Centre for Internet and Society

UN Questionnaire on Digital Innovation, Technologies and Right to Health

Pahlavi and Shweta Mohandas — 2022-11-21T16:10:06Z

The Centre for Internet & Society (CIS) contributed to the questionnaire put out by the Office of the United Nations High Commissioner for Human Rights, on digital innovation, technologies and the right to health. The responses were authored by Pahlavi and Shweta Mohandas, and edited by Indumathi Manohar.

Questionnaire

1. What are benefits of increased use of digital technologies in the planning and delivery of health information, services and care? Consider the use of digital technologies for healthcare services, the collection and use of health-related data, the rise of social media and mobile phones, and the use of artificial intelligence specifically to plan and deliver healthcare. Please share examples of how such technologies benefited specific groups. How have digital technologies contributed to availability, accessibility, acceptability and quality of healthcare? Has the use of artificial intelligence improved access to health information, services and care? Please comment on existing or emerging biases in health information, services and care.

The use of digital technologies and forms of digital health interventions has seen an increase in interest from governments, industries, as well as individuals since the beginning of the pandemic. The lockdowns, and other social distancing measures created a push towards telemedicine and online consultations. Digital health services provide a number of people the opportunity to seek medical help without traveling, which particularly help people with accessibility needs, the elderly, and anyone else that has difficulty in movement.1 Telemedicine can also help meet the challenges of healthcare delivery to rural and remote areas, in addition to serving as a means of training and education.2

The pandemic brought about a push towards telehealth and telemedicine and the telemedicine market has been reported to touch $5.4 Bn by 2025,3 with a number of applications working to make it more accessible to people in India. With respect to AI there has been some adoption of AI in India to help the most vulnerable group of people. For example: Microsoft has teamed up with the Government of Telangana to use cloud-based analytics for the Rashtriya Bal Swasthya Karyakram program by adopting MINE (Microsoft Intelligent Network for Eyecare), an AI platform to reduce avoidable blindness in children.4 Similarly Philips Innovation Campus (PIC) in Bengaluru, Karnataka is harnessing technology to make solutions for TB detection from chest x-rays, and a software solution (Mobile Obstetrics Monitoring) to identify and manage high-risk pregnancies.5 More recently IWill by ePsyClinic, a mental-health platform in India, has received a grant from Microsoft's 'AI for Accessibility' program to accelerate the building of a Hindi-based AI Mental Health conversational program.6

However the use of digital technologies and online medical interventions has also widened the increasing gap between those who can afford a smart phone and internet and those who cannot. A digital-only health intervention also results in excluding a wide number of people who do not have a smartphone, for example the Indian contact-tracing app, Aarogya Setu, which was a mandatory download to access public places during the lockdown was initially only available via a smartphone. Additionally, the app initially was not compatible with screen readers.7 The disparities in digital access and infrastructure is not limited to individuals— a report by the Ministry of Electronics and Information Technology India highlighted that the government hospitals and dispensaries have very little ICT infrastructure with only some major public hospitals having computers and connectivity.8

As stated above, the adoption of digital health technologies is not uniform around the world, and the people who are not able to access these technologies missed being included in the data that is being collected by these systems, further excluding from the data set which might be used to train future interventions. In the same light, digital technologies such as AI based screening are based on historical data that have been proved to contain biases against

marginalised communities. Continuing to use these systems without addressing these biases and or including more diverse dataset results in the same people being marginalised and misdiagnosed further. For example, safety apps where data is provided by limited people could identify Dalit and Muslim areas as unsafe, reflecting the prejudices of the app’s middleand upper-class users.9 While this has not been revealed in healthcare apps, the growing use of CCTVs and subsequent use of facial recognition in only certain pockets of the city reveal the historical biases in the police system that lead to targeted surveillance.10

2. How has the rise of web platforms and social media increased access to health information and services, or conversely, increased risk of misdiagnosis or other harms? Please share examples of ways in which social media and web platforms facilitated innovation in access to evidence-based health information and services, or created new threats of discrimination, mental health harms, or online or offline violence.

Social media platforms have helped people immensely during the pandemic. For example, when people reached out to strangers for help for hospital beds and oxygen. However, the benefits of such were limited to people who were on social media and had the reach and networks to share such information.11Furthermore, social media and messaging apps such as Whatsapp also led to the spread of misinformation during the pandemic. For example a Whatsapp message claiming to be from the Ministry of Aayush which permitted homeopathy doctors to treat Covid19 spread significantly, leading to the official government channels clarifying that it is fake and cautioning people against it.12 It was also noted that at times when women shared requests for beds or oxygen during covid on social media, they were faced with fake calls, stalking and trolling on social media, making it harder for them to seek help.

3. How has the right to privacy been impacted by the use of digital technologies for health? Please share examples of ways in which data gathered from digital technologies have been used by States, commercial entities or other third parties to either benefit or harm groups regarding the right to health.

In 2006, the National e-Governance Plan (NeGP) was approved by the Indian State wherein a massive infrastructure was developed to reach the remotest corners and facilitate easy access of government services efficiently at affordable costs.13There has been a paradigm shift in the Indian state’s governance strategy, with severe implications for privacy and inclusion. However, this shift has been undertaken primarily through a series of administrative orders with no real legislative mandate and minimal judicial oversight. This digitisation began with services such as taxation, land record, passport details, but it soon extended its ambit, and it now covers most services for which the citizen is dependent upon the state— the latest being digital health.

In the Indian context, there have been a number of policies that have been published which dealt with digital health. The policies looked at creating a digital health ID, digitisation of health data, and the management of health data. However these policies are being introduced without the existence of a comprehensive data protection legislation. While there are certain safeguards mentioned in each policy, without privacy and data protection legislation it is impossible to ensure compliance and the rights of the data owners. This issue became a reality when during the vaccination for Covid, some vaccination centres created Health ID for people without their consent.14

4. What are current strengths or weaknesses of digital health governance at national, regional and global levels? Please provide examples of laws, regulations or other safeguards that has been put in place to protect and fulfill the rights to health, privacy, and confidentiality within the use of digital technologies for health? Do restrictive laws or law enforcement create any specific challenges for persons using digital technologies to access health information or services?

