The Centre for Internet and Society
https://cis-india.org
These are the search results for the query, showing results 41 to 55.
Power over privacy: New Personal Data Protection Bill fails to really protect the citizen’s right to privacy
https://cis-india.org/internet-governance/news/the-times-of-india-december-12-2019-power-over-privacy
<b>Nikhil Pahwa throws light on the new personal data protection bill.</b>
<p style="text-align: justify; ">The article by Nikhil Pahwa was <a class="external-link" href="https://timesofindia.indiatimes.com/blogs/toi-edit-page/power-over-privacy-new-personal-data-protection-bill-fails-to-really-protect-the-citizens-right-to-privacy/">published in the Times of India</a> on December 12, 2019. CIS report was mentioned.</p>
<hr />
<p style="text-align: justify; ">Earlier this year, in April, <a href="https://blog.trendmicro.com/trendlabs-security-intelligence/55m-registered-voters-risk-philippine-commission-elections-hacked/" rel="noopener noreferrer" target="_blank">a data breach</a> in the Election Commission of Philippines led to the leakage of personal information of over 55 million eligible voters on a searchable website: including names, addresses and date of birth. This was not the first data breach from the Election Commission. After the first, which took place in March 2016, where 340 GB of voter data was <a href="http://www.rappler.com/newsbreak/in-depth/127870-comelec-leak-identity-theft-scams-experts" rel="noopener noreferrer" target="_blank">published online by a group of hackers called LulzSec Pilipinas</a>, the National Privacy Commission of Philippines found that the Election Commission had violated the Data Privacy Act of 2012, and <a href="https://www.privacy.gov.ph/2017/01/privacy-commission-finds-bautista-criminally-liable-for-comeleak-data-breach/" rel="noopener noreferrer" target="_blank">recommended criminal prosecution of its chairman</a>, finding him liable when the agency failed to dispense its duty as a “personal information controller”.</p>
<p style="text-align: justify; ">It’s 2019, and that recommendation has still not been acted upon, because the National Privacy Commission of Philippines only has recommendatory powers for criminal prosecution. Meanwhile, data breaches continue at the Election Commission of Philippines.</p>
<p style="text-align: justify; ">Between 2017 and 2018, Aadhaar related personally identifiable data of several Indian citizens, including names, addresses, bank account numbers, in some cases pregnancy information and even religion and caste information of individuals, was published online by Indian government departments. The Centre for Internet and Society, in a report, estimated that <a href="https://www.medianama.com/2017/05/223-aadhaar-numbers-data-leak/" rel="noopener noreferrer" target="_blank">personally identifiable data for 130-135 million Indian citizens had been leaked</a>, thus putting them at risk. 210 government websites had made Aadhaar related data public, <a href="https://www.thehindu.com/news/national/210-govt-websites-made-aadhaar-details-public-uidai/article20555266.ece" rel="noopener noreferrer" target="_blank">UIDAI confirmed in response to an RTI in 2017</a>.</p>
<p style="text-align: justify; ">No one was held liable. There was no data protection law, no data protection authority, no criminal prosecution was recommended. Around that time, the Indian government was instead arguing in the Supreme Court that privacy isn’t a fundamental right under the Indian Constitution.</p>
<p style="text-align: justify; ">What we can learn from these two instances is that for the enforcement of a citizen’s right to privacy, and ensuring that no one takes the protection of data lightly, there needs to be a strong privacy law that holds even the government responsible, and above all, a strong data protection authority that is independent and has powers to penalise even government officials. On some of these counts, the Personal Data Protection Bill, 2019, disappoints.</p>
<p style="text-align: justify; ">First, members of the Data Protection Authority will no longer be appointed by independent entities from diverse backgrounds: where they were previously going to be appointed by a committee comprising the Chief Justice of India or a Supreme Court judge, the Cabinet secretary, and an independent expert, the power to appoint members to DPA now rests solely with government officials, including the appointment of adjudicating officers. In addition, the central government, in the interest of “national security, sovereignty, international relations and public order, can issue directions to DPA, which DPA will be bound by. Powers of DPA have also been reduced: while in the previous version of the bill, DPA had the sole power to categorise data as sensitive personal data, in the current version, the power rests with the central government, albeit in consultation with DPA. The central government will also notify any social media company as a significant data fiduciary, and not DPA. Only the central government can determine what critical personal data is, and not DPA.</p>
<p style="text-align: justify; ">This dependence on the government for appointments, functions and definitions, will invariably impact the independence of DPA, and even though the 2019 version of the bill gives it the authority to fine the state a maximum of Rs 5-15 crore, depending on the offence, i’d be surprised if this ever happens.</p>
<p style="text-align: justify; ">The bill does create significant exceptions for the state to acquire and process data, and an opportunity to create a base for surveillance reform in the country has been lost. The previous version of the bill had brought some sense of safety against mass surveillance, when it included the condition that processing of data by the government must be “necessary and proportionate”, drawing from Supreme Court’s historic right to privacy judgment. This is particularly important given that the bill also gives power to the government to exempt any agency from the provisions of the bill for processing of personal data, which includes acquiring data from any public or private entity.</p>
<p style="text-align: justify; ">Effectively, this means that government agencies may be exempt from any scrutiny by DPA, and can even collect data from third parties (for example, fin-tech companies, health-tech startups) without the user even knowing. Forget recommending criminal prosecution for mass surveillance, India’s DPA won’t even be able to fine a government agency for such a violation of the fundamental right to privacy. The government also has vast exceptions for data processing: “for the performance of any function of the state authorised by law”.</p>
<p style="text-align: justify; ">This aside, one of the more curious clauses in the bill is around non-personal data. The government, a few months ago, constituted a committee led by Infosys co-founder Kris Gopalakrishnan to look into the governance of non-personal data. Non-personal data, as the term suggests, is any data that is not related to an individual. In the bill, the government has given itself the right to acquire this data, which is essentially a company’s intellectual property, to “promote framing of policies for digital economy”. Why non-personal data finds a mention in a Personal Data Protection Bill is beyond comprehension, and this move will not inspire much confidence in businesses operating in India, when the state claims eminent domain over intellectual property.</p>
