Centre for Internet and Society

Do We Really Need an App for That? Examining the Utility and Privacy Implications of India’s Digital Vaccine Certificates

divyank — 2021-08-03T05:13:28Z

We examine the purported benefits of digital vaccine certificates over regular paper-based ones and analyse the privacy implications of their use.

This blogpost was edited by Gurshabad Grover, Yesha Tshering Paul, and Amber Sinha.
It was originally published on Digital Identities: Design and Uses and is cross-posted here.

In an experiment to streamline its COVID-19 immunisation drive, India has adopted a centralised vaccine administration system called CoWIN (or COVID Vaccine Intelligence Network). In addition to facilitating registration for both online and walk-in vaccine appointments, the system also allows for the digital verification of vaccine certificates, which it issues to people who have received a dose. This development aligns with a global trend, as many countries have adopted or are in the process of adopting “vaccine passports” to facilitate safe movement of people while resuming commercial activity.

Some places, such as the EU, have constrained the scope of use of their vaccine certificates to international travel. The Indian government, however, has so far skirted important questions around where and when this technology should be used. By allowing anyone to use the online CoWIN portal to scan and verify certificates, and even providing a way for the private-sector to incorporate this functionality into their applications, the government has opened up the possibility of these digital certificates being used, and even mandated, for domestic everyday use such as going to a grocery shop, a crowded venue, or a workplace.

In this blog post, we examine the purported benefits of digital vaccine certificates over regular paper-based ones, analyse the privacy implications of their use, and present recommendations to make them more privacy respecting. We hope that such an analysis can help inform policy on appropriate use of this technology and improve its privacy properties in cases where its use is warranted.

We also note that while this post only examines the merits of a technological solution put out by the government, it is more important to consider the effects that placing restrictions on the movement of unvaccinated people has on their civil liberties in the face of a vaccine rollout that is inequitable along many lines, including gender, caste-class, and access to technology.

How do digital vaccine certificates work?

Every vaccine recipient in the country is required to be registered on the CoWIN platform using one of seven existing identity documents. [1] Once a vaccine is administered, CoWIN generates a vaccine certificate which the recipient can access on the CoWIN website. The certificate is a single page document that contains the recipient’s personal information — their name, age, gender, identity document details, unique health ID, a reference ID — and some details about the vaccine given. [2] It also includes a “secure QR code” and a link to CoWIN’s verification portal.

The verification portal allows for the verification of a certificate by scanning the attached QR code. Upon completion, the portal displays a success message along with some of the information printed on the certificate.

Verification is done using a cryptographic mechanism known as digital signatures, which are encoded into the QR code attached to a vaccine certificate. This mechanism allows “offline verification”, which means that the CoWIN verification portal or any private sector app attempting to verify a certificate does not need to contact the CoWIN servers to establish its authenticity. It instead uses a “public key” issued by CoWIN beforehand to verify the digital signature attached to the certificate.

The benefit of this convoluted design is that it protects user privacy. Performing verification offline and not contacting the CoWIN servers, precludes CoWIN from gleaning sensitive metadata about usage of the vaccine certificate. This means that CoWIN does not learn about where and when an individual uses their vaccine certificate, and who is verifying it. This closes off a potential avenue for mass surveillance. [3] However, given how certificate revocation checks are being implemented (detailed in the privacy implications section below), CoWIN ends up learning this information anyway.

Where is digital verification useful?

The primary argument for the adoption of digital verification of vaccine certificates over visual examination of regular paper-based ones is security. In the face of vaccine hesitancy, there are concerns that people may forge vaccine certificates to get around any restrictions that may be put in place on the movement of unvaccinated people. The use of digital signatures serves to allay these fears.

In its current form, however, digital verification of vaccine certificates is no more secure than visually inspecting paper-based ones. While the “secure QR code” attached to digital certificates can be used to verify the authenticity of the certificate itself, the CoWIN verification portal does not provide any mechanism nor does it instruct verifiers to authenticate the identity of the person presenting the certificate. This means that unless an accompanying identity document is also checked, an individual can simply present someone else’s certificate.

There are no simple solutions to this limitation; adding a requirement to inspect identity documents in addition to digital verification of the vaccine certificate would not be a strong enough security measure to prevent the use of duplicate vaccine certificates. People who are motivated enough to forge a vaccine certificate, can also duplicate one of the seven ID documents which can be used to register on CoWIN, some of which are simple paper-based documents. [4] Requiring even stronger identity checks, such as the use of Aadhaar-based biometrics, would make digital verification of vaccine certificates more secure. However, this would be a wildly disproportionate incursion on user privacy — allowing for the mass collection of metadata like when and where a certificate is used — something that digital vaccine certificates were explicitly designed to prevent. Additionally, in Russia, people were found issuing fake certificates by discarding real vaccine doses instead of administering them. No technological solution can prevent such fraud.

As such, the utility of digital certificates is limited to uses such as international travel, where border control agencies already have strong identity checks in place for travellers. Any everyday usage of the digital verification functionality on vaccine certificates would not present any benefit over visually examining a piece of paper or a screen.