Digitisation of the healthcare system in India had started prior to the pandemic. However, the pandemic also saw a slew of digitisation policies being rolled out, the most notable being the National Digital Health Mission (re-designed as the Aayushman Bharat Digital Mission) which empowered and saw the government use the vaccination process to generate Health IDs for citizens, in several reported cases without their knowledge or consent.15 The entire digitisation process has been undertaken in the absence of any legislative mandate or judicial oversight. It has primarily been undertaken through issuance of executive notifications and resulting in absent or inadequate grievance redressal mechanisms.

The rollout of the NDHM also saw health IDs being generated for citizens. In several reported cases across states, this rollout happened during the Covid-19 vaccination process— without the informed consent of the concerned person. All of these developments took place in the absence of a data protection law and a law regulating the digital health sphere, raising critical concerns around citizens’ privacy and the governance and oversight mechanisms for digital health initiatives.

Valdez, R. S., Rogers, C. C., Claypool, H., Trieshmann, L., Frye, O., Wellbeloved-Stone, C., & Kushalnagar, P. (2021). Ensuring full participation of people with disabilities in an era of telehealth. Journal of the American Medical Informatics Association, 28(2), 389-392.
Paul, Hickok, Sinha, & Tiwari. (2018). Artificial Intelligence in the Healthcare Industry in India. Centre for Internet and Society India. Retrieved November 15, 2022, from https://cis-india.org/internet-governance/ai-and-healthcare-report/view
Dayalani, V., K., H., S., G., R., T., & M., L. (2021, February 15). 1mg Rises In Indian Telemedicine Space As Sector Set To Touch $5.4 Bn Market Size by 2025. Inc42 Media. Retrieved November 15, 2022, from https://inc42.com/datalab/telemedicine-a-post-covid-reality-in-india/
Government of Telangana adopts Microsoft Cloud and becomes the first state to use Artificial Intelligence for eye care screening for children - Microsoft Stories India. (2017, August 3). Microsoft Stories India. Retrieved November 15, 2022, from https://news.microsoft.com/en-in/governmenttelangana-adopts-microsoft-cloud-becomes-first-state-use-articial-intelligence-eye-care-screeningchildren/
D’Monte, L. (2017, February 15). How Philips is using AI to transform healthcare. Mint. Retrieved November 15, 2022, from https://www.livemint.com/Science/yxgekz1jJJ3smvvRLwmaAL/How-Philips-is-using-AI-to-transformhealthcare.html
PTI. (2022, November 11). Microsoft supports IWill with “AI for Accessibility” grant to develop AI CBT mental health program for 615 million Hindi users. Microsoft Supports IWill With “AI for Accessibility”Grant to Develop AI CBT Mental Health Program for 615 Million Hindi Users. Retrieved November 15,2022, from https://www.ptinews.com/pti/Microsoft-supports-IWill-with--AI-for-Accessibility--grant-todevelop-AI-CBT-mental-health-program-for-615-million-Hindi-users/58238.html
Nath. (2020, May 2). Coronavirus | Mandatory Aarogya Setu app not accessible to persons with disabilities.Coronavirus | Mandatory Aarogya Setu App Not Accessible to Persons With Disabilities - the Hindu. Retrieved November 15, 2022, from https://www.thehindu.com/news/national/coronavirus-mandatory-aarogya-setu-app-notaccessible-to-persons-with-disabilities/article31489933.ece
Sharma, N. C. (2018, July 16). Adoption of e-medical records facing infra hurdles: Report. Mint. Retrieved November 15, 2022, from https://www.livemint.com/Politics/CucBmKaoWLZuSf1Y9VaafM/Adoption-of-emedical-recordsfacing-infra-hurdles-Report.html
https://www.livemint.com/news/world/ai-algorithms-far-from-neutral-in-india-11613617957200.html
Vipra. (n.d.). The Use of Facial Recognition Technology for Policing in Delhi. Vidhi Centre for Legal Policy. Retrieved November 15, 2022, from https://vidhilegalpolicy.in/research/the-use-of-facial-recognition-technology-for-policingin-delhi/
Kalra, A., & Ghoshal, D. (2021, April 21). Twitter becomes a platform of hope amid the despair of India’s COVID crisis. Reuters. Retrieved November 15, 2022, from https://www.reuters.com/world/india/twitterbecomes- platform-hope-amid-despair-indias-covid-crisis-2021-04-21/
Times of India . (2020, April 29). WhatsApp message on Homeopathy and coronavirus treatment is fake- Times of India. The Times of India. Retrieved November 15, 2022, from https://timesondia.indiatimes.com/gadgets-news/whatsapp-message-on-homeopathy-and-coronavirustreatment-is-fake/articleshow/75425274.cms
Amber Sinha, Pallavi Bedi and Amber Sinha, “Techno-Solutinist Responses to Covid 19”, EPW, Vol LVI, No. 29, July 17, 2021 Retrieved from: https://www.epw.in/journal/2021/29/commentary/technosolutionist-responses-covid-19.html
Rana, C. (2021, October 1). COVID-19 vaccine beneficiaries were assigned unique health IDs without their consent.The Caravan. Retrieved November 15, 2022, from https://caravanmagazine.in/health/covid-19-vaccinebeneficiaries-were-assigned-unique-health-ids-without-their-consent

For more details visit https://cis-india.org/internet-governance/un-questionnaire-digital-innovation-technologies-right-to-health

Parichiti - Domestic Workers’ Access to Secure Livelihoods in West Bengal

Anchita Ghatak — 2020-12-30T10:01:36Z

This report by Anchita Ghatak of Parichiti presents findings of a pilot study conducted by the author and colleagues to document the situation of women domestic workers (WDWs) in the lockdown and the initial stages of the lifting of restrictions. This study would not have been possible without the WDWs who agreed to be interviewed for this study and gave their time generously. We are grateful to Dr Abhijit Das of the Centre for Health and Social Justice for his advice and help. The report is edited by Aayush Rathi and Ambika Tandon, and this work forms a part of the CIS’s project on gender, welfare and surveillance supported by Privacy International, United Kingdom.