<p style="text-align: justify; ">It’s unfortunate minister Ravi Shankar Prasad is sending the bill to a select committee, given the fact that such significant changes to the bill should have led to another public consultation.</p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/news/the-times-of-india-december-12-2019-power-over-privacy'>https://cis-india.org/internet-governance/news/the-times-of-india-december-12-2019-power-over-privacy</a>
</p>
No publisherNikhil PahwaInternet GovernancePrivacy2019-12-15T05:57:31ZNews ItemOutrage As Privileged IITians Use Tech To Spy On Sweepers
https://cis-india.org/internet-governance/news/huffignton-post-december-13-2019-rachna-khaira-outrage-as-privileged-iit-ians-use-tech-to-spy-on-sweepers
<b>Some members of the housekeeping staff at IIT Ropar were put under round the clock surveillance during working hours for many days in February this year without their consent. IIT Ropar Director Prof S K Das has ordered a probe into the incident.</b>
<p style="text-align: justify; ">The article by Rachna Khaira was <a class="external-link" href="https://www.huffingtonpost.in/entry/outrage-as-privileged-iitians-use-tech-to-spy-on-sweepers_in_5df1bbc8e4b06a50a2e9e659">published in Huffington Post</a> on December 31, 2019. Aayush Rathi was quoted.</p>
<hr />
<p style="text-align: justify; ">The Indian Institute of Technology (IIT), Ropar is conducting a probe into the reported tagging and round the clock electronic surveillance of some housekeeping staff members as part of an experiment run by the Technology Business Incubation Foundation (TBIF) located at the IIT campus in February this year.</p>
<p style="text-align: justify; "><em>HuffPost India </em>has learnt that the TBIF, a tech incubator run within IIT Ropar, signed off on the “Sweepy” project in which housekeeping staff were given wristbands and brooms secretly embedded with tracking chips, without seeking the consent of the janitorial staff, or informing IIT Ropar management.</p>
<p style="text-align: justify; ">While the housekeeping staff were told the wristbands would record their pulse and heart beat, and that they should wear it while cleaning the campus, the tracking chips were used to track to assess if they were sweeping out hard-to-reach corners of the institute.</p>
<p style="text-align: justify; ">Prof. Sarit Kumar Das, Director IIT Ropar told HuffPost India that a three member committee comprising of Prof. Bijoy H Barua, Prof. Javed Agrewala and Prof. Deepak Kashyap has been set up to look into the matter.</p>
<p style="text-align: justify; ">“We at the IIT Ropar respect privacy and condemn any such violation made by any of our student or staff member,” said Prof. Das. “Before conducting any experiment on human beings, an approval has to be sought from the human ethics team constituted in our institution and they present a case to me after seeking a written consent from the people who would undergo the experiment. Only, after getting my approval, such an experiment can be conducted at the campus.”</p>
<h3 style="text-align: justify; ">Sweeping surveillance</h3>
<p style="text-align: justify; ">J K Sharma, the Chief Operating Officer of TBIF, told <em>HuffPost India</em> that his tech incubator deliberately misled the housekeeping staff about the true purpose of the wristband as they felt the housekeeping staff wouldn’t agree to wear such a device.</p>
<p style="text-align: justify; ">While elaborating more on the ‘Sweepy’ project, Sharma said that the project was based on an idea that came to the hostellers who were upset over the housekeeping staff for not cleaning their rooms.</p>
<p style="text-align: justify; ">“The sweepers were not working properly and despite reporting the matter several times to the authorities, they were not taking any cognisance. Perturbed, the students developed this programme in which the location of the sweeper can be recorded and monitored in a control room by a gadget tied to the sweeper’s wrist,” said Sharma.</p>
<p style="text-align: justify; ">He further added that a beacon records the activity of the sensor pasted to the broom or mop held by the sweeper and can monitor the area and the time in which it was used. The report was produced digitally on the screen.</p>
<p style="text-align: justify; ">Was a consent sought from the sweepers before tagging them?</p>
<p style="text-align: justify; ">“The testing was done in a secret manner as the housekeeping staff may not have given their consent for the trial. We tried it on three sweepers and while two of them were found working dedicatedly, one was found to have missed cleaning from few areas assigned to him,” said Sharma.</p>
<p style="text-align: justify; ">The findings were shared with the housekeeping supervisor who later directed his staff to do their duty more diligently.</p>
<p style="text-align: justify; ">The team working on the project however told <em>HuffPost India</em> that they secured the privacy of the housekeeping staff by removing the microphone from the gadgets tied to their wrists.</p>
<p style="text-align: justify; ">This technology does not have video feature and only monitors location of a moving object and is quite cheap as compared to the radio-frequency identification (RFID) technology that uses electromagnetic fields to automatically identify and track tags attached to objects.</p>
<blockquote class="pull-quote content-list-component" style="text-align: justify; ">The testing was done in a secret manner as the housekeeping staff may not have given their consent for the trial. We tried it on three sweepers and while two of them were found working dedicatedly, one was found to have missed cleaning from few areas assigned to himJ K Sharma, Chief Executive Officer, Technology Business Incubation Foundation, IIT Ropar</blockquote>
<p style="text-align: justify; ">Calling this an increasingly commonplace trend of covert spying on domestic workers without their knowledge, Ayush Rathi, Programme Officer, Centre for Internet and Society, said that the housekeeping staff was made to wear the gadget under a false pretense is telling.</p>
<p style="text-align: justify; ">“This is a classic example of how the access to privacy is stratified along the axes of class, caste and gender. And ties in closely with a key purpose of surveillance — that of exerting control over people’s bodies to conform to the surveiller’s ideas of right and wrong,” said Rathi.</p>
<p style="text-align: justify; ">He further added that in many ways, this story captures the zeitgeist of the 21st century. The is the essence of so much of what qualifies as innovation today is that they seek to find technological solutions to problems that are structural in nature.</p>
<p style="text-align: justify; ">“So, in this instance it is very evident that the objective sought to be achieved was not to merely ‘fix’ the problem of the housekeeping staff performing its duties well, but to solely hold them guilty for failing to do so,” said Rathi.</p>
<p style="text-align: justify; ">An alternate, albeit more tedious, approach would have been to speak with the workers and iron out the struggles they were facing at the workplace that were preventing them from performing their job well. Any solution could only have been prepared thereafter — he added.</p>
