it had hacked into the servers but said hundreds of e-mail accounts of top government officials were compromised in 2012, including those of “the home secretary, the naval attaché to Tehran, several Indian missions abroad, top investigators of the Central Bureau of Investigation and the armed forces,” The Mint newspaper reported. Such incidents aggravate the fear that the Indian government might not be willing and able to protect the enormous amounts of information it is about to collect through the C.M.S.

Simply put, government entities have engaged in unofficial and illegal surveillance, and the C.M.S. is not likely to change this. In a 2010 article in Outlook, the journalist Saikat Datta described how various central and state intelligence organizations across India are illegally using off-the-air interception devices. “These systems are frequently deployed in Muslim-dominated areas of cities like Delhi, Lucknow and Hyderabad,” Mr. Datta wrote. “The systems, mounted inside cars, are sent on ‘fishing expeditions,’ randomly tuning into conversations of citizens in a bid to track down terrorists.”

The National Technical Research Organization, which is not even on the list of entities authorized to conduct interception, is one of the largest surveillance organizations in India. The Mint reported last year that the organization’s surveillance devices, “contrary to norms, were deployed more often in the national capital than in border areas” and that under new standard operating procedures issued in early 2012, the organization can only intercept signals at the international borders. The organization runs multiple facilities in Mumbai, Bangalore, Delhi, Hyderabad, Lucknow and Kolkata, in which monumental amounts of Internet traffic are captured. In Mumbai, all the traffic passing through the undersea cables there is captured, Mr. Datta found.

In the western state of Gujarat, a recent investigation by Amitabh Pathak, the director general of police, revealed that in a period of less than six months, more than 90,000 requests were made for call detail records, including for the phones of senior police and civil service officers. This high a number could not possibly have been generated from criminal investigations alone. Again, these do not seem to have led to any criminal charges against any of the people whose records were obtained. The information seems to have been collected for purposes other than national security.

India is struggling to keep track of the location of its proliferating interception devices. More than 73,000 devices to intercept mobile phone calls have been imported into India since 2005. In 2011, the federal government asked various state governments, private corporations, the army and intelligence agencies to surrender these to the government, noting that usage of any such equipment for surveillance was illegal. We don’t know how many devices were actually turned in.

These kinds of violations of privacy can have very dangerous consequences. According to the former Intelligence Bureau head in the western state of Gujarat, R.B. Sreekumar, the call records of a mobile number used by Haren Pandya, the former Gujarat home minister, were used to confirm that it was he who had provided secret testimony to the Citizens’ Tribunal, which was conducting an independent investigation of the 2002 sectarian riots in the state. Mr. Pandya was murdered in 2003.

The limited efforts to make India’s intelligence agencies more accountable have gone nowhere. In 2012, the Planning Commission of India formed a group of experts under Justice A.P. Shah, a retired Chief Justice of the Delhi High Court, to look into existing projects of the government and to suggest principles to guide a privacy law in light of international experience. (Centre for Internet and Society, where I work was part of the group). However, the government has yet to introduce a bill to protect citizens’ privacy, even though the governmental and private sector violations of Indian citizens’ privacy is growing at an alarming rate.

In February, after frequent calls by privacy activists and lawyers for greater accountability and parliamentary oversight of intelligence agencies, the Centre for Public Interest Litigation filed a case in the Supreme Court. This would, one hopes, lead to reform.

Citizens must also demand that a strong Privacy Act be enacted. In 1991, the leak of a Central Bureau of Investigation report titled “Tapping of Politicians’ Phones” prompted the rights groups, People’s Union of Civil Liberties to file a writ petition, which eventually led to a Supreme Court of India ruling that recognized the right to privacy of communications for all citizens as part of the fundamental rights of freedom of speech and of life and personal liberty. However, through the 2008 amendments to the Information Technology Act, the IT Rules framed in 2011 and the telecom licenses, the government has greatly weakened the right to privacy as recognized by the Supreme Court. The damage must be undone through a strong privacy law that safeguards the privacy of Indian citizens against both the state and corporations. The law should not only provide legal procedures, but also ensure that the government should not employ technologies that erode legal procedures.

A strong privacy law should provide strong grounds on which to hold the National Security Advisor’s mass surveillance of Indians (over 12.1 billion pieces of intelligence in one month) as unlawful. The law should ensure that Parliament, and Indian citizens, are regularly provided information on the scale of surveillance across India, and the convictions resulting from that surveillance. Individuals whose communications metadata or content is monitored or intercepted should be told about it after the passage of a reasonable amount of time. After all, the data should only be gathered if it is to charge a person of committing a crime. If such charges are not being brought, the person should be told of the incursion into his or her privacy.

The privacy law should ensure that all surveillance follows the following principles: legitimacy (is the surveillance for a legitimate, democratic purpose?), necessity (is this necessary to further that purpose? does a less invasive means exist?), proportionality and harm minimization (is this the minimum level of intrusion into privacy?), specificity (is this surveillance order limited to a specific case?) transparency (is this intrusion into privacy recorded and also eventually revealed to the data subject?), purpose limitation (is the data collected only used for the stated purpose?), and independent oversight (is the surveillance reported to a legislative committee or a privacy commissioner, and are statistics kept on surveillance conducted and criminal prosecution filings?). Constitutional courts such as the Supreme Court of India or the High Courts in the Indian states should make such determinations. Citizens should have a right to civil and criminal remedies for violations of surveillance laws.