Domestic Workers’ Access to Secure Livelihoods in West Bengal: Read (PDF)

Cross-posted from Parichiti.

Executive Summary

Hundreds of thousands of women from poor communities work as domestic workers in Kolkata. Domestic work is typically a precarious occupation, with very little recognition in legislation or policy. Along with other workers in the informal economy, women domestic workers (WDWs) were severely impacted by the national lockdown enforced in March, with loss of livelihood and few options for survival.

Parichiti works with WDWs in 20 different locations - slums and informal settlements in Kolkata and villages in south 24 Parganas. We conducted this pilot study from late June to August 2020 to document the situation of WDWs from March onwards, in the lockdown and the initial stages of lifting of restrictions. We interviewed 14 WDWs on the phone to record their experiences during the lockdown and after, including impact on livelihoods. The objectives of the study were to document the impact of the Covid-19 pandemic on the lives of WDWs, with focus on economic and health dimensions.

We found that most domestic workers in our sample were paid for March, but faced difficulties in procuring wages April onwards. During this period, they faced economic hardships that threatened their survival, with members of their family also involved in the informal sector and experiencing loss of wages. Workers survived on relief received through civil society or by taking loans from banks or informal lenders. Some are now stuck in a debt trap.

Most went back to work from June, but faced several barriers – public transport services continued to be dysfunctional, apartment complexes prohibited entry of outsiders, and employers were reluctant to allow workers into their homes. Employers were wary of workers if they were employed in multiple households or used public transport, forcing workers to adapt to these conditions. Due to these reasons, some workers lost their jobs permanently, while others returned with lower wages or lower number of employers. Workers were well aware of the precautions to be taken at the home and workplace with regards to Covid-19.

Many WDWs were unable to access ration through the Public Distribution System. Some were not enrolled and others were enrolled in the districts they had migrated from. Some were not classified as below the poverty line and were hence not priority households for the state, although they were ‘deserving’ beneficiaries. All of the respondents were affected by Cyclone Amphan, which devastated parts of the state in May 2020. Despite the announcement of a sizeable compensation by the state, those whose homes were impacted were unable to get any relief. WDWs overall tended to not rely on the state for welfare or health services. Many regarded public health systems to have poor quality services, and turned to private services when possible. Both central and state governments fell short of meeting the needs of WDWs during the pandemic, which could potentially have long-term impact on their income and health.

For more details visit https://cis-india.org/raw/parichiti-domestic-workers-access-to-secure-livelihoods-west-bengal

India Digital Freedom Series: Internet Shutdowns, Censorship and Surveillance

gurshabad — 2021-01-11T10:07:30Z

A series of reports on digital rights and civic space in India, focusing on four areas where restrictive policies threaten fundamental freedoms and impede public participation: internet shutdowns, censorship, platform governance and surveillance.

Read the reports

1. Introduction, Background and Methodology by Arindrajit Basu

2. Internet Shutdowns: Threats to Digital Access by Torsha Sarkar, Manogna Matam and Gurshabad Grover

3. Censorship: Threats to Expression by Matam Manogna, Torsha Sarkar, Gurshabad Grover and Kanav Khanna

4. Platforms as Gatekeepers: Threats to Digital Space by Torsha Sarkar and Gurshabad Grover

5. Surveillance and Data Protection: Threats to Privacy and Digital Security by Mira Swaminathan and Arindrajit Basu

Background

Amidst global trends towards authoritarianism and closing space for civil society, India’s dynamic changing landscape calls for ongoing attention. In the last year alone, upheaval around the Citizenship Amendment Act protests, sectarian violence and communal riots in Delhi and elsewhere, the emergence of Covid-19, and issues of statelessness and discrimination have raised questions about the state of civic freedoms in India. At the same time, efforts to mold and restrict civil society, through funding limitations and a narrative against activism and ‘foreign agents,’ continue to reverberate across the non-profit sector. Technology has played a major role in all of these developments, with expression and democratic debate increasingly carried into the digital sphere, and privacy, data, and surveillance taking center stage, particularly amidst a global pandemic. India additionally has the notorious distinction of being the world’s democracy with the longest-running internet shutdown. Other examples of how digital rights are being impacted in India abound: possible government-sanctioned surveillance on activists and journalists; various forms of censorship, and denial of access to information.

Documentation and consideration of such phenomena is critical, given the role digital developments will play shaping Indian society in the 21st century. Technology can be a great enabler of constitutional values, welfare, and act as a facilitator of public discourse. It can also be used by the state to fetter the realization of constitutional rights and restrict the growth of civil society activism and public discourse. To date, there exists little comprehensive coverage of the overall universe of policies and laws affecting digital rights, and how their implementation is impacting Indian civil society actors, including non-profits, activists, media, minority groups, and others.

India’s constitutional ethos provides for a wide array of fundamental rights designed to protect and empower the most vulnerable. It views the state as a key actor in breaking existing barriers of structural inequality - something technology can play a role in - if designed and implemented reasonably, with the widest possible consultation. Given India’s status as the world’s most populous democracy, along with its considerable heft in the Information and Communications Technology (ICT) sector globally, how these issues play out will be critical for the future of digital civic space, in South Asia, Asia, and beyond.

This report undertakes an examination of key topics related to digital rights and civic space in India. It focuses on four areas of particular concern, where restrictive policies threaten to violate fundamental freedoms and restrict civil society and public participation. The topics covered include: 1) Internet Shutdowns, 2) Online Censorship, 3) Platform Governance, and 4) Surveillance. Each chapter begins with a factual overview identifying the scope of the problem across the country. It proceeds to evaluate relevant Indian laws and regulations affecting the enjoyment of fundamental human rights of members of civil society online, including the rights to free association, assembly, expression, privacy, access to information and public participation. The chapter then summarizes relevant international law and standards, many of which are obligatory on the Indian government and constitute binding international commitments, and concludes with some reflections and recommendations.