<p style="text-align: justify; ">As per Prof. Das, a major problem with the engineering students is that unlike medical students, 90 percent of their experiments are based on machines and not human beings.</p>
<p style="text-align: justify; ">“There is too much deficiency of the understanding of human psychology amongst engineering students. To curb this, we at the IIT have started a mandatory course on human ethics which is being taught by some of the renowned human psychology experts. Still sometimes, the violations gets reported,” said Prof. Das.</p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/news/huffignton-post-december-13-2019-rachna-khaira-outrage-as-privileged-iit-ians-use-tech-to-spy-on-sweepers'>https://cis-india.org/internet-governance/news/huffignton-post-december-13-2019-rachna-khaira-outrage-as-privileged-iit-ians-use-tech-to-spy-on-sweepers</a>
</p>
No publisherRachna KhairaInternet GovernancePrivacy2019-12-15T05:33:21ZNews ItemWhatsApp spy attack and after
https://cis-india.org/internet-governance/news/deccan-herald-november-6-2019-theres-sudeep-whatsapp-spy-attack-and-after
<b>Bengaluru experts analyse the Pegasus snooping scandal, and provide advice on what you can do about the gaping holes in your mobile phone security.</b>
<p>The article by Theres Sudeep was published in <a class="external-link" href="https://www.deccanherald.com/metrolife/metrolife-your-bond-with-bengaluru/whatsapp-spy-attack-and-after-773955.html">Deccan Herald</a> on November 6, 2019. Aayush Rathi was quoted.</p>
<hr />
<p>Last week ended with a sensational piece of news: WhatsApp said spyware Pegasus was being used to hack into the phones of activists and journalists in India.</p>
<p style="text-align: justify; ">The software is the brainchild of the NSO Group, an Israeli company. WhatsApp has detected 1,400 instances of Pegasus being used in the latest wave of attacks between April 29 and May 10. WhatsApp has identified 100-plus cases targeting human rights defenders and journalists. About two dozen of these attacks were in India.</p>
<p style="text-align: justify; ">Among those whose security was reportedly compromised is Congress leader Priyanka Gandhi.The first question is who ordered this snooping. NSO claims they sell their technology only to government agencies for lawful investigation into crime and terrorism. Speculation is rife that there is government involvement in the snooping.</p>
<p style="text-align: justify; ">Vinay Srinivas, lawyer with Alternative Law Forum, Bengaluru, says,“The targets of the attack seem to be those who had critical things to say about the current government.”Referring to a tweet by journalist Arvind Gunasekar, Srinivas says there is clear proof that the government knew of the breach and its severity.The tweet includes a screenshot of a report from the CERT-IN (Indian Computer Emergency Response Team) website dated May 17.</p>
<p style="text-align: justify; ">It shows severity rating as “High”.WhatsApp says the vulnerability has now been patched and urged users to update the app. But a level of paranoia around smartphones and privacy has been created. Apar Gupta, executive director of the Internet Freedom Foundation, based in Delhi works towards internet freedom and privacy, says Pegasus,specially, is too expensive (it can cost up to eight million dollars a year to licence) to be used on ordinary citizens.</p>
<p style="text-align: justify; ">But not all spyware is expensive. “Multiple kinds are now commercially available and easy to procure. These can be used by an estranged lover or even a professional rival to find information about you,” he says. Jija Hari Singh, retired DGP and Karnataka’s first woman IPS officer, says Pegasus is one of the smaller players, and spyware akin to it has been around for three decades. “Monsters bigger than Pegasus are still snooping on us,” she says.</p>
<h3 style="text-align: justify; ">NOTHING TO HIDE?</h3>
<p style="text-align: justify; ">Many people fall back on the narrative of ‘I have nothing to hide, so I’m not worried’.Aayush Rathi, Programme Officer at the Centre for Internet and Society, says that this is a flawed premise: “It is like saying free speech is not important for you because you have nothing useful to say.”Gupta breaks down this rationale: “If a person has ‘nothing to hide’ then they should just unlock their phone and hand it over to any person who asks for it. But the minute such a demand is made they would feel uncomfortable.”This discomfort, he says, doesn’t come because they are doing something illegal but because they fear social judgement.“There is a level of intimacy in their conversations that they’d rather not share with anyone else,” he says.Many people believe only illegal activity leads to surveillance, but that is not the case.“Even the most inconsequential actions are being logged on digital devices, and much of this information can be monetised,” he says.The most tangible risks are financial fraud and identity theft, and spyware is also commonly used for corporate espionage.</p>
<h3 style="text-align: justify; ">UPDATE SECURITY</h3>
<p style="text-align: justify; ">So what must one do if one’s phone is spied on? In the case of Pegasus, Rathi says, “You would have received a communication from WhatsApp if you were targeted. Irrespective, you should update the application immediately as the latest update fixes the vulnerability.”Srinivas says legally the recourse available is the fundamental right to privacy. “Since the government doesn’t have any regulation in place to deal with this, the National Human Rights Commission will have to take it up,” he says.</p>
<p style="text-align: justify; ">Gupta advises precautions against preventable hacks. He advises a reading of online guides on surveillance self-defence, especially those by Electronic Frontier Foundation.</p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/news/deccan-herald-november-6-2019-theres-sudeep-whatsapp-spy-attack-and-after'>https://cis-india.org/internet-governance/news/deccan-herald-november-6-2019-theres-sudeep-whatsapp-spy-attack-and-after</a>
</p>
No publisherTheres SudeepInternet GovernancePrivacy2019-12-15T05:06:27ZNews ItemMaking Voices Heard: Privacy, Inclusivity, and Accessibility of Voice Interfaces in India
https://cis-india.org/raw/making-voices-heard-project-announcement
<b>We believe that voice interfaces have the potential to democratise the use of internet by addressing barriers such as accessibility concerns, lack of abilities of reading and writing on digital text interfaces, and lack of options for people to interact with digital devices in their own languages. Through the Making Voice Heard Project supported by Mozilla Corporation, we will examine the current landscape of voice interfaces in India.</b>
<p> </p>
<img src="https://raw.githubusercontent.com/cis-india/website/master/img/CIS_Mozilla_MakingVoicesHeard_ProjectAnnouncement_01.jpg" alt="null" width="30%" /> <img src="https://raw.githubusercontent.com/cis-india/website/master/img/CIS_Mozilla_MakingVoicesHeard_ProjectAnnouncement_02.jpg" alt="null" width="30%" /> <img src="https://raw.githubusercontent.com/cis-india/website/master/img/CIS_Mozilla_MakingVoicesHeard_ProjectAnnouncement_03.jpg" alt="null" width="30%" />
<p> </p>