Indian citizens should also take greater care of their own privacy and safeguard the security of their communications. The solution is to minimize usage of mobile phones and to use anonymizing technologies and end-to-end encryption while communicating on the Internet. Free and open-source software like OpenPGP can make e-mails secure. Technologies like off-the-record messaging used in apps like ChatSecure and Pidgin chat conversations, TextSecure for text messages, HTTPS Everywhere and Virtual Private Networks can prevent Internet service providers from being able to snoop, and make Internet communications anonymous.

Indian government, and especially our intelligence agencies, violate Indian citizens’ privacy without legal authority on a routine basis. It is time India stops itself from sleepwalking into a surveillance state.

For more details visit https://cis-india.org/internet-governance/blog/new-york-times-july-11-2013-can-india-trust-its-government-on-piracy

Cambridge Analytica scandal: How India can save democracy from Facebook

sunil — 2018-03-28T15:44:00Z

Hegemonic incumbents like Google and Facebook need to be tackled with regulation; govt should use procurement power to fund open source alternatives.

The article was published in the Business Standard on March 28, 2018

The Cambridge Analytica scandal came to light when whistleblower Wylie accused Cambridge Analytica of gathering details of 50 million Facebook users. Cambridge Analytica used this data to psychologically profile these users and manipulated their opinion in favour of Donald Trump. BJP and Congress have accused each other of using the services of Cambridge Analytica in India as well. How can India safeguard the democratic process against such intervention? The author tries to answer this question in this Business Standard Special.

Those that celebrate the big data/artificial intelligence moment claim that traditional approaches to data protection are no longer relevant and therefore must be abandoned. The Cambridge Analytica episode, if anything, demonstrates how wrong they are. The principles of data protection need to be reinvented and weaponized, not discarded. In this article I shall discuss the reinvention of three such data protection principles. Apart from this I shall also briefly explore competition law solutions.

Collect data only if mandated by regulation

One, data minimization is the principle that requires the data controller to collect data only if mandated to do so by regulation or because it is a prerequisite for providing a functionality. For example, Facebook’s messenger app on Android harvests call records and meta-data, without any consumer facing feature on the app that justifies such collection. Therefore, this is a clear violation of the data minimization principle. One of the ways to reinvent this principle is by borrowing from the best practices around warnings and labels on packaging introduced by the global anti-tobacco campaign. A permanent bar could be required in all apps, stating ‘Facebook holds W number of records across X databases over the time period Y, which totals Z Gb’. Each of these alphabets could be a hyperlink, allowing the user to easily drill down to the individual data record.

Consent must be explicit, informed and voluntary

Two, the principle of consent requires that the data controller secure explicit, informed and voluntary consent from the data subject unless there are exceptional circumstances. Unfortunately, consent has been reduced to a mockery today through obfuscation by lawyers in verbose “privacy notices” and “terms of services”. To reinvent consent we need to bring ‘Do Not Dial’ registries into the era of big data. A website maintained by the future Indian data protection regulator could allow individuals to check against their unique identifiers (email, phone number, Aadhaar). The website would provide a list of all data controllers that are holding personal information against a particular unique identifier. The data subject should then be able to revoke consent with one-click. Once consent is revoked, the data controller would have to delete all personal information that they hold, unless retention of such information is required under law (for example, in banking law). One-click revocation of consent will make data controllers like Facebook treat data subjects with greater respect.

There must be a right to explanation

Three, the right to explanation, most commonly associated with the General Data Protection Directive from the EU, is a principle that requires the data controller to make transparent the automated decision-making process when personal information is implicated. So far it has been seen as a reactive measure for user empowerment. In other words, the explanation is provided only when there is a demand for it.

The Facebook feeds that were used for manipulation through micro-targeting of content is an example of such automated decision making. Regulation in India should require a user empowerment panel accessible through a prominent icon that appears repeatedly in the feed. On clicking the icon the user will be able to modify the objectives that the algorithm is maximizing for. She can then choose to see content that targets a bisexual rather than a heterosexual, a Muslim rather than a Hindu, a conservative rather a liberal, etc. At the moment, Facebook only allows the user to stop being targeted for advertisements based on certain categories. However, to be less susceptible to psychological manipulation, the user should be allowed to define these categories, for both content and advertisements.

How to fix the business model?

From a competition perspective, Google and Facebook have destroyed the business model for real news, and replaced it with a business model for fake news, by monopolizing digital advertising revenues. Their algorithms are designed to maximize the amount of time that users spend on their platforms, and therefore, don’t have any incentive to distinguish between truth and falsehood. This contemporary crisis requires three types of interventions: one, appropriate taxation and transparency to the public, so that the revenue streams for fake news factories can be ended; two, the construction of a common infrastructure that can be shared by all traditional and new media companies in order to recapture digital advertising revenues; and three, immediate action by the competition regulator to protect competition between advertising networks operating in India.