Ultimately, the report emphasizes the importance of a free, fair, and democratic digital civic space in line with international law and best practices. It evaluates ongoing Indian policies in the four topic areas in light of these standards, and provides suggestions for paths to reform that Indian policymakers can undertake to enable the use of technology in consonance with India’s rich constitutional ethos.

Methodology

This report was researched and written by the Centre for Internet and Society (CIS), with support from the International Center for Not-for-Profit Law (ICNL). Researchers at CIS with specialized knowledge in digital rights undertook an expansive review of a wide range of sources related to this topic, including academic scholarship and legal literature, news articles, government documents, laws, and other publications. In addition to desk research, two teams of CIS researchers travelled across five cities - Jodhpur and Jaipur (state of Rajasthan), Ahmedabad (state of Gujarat), Siliguri (state of West Bengal), and Guwahati (state of Assam). Each of these states have a vibrant civic space, and have seen a number of individuals and organizations engaging with key issues in the digital space over the past months. Researchers interviewed a diverse array of stakeholders, including student activists, public interest lawyers, government officials, party workers, and journalists. While refraining from undertaking quantitative or empirical analysis of the fieldwork findings, the qualitative insights and data gathered from these interviews were instrumental in the shaping of this report.

This report uses the World Bank’s definition of “civil society,” namely: “a wide array of organizations: community groups, non-governmental organizations [NGOs], labour unions, indigenous groups, charitable organizations, faith-based organizations, professional associations, and foundations.” However, to truly understand public participation in a democracy, the report looks beyond organised groups and their workings, and examines how various individuals participate in public processes - including through protests, writing, and engagement through social media. Thus, when considering the impact of digital rights, this report did not limit its investigation only to organised civil society but considered a larger scope to engage with a broader notion of public participation.

Acknowledgements

The Centre for Internet and Society would like to thank the International Center for Not- for-Profit Law for the financial support that made the report possible. The authors would also like to thank Abhijit Roy, Arun Chauhan, Gajendra Singh Dahiya, Kumar Shubham, Manjula Pradeep, Rahul Bordoloi, Roshan Gupta, and many others who chose to remain anonymous for their inputs that informed the research; Akash T for research assistance; and Julie Hunter, Lisa Vermeer, and Nick Robinson for their feedback. Thanks also to the ICNL team for designing, formatting and editing the reports. All opinions and errors in the piece remain those of the authors.

We would also like to wholeheartedly thank The Legal Aid and Awareness Committee from the National Law University Jodhpur for helping us set up a number of interviews with key stakeholders.

For more details visit https://cis-india.org/internet-governance/blog/india-digital-freedom-series-internet-shutdowns-censorship-and-surveillance

Gender, Health, & Surveillance in India - Panel - Agenda

sumandro — 2020-12-23T13:56:07Z

For more details visit https://cis-india.org/raw/gender-health-surveillance-in-india-panel-agenda

Gender, Health, & Surveillance in India - A Panel Discussion

Aayush Rathi and Ambika Tandon — 2020-12-23T14:03:13Z

Women and LGBTHIAQ-identifying persons face intensive and varied forms of surveillance as they access reproductive health systems. Increasingly, these systems are also undergoing rapid digitisation. The panel was set-up to discuss the discursive, experiential and policy implications of these data-intensive developments on access to public health and welfare systems by women and LGBTHIAQ-identifying persons in India. The panelists presented studies undertaken as part of two projects at CIS, one of which is supported by Privacy International, UK, and the other by Big Data for Development network established by International Development Research Centre, Canada.

Event note and agenda: Read (PDF)

Recording of the discussion: Watch (YouTube)

For more details visit https://cis-india.org/raw/gender-health-surveillance-in-india-panel-discussion

Annual Programmatic Report 2018-2019

pranav — 2020-11-10T10:56:33Z

For more details visit https://cis-india.org/about/reports/annual-programmatic-report-2018-2019

Legal and Policy Implications of Autonomous Weapons Systems

aman — 2021-03-22T05:29:20Z

For more details visit https://cis-india.org/internet-governance/legal-and-policy-implications-of-autonomous-weapons-systems

Recommendations for EU cyber diplomacy

basu — 2020-09-19T13:32:36Z

Written statement by Arindrajit Basu delivered at the EU Cyber Direct Civil Society Forum 2020

1.Key issues for EU cyber diplomacy

There are two key issues that the EU should take the lead on. Extra-territorial surveillance by several countries, in partnership with private actors continues with aplomb. In Schrems II, the Court of Justice of the European Union has already dealt a decisive victory for civil society actors campaigning against US law and surveillance policy, and protected the rights of EU citizens by doing so. Channelising the rich human rights jurisprudence in the European Convention on Human Rights, the court was able to highlight how existing US law and policy do not comply with the principle of proportionality in the ECHR..While the courts are an important avenue of resistance, other countries targeted by illegal and illegitimate surveillance often do not have judicial recourse or the clout to effectively counter surveillance practices.In line with the accepted principles of international law, the EU must engage in diplomatic posturing calling for reining in the use of extra-territorial surveillance,which includes surveillance enhancing technologies, mass dragnet surveillance, and surveillance by private actors.

The second key issue is that of ‘data sovereignty’-or a recognition that notwithstanding the significance of cross-border data flows, the ultimate responsibility of guaranteeing citizen rights in the digital sphere lie with the state enforcing laws in that jurisdiction. Undoubtedly, this responsibility must be discharged in conjunction with the principles of international law but the policy space itself should be sovereign, and not be dictated by other states or private actors. This sovereign space includes the right to regulate private actors such as technology companies through taxation, anti-trust laws, and impose on them key human rights obligations. It also includes an obligation to protect citizen interests against foreign adversaries.Sovereignty must not be conflated with brazen technology nationalism that involves restrictions on foreign technology or investment that harms the economic welfare or civil liberties of a state’s own citizens.