<h4>Download the project announcement cards (shown above): <a href="https://raw.githubusercontent.com/cis-india/website/master/img/CIS_Mozilla_MakingVoicesHeard_ProjectAnnouncement_01.jpg" target="_blank">Card 01</a>, <a href="https://raw.githubusercontent.com/cis-india/website/master/img/CIS_Mozilla_MakingVoicesHeard_ProjectAnnouncement_02.jpg" target="_blank">Card 02</a>, and <a href="https://raw.githubusercontent.com/cis-india/website/master/img/CIS_Mozilla_MakingVoicesHeard_ProjectAnnouncement_03.jpg" target="_blank">Card 03</a></h4>
<hr />
<h3>Making Voices Heard: Project Announcement</h3>
<p>Although voice enabled interfaces are being deployed there is a need to understand how they are beneficial, and what have been important knowledge gaps and challenges in their development, adoption, use, and regulation. Through the Making Voice Heard Project <a href="https://blog.mozilla.org/blog/2019/07/05/mozillas-latest-research-grants-prioritizing-research-for-the-internet/" target="_blank">supported by Mozilla Corporation</a>, we will be examining the current landscape of voice interfaces in India, and seek to address the following questions:</p>
<ul>
<li>What is the broad (sectoral and functional) typology of available voice interfaces in Indian languages? How widely are these voice interfaces (in Indian languages) used, and what barriers prevent their further adoption and use?<br /><br /></li>
<li>What are concerns related to privacy and data protection that emerge with the growth of voice interfaces? What kind of protocols for data processing may need to be built into the design of these interfaces?<br /><br /></li>
<li>How accessible are these interfaces for persons with disabilities (PWDs)? What kinds of accessibility features, especially for Indian languages, may need to be developed to ensure effective use of voice technologies by PWDs?<br /><br /></li>
<li>Where do challenges in these three areas intersect? For instance, is compromising on users’ privacy, including weak or missing data protection regulations, required to create comprehensive speech datasets that may help develop better accessibility features, and address linguistic barriers?</li></ul>
<p>In order to approach these questions we have begun mapping the various developers and users of voice interfaces in India. In the next stage of the process we will be looking at these interfaces through the lens of privacy, language, accessibility, and design. In order to add to the mapping and questions, we will be conducting interviews and workshops with users, developers, designers and researchers of voice interfaces in India, including the <a href="https://voice.mozilla.org/en" target="_blank">Common Voice</a> team at Mozilla.</p>
<p>We hereby invite researchers, developers and designers of voice interfaces to speak to us and help inform the study. You may contact Shweta Mohandas at shweta@cis-india.org.</p>
<p><em>- Shweta Mohandas, Saumyaa Naidu, Puthiya Purayil Sneha, and Sumandro Chattapadhyay (project team)</em></p>
<p> </p>
<p>
For more details visit <a href='https://cis-india.org/raw/making-voices-heard-project-announcement'>https://cis-india.org/raw/making-voices-heard-project-announcement</a>
</p>
No publishershwetaVoice User InterfaceLanguagePrivacyAccessibilityResearchVoice Assisted InterfaceFeaturedResearchers at WorkMaking Voices Heard2019-12-18T12:10:05ZBlog EntryCyber law experts asks why CERT-In removed advisory warning about WhatsApp vulnerability
https://cis-india.org/internet-governance/news/et-tech-megha-mandavia-november-4-2019-cyber-law-experts-asks-why-cert-in-removed-advisory-warning-about-whatsapp-vulnerability
<b>On the missing web page note, CERT-In had provided a detailed explanation of the vulnerability, which could be exploited by an attacker by making a decoy voice call to a target.</b>
<p style="text-align: justify; ">The article by Megha Mandavia was <a class="external-link" href="https://tech.economictimes.indiatimes.com/news/internet/cyber-law-experts-asks-why-cert-in-removed-advisory-warning-about-whatsapp-vulnerability/71881880">published in ET Tech.com</a> on November 4, 2019. Pranesh Prakash was quoted.</p>
<hr />
<p style="text-align: justify; ">Cyber law experts have asked the <a href="https://tech.economictimes.indiatimes.com/tag/government">government</a> to explain why the Indian computer emergency response team (<a href="https://tech.economictimes.indiatimes.com/tag/cert-in">CERT-In</a>) removed from its website two days ago an advisory it had put out in May warning users of a vulnerability that could be used to exploit <a href="https://tech.economictimes.indiatimes.com/tag/whatsapp">WhatsApp</a> on their smartphones.<br /><br />“This is merely further evidence that the explanation is to be provided by GoI (Government of India) instead of blame shifting and politicizing the issue,” said Mishi Choudhary, the legal director of the New York-based Software Freedom Law Center. “India is a surveillance state with no judicial oversight.”<br /><br />On the missing web page note, CERT-In had provided a detailed explanation of the vulnerability, which could be exploited by an attacker by making a decoy voice call to a target.<br /><br />It had warned WhatsApp users that the vulnerability could allow an attacker to access information on the system, such as logs, messages and photos, and could further compromise it. CERT-In rated the severity “high” and asked users to upgrade to the latest version of the app.<br /><br />It also listed links to hackernews and cyber security firm Check Point Software that pointed to the alleged involvement of Israeli cyber software firm NSO Group in the hacking of WhatsApp messenger.<br /><br />CERT-In Director-General Sanjay Bahl did not respond to ET’s mails or calls seeking clarity on why the advisory was pulled from its website.<br /><br />The Times of India reported first the development.<br /><br />The government had blamed WhatsApp for not informing it about the attack and asked the Facebook-owned company to respond by November 4.<br /><br />In response, WhatsApp sources pointed out that it had informed CERT-in in May about the vulnerability and updated in September that 121 Indian nationals were targeted using the exploit, ET reported on Sunday.<br /><br />“We should not read too much into it. It could just be bad website management. The vulnerability was public knowledge. It was reported by the Common Vulnerabilities and Exposures (CVE) organization in May,” said Pranesh Prakash, fellow at the Centre of <a href="https://tech.economictimes.indiatimes.com/news/internet">Internet</a> and Society, a non-profit organisation.<br /><br />The government has also questioned the timing of the disclosure, as it comes amid a request by it to the Supreme Court seeking three months to frame rules to curb misuse of social media in the country.<br /><br />The government has categorically told WhatsApp that it wants the platform to bring in a mechanism that would enable tracing of the origin of messages, a demand that the instant messaging platform has resisted citing privacy concerns.</p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/news/et-tech-megha-mandavia-november-4-2019-cyber-law-experts-asks-why-cert-in-removed-advisory-warning-about-whatsapp-vulnerability'>https://cis-india.org/internet-governance/news/et-tech-megha-mandavia-november-4-2019-cyber-law-experts-asks-why-cert-in-removed-advisory-warning-about-whatsapp-vulnerability</a>
</p>
No publisherMegha MandaviaInternet GovernancePrivacy2019-11-15T00:48:00ZNews ItemIndia facial recognition: How effective will it be?