Privacy implications of digital certificates

In addition to providing little security utility over manual inspection of certificates, digital certificates also present privacy issues, these are listed below along with recommendations to mitigate them:

(i) The verification portal leaks sensitive metadata to CoWIN’s servers: An analysis of network requests made by the CoWin verification portal reveals that it conducts a ‘revocation check’ each time a certificate is verified. This check was also found in the source code, which is made openly available. [5]

Revocation checks are an important security consideration while using digital signatures. They allow the issuing authority (CoWIN, in this case) to revoke a certificate in case the account associated with it is lost or stolen, or if a certificate requires correction. However, the way they have been implemented here presents a significant privacy issue. Sending certificate details to the server on every verification attempt allows it to learn about where and when an individual is using their vaccine certificate.

We note that the revocation check performed by the CoWIN portal does not necessarily mean that it is storing this information. Nevertheless, sending certificate information to the server directly contradicts claims of an “offline verification” process, which is the basis of the design of these digital certificates.

Recommendations: Implementing privacy-respecting revocation checks such as Certificate Revocation Lists, [6] or Range Queries [7] would mitigate this issue. However, these solutions are either complex or present bandwidth and storage tradeoffs for the verifier.

(ii) Oversharing of personally identifiable information: CoWIN’s vaccine certificates include more personally identifiable information (name, age, gender, identity document details and unique health ID) than is required for the purpose of verifying the certificate. An examination of the vaccine certificates available to us revealed that while the Aadhaar number is appropriately masked, other personal identifiers such as passport number and unique health ID were not masked. Additionally, the inclusion of demographic details, such as age and gender, provides little security benefit by limiting the pool of duplicate certificates that can be used and are not required in light of the security analysis above.

Recommendation: Personal identifiers (such as passport number and unique health ID) should be appropriately masked and demographic details (age, gender) can be removed.

The minimal set of data required for identity-linked usage for digital verification, as described above, is a full name and masked ID document details. All other personally identifying information can be removed. In case of paper-based certificates, which is suggested for domestic usage, only the details about vaccine validity would suffice and no personal information is required.

(iii) Making information available digitally increases the likelihood of collection: All of the personal information printed on the certificate is also encoded into the QR code. This is necessary because the digital signature verification process also verifies the integrity of this information (i.e. it wasn’t modified). A side effect of this is that the personal information is made readily available in digital form to verifiers when it is scanned, making it easy for them to store. This is especially likely in private sector apps who may be interested in collecting demographic information and personal identifiers to track customer behaviour.

Recommendation: Removing extraneous information from the certificate, as suggested above, mitigates this risk as well.

Conclusion

Our analysis reveals that without incorporating strong, privacy-invasive identity checks, digital verification of vaccine certificates does not provide any security benefit over manually inspecting a piece of paper. The utility of digital verification is limited to purposes that already conduct strong identity checks.

In addition to their limited applicability, in their current form, these digital certificates also generate a trail of data and metadata, giving both government and industry an opportunity to infringe upon the privacy of the individuals using them.

Keeping this in mind, the adoption of this technology should be discouraged for everyday use.

References

[1] Exceptions exist for people without state-issued identity documents.

[2] This information was gathered by inspecting three vaccine certificates linked to the author’s CoWIN account, which they were authorised to view, and may not be fully accurate.

[3] This design is similar to Aadhaar’s “offline KYC” process.

[4] “Aadhaar Card: UIDAI says downloaded versions on ordinary paper, mAadhaar perfectly valid”, Zee Business, April 29 2019, https://www.zeebiz.com/india/news-aadhaar-card-uidai-says-downloaded-versions-on-ordinary-paper-maadhaar-perfectly-valid-96790.

[5] This check was also verified to be present in the reference code made available for private-sector applications incorporating this functionality, suggesting that private sector apps will also be affected by this.

[6] Certificate Revocation Lists allow the server to provide a list of revoked certificates to the verifier, instead of the verifier querying the server each time. This, however, can place heavy bandwidth and storage requirements on the verifying app as this list can potentially grow long.

[7] Range Queries are described in this paper. In this method, the verifier requests revocation status from the server by specifying a range of certificate identifiers within which the certificate being verified lies. If there are any revoked certificates within this range, the server will send their identifiers to the verifier, who can then check if the certificate in question is on the list. For this to work, the range selected must be sufficiently large to include enough potential candidates to keep the server from guessing which one is in use.

For more details visit https://cis-india.org/internet-governance/blog/do-we-really-need-an-app-for-that-examining-the-utility-and-privacy-implications-of-india2019s-digital-vaccine-certificates

Centre for Internet&Society ecommerce amendments

aman — 2021-07-27T14:36:57Z

For more details visit https://cis-india.org/internet-governance/centre-for-internet-society-ecommerce-amendments

Comments on proposed amendments to the Consumer Protection (E-Commerce) Rules, 2020

Vipul Kharbanda, Rajat Misra, Arindrajit Basu and Aman Nair — 2021-07-27T14:45:07Z

The Consumer Protection (E-commerce) Rules, 2020 were first introduced in an attempt to ensure that consumers were granted adequate protections and to prevent the adoption of unfair trade practices by E-commerce entities. The amendments have proposed several rules which will protect the consumer with a restriction on misleading advertisements and appointment of grievance officers based in India. However, while on this path, the proposed rules have created hurdles in the operations of e-commerce, reducing the ease of business and increasing the costs of operations especially for smaller players; which could eventually pass on to the consumers.