The Google challenge

With Google, the situation is even worse, since Google has dominance in both the ad network market and in the operating system market. During the birth of competition law, policy-makers and decision-makers acted to protect competition per se. This is because they saw competition as an essential component of democracy, open society, innovation, and a functioning market. When the economists from the Chicago school began to influence competition policy in the USA, they advocated for a singular focus on the maximization of consumer interest. The adoption of this ideology has resulted in competition regulators standing powerlessly by while internet giants wreck our economy and polity. We need to return to the foundational principles of competition law, which might even mean breaking Google into two companies. The operating system should be divorced from other services and products to prevent them from taking advantage of vertical integration. We as a nation need to start discussing the possible end stages of such a breakup.

In conclusion, all the fixes that have been listed above require either the enactment of a data protection law, or the amendment of our existing competition law. This, as we all know, can take many years. However, there is an opportunity for the government to act immediately if it wishes to. By utilizing procurement power, the central and state governments of India could support free and open source software alternatives to Google’s products especially in the education sector. The government could also stop using Facebook, Google and Twitter for e-governance, and thereby stop providing free advertising for these companies for print and broadcast media. This will make it easier for emerging firms to dislodge hegemonic incumbents.

For more details visit https://cis-india.org/internet-governance/blog/business-standard-march-28-2018-sunil-abraham-cambridge-analytica-scandal-how-india-can-save-democracy-from-facebook

Calls for law change after Indians left in dark over data leaks

Admin — 2017-07-20T14:38:51Z

Fears Indian telecom upstart Reliance Jio suffered a major data breach, compromising the personal data of over 100 million customers, have prompted calls for India to adopt more robust laws to protect consumers.

The blog post by Rahul Bhatia and Sankalp Phartiyal was published by Reuters on July 14, 2017.

Jio has repeatedly denied any breach took place and said that names, telephone numbers and email addresses of Jio users on a website called "Magicapk" appeared to be "unauthentic." The website was later shut down.

The company, part of conglomerate Reliance Industries Ltd, said on Monday that its subscriber data was safe and protected by the highest levels of security.

However, Jio filed a complaint the same day alleging unlawful access to its systems, police have told Reuters.

Jio did not respond to requests for comment.

In contrast to companies in the European Union, which has stringent data protection standards, companies in India do not have to disclose data breaches to clients, information security professionals said.

"It raises questions of security and accountability," said Pranesh Prakash, policy director at the Centre for Internet and Society (CIS), a research organization.

People complained on Twitter about personal information of Jio users being available on the Magicapk site. Several local news outlets said their checks had led them to believe a leak had occurred.

"A rule to report breaches exists, but it is unenforceable," says Prakash. "It says you're not liable if you're following reasonable security practices. What 'reasonable' means is not defined."

Advocates of stronger laws in India say a data breach in countries with more stringent cyber laws, such as Britain or the United States, would prompt an inquiry by regulators.

After reports of a data leak at Verizon earlier this week, for example, the U.S. telecoms firm quickly responded with an explanation of what had occurred, how it had happened and the extent of the problem.

"India is at a nascent stage. For good norms in Asia, look to Singapore. It's been praised for not having cyber security issues by the UN," Srinivas Kodali, an independent security researcher, said.

Not a Priority

"We don't have full-menu data protection laws," said Apar Gupta, a Supreme Court lawyer working on data privacy issues. "We don't even have an institutional framework or expert body to implement the limited data protection regulations that do exist. It's so limited it's more accurate to say no law exists."

In May alone, there were two data security incidents in India.

The records of 17 million customers of Zomato, a popular food-delivery app, were put on sale online. Zomato initially advised customers that their passwords were secure, but later advised users to change them.

Separately, a CIS report said the Aadhaar numbers of as many as 135 million Indians had leaked from government databases and could be found online. (bit.ly/2tOseSV)

The number, similar to a U.S. social security number, is unique to each Indian citizen and the Aadhaar database also stores a user's biometric data. The government is pushing for Aadhaar numbers to be used in everything from opening bank accounts to filing tax returns.

For India, data privacy is not a priority, said Amry Junaideen, a risk advisor at audit firm Deloitte.

"From an organizational perspective there's really no incentive other than being a good corporate citizen, to report a breach," he said, noting that in the European Union and United States the regulatory framework is basically for the good of the consumer, but that this is not the case in India.

India, home to the back offices of many large multinationals and outsourcing companies, has also unsuccessfully sought "data-secure" status from the European Union since 2012.

The status is vital for information sharing between entities in the EU and India, because it means the EU is satisfied that data protection rules in a country meet its standards, so data of EU citizens can be sent to that jurisdiction.

Raman Chima, policy director at Access Now, which advocates stronger digital rights, says weak data privacy laws are likely the main stumbling block to "data-secure" status.

In 2010, a European Union study of data protection in India noted there were "no aspects of India's data protection which would unequivocally be regarded as 'adequate' by European Union standards as yet".