Several jurisdictions including the EU are grappling with the precise contours of ‘data sovereignty’ and what it means in today’s increasingly fractured geo-political climate. However, as it set the ball rolling with privacy enhancing diplomacy across the world, the EU has an opportunity to work with several key partners, including emerging economies such as India, Brazil and South Africa to ensure that these debates culminate in digital ecosystems that preserve the rule of law while also increasing digital accessibility and reducing inequality.

2. Multi-stakeholder coalitions

The EU has signed up for multilateral coalitions such as the Global Partnership on Artificial Intelligence and EU countries have signed onto multi-stakeholder digital agreements such as the Paris Call for Trust and Security in Cyberspace. While coalitions have been dismissed (incorrectly I believe) as talking shops, often efficient coalitions can attain key goals and promote core democratic values. Through these coalitions, the EU should look to attract as vast an array of stakeholders as possible-both states and private actors.However, that should happen once the key principles, objectives and mechanisms of engagement have been charted out by the coalition. Attracting too many stakeholders without having these clearly charted out allows for the agenda to be hijacked or limited.

3. Engagement with civil society abroad

The EU has to some extent successfully engaged civil society actors from various parts of the world. The Closing the Gap Conference held successfully by EU Cyber Direct in July showcased quality scholarship from all around the world and enabled dialogue between participants that we do not see often. The dialogue we are having today is a critical form of engagement.The EU should also consider supporting and providing resources for transnational movements such as the #Keepiton coalition that is advocating against internet shutdowns around the world and other civil society consortiums that are upholding values the EU also believes in around the world. Further, it is clear that European policy innovations-be it the GDPR or the European Data Strategy deeply impacts the future of global digital spaces. Therefore, robust consultative mechanisms should be deployed to ensure that academics and civil society participants from all over the world have a meaningful opportunity to shape these policies, keeping in mind the resources available for organisations, specially those in the global south to do the same.

17th September 2020.

(Remarks delivered via video-conferencing)

(Note: This write-up is not meant to be an exhaustive representation of all recommendations for EU cyber diplomacy but captures the statement made by Arindrajit at the Civil Society Forum)

For more details visit https://cis-india.org/internet-governance/blog/recommendations-for-eu-cyber-diplomacy

IFAT and ITF - Locking Down the Impact of Covid-19 - Report

sumandro — 2020-09-17T17:38:59Z

For more details visit https://cis-india.org/raw/ifat-itf-locking-down-the-impact-of-covid-19-report

Fundamental Right to Privacy — Three Years of the Puttaswamy Judgment

pranav — 2020-08-24T07:46:10Z

Today marks three years since the Supreme Court of India recognised the fundamental right to privacy, but the ideals laid down in the Puttaswamy Judgment are far from being completely realized. Through our research, we invite you to better understand the judgment and its implications, and take stock of recent issues pertaining to privacy.

Amber Sinha dissects the Puttaswamy Judgment through an analysis of the sources, scope and structure of the right, and its possible limitations. [link]

Through a visual guide to the fundamental right to privacy, Amber Sinha and Pooja Saxena trace how courts in India have viewed the right to privacy since Independence, explain how key legal questions were resolved in the Puttaswamy Judgement, and provide an account of the four dimensions of privacy — space, body, information and choice — recognized by the Supreme Court. [link]

Based on publicly available submissions, press statements, and other media reports, Arindrajit Basu and Amber Sinha track the political evolution of the data protection ecosystem in India, on EPW Engage. They discuss how this has, and will continue to impact legislative and policy developments. [link]

For the AI Policy Exchange, Arindrajit Basu and Siddharth Sonkar examine the Automated Facial Recognition Systems (AFRS), and define the key legal and policy questions related to privacy concerns around the adoption of AFRS by governments around the world. [link]

Over the past decade, reproductive health programmes in India have been digitising extensive data about pregnant women. In partnership with Privacy International, we studied the Mother and Child Tracking system (MCTS), and Ambika Tandon presents the impact on the privacy of mothers and children in the country. [link]

While the right to privacy can be used to protect oneself from state surveillance, Mira Swaminathan and Shubhika Saluja write about the equally crucial problem of lateral surveillance — surveillance that happens between individuals, and within neighbourhoods, and communities — with a focus on this issue during the COVID-19 crisis. [link]

Finally, take a dive into the archives of the Centre for Internet and Society to read our work, which was cited in the Puttaswamy judgment — essays by Ashna Ashesh, Vidushi Marda and Bhairav Acharya that displaced the notion that privacy is inherently a Western concept, by attempting to locate the constructs of privacy in Classical Hindu [link], and Islamic Laws [link]; and Acharya’s article in the Economic and Political Weekly, which highlighted the need for privacy jurisprudence to reflect theoretical clarity, and be sensitive to unique Indian contexts [link].

For more details visit https://cis-india.org/internet-governance/blog/fundamental-right-to-privacy-three-years-of-the-puttaswamy-judgment

Artificial Intelligence: A Full-Spectrum Regulatory Challenge (Working Draft) PDF

pranav — 2020-08-04T06:07:47Z

For more details visit https://cis-india.org/internet-governance/artificial-intelligence-a-full-spectrum-regulatory-challenge-working-draft-pdf

Raina Roy and Abhiraj Bag - Kolkata’s trans community has been locked out of healthcare and livelihood

Raina Roy and Abhiraj Bag — 2020-08-01T14:54:16Z

Over six months into the outbreak of Covid-19 in India, it has become clear that the pandemic does not affect everybody equally. It has amplified the sufferings of the already-marginalised trans community. Raina Roy spoke to 10 trans persons and trans rights activists in Kolkata over the course of the past few months to better understand the situation. The piece was transcribed by Abhiraj Bag and edited by Kaarika Das and Srravya C, researchers at the Centre for Internet and Society, India. This work is part of a project at CIS on gender, welfare and surveillance, supported by Privacy International, United Kingdom.

Originally published by Scroll on July 28, 2020.