In our submission to the Ministry of Consumer Affairs, we focussed our analysis on eight points: Definitions and Registration, Compliance, Data Protection and Surveillance, Flash Sales, Unfair Trade Practices, Jurisdictional Issues with Competition Law, Compliance with International Trade Law and Liabilities of Marketplace E-commerce Entities.

A snapshot of our recommendations and analysis is listed out below. To read our full submission, please click here.

Definitions and Registrations

The registration of entities with the DPIIT must be made as smooth as possible especially considering the wide definition of E-commerce entities in the rules, which may include smaller businesses as well. In particular, we suggested doing away with physical office visits.

Compliance

As a general observation, compliance obligations should be differentiated based on the size of the entity and the volume of transactions rather than adopting a ‘one size fits all’ approach which may harm smaller businesses, especially those that are just starting up. Before these rules come into force, further consultations with small and medium-sized business enterprises would be vital in ensuring that the regulation is in line with their needs and does not hamper their growth. Excessive compliance requirements may end up playing into the hands of the largest players as they would have larger financial coffers and institutional mechanisms to comply with these obligations.

There is some confusion in the law as to whether the Chief Compliance officer mentioned in the amended rules is the same as the “nodal person of contact or an alternate senior designated functionary who is resident of India” under Rule 5(1).

The safe harbour should therefore refer to due diligence by the CCO and not the e-commerce entity itself. The requirement for the compliance officer to be an Indian citizen who is a resident and a senior officer or managerial employee may place an undue burden on small E-commerce players not located in India.

Data Protection and Surveillance

In the absence of a Personal Data protection bill these rules do not adequately protect consumers’ personal data and reduce the powers given to the Central Government to access data or conduct surveillance

Flash Sales

Conventional flash sales should be defined. Clear distinction must be made between conventional flash sales and fraudulent flash sales. The definition should not be limited to interception of business “using technological means”, which limits the scope of the fraudulent flash sales. Further parameters must be provided for when a flash sale will be considered a fraudulent flash sale.

Unfair Trade Practices

The rules place restrictions on marketplace E-commerce entities from selling their own goods or services or from listing related enterprises as sellers on their platforms. No such restriction applies to brick and mortar stores, and this blanket ban must be rethought.

Jurisdictional Issues with Competition Law

This rule brings the issue of ‘abuse of dominant power’ under the fora of the Consumer Protection Authority or the Consumer Disputes Redressal Commissions. Overlapping jurisdiction of this nature could introduce regulatory delays into the dispute resolution process and can be a source of tension for the parties and regulatory authorities. The intention behind importing a competition law concept such as “abuse of dominant position” in the consumer protection regulations may be understandable, such a step might be effective in jurisdictions which have a common regulatory authority for both competition law as well as consumer protection issues, such as Australia, Finland, Ireland, Netherlands. However, in a country such as India which has completely separate regulatory mechanisms for competition and consumer law issues, such a provision may lead to logistical difficulties.

Compliance with International Trade Law

A robust framework on ranking with transparent disclosure of parameters for the same would also go a long way towards addressing concerns with discrimination and national treatment under WTO law. Further, the obligation to provide domestic alternatives should be clarified and amended to ensure that it does not cause uncertainty and open India up to a national treatment challenge at the WTO.

Liabilities of Marketplace E-commerce Entities

Fallback liability is an essential component of consumers’ protection in the E-commerce space. However, as currently envisioned there is a lack of clarity surrounding the extent to which fallback liability is applicable on E-commerce entities as well as exemptions to this liability. We have recommended alternate approaches adopted in other jurisdictions, which include

Liability through negligence
Liability as an exemption to safe harbour

For more details visit https://cis-india.org/internet-governance/blog/comments-on-proposed-amendments-to-the-consumer-protection-e-commerce-rules-2020

The Ministry And The Trace: Subverting End-To-End Encryption

Gurshabad Grover, Tanaya Rajwade and Divyank Katira — 2021-07-12T08:18:18Z

A legal and technical analysis of the 'traceability' rule and its impact on messaging privacy.

The paper was published in the NUJS Law Review Volume 14 Issue 2 (2021).

Abstract

End-to-end encrypted messaging allows individuals to hold confidential conversations free from the interference of states and private corporations. To aid surveillance and prosecution of crimes, the Indian Government has mandated online messaging providers to enable identification of originators of messages that traverse their platforms. This paper establishes how the different ways in which this ‘traceability’ mandate can be implemented (dropping end-to-end encryption, hashing messages, and attaching originator information to messages) come with serious costs to usability, security and privacy. Through a legal and constitutional analysis, we contend that traceability exceeds the scope of delegated legislation under the Information Technology Act, and is at odds with the fundamental right to privacy.

Click here to read the full paper.