Reporting by Rahul Bhatia and Sankalp Phartiyal; Editing by Euan Rocha and Neil Fullick

For more details visit https://cis-india.org/internet-governance/news/reuters-july-14-2017-rahul-bhatia-and-sankalp-phartiyal-calls-for-law-change-after-indians-left-in-dark-over-data-leaks

Call for Researchers: Welfare, Gender, and Surveillance

ambika — 2020-02-13T15:05:37Z

We are inviting applications for two researchers. Each researcher is expected to write a narrative essay that interrogates the modes of surveillance that people of LGBTHIAQ+ and gender non-conforming identities and sexual orientations are put under as they seek sexual and reproductive health (SRH) services in India. The researchers are expected to undertake field research in the location they are based in, and reflect on lived experiences gathered through field research as well as their own experiences of doing field research. Please read the sections below for more details about the work involved, the timeline for the same, and the application process for this call.

Call for Researchers: Download (PDF)

Description of the Work

Each researcher is expected to author a narrative essay that presents and reflects on lived experiences of people of LGBTHIAQ+ and gender non-conforming identities and sexual orientations as they seek sexual and reproductive health (SRH) services in India. We expect the essay to contribute to a larger body of knowledge around the increasing focus on data-driven initiatives for public health provision in the country and elsewhere. Accordingly, the researcher may respond to any one or more than one of the following questions, within the context of the geographical focus as specified by the researcher:

What are the modes of surveillance, especially in terms of generation and exploitation of digital data, experienced by people of marginalised gender identities and sexual orientations in India, as they avail of sexual and reproductive healthcare?
How are the lived experiences of underserved populations, such as people of marginalised gender identities and sexual orientations, shaped by gendered surveillance while accessing sexual and reproductive services?
What are the modes of governance and gender ideologies that have mediated the increasing datafication of such provision?

We expect the researchers to draw on a) the Indian Supreme Court’s framing of privacy in India, as a fundamental right, and its implications; and b) apply and/or build on feminist conceptualisations of privacy. Further, we expect the researchers to respond to the uncertain landscape of legal rights accessible to people of LGBTHIAQ+ and gender non-conforming identities and sexual orientations, especially in the current context shaped by The Transgender Persons (Protection of Rights) Act, 2019.

The researchers will undertake field research in locations of their choice, conduct interviews and discussions with people of LGBTHIAQ+ and gender non-conforming identities and sexual orientations seeking such services, and conduct formal and informal interviews with officials and personnel associated with public and private sector agencies involved in the provision of SRH services.

Eligibility and Application Process

We specifically encourage people of LGBTHIAQ+ and gender non-conforming identities and sexual orientations to submit their applications for this call for researchers.

We are seeking applications from individuals who:

Are based in the place where field study is to be undertaken, for the duration of the study;
Are fluent in the main regional language(s) spoken in the city where the study will be conducted, and in English (especially written);
Preferably have a postgraduate degree (current students should also apply) in social or technical sciences, journalism, or legal studies (undergraduate degree-holders with research or work experience should also apply); and
Have previous research and writing experiences on issues at the intersection of sexual and reproductive health, gender justice and women’s rights, and health informatics or digital public health.

Please send the following documents (in text or PDF formats) to raw@cis-india.org by Friday, January 24 to apply for the researcher positions:

Brief CV with relevant academic and professional information;
Two samples of academic/professional (published/unpublished) writing by the applicant; and
A brief research proposal (around 500 words) that should specify the scope (geographical and conceptual), research questions, and motivation of the essay to be authored by the applicant.

All applicants will be informed of the selection decisions by Friday, January 31.

Timeline of the Work

February 3-7 CIS research team will have a call with each researcher to plan out the work to be undertaken by them

February - March Researchers are to undertake field research, as proposed by the researchers and discussed with the CIS research team

March 27 Researchers are to submit a full draft essay (around 3,000 words)

March 30 - April 3 CIS research team will have call with each researcher to discuss the shared draft essays and make plans towards their finalisation

May 15 Researchers are to submit the final essay (around 5,000 words, without footnotes and references)

As part of this project, CIS will organise two discussion events in Bengaluru and New Delhi during April-June (tentatively). Event dates are to be decided in conversation with the researchers, and they will be invited to present their works in the same.

Remuneration

Each researcher will be paid a remuneration of Rs. 1,00,000 (inclusive of taxes) over two equal installments: first on signing of the agreement in February 2020, and second on submission of the final essay in May 2020.

We will also reimburse local travel expenses of each researcher upto Rs. 10,000, and translations and transcriptions expense (if any) incurred by each researcher upto Rs. 10,000. These reimbursements will be made on the basis of expense invoices shared by the researcher.

Description of the Project

Previous research conducted by CIS on the subject of sexual and reproductive health (SRH) services in India observes that there is a complex web of surveillance, or ‘dataveillance’, around each patient as they avail of SRH services from the state. In this current project, we are aiming to map the ecosystem of surveillance around SRH services as their provision becomes increasingly ‘data-driven’, and explore its implications for patients and beneficiaries.

Through this project, we are interested in documenting the roles played by both the public and the private sector actors in this ecosystem of health surveillance. We understand the role of private sector actors as central to state provision of sexual and reproductive health services, especially through the institutionalisation of data-driven health insurance models, as well as through extensive privatisation of public health services. By studying semi-private, private, and public medical establishments including hospitals, primary/community health centres and clinics, we aim to develop a comparative analysis of surveillance ecosystems across the three establishment types.

This project is led by Ambika Tandon, Aayush Rathi, and Sumandro Chattapadhyay at the Centre for Internet and Society, and is supported by a grant from Privacy International.