Raina is a founder of Samabhabona (Baishamya Durikaran Samiti), a trans-led organisation in Kolkata working with trans rights since 2013. Abhiraj is a trans rights activist based in Kolkata.

Several members of our community have lost their livelihoods due to the lockdown and remain unemployed for over three months now. Those engaged in sex work and begging have no respite in sight for the foreseeable future. As a community, we are more likely to be unemployed as traditional employment opportunities are inaccessible to us. Our health concerns are also diverse, as we grapple with gender dysphoria alongside other psychosocial issues. Covid-19 has exacerbated these inequalities and effectively locked us out of livelihood as well as healthcare.

An alienating system

When it comes to accessing institutional healthcare, visiting hospitals can be a daunting ordeal for trans men and trans women, as we frequently encounter discrimination and stigmatisation from healthcare providers.

Even in emergency cases such as accidents, medical attention is delayed due to confusion whether the patient should be admitted to the male or female ward. Finding compassionate healthcare providers is difficult, especially in government hospitals. Most often, they are not sensitised to trans-health issues.

Such experiences have alienated us from the healthcare system and left several members of the trans community reluctant to seek medical help.

Access to general healthcare has further worsened with Covid-19, as many are unable to seek emergency medical assistance. With no sustainable source of income and deteriorating health condition, elderly trans persons are hit with a double whammy. Despite their failing health, there is presently no provision for routine health check-up which they can avail. The reluctance to consult a healthcare service provider has increased due to the added risk of infection.

SRS services are city-centric

Many in the community had scheduled their sex reassignment surgery or SRS and started taking the necessary hormonal medication. However, because of Covid-19, they have now had to postpone their surgery indefinitely. This uncertainty further aggravated distress together with issues of hormonal imbalance. Due to loss of income, many are resorting to alternative cheap hormonal medication and without proper medical supervision, its consequence could be harmful.

Those who have undergone SRS or are currently on hormone replacement therapy often experience side effects such as rise in blood pressure and blood sugar levels, urinary tract infection, and other immunity-compromising problems. To treat these side-effects, a patient may need to consult an endocrinologist, gynaecologist or urologist. However, such specialists are only available at district hospitals. At the sub-district level, we may be able to consult a gynaecologist at best. An endocrinologist or urologist would be available only if we travelled to the district hospitals or medical college hospitals.

A lockdown spanning over three months, restrictions on travel and closure of public transport have made the city-centric, SRS-related healthcare systems inaccessible to the transgender persons in smaller towns and villages. Pre-Covid-19, a few NGOs and community-based organisations provided sexual health services. However, they were unable to continue their services during the lockdown. This has adversely impacted the trans community’s access to sexual health services.

So far, two trans women have been tested positive for Covid-19 in Kolkata. Thanks to the intervention from activists and other allies, they were quarantined in the female ward when they tested positive. Both were asymptomatic and are presently self-isolating at home. Within the trans community, there is inadequate awareness about Covid-19 testing protocols and procedures. The saving grace has been the dedicated provisioning of ten beds at the MR Bangur Hospital, specifically reserved for transgender persons.

Community care

The most hard-hitting impact of Covid-19 is undoubtedly on the mental health of our community. Often faced with social stigma and physical abuse, we take refuge in the comfort of each other’s support. In the absence of familial ties, community support is vital for our well-being. However, Covid-19 and the consequent lockdown measures, has distanced us from our only source of support and solace – community interaction and meet-ups.

Although digitally mediated communication has somewhat helped in coping, it is not as effective or cathartic as an in-person conversation. This has increased the susceptibility of substance abuse in the community. Parallelly, there has been a considerable rise in domestic violence cases too. Even under normal circumstances, we are more likely to encounter intimate partner violence, but are skeptical to seek redressal as the law-enforcing institutions – both judiciary and the police – are biased against us.

At hospitals, the constant misgendering that we face at the hands of healthcare professionals can be traumatising. Aparna Banerjee, a trans-person in Kolkata, said that this trauma has only worsened during Covid-19, when frontline healthcare workers are not sensitised about trans health. To escape this trauma, some trans women have resorted to unscientific castration, leading to urinary tract infection and kidney-related problems. Gender dysphoria also puts the trans community at a higher risk of anxiety, depression, self-harm and suicidal tendencies.

The political milieu

Such strains on our mental and physical health come at a time when we are already distressed by the thought of being disenfranchised. The latest National Register of Citizens list in Assam had excluded many trans persons, as they couldn’t establish family ties, for being disowned by their families. And if they were included, their gender was incorrectly stated.

With the 2019 Transgender Person Act coming into force, a District Magistrate is given the authority to recognise a person as trans. This defies the right to self-identify, as upheld in the 2014 NALSA judgement. The current provision also necessitates providing proof of surgery and has no consideration for gender incongruence. The burden of providing proof of surgery is unnerving, especially for someone who has just transitioned.

As such, the cumulative impact of the 2019 Transgender Person Act and the Citizenship Amendment Act-National Register of Citizen mandate could lead to a significant part of the community being disenfranchised. In resisting this coercive pronouncement, we staged a protest in Kolkata earlier this year.

What can be done

The health and well-being of the trans community has suffered decades of institutional neglect and the Covid-19 pandemic has intensified this suffering. Remedial policy measures have been long due and cannot be delayed any further. Shelter homes have been one of our long-standing demands, to ensure safety and care for the transgender community, particularly the elderly. It is important that such shelter homes are democratic spaces, and not religious centres, that are welcoming of trans persons from different walks of life.

Secondly, healthcare systems, both public and private, need to be more trans-friendly – doctors, nurses and other staff in hospitals and healthcare centres need to be sensitised and trained to identify and understand the healthcare needs of transmen and transwomen. Recruitment of more transgender people as health workers would go a long way in treating transgender patients more humanely, with support and care.

Measures to contain the spread of the pandemic should include increased testing of transgender persons, and tracking the testing and infection rates among trans persons. Relief measures aimed at addressing the economic crisis need to acknowledge the loss of livelihood in the trans community and provide adequate financial support and compensation. Finally, it is important that governments, both at the centre- and state-level, pay heed to our demands and include representatives from the trans community while formulating policies that impact our lives in significant ways.