https://cis-india.org/internet-governance/news/al-jazeera-video-november-8-2019-india-facial-recognition
<b>India is trying to build what could be the world's largest facial recognition system.</b>
<p style="text-align: justify; ">New Delhi says the system could help fight crime and find missing children.</p>
<p style="text-align: justify; ">The technology has already been launched at a few Indian airports.</p>
<p style="text-align: justify; ">Police in New Delhi says it has identified nearly 3,000 missing children during a trial period last year.</p>
<p style="text-align: justify; ">But not everyone is convinced.</p>
<p style="text-align: justify; ">Internet freedom advocates say there is little information about where and what the system will be used for and how data will be stored.</p>
<p style="text-align: justify; ">The use of facial recognition software is already common in places like China.</p>
<p style="text-align: justify; ">But there are questions about how effective it is, with one British study revealing that the technology could be highly inaccurate.</p>
<p style="text-align: justify; ">Pranesh Prakash joins Al Jazeera from Bengaluru in India. He is a fellow at the Centre for Internet and Society but is talking to us in a personal capacity</p>
<hr />
<h3>Video</h3>
<p><iframe frameborder="0" height="315" src="https://www.youtube.com/embed/YAsMf9qy3cc" width="560"></iframe></p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/news/al-jazeera-video-november-8-2019-india-facial-recognition'>https://cis-india.org/internet-governance/news/al-jazeera-video-november-8-2019-india-facial-recognition</a>
</p>
No publisherAdminInternet GovernancePrivacy2019-11-15T00:42:35ZNews ItemUN Special Rapporteur on the Right to Privacy Consultation on 'Privacy and Gender'
https://cis-india.org/internet-governance/news/un-special-rapporteur-on-the-right-to-privacy-consultation-on-privacy-and-gender
<b>Ambika Tandon was a speaker at the Consultation on Privacy and Gender organised by the UN Special Rapporteur on the right to privacy held at New York University, New York on October 30 - 31, 2019. </b>
<p style="text-align: justify; ">The consultation was held to receive feedback on the report on privacy and gender towards which Pallavi, Aayush, Pranav and Ambika sent comments. Ambika was a speaker in t<span>he session 'The Body: as Data, as Identity, as </span><span>Money Maker', chaired by Eva Blum-Dumontet from Privacy </span><span>International, with co-panelists Anja Kovacs, Director, Internet </span><span>Democracy Project, and Joana Varon, Director, Coding Rights.</span></p>
<p> </p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/news/un-special-rapporteur-on-the-right-to-privacy-consultation-on-privacy-and-gender'>https://cis-india.org/internet-governance/news/un-special-rapporteur-on-the-right-to-privacy-consultation-on-privacy-and-gender</a>
</p>
No publisherAdminInternet GovernancePrivacy2019-11-02T06:39:25ZNews ItemThrough the looking glass: Analysing transparency reports
https://cis-india.org/internet-governance/blog/torsha-sarkar-suhan-s-and-gurshabad-grover-october-30-2019-through-the-looking-glass
<b>An analysis of companies' transparency reports for government requests for user data and content removal</b>
<p style="text-align: justify;">Over the past decade, a few private online intermediaries, by rapid innovation and integration, have turned into regulators of a substantial amount of online speech. Such concentrated power calls for a high level of responsibility on them to ensure that the rights of the users online, including their rights to free speech and privacy, are maintained. Such responsibility may include appealing or refusing to entertain government requests that are technically or legally flawed, or resisting gag orders on requests. For the purposes of measuring a company’s practices regarding refusing flawed requests and standing up for user rights, transparency reporting becomes useful and relevant.Making information regarding the same public also ensures that researchers can build upon such data and recommend ways to improve accountability and enables the user to understand information about when and how governments are restricting their rights.</p>
<p style="text-align: justify;">For some time in the last decade, Google and Twitter were the only major online platforms that published half-yearly transparency reports documenting the number of content take down and user information requests they received from law enforcement agencies. In 2013 however, that changed, when the Snowden leaks revealed, amongst other things, that these companies were often excessively compliant with requests from US’ intelligence operations, and allowed them backdoor surveillance access to user information. Subsequently, all the major Silicon Valley internet companies have been attempting to publish a variance or other of transparency reports, in hopes of re-building their damaged goodwill, and displaying a measure of accountability to its users.</p>
<p style="text-align: justify;">The number of government requests for user data and content removal has also seen a steady rise. In 2014, for instance Google noted that in the US alone, they observed a 19% rise for the second half of the year, and an overall 250% jump in numbers since Google began providing this information. As per a study done by Comparitech, India sent the maximum number of government requests for content removal and user data in the period of 2009 - 2018.8 This highlights the increasing importance of accessible transparency reporting.</p>
<p style="text-align: justify;">Initiatives analysing the transparency reporting practices of online platforms, like The Electronic Frontier Foundation (EFF)’s Who Has Your Back? reports, for instance, have developed a considerable body of work tracing these reporting practices, but have largely focused at them in the context of the United States (US). In our research, we found that the existing methodology and metrics to assess the transparency reports of online platforms developed by organisations like the EFF are not adequate in the Indian context. We identify two reasons for developing a new methodology:</p>
<ol>
<li style="text-align: justify;">Online platforms make available vastly different information for US and India. For instance, Facebook breaks up the legal requests it receives for US into eight different classes (search warrants, subpoenas, etc.). Such a classification is not present for India. These differences are summarised in Annexure </li>
<li style="text-align: justify;">The legal regimes and procedural safeguards under which states can compel platforms to share information or take content down also differ. For instance, in India, an order for content takedown can be issued either under section 79 and its allied rules or under section 69A and its rules, each having their own procedures and relevant authorities. A summary of such provisions for Indian agencies is given in Annexure 3.</li></ol>
