The Centre for Internet and Society
https://cis-india.org
These are the search results for the query, showing results 31 to 45.
Free Speech and Surveillance
https://cis-india.org/internet-governance/blog/free-speech-and-surveillance
<b>Gautam Bhatia examines the constitutionality of surveillance by the Indian state. </b>
<p style="text-align: justify; ">The Indian surveillance regime has been the subject of <a href="http://india.blogs.nytimes.com/2013/07/10/how-surveillance-works-in-india/?_php=true&_type=blogs&_r=0">discussion</a> for quite some time now. Its nature and scope is controversial. The Central Monitoring System, through which the government can obtain direct access to call records, appears to have the potential to be used for bulk surveillance, although official claims emphasise that it will only be implemented in a targeted manner. The <a href="http://timesofindia.indiatimes.com/tech/tech-news/Govt-to-launch-internet-spy-system-Netra-soon/articleshow/28456222.cms">Netra system</a>, on the other hand, is certainly about dragnet collection, since it detects the communication, via electronic media, of certain “keywords” (such as “attack”, “bomb”, “blast” and “kill”), no matter what context they are used in, and no matter who is using them.<span> </span></p>
<p style="text-align: justify; ">Surveillance is quintessentially thought to raise concerns about <i>privacy</i>. Over a <a href="http://indiankanoon.org/doc/845196/">series</a> of <a href="http://news.rediff.com/report/2010/apr/26/phone-tapping-what-1997-supreme-court-verdict-says.htm">decisions</a>, the Indian Supreme Court has read in the right to privacy into Article 21’s guarantee of the right to life and personal liberty. Under the Supreme Court’s (somewhat cloudy) precedents, privacy may only be infringed if there is a compelling State interest, and if the restrictive law is narrowly tailored – that is, it does not infringe upon rights to an extent greater than it needs to, in order to fulfill its goal. It is questionable whether bulk surveillance meets these standards.<span> </span></p>
<p style="text-align: justify; ">Surveillance, however, does not only involve privacy rights. It also implicated Article 19 – in particular, the Article 19(1)(a) guarantee of the freedom of expression, and the 19(1)(c) guarantee of the freedom of association.</p>
<p style="text-align: justify; "><span>Previously on this blog, we have discussed the “chilling effect” in relation to free speech. The chilling effect evolved in the context of defamation cases, where a combination of exacting standards of proof, and prohibitive damages, contributed to create a culture of self-censorship, where people would refrain from voicing even legitimate criticism for fear of ruinous defamation lawsuits. The chilling effect, however, is not restricted merely to defamation, but arises in free speech cases more generally, where vague and over-broad statutes often leave the border of the permitted and the prohibited unclear.</span></p>
<p style="text-align: justify; "><span>Indeed, a few years before it decided </span><i>New York Times v. Sullivan</i><span>, which brought in the chilling effect doctrine into defamation and free speech law, the American Supreme Court applies a very similar principle in a surveillance case. In </span><a href="http://supreme.justia.com/cases/federal/us/357/449/case.html"><i>NAACP v. Alabama</i></a><span>, the National Association for the Advancement of Coloured People (NAACP), which was heavily engaged in the civil rights movement in the American deep South, was ordered by the State of Alabama to disclose its membership list. NAACP challenged this, and the Court held in its favour. It specifically connected freedom of speech, freedom of association, and the impact of surveillance upon both:</span></p>
<p style="text-align: justify; "><i> “Effective advocacy of both public and private points of view, particularly controversial ones, is undeniably enhanced by group association, as this Court has more than once recognized by remarking upon the close nexus between the freedoms of speech and assembly. It is beyond debate that freedom to engage in association for the advancement of beliefs and ideas is an inseparable aspect of the “liberty” assured by the Due Process Clause of the Fourteenth Amendment, which embraces freedom of speech. Of course, it is immaterial whether the beliefs sought to be advanced by association pertain to political, economic, religious or cultural matters, and state action which may have the</i><i> </i><i>effect of curtailing the freedom to associate is subject to the closest scrutiny… it is hardly a novel perception that <span>compelled disclosure</span> of affiliation with groups engaged in advocacy may constitute</i> [an]<i> effective a restraint on freedom of association… this Court has recognized the vital relationship between freedom to associate and privacy in one’s associations. <span>Inviolability of privacy in group association may in many circumstances be indispensable to preservation of freedom of association, particularly where a group espouses dissident beliefs</span>.”</i></p>