Indicative Reading List

We are sharing below a short and indicative list of readings that may be useful for potential applicants.

Aayush Rathi, Is India's Digital Health System Foolproof? (2019)

Aayush Rathi and Ambika Tandon, Data Infrastructures and Inequities: Why Does Reproductive Health Surveillance in India Need Our Urgent Attention? (2019)

Ambika Tandon, Feminist Methodology in Technology Research: A Literature Review (2018)

Ambika Tandon, Big Data and Reproductive Health in India: A Case Study of the Mother and Child Tracking System (2019)

Anja Kovacs, Reading Surveillance through a Gendered Lens: Some Theory (2017)

Lindsay Weinberg, Rethinking Privacy: A Feminist Approach to Privacy Rights after Snowden (2017)

Nicole Shephard, Big Data and Sexual Surveillance (2016)

Sadaf Khan, Data Bleeding Everywhere: A Story of Period Trackers (2019)

For more details visit https://cis-india.org/jobs/researchers-welfare-gender-surveillance-call

Calcutta High Court Strengthens Whistle Blower Protection

divij — 2014-02-24T06:38:44Z

Calcutta High Court has ordered for protection of whistle blower's privacy in its November 20, 2013 order. The court has directed the government to accept RTI applications without the applicant's personal details.

In the absence of any law for the protection of whistle-blowers in the country, exposing the rampant corruption in our public institutions has become a hazardous occupation, with reports of threat and intimidation and even incidents of murder of whistle-blowers commonplace.[1] With the Whistle blower’s Protection Bill in abeyance and without any strict laws protecting the identities of the whistle-blowers who challenge such a corrupt system, even the mechanisms like the Right to Information Act which are meant to safeguard against systemic abuse and ensure transparency are being severely undermined.

For this reason, the Calcutta High Court’s affirmation of whistle-blowers’ privacy and identity protection is an important development. Through its order on the 20th of November, 2013, the Calcutta High Court held that for the purposes of section 6(2), which requires an application to the Public Information Officer to provide contact details of the applicant, it is sufficient in such application to disclose only the post-box number of the applicant. The court directed the Government to accept RTI applications without personal details or detailed whereabouts, when a post-box number or sufficient detail has been provided to establish contact between the whistle-blower and the authority. However if a public authority has any difficulty contacting the applicant through the Post Box No. the applicant may be asked to provide other contact details. The court further directed that personal details of applicants are not to be posted on the authorities’ websites.

The order, which was notified by the Government last week, ensures to some extent the protection of a whistle-blowers identity, and reduces the chances of the RTI being undermined by threats or acts of violence by those who are a part of the corrupt system, against persons exercising their right to information. However, its implementation is liable to be contingent on the authorities’ interpretation of when it would be “difficult” to establish contact between the authority and the applicant. Certain practical difficulties could also undermine the actual impact of the order, such as the fact that many applications are sent through registered or speed post, which cannot be mailed to a post-box number, especially since ordinary post cannot be tracked online like speed or registered post.[2]

Developing a system in which ordinary citizens do not have to fear retaliation for exposing corruption requires a comprehensive legislation protecting whistle-blowers identities and ensuring data security. However, the important message this judgement sends out is that the judiciary is still committed to protecting whistle-blowers, in lieu of the government’s actions. This is a particularly important stance taken by the Court, considering the Supreme Court in the past has refused to frame guidelines for whistle-blower protection, citing the imperative in enacting a whistle-blower legislation to be the Parliament’s.[3]

A full text of the judgement is available here.

[1].Whistleblower shot dead in Bihar, THE HINDU, available at http://www.thehindu.com/news/national/whistleblower-shot-dead-in-bihar/article4542293.ece; Tamil Nadu Whistleblower alleges death threats; Silence from Government, NDTV, available at http://www.ndtv.com/article/india/tamil-nadu-whistleblower-alleges-death-threats-silence-from-govt-410450.

[2]. Indian Postal Tracking Portal, http://www.indiapost.gov.in/tracking.aspx.

[3]. Supreme Court refuses to frame guidelines for protection of whistleblowers, Daily News and Analysis, available at http://www.dnaindia.com/india/report-supreme-court-refuses-to-frame-guideline-for-protection-of-whistleblowers-1525622.

For more details visit https://cis-india.org/internet-governance/blog/calcutta-hc-strengthens-whistle-blower-protection

ಭಾರತೀಯ ಡಿಎನ್ಎ ಪ್ರೊಫೈಲಿಂಗ್ ಮಸೂದೆಯ ಸೀಳುನೋಟ

praskrishna — 2012-10-03T15:42:54Z

ಭಾರತೀಯ ದಂಡಸಂಹಿತೆಯನ್ನು ೨೦೦೫ರಲ್ಲಿ ತಿದ್ದುಪಡಿ ಮಾಡಲಾಯಿತು. ಇದರ ಉದ್ದೇಶ ಆಪಾದಿತರನ್ನು ಬಂಧಿಸಿದಾಗ ಅವರ ಬಗ್ಗೆ ವಿವಿಧ ವೈದ್ಯಕೀಯ ಮಾಹಿತಿ ಸಂಗ್ರಹಿಸಲು ಕಾನೂನುರೀತ್ಯಾ ಅವಕಾಶ ಕಲ್ಪಿಸುವುದು.