<p style="text-align: justify;">These differences may merit differences in the methodology for research into understanding the reporting practices of these platforms, depending on each jurisdiction’s legal context.</p>
<p style="text-align: justify;">In this report, we would be analyzing the transparency reports of online platforms with a large Indian user-base, specifically focusing on data they publish about user information and takedown requests received from Indian governments’ and courts.</p>
<p style="text-align: justify;">First, we detail our methodology for this report, including how we selected platforms whose transparency reports we analyse, and then specific metrics relating to information available in those reports. For the latter, we collate relevant metrics from existing frameworks, and propose a standard that can be applicable for our research.</p>
<p style="text-align: justify;">In the second part, we present company-specific reports. We identify general trends in the data published by the company, and then compare the available data to the best practices of transparency reporting that we proposed.</p>
<hr />
<p style="text-align: justify;"><a class="external-link" href="http://cis-india.org/internet-governance/files/A%20collation%20and%20analysis%20of%20government%20requests%20for%20user%20data%20%20and%20content%20removal%20from%20non-Indian%20intermediaries%20.pdf">Download the full report</a>. The report was edited by Elonnai Hickok. Research assistance by Keying Geng and Anjanaa Aravindan.</p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/torsha-sarkar-suhan-s-and-gurshabad-grover-october-30-2019-through-the-looking-glass'>https://cis-india.org/internet-governance/blog/torsha-sarkar-suhan-s-and-gurshabad-grover-october-30-2019-through-the-looking-glass</a>
</p>
No publisherTorsha Sarkar, Suhan S and Gurshabad GroverFreedom of Speech and ExpressionInternet GovernancePrivacy2019-11-02T05:48:59ZBlog EntryComments to the United Nations Human Rights Commission Report on Gender and Privacy
https://cis-india.org/internet-governance/blog/comments-to-the-unhrc-report-on-gender-and-privacy
<b>This submission to UNHRC presents a response by researchers at the CIS to ‘gender issues arising in the digital era and their impacts on women, men and individuals of diverse sexual orientations gender identities, gender expressions and sex characteristics’. It was prepared by Aayush Rathi, Ambika Tandon, and Pallavi Bedi in response to a report of consultation by a thematic taskforce established by the Special Rapporteur on the Right to Privacy on ‘Privacy and Personality’ (hereafter, HRC Gender Report).</b>
<p> </p>
<h4>HRC Gender Report - Consultation version: <a href="https://www.ohchr.org/Documents/Issues/Privacy/SR_Privacy/2019_HRC_Annex2_GenderReport.pdf" target="_blank">Read</a> (PDF)</h4>
<h4>Submitted comments: <a href="http://cis-india.org/internet-governance/files/comments-to-the-united-nations-human-rights-commission-report-on-gender-and-privacy" target="_blank">Read</a> (PDF)</h4>
<hr />
<p>The Centre for Internet and Society (CIS), India, is an 11-year old non-profit organisation that undertakes interdisciplinary research on internet and digital technologies from policy and academic perspectives. Through its diverse initiatives, CIS explores, intervenes in, and advances contemporary discourse and regulatory practices around internet, technology, and society in India,and elsewhere. Current focus areas include cybersecurity, privacy, freedom of speech, labour and artificial intelligence. CIS has been taking efforts to mainstream gender across its programmes, as well as develop specifically gender-focused research using a feminist approach.</p>
<p>CIS appreciates the efforts of Dr. Elizabeth Coombs, Chair, Thematic Action Stream Taskforce on “A better understanding of privacy”, and those of Professor Joseph Cannataci, Special Rapporteur on the Right to Privacy. We are also grateful for the opportunity to put forth our views and comment on the HRC Gender Report.</p>
<p> </p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/comments-to-the-unhrc-report-on-gender-and-privacy'>https://cis-india.org/internet-governance/blog/comments-to-the-unhrc-report-on-gender-and-privacy</a>
</p>
No publisherAayush Rathi, Ambika Tandon and Pallavi BediPrivacyGenderInternet GovernanceResearchGender, Welfare, and PrivacyResearchers at Work2019-12-30T17:40:20ZBlog EntryNIPFP Seminar on Exploring Policy Issues in the Digital Technology Arena
https://cis-india.org/internet-governance/news/nipfp-seminar-on-exploring-policy-issues-in-the-digital-technology-arena
<b>Anubha Sinha participated in this seminar as a discussant on the "Regulating emerging technologies" panel. The event was held at Indian Institute of Advanced Study, Shimla on October 10 - 11, 2019.
</b>
<p>Click to view the <a class="external-link" href="http://cis-india.org/internet-governance/files/exploring-policy-issues-in-the-digital-technology-arena">agenda here</a>. The session briefs can be <a class="external-link" href="http://cis-india.org/internet-governance/files/session-briefs">seen here</a>.</p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/news/nipfp-seminar-on-exploring-policy-issues-in-the-digital-technology-arena'>https://cis-india.org/internet-governance/news/nipfp-seminar-on-exploring-policy-issues-in-the-digital-technology-arena</a>
</p>
No publisherAdminPrivacyDigital KnowledgeInternet GovernanceDigital TechnologiesDigital India2019-10-20T07:40:16ZNews ItemDue Diligence Project FGD by UN Women
https://cis-india.org/internet-governance/news/due-diligence-project-fgd-by-un-women
<b>On October 11, 2019, Radhika Radhakrishnan attended a focussed group discussion at the UN House, New Delhi, organized by UN Women for their multi-country research study on online violence (Due Diligence Project).</b>
<p style="text-align: justify; ">The purpose of the discussion was to provide a better understanding of the nature and the scope of this form of VAWG and to provide recommendations to inform policies, plans, programming and advocacy on the issue.</p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/news/due-diligence-project-fgd-by-un-women'>https://cis-india.org/internet-governance/news/due-diligence-project-fgd-by-un-women</a>
</p>
No publisherAdminDue DiligenceInternet GovernancePrivacy2019-10-20T07:11:13ZNews ItemBSides Delhi 2019 Security Conference
https://cis-india.org/internet-governance/news/bsides-delhi-2019-security-conference
<b>Karan Saini attended the BSides Delhi security conference on October 11, 2019. The event was organized by Bsides Delhi in New Delhi. </b>
<p>Click to view the agenda <a class="external-link" href="https://bsidesdelhi.in/program.php">here</a>. Videos of the event can be <a class="external-link" href="https://www.youtube.com/channel/UCZidtr5OB-OGQwxWXDDSTBQ">viewed here</a>.</p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/news/bsides-delhi-2019-security-conference'>https://cis-india.org/internet-governance/news/bsides-delhi-2019-security-conference</a>
</p>
No publisherAdminInternet GovernancePrivacy2019-10-20T06:47:26ZNews ItemWill FASTag raise privacy concerns?