For more details visit https://cis-india.org/internet-governance/blog/the-ministry-and-the-trace-subverting-end-to-end-encryption

Report - State of Consumer Digital Security in India

pranav — 2021-07-05T10:56:49Z

For more details visit https://cis-india.org/internet-governance/report-state-of-consumer-digital-security-in-india

Platforms, Power, and Politics: Perspectives from Domestic and Care Work in India

Aayush Rathi, and Ambika Tandon — 2021-07-07T15:19:37Z

CIS has been undertaking a two-year project studying the entry of digital platforms in the domestic and care work in India, supported by the Association for Progressive Communications as part of the Feminist Internet Research Network. Implemented through 2019-21, the objective of the project is to use a feminist lens to critique platform modalities and orient platformisation dynamics in radically different, worker-first ways. Ambika Tandon and Aayush Rathi led the research team at CIS. The Domestic Workers’ Rights Union is a partner in the implementation of the project, as co-researchers. Geeta Menon, head of DWRU, was an advisor on the project, and the research team consisted of Parijatha G.P., Radha Keerthana, Zeenathunnisa, and Sumathi, who are office holders in the union and are responsible for organising workers and addressing their concerns.

The Executive Summary for the project report is below.

The full report, ‘Platforms, power, and politics: Perspectives from domestic and care work in India’, can be found here.

The press release can be found here.

Introduction

Paid domestic and care work is witnessing the entry of digital intermediaries over the past decade. More recently, there has been tremendous growth of digital platforms. This holds the potential to impact millions of workers in the sector, which is characterised by a long history of informality and exclusion from rights-according legal frameworks. Digital intermediation of domestic and care work has been a space of high-growth, but also high-attrition. In India, order books of digital platforms providing domestic and care work services were reported to have been growing by upto 60 percent month-on-month in 2016. This is expected to shift the organisation of workers and employment relations profoundly.

Broadly, the discourse on digital platforms providing home-based services can be summarised as follows: proponents argue that digitisation will act as a step towards bringing formalisation to the sector, while critics argue that platforms could replicate the exploitation of workers by further disguising the employer-employee relationship. Similar debates around lack of protections and precarity have also taken place in other occupations in gig work such as transportation and food delivery. In fact, the similarity in precarity and the informal nature of this relationship across gig work and domestic work has led to domestic workers being labelled the original gig workers. Domestic work is a particularly vulnerable and unprotected sector, which makes work in the sector qualitatively different from most other sectors in the gig or sharing economy.

Through a feminist approach to digital labour, our project aimed to examine the dynamics of platformisation in, and of domestic or reproductive care work. Our hypothesis was that platforms are reconfiguring labour conditions, which could empower and/or exploit workers in ways qualitatively different from non-standard work off the platform. In order to interrogate this further, we studied several aspects of the work relationship, including wages, conditions of work, social security, skill levels, and worker surveillance off platforms.

Methodology

We borrowed from ethnographic methods and feminist principles to co-design and implement the research tools with grassroots workers and organisers. Between June to November 2019, we conducted 65 in-depth semi-structured interviews primarily in New Delhi and Bengaluru. A majority of these were with domestic workers who were seeking or had found work through platforms. We also did interviews with workers who had found work through traditional placement agencies to compare our findings, and with representatives from platforms, government labour departments, and workers collectives. Of the workers we interviewed, a majority were women, but men were included as well. Interviews in New Delhi were undertaken by CIS, while interviews with workers in Bengaluru were undertaken by grassroots activists in Bengaluru, affiliated with the Domestic Workers Rights Union (DWRU).

In implementing the data collection approach, we employed feminist methodological principles of intersectionality, self-reflexivity, and participation. The methodology draws on standpoint theory, which encourages knowledge production that centres the lived experiences of marginalised groups. We were acutely aware of our own positionality as high income, Savarna researchers studying a sector dominated by Dalit, Bahujan and Adivasi women from low income groups. This power differential was softened partially by involving DWRU through the course of the project. Workers across both field sites were also interviewed in spaces familiar to them, most often their homes, in languages that they were comfortable with including Hindi, Kannada, and Tamil.

Feminist principles also instrumental during the data analysis, with focus on intersectionality and self-reflexivity. We highlighted the ways in which inequalities of gender, income, migration status, caste, and religion are replicated and amplified in the platform economy. In particular, we discussed the impact of the digital gender gap in access and skills on workers’ ability to find economic opportunities.

Findings

Our typology of platforms mediating domestic work finds three types of platforms – (i) marketplace, or platforms that list workers’ data on their profile, provide certain filters for automated selection of a pool of workers, and charge a fee from customers for access to workers’ contact details, (ii) digital placement agency, or platforms that provide an end-to-end placement service to customers, identify appropriate workers on the basis of selection criteria, and negotiate conditions of work on behalf of workers, and (iii) on-demand platforms, or companies that provide services or ‘gigs’ such as cleaning on an hourly basis, performed by a roster of workers who are characterised as ‘independent contractors’.

When it comes to the role played by platforms in determining employment relations, there is a wide variation within and across platform categories. There are both weak and strong models of intervention. On one end of the spectrum are marketplaces, with minimal intervention in the recruitment process, and on the other on-demand platforms, that exact control over each aspect of work. Digital platforms reconfigure the conception of intermediaries in the domestic work sector, functioning as next-generation placement agencies. All three platform types contain aspects that provide workers agency, as well as those that reinforce their positions of low-power. Platform design impacts the role platforms play in setting conditions of work, but does not determine it entirely.