ದಂಡಸಂಹಿತೆಯ ಸೆಕ್ಷನ್ ೫೩ರ ಪ್ರಕಾರ, ಅಪರಾಧವನ್ನು ಸಾಬೀತು ಪಡಿಸಲು ವೈದ್ಯಕೀಯ ಪರೀಕ್ಷೆ ಸಾಕ್ಷ್ಯ ಒದಗಿಸುತ್ತದೆ ಎಂದು “ನಂಬಲು ತಕ್ಕಮಟ್ಟಿನ ಕಾರಣಗಳಿದ್ದರೆ”, ಆಪಾದಿತನನ್ನು ಬಂಧಿಸಿದಾಗ ಆತನನ್ನು ವೈದ್ಯಕೀಯ ಪರೀಕ್ಷೆಗೆ ಒಳಪಡಿಸಬಹುದು. ೨೦೦೫ರ ತಿದ್ದುಪಡಿಯ ಮೂಲಕ, ಈ ಪರೀಕ್ಷೆಯ ವ್ಯಾಪ್ತಿಯನ್ನು ಇವೆಲ್ಲವನ್ನು ಸೇರಿಸಿಕೊಳ್ಳಲಿಕ್ಕಾಗಿ ವಿಸ್ತರಿಸಲಾಯಿತು: ರಕ್ತದ, ರಕ್ತಕಲೆಗಳ, ವೀರ್ಯದ ಪರೀಕ್ಷೆ, ಲೈಂಗಿಕ ಅಪರಾಧಗಳಲ್ಲಿ ಸ್ವಾಬ್ಗಳ ಪರೀಕ್ಷೆ, ಉಗುಳು, ಬೆವರು, ಕೂದಲಿನ ಸ್ಯಾಂಪಲ್ ಮತ್ತು ಉಗುರಿನ ತುಂಡುಗಳ ಪರೀಕ್ಷೆ. ನಿರ್ದಿಷ್ಟ ಪ್ರಕರಣದಲ್ಲಿ ಅವಶ್ಯವೆಂದು ನೋಂದಾಯಿತ ವೈದ್ಯರು ಭಾವಿಸುವ ಡಿಎನ್ಎ ಪ್ರೊಫೈಲಿಂಗ್ ಹಾಗೂ ಅಂತಹ ಇತರ ಪರೀಕ್ಷೆಗಳ ಸಹಿತವಾಇ ಆಧುನಿಕ ಮತ್ತು ವೈಜ್ನಾನಿಕ ವಿಧಾನಗಳನ್ನು ಬಳಸಿ ವೈದ್ಯಕೀಯ ಪರೀಕ್ಷೆ ನಡೆಸಬೇಕು.

ಕ್ರಿಮಿನಲ್ ಪ್ರಕರಣದಲ್ಲಿ ಆಪಾದಿತ ಷಾಮೀಲಾಗಿರುವುದನ್ನು ತಿಳಿಯಲಿಕ್ಕಾಗಿ ಡಿಎನ್ಎ ಪರೀಕ್ಷೆಗೆ ಆದೇಶ ನೀಡುವುದರ ಕಾನೂನುಬದ್ಧತೆಯನ್ನು ತೊಗೊರಾಣಿ ಅಲಿಯಾಸ್ ಕೆ. ದಮಯಂತಿ ವರ್ಸಸ್ ಒರಿಸ್ಸಾ ಸ್ಟೇಟ್ ಮತ್ತು ಇತರರು (೨೦೦೪ ಕ್ರಿಮಿನಲ್ ಎಲ್ಜೆ ೪೦೦೩ – ಒರಿಸ್ಸಾ) ಪ್ರಕರಣದಲ್ಲಿ ಒರಿಸ್ಸಾ ಹೈಕೋರ್ಟ್ ಎತ್ತಿ ಹಿಡಿದಿದೆ. ಡಿಎನ್ಎ ಪರೀಕ್ಷೆಗೆ ಆಪಾದಿತ ಸಹಕರಿಸದಿದ್ದರೆ, ಅವನ ಬಗ್ಗೆ ವ್ಯತಿರಿಕ್ತ ಅಭಿಪ್ರಾಯ ಮೂಡುತ್ತದೆ.