https://cis-india.org/internet-governance/news/livemint-shreya-nandi-prathma-sharma-october-15-2019-will-fastag-raise-privacy-concerns
<b>FASTag, an electronic device that enables direct, cashless toll payment, has been touted as the Aadhaar for vehicles as it would help the government track movement of automobiles. But the move can also stoke fresh concerns on privacy.</b>
<p style="text-align: justify; ">The article by Shreya Nandi and Prathma Sharma was <a class="external-link" href="https://www.livemint.com/news/india/will-fastag-raise-privacy-concerns-11571125214325.html">published in Livemint</a> on October 15, 2019. Pranesh Prakash was quoted.</p>
<hr />
<p style="text-align: justify; ">The device can track movement of vehicles, toll booth cameras can catch traffic law violations, prevent crime, and help authorities curb tax evasion.</p>
<p style="text-align: justify; ">While the movement of commercial vehicles will be tracked by revenue authorities by integrating with e-way bill system under <a href="https://www.livemint.com/news/india/ihmcl-gstn-to-ink-pact-to-link-fastag-with-gst-e-way-bill-system-on-oct-14-11570973104434.html" target="_blank">Goods and Services Tax (GST)</a> to curb revenue leakage, experts believe that tracking personal vehicle is a matter of concern.</p>
<p style="text-align: justify; ">It is not that the government will only use the stored data or video under limited and well-defined circumstances such as for evidence in case of traffic accidents, according to Pranesh Prakash, fellow, Centre for Internet Society.</p>
<p style="text-align: justify; ">“As transport minister Gadkari said (on Monday), the government will also use the video or data for any for analysis. And that will happen in a non-consensual manner, and outside the purview of a data protection framework, and without paying heed to the Supreme Court's landmark judgment on privacy," Prakash said.</p>
<p style="text-align: justify; ">On Monday, transport minister <a href="https://www.livemint.com/news/india/gadkari-says-revenue-from-toll-collection-to-hit-rs-1-lakh-crore-in-5-years-11571057140954.html" target="_blank">Nitin Gadkari</a> said cameras at the toll booth will take photos of passengers in a vehicle, which will be useful for the home ministry as there will be a record of the vehicle’s movement.</p>
<p style="text-align: justify; ">FASTag, which comes into effect 1 December, uses radio frequency identification technology to enable direct toll payments from a moving vehicle. The toll fare is deducted from the bank account linked to FASTag. It will not only encourage cashless payments at toll plaza, but also decongest national highways, thereby ensuring seamless movement of vehicles, and reduce pollution and logistics cost.</p>
<p style="text-align: justify; ">Amid privacy concerns related to sharing Aadhaar details with banks, telecom companies or any other authority for fulfilling KYC norms, the Supreme Court had in September last year ruled that Aadhaar can only be used for welfare schemes and for delivering state subsidies. It had barred private companies from using Aadhaar data for authenticating customers.<br />Another expert said since FASTag data includes information that is personally identifiable with the vehicle owner, it can be misused if shared with various entities.<br />"With FASTag being linked with National Vehicle Database (Vahan database), it does raise privacy concerns, specially as Nitin Gadkari, the minister of road transport and highways, has admitted that the government has provided access to Vahan and Sarathi database to 32 government and 87 private entities for ₹65 crore till date," Salman Waris Managing Partner, TechLegis Advocates & Solicitors, said.</p>
<p style="text-align: justify; ">“With the Personal Data Protection Bill still in the making there are little regulatory measures to prevent or even punish FasTag data breaches," Waris said.</p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/news/livemint-shreya-nandi-prathma-sharma-october-15-2019-will-fastag-raise-privacy-concerns'>https://cis-india.org/internet-governance/news/livemint-shreya-nandi-prathma-sharma-october-15-2019-will-fastag-raise-privacy-concerns</a>
</p>
No publisherShreya Nandi and Prathma SharmaInternet GovernancePrivacy2019-10-18T15:22:27ZNews ItemThe Mother and Child Tracking System - understanding data trail in the Indian healthcare systems
https://cis-india.org/internet-governance/blog/privacy-international-ambika-tandon-october-17-2019-mother-and-child-tracking-system-understanding-data-trail-indian-healthcare
<b>Reproductive health programmes in India have been digitising extensive data about pregnant women for over a decade, as part of multiple health information systems. These can be seen as precursors to current conceptions of big data systems within health informatics. In this article, published by Privacy International, Ambika Tandon presents some findings from a recently concluded case study of the MCTS as an example of public data-driven initiatives in reproductive health in India. </b>
<p> </p>
<h4>This article was first published by <a href="https://privacyinternational.org/news-analysis/3262/mother-and-child-tracking-system-understanding-data-trail-indian-healthcare" target="_blank">Privacy International</a>, on October 17, 2019</h4>
<h4>Case study of MCTS: <a href="https://cis-india.org/raw/big-data-reproductive-health-india-mcts" target="_blank">Read</a></h4>
<hr />
<p>On October 17th 2019, the UN Special Rapporteur (UNSR) on Extreme Poverty and Human Rights, Philip Alston, released his thematic report on digital technology, social protection and human rights. Understanding the impact of technology on the provision of social protection – and, by extent, its impact on people in vulnerable situations – has been part of the work the Centre for Internet and Society (CIS) and Privacy International (PI) have been doing.</p>
<p>Earlier this year, <a href="https://privacyinternational.org/advocacy/2996/privacy-internationals-submission-digital-technology-social-protection-and-human" target="_blank">PI responded</a> to the UNSR's consultation on this topic. We highlighted what we perceived as some of the most pressing issues we had observed around the world when it comes to the use of technology for the delivery of social protection and its impact on the right to privacy and dignity of benefit claimants.</p>
<p>Among them, automation and the increasing reliance on AI is a topic of particular concern - countries including Australia, India, the UK and the US have already started to adopt these technologies in digital welfare programmes. This adoption raises significant concerns about a quickly approaching future, in which computers decide whether or not we get access to the services that allow us to survive. There's an even more pressing problem. More than a few stories have emerged revealing the extent of the bias in many AI systems, biases that create serious issues for people in vulnerable situations, who are already exposed to discrimination, and made worse by increasing reliance on automation.</p>
<p>Beyond the issue of AI, we think it is important to look at welfare and automation with a wider lens. In order for an AI to function it needs to be trained on a dataset, so that it can understand what it is looking for. That requires the collection large quantities of data. That data would then be used to train and AI to recognise what fraudulent use of public benefits would look like. That means we need to think about every data point being collected as one that, in the long run, will likely be used for automation purposes.</p>