(Re)shaping the terms of work
Across the three types of platforms, wages are slightly higher than or matching those of workers off platforms. Some marketplace platforms have incorporated features to nudge customers towards setting higher wages, such as enforcing minimum wage standards, or informing customers of expected wages in their locality. Conversely, on-demand platforms charge a high rate of commission from workers, despite refusing to recognise them as employees. This indicates that this is a misclassification of an employment relationship, given that workers are unable to set their own conditions or wages for work. Despite the high rates of commission and appropriation of labour by platforms, on-demand workers earn higher wages than workers on other platforms. The relatively high wage is a result of marketing on-demand cleaning as professionalised and more skilled than day-to-day cleaning. Tasks in the sector continue to be distributed along the lines of gender and caste, as has historically been the case. Dalit, Bahujan and Adivasi women are more likely to take up work such as cleaning and washing dishes, while men and women across castes are equally distributed in cooking work. Women dominate tasks such as elderly and childcare, as in the traditional economy. Workers in professionalised tasks such as deep cleaning that requires technical equipment and chemicals are almost entirely men.

Digital divides and workers’ agency
We find that workers are primarily onboarded onto platforms by learning about it from other workers, through onboarding camps held by platforms, or offline advertising by platforms. Such in-person onboarding techniques allows workers with no digital access or literacy to register themselves on marketplace platforms and digital placement agencies.

However, we find that low levels of education and digital literacy continue to impact platformed labour by creating a strong informational asymmetry between workers and platforms. For instance, we find that women workers from low income communities have very little information about how platforms work, causing deep distrust. Workers with digital devices and literacy (and therefore a relatively better understanding of the functionality of the platform), physical mobility and the resources to bear indirect costs that were outsourced to them were at a significant advantage in finding better-paying jobs. Workers who were seeking flexibility and were not necessarily dependent on the platform for their primary income were also better placed than those entirely dependent on platforms. Women workers tended to be disadvantaged on all these counts, limiting their agency and capacity to reap the benefits of the platform economy.

Across the three types of platforms, systems of placement and ratings add to the information asymmetry, as workers are not aware of the impact of ratings on their ability to find work or charge better wages. Ratings and filtering systems also hard-code the impact of workers’ social characteristics on their work. Workers are unable to exercise control over their data, further undermining their agency vis-a-vis platforms and employers. We identify a clear need for collective bargaining structures to protect workers’ rights, although platformed domestic workers remained distant from both domestic work unions and emergent unions of platform workers in other sectors.

Intersectionalities of formalisation
We find that inequalities of caste, class, and gender that have historically shaped the sector continue to be replicated or even amplified in the platform economy. What remains clear is that platforms in the domestic work sector adopt the logics of this sector, more than the converse. Platformisation is conflated with formalisation, and it is within this vector, from complete informality to piecemeal formalisation, that platforms operate. Labour benefits do not take the form of labour protections or welfare entitlements that are the central function of formalisation processes. Instead, the so-called benefits are intended to transform domestic workers to participate within the logics and vagaries of the market.

Policy Recommendations

Recognise and implement labour protections for domestic workers
Domestic workers have historically occupied the most vulnerable positions in the workforce, with limited legal protections. Exposed to the regulatory grey areas that platforms operate in, this doubly exposes domestic workers to precarious conditions of work. Despite an avowed move towards formalisation of domestic work, platform-mediated labour continues to retain characteristics of informal labour, even heightening some.

If pushed to do so, platform companies can be instrumental in resolving some of the implementation challenges that governments have faced in enforcing legislative protections sought to be made available to domestic workers. Platforms have databases of workers, which can be used to mandatorily register them for social security schemes offered by the government. This data can also be used for better policy making, in the absence of reliable statistics particularly on migrant workers in the informal economy.

Reduce the protective gap between employment and self-employment
The (mis)classification of “gig” work within labour law frameworks is still a matter that continues to be hotly debated within policy practitioners, legal scholarship, and civil society actors. Three positions, in particular, have been taken—treating gig workers as employees, independent contractors, or occupying a third intermediate category. More recently, there have been some legal victories guaranteeing employment protections and increasing platform companies’ accountability. However, these successes have been more visible in Global North jurisdictions.

Regardless of the resolution of these ongoing debates over employment status, labour frameworks should provide some universal protections to all categories of labour. Such protections must include universal coverage of social security, in addition to rights such as freedom of association, collective bargaining, equal remuneration and anti-discrimination. Policies geared towards achieving this objective would be significant in reducing the protective gaps between different categories of labour, and would particularly help historical and emerging occupational categories of workers such as “gig” workers and domestic workers.

Recognise the specific challenge(s) and potential of platformisation of domestic work
Platforms hold the potential of acting as effective facilitators in informal labour markets. Even when they do not replace existing recruitment pathways, they provide alternate ones. Workers were more likely to register on a platform if they were entering the domestic work labour market recently (often distress and migration driven), or had not enjoyed success with informal, word-of-mouth networks. However, platforms also heighten labour market insecurities, and create new ones. These potential risks need to be specifically recognised through appropriate frameworks, such as social security, discrimination law and data protection.