<p style="text-align: justify; "><i> </i></p>
<p style="text-align: justify; "><i> </i>In other words, if persons are not assured of privacy in their association with each other, they will tend to self-censor both who they associate with, and what they say to each other, especially when unpopular groups, who have been historically subject to governmental or social persecution, are involved. Indeed, this was precisely the <a href="https://www.aclu.org/national-security/aclu-v-clapper-challenge-nsa-mass-phone-call-tracking">argument</a> that the American Civil Liberties Union (ACLU) made in its constitutional challenge to PRISM, the American bulk surveillance program. In addition to advancing a Fourth Amendment argument from privacy, the ACLU also made a First Amendment freedom of speech and association claim, arguing that the knowledge of bulk surveillance had made – or at least, was likely to have made – politically unpopular groups wary of contacting it for professional purposes (the difficulty, of course, is that any chilling effect argument effectively requires proving a negative).<span> </span></p>
<p style="text-align: justify; ">If this argument holds, then it is clear that Articles 19(1)(a) and 19(1)(c) are <i>prima facie</i> infringed in cases of bulk – or even other forms of – surveillance. Two conclusions follow: <i>first</i>, that any surveillance regime needs statutory backing. Under <a href="http://indiankanoon.org/doc/493243/">Article 19(2),</a> reasonable restrictions upon fundamental rights can only be imposed by <i>law</i>, and not be executive fiat (the same argument applies to Article 21 as well).</p>
<p style="text-align: justify; ">Assuming that a statutory framework <i>is</i> brought into force, the crucial issue then becomes whether the restriction is a reasonable one, in service of one of the stated 19(2) interests. The relevant part of Article 19(2) permits reasonable restrictions upon the freedom of speech and expression “in the interests of… the security of the State [and] public order.” The Constitution does not, however, provide a test for determining when a restriction can be legitimately justified as being “in the interests of” the security of the State, and of public order. There is not much relevant precedent with respect to the first sub-clause, but there happens to be an extensive – although conflicted – jurisprudence dealing with the public order exception.</p>
<p style="text-align: justify; ">One line of cases – characterised by <a href="http://indiankanoon.org/doc/553290/"><i>Ramji Lal Modi v. State of UP</i></a><i> </i>and <a href="http://indiankanoon.org/doc/1475436/"><i>Virendra v. State of Punjab</i></a> – has held that the phrase “for the interests of” is of very wide ambit, and that the government has virtually limitless scope to make laws ostensibly for securing public order (this extends to prior restraint as well, something that Blackstone, writing in the 18<sup>th</sup> century, found to be illegal!). The other line of cases, such as <a href="http://indiankanoon.org/doc/1386353/"><i>Superintendent v. Ram Manohar Lohia</i></a> and <a href="http://www.indiankanoon.org/doc/341773/"><i>S. Rangarajan v. P. Jagjivan Ram</i></a>, have required the government to satisfy a stringent burden of proof. In <i>Lohia</i>, for instance, Ram Manohar Lohia’s conviction for encouraging people to break a tax law was reversed, the Court holding that the relationship between restricting free speech and a public order justification must be “proximate”. In <i>Rangarajan</i>, the Court used the euphemistic image of a “spark in a powder keg”, to characterise the degree of proximity required. It is evident that under the broad test of <i>Ramji Lal Modi</i>, a bulk surveillance system is likely to be upheld, whereas under the narrow test of <i>Lohia</i>, it is almost certain not to be.</p>
<p style="text-align: justify; ">Thus, if the constitutionality of surveillance comes to Court, three issues will need to be decided: <i>first</i>, whether Articles 19(1)(a) and 19(1)(c) have been violated. <i>Secondly</i> – and if so – whether the “security of the State” exception is subject to the same standards as the “public order” exception (there is no reason why it should not be). And <i>thirdly</i>, which of the two lines of precedent represent the correct understanding of Article 19(2)?</p>