ಈ ವಿಷಯದಲ್ಲಿ ವೈಯುಕ್ತಿಕ ಗೌಪ್ಯತೆಯ ಅಂಶಗಳನ್ನು ಪರಿಗಣಿಸಿದ ಬಳಿಕ, ಡಿಎನ್ಎ ಪರೀಕ್ಷೆ ಆದೇಶಿಸುವ ಮುನ್ನ, ಈ ವಿಚಾರಗಳನ್ನು ಪರಿಗಣಿಸಬೇಕೆಂದು ಹೈಕೋರ್ಟ್ ನಿರ್ದೇಶನ ನೀಡಿದೆ: (೧) ಅಪರಾಧ ಎಸಗುವುದರಲ್ಲಿ ಆಪಾದಿತನು ಎಷ್ಟರ ಮಟ್ಟಿಗೆ ಭಾಗವಹಿಸಿರಬಹುದು? (೨) ಅಪರಾಧದ ಗಂಭೀರತೆ ಮತ್ತು ಅಪರಾಧ ಎಸಗಿದ ಸಂದರ್ಭ (೩) ಆಪಾದಿತನ ಪ್ರಾಯ, ದೈಹಿಕ ಮತ್ತು ಮಾನಸಿಕ ಆರೋಗ್ಯ (೪) ಅಪರಾಧದಲ್ಲಿ ಆಪಾದಿತ ಭಾಗವಹಿಸಿದ್ದನ್ನು ಖಚಿತಪಡಿಸುವ ಅಥವಾ ಖುಲಾಸೆ ಮಾಡುವ ಸಾಕ್ಷಾಧಾರಗಳನ್ನು ಸಂಗ್ರಹಿಸುವ ಕಡಿಮೆ ಆತಂಕಕಾರಿಯಾದ ಮತ್ತು ಕಾರ್ಯಸಾಧ್ಯವಾದ ಇತರ ವಿಧಾನಗಳು ಇವೆಯೇ? (೫) ಆಪಾದಿತನು ಡಿಎನ್ಎ ಪರೀಕ್ಷೆಗೆ ಒಪ್ಪಿಗೆ ನಿರಾಕರಿಸಲು ಕಾರಣಗಳೇನು?

ಸಂಸತ್ತಿನ ಅನುಮೋದನೆಗಾಗಿ ಕಾದಿರುವ ೨೦೦೭ರ ಡಿಎನ್ಎ ಪ್ರೊಫೈಲಿಂಗ್ ಮಸೂದೆಯ ಉದ್ದೇಶವನ್ನು ಚುಟುಕಾಗಿ ಹೀಗೆ ಹೇಳಬಹುದು: “ದೇಶದ ಕ್ರಿಮಿನಲ್ ನ್ಯಾಯವ್ಯವಸ್ಥೆಯ ಕಿಂಚಿತ್ ಸಂಪರ್ಕಕ್ಕೆ ಬಂದವರೆಲ್ಲರ ಡಿಎನ್ಎ ವಿವರಗಳನ್ನು ದಾಖಲಿಸುವ “ಕೇಂದ್ರ ಡಿಎನ್ಎ ಮಾಹಿತಿ ಬ್ಯಾಂಕನ್ನು” ರಚಿಸುವ ಮಹತ್ವಾಕಾಂಕ್ಷಿ ಪ್ರಯತ್ನ.” ಅಂದರೆ, ಸಂಶಯಕ್ಕೆ ಒಳಗಾದ ವ್ಯಕ್ತಿಗಳು, ಕಾನೂನು ಮುರಿಯುವವರು, ಕಾಣೆಯಾದ್ವರು ಮತ್ತು ಸ್ವ-ಇಚ್ಚೆಯವರು – ಇವರ ಡಿಎನ್ಎ ವಿವರಗಳ ಡಿಎನ್ಎ ಮಾಹಿತಿ

For more details visit https://cis-india.org/news/cadcbecb0ca4caf-ca1cbfc8eca8ccdc8e-caaccdcb0cabcb2cbfc82c97ccd-caecb8cc2ca6cc6caf-cb8cb3cc1ca8c9f

C-DoT's surveillance system making enemies on internet

praskrishna — 2014-04-04T09:45:37Z

Reporters Without Boundaries says it gives unbridled power to law- enforcement agencies to snoop on citizens.

The article by Krishna Bahirwani was published in DNA on March 21, 2014. Sunil Abraham is quoted.

The Central Monitoring System (CMS) developed by the Centre for Development of Telematics (C-DoT) has come under fire from a France based non-profit organisation, which claims the system has the capacity to directly snoop on all forms of communications over phone and internet, without involving telecom operators.

The NGO's Reporters Without Boundaries report 2014, 'Enemies Of The Internet' has equated C-DoT with Government Communications Headquarters (GCHQ) in the UK, and the US's National Security Agency (NSA), which recently came under criticism for spying on citizens.

CMS, India's mass electronic surveillance system, was rolled out in 2013.

Before the CMS, tapping was done by the telecom operators, but not before taking prior permission. The CMS gives direct access to C-DoT employees and law-enforcement agencies.

CMS has created an automated front containing central and regional databases, which central and state government agencies can use to intercept and monitor any landline, mobile or internet connection in India.

Minister of state for information technology Milind Deora said, "The new data collection system will actually improve citizens' privacy because telecommunications companies would no longer be directly involved in the surveillance."

Asked what would prevent C-DoT employees, who would have access to data, from misusing it, Deora said, "There is a switching mechanism (that) diverts the call to law-enforcement agencies and eliminates layers. The existing surveillance and interception system is actually insecure as the operator, people from the home ministry and other government officials have access to the data. The CMS will erase such people from play."

"I want the people to know the design aspects and how the system is being used for lawful interceptions, so that they can shed their inhibitions We do not want to put power in the hands of the bureaucrats" he said.

Harold Dcosta, a cyber security expert who trains Maharashtra and Goa police, said, "It's possible that employees of CDoT/law enforcement agencies could use the information gathered by CMS for personal or political use although 43 and 43 A of the IT Act would protect people when something like that happens and will give the person compensation.