Tailor policy-making to platform models
We identify three types of platforms, each of which intervene to varying degrees in the work relationship. We recommend that digital placement agencies and marketplace platforms be registered with governments and enforce basic protections for workers such as provision of minimum wage, preventing abuse (including non-payment of wages) and trafficking. On-demand companies on the other hand, must be treated as employers, and workers be accorded employment protections including social security.

In addition to rights-based policy actions, legal-regulatory mechanisms geared towards mitigating the precariousness of platform-based work are required. This can take the shape of clarifying and expanding existing legal-regulatory formulations, or preparing new ones. Such policy making should factor in the power and information asymmetry between domestic workers (and gig workers, generally) and platforms.

Further, in the absence of health or retirement benefits, risks and indirect costs of operations are shifted from employers to workers. For instance, workers provide capital in the form of tools or equipment, support the fluctuation of business and income, and can be ‘deactivated’ from an application as a result of poor ratings or periods of inactivity. Any regulation aiming to extend employee status should mandate platforms to support such indirect costs.

Related Publications

1. Research notes with reflections from union members.
2. The event report from a stakeholder consultation with workers, unions, companies and government representatives.
3. A reflection note on the participatory approach taken by the project.
4. A paper with a comparative analysis of the policy landscape on domestic work in the platform economy.

For more details visit https://cis-india.org/raw/platforms-power-and-politics-perspectives-from-domestic-and-care-work-in-india

Atmanirbhar Bharat Meets Digital India

ankan — 2021-06-03T12:32:47Z

For more details visit https://cis-india.org/raw/files/atmanirbhar-bharat-meets-digital-india.pdf

Comments on eCourts phase III

aman — 2021-06-03T12:15:17Z

For more details visit https://cis-india.org/internet-governance/comments-on-ecourts-phase-iii-3

Beyond Public Squares, Dumb Conduits, and Gatekeepers: The Need for a New Legal Metaphor for Social Media

amber — 2021-05-31T10:19:33Z

For more details visit https://cis-india.org/internet-governance/files/beyond-public-squares-dumb-conduits-and-gatekeepers.pdf

Rethinking Data Exchange & Delivery Models

Pallavi Bedi, Amber Sinha — 2021-04-08T06:36:06Z

Executive Summary

In 2020, reports of the government's proposal to create a social registry to update the Socio Economic Caste Census 2011 data started surfacing. Based on the limited information around these proposals in the public domain, it is imperative that adequate consideration be provided to develop such systems in a manner that protects the informational privacy of the individuals. Currently, the proposed Personal Data Protection Bill, 2019 is being deliberated by the Joint Parliamentary Committee and is expected to be tabled in the Monsoon Session of Parliament. The proposed data protection framework is a marked improvement over its predecessor, Section 43A of the Information Technology Act, 2000 and the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules 2011. One substantial change in the context of welfare delivery is that the scope of the application of the proposed framework extends to the personal data processing by the government and its agencies.

The objective of the white paper is to examine the application of the proposed data protection provisions on such a welfare delivery model (data exchange and delivery model) and suggest ways to operationalise key provisions. The scope of this white paper is limited to examining the personal data implications of the model and the effective governance of such platforms in India. The paper relies on publicly available details of India’s and other selected countries (Indonesia, Brazil, China, Malawi, Kenya, Estonia) digital infrastructure, proposals, schemes and legal frameworks in relation to welfare delivery in the country. International best practices around implementation of the principles of privacy and openness are analysed to suggest methods to operationalise these requirements in the context of the data exchange and delivery models and the proposed data protection framework of the country.

Based on the global experience of implementing data exchange and delivery models and the best practices for implementation of data protection provisions, following are some of the key recommendations (in addition to discussing ways to operationalise the data protection provisions) for such a platform in the Indian context:

Application of Data Protection Legislation: Due to the sensitive processing of personal data accompanied with harms arising from unlawful surveillance, such a data exchange and delivery model should not be deployed without an overarching data protection legislation. It is vital that the application of the legislation extends to the model. The Data Protection Authority of India should be able to exercise its investigative, corrective and advisory powers over the functioning and management of the model.

Independent Regulator: Oversight over the functioning of the platform should not be vested with the agency that is responsible for the maintenance of the platform to address potential conflict of interest issues. Additional sub - committees based on subject matter expertise for each individual scheme can be set up to assist the regulator, if required. The independent regulator should have strong investigative, corrective and advisory powers for effective oversight over the activities of the platform. Enforcement actions of the regulator should be transparent.

Governance: The data fiduciary responsible for the management and operation of the data exchange and delivery platform should be clearly identified. The platform should have valid legislative backing. In case of involvement of private actors, additional safeguards related to the privacy and confidentiality of the data in the platform should be implemented.

Data Protection Authority of India and Platform: There should be clear channels of communication between the data protection authority of India and the data fiduciaries managing and accessing the platform for guidance on data protection issues.
Grievance Redressal Mechanism: An accessible grievance redressal mechanism should be set up at different points of the service delivery and their existence should be publicised through different mediums. As the platform can act as a single point of failure for multiple schemes, an integration of the redressal mechanisms across multiple schemes should be considered based on existing institutional structures. Multiple channels for receiving complaints must be set up for the citizen’s convenience.