<p>These systems incentivise the mass collection of people's data, across a huge range of government services, from welfare to health - where women and gender-diverse people are uniquely impacted. CIS have been looking specifically at reproductive health programmes in India, work which offers a unique insight into the ways in which mass data collection in systems like these can enable abuse.</p>
<p>Reproductive health programmes in India have been digitising extensive data about pregnant women for over a decade, as part of multiple health information systems. These can be seen as precursors to current conceptions of big data systems within health informatics. India’s health programme instituted such an information system in 2009, the Mother and Child Tracking System (MCTS), which is aimed at collecting data on maternal and child health. The Centre for Internet and Society, India, <a href="https://cis-india.org/raw/big-data-reproductive-health-india-mcts" target="_blank">undertook a case study of the MCTS</a> as an example of public data-driven initiatives in reproductive health. The case study was supported by the <a href="http://bd4d.net/" target="_blank">Big Data for Development network</a> supported by the International Development Research Centre, Canada. The objective of the case study was to focus on the data flows and architecture of the system, and identify areas of concern as newer systems of health informatics are introduced on top of existing ones. The case study is also relevant from the perspective of Sustainable Development Goals, which aim to rectify the tendency of global development initiatives to ignore national HIS and create purpose-specific monitoring systems.</p>
<p>After being launched in 2011, 120 million (12 crore) pregnant women and 111 million (11 crore) children have been registered on the MCTS as of 2018. The central database collects data on each visit of the woman from conception to 42 days postpartum, including details of direct benefit transfer of maternity benefit schemes. While data-driven monitoring is a critical exercise to improve health care provision, publicly available documents on the MCTS reflect the complete absence of robust data protection measures. The risk associated with data leaks are amplified due to the stigma associated with abortion, especially for unmarried women or survivors of rape.</p>
<p>The historical landscape of reproductive healthcare provision and family planning in India has been dominated by a target-based approach. Geared at population control, this approach sought to maximise family planning targets without protecting decisional autonomy and bodily privacy for women. At the policy level, this approach was shifted in favour of a rights-based approach to family planning in 1994. However, targets continue to be set for women’s sterilisation on the ground. Surveillance practices in reproductive healthcare are then used to monitor under-performing regions and meet sterilisation targets for women, this continues to be the primary mode of contraception offered by public family planning initiatives.</p>
<p>More recently, this database - among others collecting data about reproductive health - is adding biometric information through linkage with the Aadhaar infrastructure. This data adds to the sensitive information being collected and stored without adhering to any publicly available data protection practices. Biometric linkage is aimed to fulfill multiple functions - primarily authentication of welfare beneficiaries of the national maternal benefits scheme. Making Aadhaar details mandatory could directly contribute to the denial of service to legitimate patients and beneficiaries - as has already been seen in some cases.</p>
<p>The added layer of biometric surveillance also has the potential to enable other forms of abuse of privacy for pregnant women. In 2016, the union minister for Women and Child Development under the previous government suggested the use of strict biometric-based monitoring to discourage gender-biased sex selection. Activists critiqued the policy for its paternalistic approach to reduce the rampant practice of gender-biased sex selection, rather than addressing the root causes of gender inequality in the country.</p>
<p>There is an urgent need to rethink the objectives and practices of data collection in public reproductive health provision in India. Rather than continued focus on meeting high-level targets, monitoring systems should enable local usage and protect the decisional autonomy of patients. In addition, the data protection legislation in India - expected to be tabled in the next session in parliament - should place free and informed consent, and informational privacy at the centre of data-driven practices in reproductive health provision.</p>
<p>This is why the systematic mass collection of data in health services is all the more worrying. When the collection of our data becomes a condition for accessing health services, it is not only a threat to our right to health that should not be conditional on data sharing but also it raises questions as to how this data will be used in the age of automation.</p>
<p>This is why understanding what data is collected and how it is collected in the context of health and social protection programmes is so important.</p>
<p> </p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/privacy-international-ambika-tandon-october-17-2019-mother-and-child-tracking-system-understanding-data-trail-indian-healthcare'>https://cis-india.org/internet-governance/blog/privacy-international-ambika-tandon-october-17-2019-mother-and-child-tracking-system-understanding-data-trail-indian-healthcare</a>
</p>
No publisherambikaBig DataData SystemsPrivacyResearchers at WorkInternet GovernanceResearchBD4DHealthcareBig Data for Development2019-12-30T17:18:05ZBlog EntryParticipation in ISO/IEC JTC 1 SC 27 meetings
https://cis-india.org/internet-governance/news/participation-in-iso-iec-jtc-1-sc-27-meetings
<b>From October 14 - 18, 2019, Gurshabad Grover, participated in the meetings of ISO/IEC JTC 1 SC 27 held in Paris, the committee that develops international standards for IT Security techniques.</b>
<p>Gurshabad focused on the meetings of working group 5 that deals with identity management and privacy technologies. Some highlights of the participation:</p>
<ul>
<li style="text-align: justify; "><span>I represented the Indian delegation's contributions in the comment </span><span>resolution meeting on WD TS 27570: Privacy guidelines for smart cities.</span></li>
</ul>
<ul>
<li style="text-align: justify; "><span>Since </span><span class="Object" id="OBJ_PREFIX_DWT207_com_zimbra_date">October 2018</span><span>, I have been a co-rapporteur on the working groups' </span><span>study period on the impact of machine learning on privacy. At this </span><span>meeting, we presented our interim report. We are extending the study </span><span>period for six months to further collaborate with SC 42 (that deals with </span><span>artificial intelligence standards) to document privacy aspects for the </span><span>applications and use cases they have developed.</span></li>
</ul>
<ul>
<li style="text-align: justify; "><span>I will now be a co-rapporteur on the study period on `Privacy for </span><span>fintech services', which was initiated in this meeting. We will be </span><span>surveying privacy standards and data protection regulations to assess </span><span>the need for new work items (standards/guidelines document) in the space.</span></li>
</ul>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/news/participation-in-iso-iec-jtc-1-sc-27-meetings'>https://cis-india.org/internet-governance/news/participation-in-iso-iec-jtc-1-sc-27-meetings</a>
</p>
No publisherAdminInternet GovernancePrivacy2019-11-02T06:31:46ZNews Item