For more details visit https://cis-india.org/raw/raina-roy-abhiraj-bag-transgender-community-kolkata-covid19-healthcare-livelihood

The State of Secure Messaging

divyank — 2020-07-17T08:12:15Z

A look at the protections provided by and threats posed to secure communication online.

This blogpost was edited by Gurshabad Grover and Amber Sinha.

The current benchmark for secure communication online is end-to-end encrypted messaging. It refers to a method of encryption wherein the contents of a message are only readable by the devices of the individuals, or endpoints, participating in the communication. All other Internet intermediaries such as internet service providers, internet exchange points, undersea cable operators, data centre operators, and even the messaging service providers themselves cannot read them. This is achieved through cryptographic mechanisms that allow independent devices to establish a shared secret key over an insecure communication channel, which they then use to encrypt and decrypt messages. Common examples of end-to-end encrypted messaging are applications like Signal and WhatsApp.

This post attempts to give at-risk individuals, concerned citizens, and civil society at large a more nuanced understanding of the protections provided and threats posed to the security and privacy of their communications online.

Threat Model

The first step to assessing security and privacy is to identify and understand actors and risks. End-to-end encrypted messaging applications consider the following threat model:

Device compromise: Can happen physically through loss or theft, or remotely. Access to an individual’s device could be gained through technical flaws or coercion (legal, or otherwise). It can be temporary or be made persistent by installing malware on the device.
Network monitoring and interference: Implies access to data in transit over a network. All Internet intermediaries have such access. They may either actively interfere with the communication or passively observe traffic.
Server compromise: Implies access to the web server hosting the application. This could be achieved through technical flaws, insider access such as an employee, or through coercion (legal, or otherwise).

End-to-end encrypted messaging aims to offer complete message confidentiality and integrity in the face of server and network compromise, and some protections against device compromise. These are detailed below.

Protections Provided

Secure messaging services guarantee certain properties. For mature services that have received adequate study from researchers, we can assume them to be sound, barring implementation flaws which are described later.

Confidentiality: The contents of a message are kept private and the ciphers used are practically unbreakable by adversaries.

Integrity: The contents of a message cannot be modified in transit.

Deniability: Aims to mimic unrecorded real-world conversations where an individual can deny having said something. Someone in possession of the chat transcript cannot cryptographically prove that an individual authored a particular message. While some applications feature such off-the-record messaging capabilities, the legal applicability of such mechanisms is debatable.

Forward and Future Secrecy: These properties aim to limit the effects of a temporary compromise of credentials on a device. Forward secrecy ensures messages collected over the network, which were sent before the compromise, cannot be decrypted. Future secrecy ensures messages sent post-compromise are protected. These mechanisms are easily circumvented in practice as past messages are usually stored on the device being compromised, and future messages can be obtained by gaining persistent access during compromise. These properties are meant to protect individuals aware of these limitations in exceptional situations such as a journalist crossing a border.

Shortcomings

While secure messaging services offer useful protections they also have some shortcomings. It is useful to understand these and their mitigations to minimise risk.

Metadata: Information about a communication such as who the participants are, when the messages are sent, where the participants are located, and what the size of a message is can offer important contextual information about a conversation. While some popular messaging services attempt to minimize metadata generation, metadata leakage, in general, is still considered an open problem because such information can be gleaned by network monitoring as well as from server compromise. Application policies around whether such data is stored and for how long it is retained can improve privacy. There are also experimental approaches that use techniques like onion routing to hide metadata.

Authentication: This is the process of asserting whether an individual sending or receiving a message is who they are thought to be. Current messaging services trust application servers and cell service providers for authentication, which means that they have the ability to replace and impersonate individuals in conversations. Messaging services offer advanced features to mitigate this risk, such as notifications when a participant’s identity changes, and manual verification of participants’ security keys through other communication channels (in-person, mail, etc.).

Availability: An individual’s access to a messaging service can be impeded. Intermediaries may delay or drop messages resulting in what is called a denial of service attack. While messaging services are quite resilient to such attacks, governments may censor or completely shut down Internet access.

Application-level gaps: Capabilities offered by services in addition to messaging, such as contact discovery, online status, and location sharing are often not covered by end-to-end encryption and may be stored by the application server. Application policies around how such information is gathered and retained affect privacy.

Implementation flaws and backdoors: Software or hardware flaws (accidental or intentional) on an individual’s device could be exploited to circumvent the protections provided by end-to-end encryption. For mature applications and platforms, accidental flaws are difficult and expensive to exploit, and as such are only accessible to Government or other powerful actors who typically use them to surveil individuals of interest (and not for mass surveillance). Intentional flaws or backdoors introduced by manufacturers may also be present. The only defence against these is security researchers who rely on manual inspection to examine software and network interactions to detect them.

Messaging Protocols and Standards

In the face of demands for exceptional access to encrypted communication from governments, and risks of mass surveillance from both governments and corporations, end-to-end encryption is important to enable secure and private communication online. The signal protocol, which is open and adopted by popular applications like WhatsApp and Signal, is considered a success story as it brought end-to-end encryption to over a billion users and has become a de-facto standard.

However, it is unilaterally developed and controlled by a single organisation. Messaging Layer Security (or MLS) is a working group within the Internet Engineering Task Force (IETF) that is attempting to standardise end-to-end encryption through participation of individuals from corporations, academia, and civil society. The draft protocol offers the standard security properties mentioned above, except for deniability which is still being considered. It incorporates novel research that allows it to scale efficiently for large groups up to thousands of participants, which is an improvement over the signal protocol. MLS aims to increase adoption further by creating open standards and implementations, similar to the Transport Layer Security (TLS) protocol used to encrypt much of the web today. There is also a need to look beyond end-to-end encryption to address its shortcomings, particularly around authentication and metadata leakage.