He said, "There should be more transparency with regard to CMS".

Sunil Abraham, executive director of Bangalore-based non-profit Centre for Internet and Society said the mistaken assumption in their thinking is technology will serve as a check and balance.

"Technology can always be compromised," he said. There is no way to find out about what is actually going on. If the CMS is abused it is very difficult to prove."

Deora said a privacy law is being drafted to address these issues. Last month, a parliamentary standing committee rejected the government claim that IT Act protects citizens' privacy. The committee, chaired by former Congress MP Rao Inderjit Singh, said, "The committee is extremely unhappy to note that the government is yet to institute a legal framework on privacy."

For more details visit https://cis-india.org/news/dna-march-21-2014-krishna-bahirwani-c-dots-surveillance-system-making-enemies-on-internet

Bumpy road ahead for RFID Tags in vehicles

praskrishna — 2016-12-10T04:31:11Z

The government plans to make digital tags in vehicles mandatory to ensure seamless passage at the toll booths, but the implementation of the proposed move may not be so smooth.

The article by Smriti Sharma Vasudeva was published in the Statesman on December 7, 2016. Pranesh Prakash was quoted.

On one hand, the digital tags stand to compromise the safety of the vehicle and the owners, while on the other, majority of automobiles manufacturing companies claim that the vehicles are being equipped with the digital tags since 2013 and it is the implementation of the order that has been grossly ineffective.

Post the recent demonetisation, as a part of the government’s efforts towards a cashless society, Economic Affairs Secretary Shaktikanta Das stated that the union government has advised the automobile manufacturers to provide a digital identity tag in all new vehicles, including cars, to enable electronic payment at all toll plazas and ensure seamless movement at check posts.

He said the provision of Electronics Product Code Global Incorporated (EPCG)-compliant Radio Frequency Identification (RFID) facility in all new vehicles will ensure payment of toll digitally and also avoid the waiting time, and the vehicles will move seamlessly without having to wait at check posts. “This will improve the functioning of toll plaza, digital payments,” Das said.

In fact, the move to mandate all the vehicles with RFID tags was first made in 2013 when the then government made it compulsory to install Radio Frequency Identification (RFID) tags on the medium and heavy motor vehicles through the proposed rule 138A of the Central Motor Vehicle Rules, 1989. However, the same could not be fully implemented for several reasons and was also opposed by public and advocacy groups alike.

In 2013, the Centre for Internet and Society (CIS), a non-profit organisation sent an open letter to the Society of Indian Automobile Manufacturers (SIAM) to urge them not to install RFID tags in vehicles in India as the legality; necessity and utility of RFID tags had not been adequately proven.

The letter stated that such technologies raise major ethical concerns, since India lacks privacy legislation, which could safeguard individual’s data. The letter added that the proposed rule 138A of the Central Motor Vehicle Rules, 1989, mandates that RFID tags are installed in all light motor vehicles in India.

However, section 110 of the Motor Vehicles Act (MV Act), 1988, does not bestow on the Central Government a specific empowerment to create rules in respect to RFID tags. Thus, the legality of the proposed rule 138A is questioned, and we urge you to not proceed with an illegal installation of RFID tags in vehicles until the Supreme Court has clarified this issue.

Speaking to The Statesman, Pranesh Prakash, Policy Director, Centre for Internet and Society said, “Our stand remains the same as it was three years ago when we spoke out against this move: mandating RFID tags in all vehicles is a terrible idea, and a privacy and security nightmare. “It is important to ensure that RFID tagging (and other similar technologies, like automated licence plate readers) do not end up as a means of engaging in mass surveillance and tracking, which would be contrary to the judgments of the Supreme Court in cases like Kharak Singh vs the Union Government.

“The government has not provided any safeguards — such as mandating non-storage of any vehicle-identifying data. The government has asked manufacturers of all vehicles to include trackers, not just for goods vehicles or mass transport vehicles.

“Nor has the government come up with any standards to ensure security of the RFID tags — to prevent unauthorized third parties from tracking you or deducting money from your account. In short, the government should immediately retract its advice to vehicle manufacturers, and should work with experts to fix these problems,” Prakash said.

For more details visit https://cis-india.org/internet-governance/news/statesman-december-7-2016-smriti-sharma-vasudeva-bumpy-road-ahead-for-rfid-tags-in-vehicles

Building a Community of Practice: Reflections from 2nd All Partners

Admin — 2018-12-01T04:18:52Z

On Wednesday, November 14th, the Partnership on AI held its 2nd annual All Partners Meeting in San Francisco, California. Representatives from our 80+ member organizations – for-profit companies, civil society organizations, academic institutions, and advocacy groups – traveled from across the globe to reflect on 2018 progress, and to plan for the future.

Elonnai Hickok participated in the event held in San Francisco on November 14 and 15, 2018. The event was organized by Partnership on AI. On November 14, Elonnai spoke on the panel on the PAI working groups and on November 15 she co-lead the AI Labor and Economy working group meeting as co-chair of the group. More details can be accessed here.

For more details visit https://cis-india.org/internet-governance/news/building-a-community-of-practice-reflections-from-2nd-all-partners