Read the full report here.

For more details visit https://cis-india.org/internet-governance/blog/rethinking-data-exchange-delivery-models

Rethinking Data Exchange & Delivery Models pdf

pranav — 2021-04-08T05:06:10Z

For more details visit https://cis-india.org/internet-governance/rethinking-data-exchange-delivery-models-pdf

Sameet Panda - Impact of the JAM Trinity on Pension & PDS in Odisha during COVID-19

sumandro — 2021-02-26T06:45:00Z

For more details visit https://cis-india.org/raw/sameet-panda-impact-of-the-jam-trinity-on-pension-pds-in-odisha-during-covid-19

Sameet Panda - Data Systems in Welfare: Impact of the JAM Trinity on Pension & PDS in Odisha during COVID-19

Sameet Panda — 2021-02-26T07:36:10Z

This study by Sameet Panda tries to understand the integration of data and digital systems in welfare delivery in Odisha. It brings out the impact of welfare digitalisation on beneficiaries through primary data collected in November 2020. The researcher is thankful to community members for sharing their lived experiences during course of the study. Fieldwork was undertaken in three panchayats of Bhawanipatna block of Kalahandi district, Odisha. Additional research support was provided by Apurv Vivek and Vipul Kumar, and editorial contributions were made by Ambika Tandon (Senior Researcher, CIS). This study was conducted as part of a project on gender, welfare, and surveillance, supported by Privacy International, UK.

Report: Download (PDF)

Extract from the Report

The COVID-19 pandemic has accelerated flaws in social institutions as never before - threatening food security, public health systems, and livelihood in the informal sector. At the time of writing this report, India is the second-worst affected country in the world with over 9.8 million confirmed cases and more than 1.4 hundred thousand deaths. Unemployment has been increasing at an alarming rate, from 6.67 to 7 percent in October...

Following the national lockdown, many families belonging to low-income groups and daily wage earners found themselves stranded without money, food or credit from their employers. During the strict lockdown of the economy between March to June 2020 lakhs of migrants faced starvation in cities and walked back home. The government responded with some urgent measures, although inadequate. To cope with the food and economic crisis the Government of India and state governments initiated several social protection schemes. In Odisha, The central government provided two kinds of support, cash transfer through Direct Benefit Transfer (DBT) MGNREGS, Pradhan Mantri Jan Dhan Yojana (PMJDY) and Pradhan Mantri Ujjwala Yojana (PMUJ), advance release of pension in cash to existing beneficiaries and cash support of Rs. 1000. The Odisha government provided cash support of Rs. 1000 to ration card holding families. Beneficiaries of the Public Distribution System also received free-of-cost food grain under the Pradhan Mantri Garib Kalyan Anna Yojana...

Over the last couple of years, along with making the Aadhaar mandatory, the government has also been working towards linking mobile numbers and bank accounts of beneficiaries. An increasing number of schemes are shifting to Direct Benefit Transfer from in-kind or cash benefits - 324 schemes under 51 ministries of the Government of India. Such schemes are relying on the linkage of Jan Dhan accounts, the Aadhaar, and mobile numbers (the “JAM trinity”) to facilitate access to Direct Benefit Transfers. The Economic Survey 2015-16 has pointed out that without improving mobile penetration and rural banking infrastructure making the JAM trinity mandatory would continue to lead to exclusions. The issues with each of the components of the JAM trinity worsened during the COVID-19 crisis with restrictions on physical movement, difficulties in topping up mobile phone accounts, and enrolling for the Aadhaar or addressing other technical issues.

This report assesses the role of the data system in welfare delivery. It focuses on the impact of the three components of the JAM trinity - Jan Dhan Account, mobile numbers and the Aadhaar on Direct Benefit Transfer, social security pension and the Public Distribution System. The objective of this study is to understand the challenges faced by beneficiaries in accessing PDS and pension as a result of digitisation processes. This includes failures in Direct Benefit Transfers and exclusions from databases, particularly during the COVID-19 pandemic. The study focuses on gender as a key component shaping the impact of digitisation on beneficiaries. The sample includes both men and women beneficiaries in order to identify such gendered differences. It will also identify infrastructural constraints in Odisha that impact the implementation of digital systems in welfare. Also, it will analyse policy frameworks at central and state levels, to compare their discourse with the impact on the ground.

For more details visit https://cis-india.org/raw/sameet-panda-jam-trinity-pension-pds-odisha-covid-19

CIS Comments Revised NPD report

aman — 2021-03-22T05:39:03Z

For more details visit https://cis-india.org/internet-governance/cis-comments-revised-npd-report

TIkTok: It’s time for Biden to make a decision on his digital policy with China

aman — 2021-01-22T06:11:43Z

As the United State's new president comes into office he is faced with creating a cohesive digital relations policy that corrects some of the damage done by his predecessor. This article is the first part of a series analysing his policies and challenges.