For more details visit https://cis-india.org/internet-governance/blog/the-state-of-secure-messaging

Privacy in the Age of the Pandemic

pranav — 2020-07-15T11:34:00Z

The Centre for Internet and Society, JKGA Law Chambers, and LawyersClubIndia invites you to the online panel discussion on ‘Privacy in the Age of the Pandemic.’

This event will happen on July 18 (Saturday), from 5:30pm to 7:00pm. The discussion will bring together an inter-disciplinary group of experts to unpack some of the core Privacy issues that will undoubtedly shape society, and future governance in the context of the Covid-19 pandemic.

Register for the event here.

As panelists, we have:
1) Arnab Kumar, who was instrumental in coming up with the Aarogya Setu app and has led policy initiatives from the front at NITI Aayog;
2) Vrinda Bhandari - well known for her advocacy and academic work in this domain;
3) Sahil Deo - who is helping stakeholders make more informed decisions in policy using data analysis;
4) Mira Swaminathan - a policy researcher with deep domain experience in the dangers of surveillance; and
5) Antaraa Vasudev, founder of Civis, an initiative enabling the layperson to understand the effects of policy changes on them!

The session will be moderated by Shweta Reddy, and Akshit Goyal.

For more details visit https://cis-india.org/internet-governance/events/privacy-in-the-age-of-the-pandemic

Engaging with the Covid-19 Crisis

pranav — 2020-07-15T09:31:51Z

In the last six months, COVID-19 has had a far-reaching impact on the world, including on the digital sphere, how people interact with it, and its mediation of social and economic exchanges. Researchers and practitioners at the Centre for Internet and Society (CIS) have responded to this dynamic landscape from different lenses.

WikiProject India COVID-19 Task Force

The Access to Knowledge team at CIS, along with the Wikidata editor community has been maintaining a reliable district and state-wise database of COVID-19 case statistics in India (link). If you are a Wikidata editor, please consider contributing or encouraging others to join this effort.

COVID-19 Apps

Based on publicly available information, Pallavi Bedi presents a comparative analysis of COVID-19 apps launched by different state governments in India, and examines their governing policies regarding privacy and data protection (link).
In light of the central-government’s release of the contact tracing app Aarogya Setu, Siddharth Sonkar’s report seeks to constructively engage with privacy concerns surrounding the app and its operations, and works towards making privacy safeguards governing its operability more consistent with international best practices (link).
Amber Sinha examines the false binary between privacy and surveillance created during a pandemic, and proposes a necessary and proportional method of contact tracing (link).
Aman Nair writes about the lack of oversight present in the Kerala government’s deal with Sprinklr Inc, the violations to the right to privacy, and how legislation that is currently being proposed would fail to prevent situations like this in the future (link).

Gig Economy and Labour Rights

With Tandem Research, CIS organized a webinar to interact with unions representing gig workers and researchers studying labour rights and gig work, to uncover the experiences of gig workers during the lockdown. Based on the discussion, a charter of recommendations was prepared with contributions from participants, and was shared with public and private stakeholders (link).
With support from three domestic workers’ unions, the Domestic Workers Rights Union, Bruhat Bangalore Gruhakarmika Sangha, and Manegelasa Kaarmikara Union, Geeta Menon put together a report that shines light on the plight of domestic workers in Bengaluru during the lockdowns, and now as the lockdown eases. It focuses on how government and administrative bodies, and resident welfare associations, have been culpable in further pushing domestic workers to the margins (link).
Aayush Rathi and Sreyan Chatterjee argue how the suspension of labour laws proposed (and enforced) by several states in India as a part of their COVID-19 impact response, have material and discursive impact on the future of work in India (link).
Ambika Tandon discusses the impact of Covid-19 on the gig economy in Asia, especially reflecting on the measures (or lack thereof) taken by companies to support workers (link).
Zothan Mawii, Aayush Rathi and Ambika Tandon spoke with the leaders of four workers' unions and labour researchers, including the Indian Federation of App-based Transport Workers (IFAT) and the Ola and Uber Drivers and Owners’ Association (OTU), to identify recommended actions that public agencies and private companies may undertake to better support the urgent needs of gig workers in India (link).

Lateral Surveillance

Drawing from multifaceted research on surveillance around the world, Mira Swaminathan and Shubhika Saluja analyse the unique domain of lateral surveillance, and its heightened impacts on the ‘culture of suspicion’ created between social classes, especially during a pandemic (link).
On the latest episode of our In Flux podcast, Shweta Reddy and Mira Swaminathan discuss COVID-19 related surveillance with Torsha Sarkar, and talk about balancing a public health objective with protection of our fundamental rights (link).

Misinformation

In an article in The Wire, Mira Swaminathan argues that the only efficient and effective way to prevent the spread of misinformation related to the pandemic is self-verification, which means that people who consume the data on an everyday basis must educate themselves and acquire the skills to tackle it (link).
Torsha Sarkar examines content moderation measures taken by online intermediaries to tackle harmful information related to COVID-19 on their platforms, and the recommended ways in which information around these decisions can be preserved for better research going forward (link).

Gender justice

In light of a large digital divide across the usage of technology by women, Ambika Tandon and Mira Swaminathan examine how effective calls to domestic abuse helplines are during lockdown (link).

Data Protection

As part of The Bastion’s series on the education sector and children’s privacy, Pallavi Bedi writes about protecting the privacy of children on ed-tech platforms, especially as students are now more than ever dependent on such platforms for their learning (link).
Shweta Reddy was a panelist on Medianama’s Roundtable on Privacy in the era of COVID-19, where she spoke about privacy checks for data collection process for the purposes of public health during the pandemic (link).
Gurshabad Grover was a discussant for the webinar on Health, Encryption & COVID-19: Keeping people and countries safer online, organized by Internet Society, Center for Democracy and Technology and Global Partners Digital, where he spoke about recent threats to end-to-end encrypted communications, including ‘traceability’ in India and the EARN IT in the US (link).

For more details visit https://cis-india.org/internet-governance/blog/engaging-with-the-covid-19-crisis