While on the campaign trail, now US president elect Joe Biden, made it clear to voters that he viewed Tik Tok as “a matter of genuine concern.” The statement came amidst a growing environment of hostility within the American government against the application. At the helm of the hostility was (now former) president Donald Trump’s passing of an executive order banning Tik Tok in the country and his attempts at forcing its parent company ByteDance to restructure the app under American ownership. Now, as the presidency passes hands, it is worth examining how the government got here and just how concerned the Biden administration should be with Tik Tok and how their strategy with the app could set the tone for digital relations with China going forward

The Road so far: The ban and forced sale of TikTok

America’s motivation to ban and sell the application can be explained by two contrasting factors: the cybersecurity risks that TikTok poses, and the country’s currently ongoing trade war with China. On the security side TikTok has faced immense scrutiny from governments around the world as to the amount of data that the application collects from its users as well as the potential links between Bytedance and the Chinese government. Furthermore there is a belief that due to the Chinese legislation that compels companies to assist the state on matters of national intelligence, there is little TikTok could do should the Chinese state decide to use it as an instrument of data collection. On the side of trade, the TikTok ban represents one of the more landmark blows dealt by the Trump government in its trade war with China. The US, since the start of his presidency has levied exclusive tariffs on specific Chinese commodities totalling to more than $550 billion. China has in response levied its own tariffs on certain American goods, with a total value of those estimated at $185 billion. Beyond these tariffs, the move to ban TikTok extends the trade war by creating clear hurdles for Chinese corporations to exist within the US market and firmly extended Trump’s protectionist trade policies into the digital sphere.

As such, on 6th August 2020, Trump released an executive order banning TikTok (as well as Chinese messaging and social media app Wechat). The ban has, however, since been indefinitely suspended as part of ongoing litigation on the matter at the federal level.

Shortly after the ban, came the attempts at forcing through the sale. While the deal has generally been referred to as ‘the TikTok sale’, it is not actually an outright purchase of the social media platform by an American company (Microsoft attempted such a purchase but was rejected by Byte Dance). Rather, the deal would see the establishment of a new US based subsidiary called TikTok global that would be partly owned (20%) by Oracle and Walmart, with Oracle becoming a trusted technology provider in order to ensure that US user’s data remains within the state. The agreement stipulates that the board of this new entity would have 4 out of 5 of the seats populated by US citizens, and that the company would go public as well. The current agreement would still see Bytedance retain ownership of the algorithms used by TikTok, which is in line with restrictions from the Chinese government preventing the sale of the algorithm to a foriegn owner without a state granted license.

How should the Biden administration handle this situation?

Dealing with the TikTok question must be one of the Biden administration’s top most priorities. The most obvious question they face is whether or not to reverse the ban and to continue to push through the sale between Bytedance and Oracle.

The case for enforcing the ban until the sale to American owners seems one that is straightforward enough. The cybersecurity concerns surrounding Bytedance’s proximity to the Chinese state and the influence of Chinese legislation are reasonable concerns. And any data gained from the application in the hands of a hostile state could be potentially harmful. This threat could be potentially reduced based on the role played by Oracle as a trusted technology partner. However with details of what exactly constitutes the functions of a ‘trusted technology partner’ it is impossible to say this with any great certainty. Simultaneously, there is a slight sense of irony in a Chinese based digital company protesting against another country’s protectionist stance to the internet.

Nonetheless these benefits are in many ways greatly over exaggerated, and in many ways allowing TikTok to return without requiring a sale could prove more beneficial in the long term. Not only would the app’s return be welcomed by its immense audience (estimated 100 million US users), it would also be a clear demonstration of America’s commitment to a less fragmented internet and more open digital economy. Furthermore, revoking the ban would also allow for the opportunity to reassess and reformulate the US’s economic and political strategy with regards to Chinese technology.

On the economic side, a retraction of the ban could signal the beginning of the end of the US-China trade war. Chinese investors are sure to see the shift from a radical republican president to a centrist democrat one as the perfect opportunity to increase foreign investment, which had been steadily declining recently. Such investment could prove significantly more substantial to the United States in a post covid-19 world as opposed to even in 2019. It is not unimaginable that Biden would look to maximise this opportunity to boost the economy.

On the political side, the government has to evaluate the success of sanctions levied against Chinese technology and whether that approach of blanket banning will translate effectively to the digital sphere. Not only has the US’s sanctions against certain chinese technologies proved unsuccessful, tools such as VPNs that can negate a ban make this strategy even less effective in the digital space.

The largest hurdle to revoking the ban would be the genuine cybersecurity concerns with a Chinese corporation having access American citizens’ data. However, dealing with these concerns through a simple ban of the application would only solve this one instance of excessive surveillance and data collection by a foreign app. Rather any solution must look to fix the issue at its root - that being the need for a more cohesive, detailed and overarching national data protection and cybersecurity policy. Such a policy could place clear limitations on data collection, stipulate data localisation policies for sensitive information and outline numerous other means of reducing the threat involved with allowing applications from states such as China to operate in the US.

Ultimately, Biden will be confronted with the reality of this situation the moment he enters office. The decision he makes on TikTok would set the tone for his term and for his government’s relationship with China. Whatever he decides to do, he needs to do it as soon as possible. The clock is ticking.

For more details visit https://cis-india.org/internet-governance/blog/tiktok-it2019s-time-for-biden-to-make-a-decision-on-his-digital-policy-with-china