<hr style="text-align: justify; " />
<p style="text-align: justify; "><span><i>Gautam Bhatia — @gautambhatia88 on Twitter — is a graduate of the National Law School of India University (2011), and has just received an LLM from the Yale Law School. He blogs about the Indian Constitution at <a class="moz-txt-link-freetext" href="http://indconlawphil.wordpress.com/">http://indconlawphil.wordpress.com</a>. Here at CIS, he blogs on issues of online freedom of speech and expression.</i></span></p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/free-speech-and-surveillance'>https://cis-india.org/internet-governance/blog/free-speech-and-surveillance</a>
</p>
No publisherGautam BhatiaNetraPrivacyFreedom of Speech and ExpressionSurveillanceCensorshipCentral Monitoring SystemArticle 19(1)(a)2014-07-07T04:59:59ZBlog EntryThe Constitutionality of Indian Surveillance Law: Public Emergency as a Condition Precedent for Intercepting Communications
https://cis-india.org/internet-governance/blog/the-constitutionality-of-indian-surveillance-law
<b>Bedavyasa Mohanty analyses the nuances of interception of communications under the Indian Telegraph Act and the Indian Post Office Act. In this post he explores the historical bases of surveillance law in India and examines whether the administrative powers of intercepting communications are Constitutionally compatible.</b>
<h3>Introduction</h3>
<p style="text-align: justify; ">State authorised surveillance in India derives its basis from two colonial legislations; §26 of the Indian Post Office Act, 1898 and §5 of the Telegraph Act, 1885 (hereinafter the Act) provide for the interception of postal articles<a href="#_ftn1" name="_ftnref1">[1]</a> and messages transmitted via telegraph<a href="#_ftn2" name="_ftnref2">[2]</a> respectively. Both of these sections, which are analogous, provide that the powers laid down therein can only be invoked on the occurrence of a public emergency or in the interest of public safety. The task of issuing orders for interception of communications is vested in an officer authorised by the Central or the State government. This blog examines whether the preconditions set by the legislature for allowing interception act as adequate safeguards. The second part of the blog analyses the limits of discretionary power given to such authorised officers to intercept and detain communications.</p>
<p style="text-align: justify; ">Surveillance by law enforcement agencies constitutes a breach of a citizen’s Fundamental Rights of privacy and the Freedom of Speech and Expression. It must therefore be justified against compelling arguments against violations of civil rights. Right to privacy in India has long been considered too ‘broad and moralistic’<a href="#_ftn3" name="_ftnref3">[3]</a> to be defined judicially. The judiciary, though, has been careful enough to not assign an unbound interpretation to it. It has recognised that the breach of privacy has to be balanced against a compelling public interest <a href="#_ftn4" name="_ftnref4">[4]</a> and has to be decided on a careful examination of the facts of a certain case. In the same breath, Indian courts have also legitimised surveillance by the state as long as such surveillance is not illegal or unobtrusive and is within bounds <a href="#_ftn5" name="_ftnref5">[5]</a>. While determining what constitutes legal surveillance, courts have rejected “prior judicial scrutiny” as a mandatory requirement and have held that administrative safeguards are sufficient to legitimise an act of surveillance. <a href="#_ftn6" name="_ftnref6">[6]</a></p>
<h3>Conditions Precedent for Ordering Interception</h3>
<p style="text-align: justify; ">§§5(2) of the Telegraph Act and 26(2) of the Indian Post Office Act outline a two tiered test to be satisfied before the interception of telegraphs or postal articles. The first tier consists of sine qua nons in the form of an “occurrence of public emergency” or “in the interests of public safety.” The second set of requirements under the provisions is “the interests of the sovereignty and integrity of India, the security of the State, friendly relations with foreign States or public order or for preventing incitement to the commission of an offence.” While vesting the power of interception in administrative officials, the sections contemplate a legal fiction where a public emergency exists and it is in the interest of sovereignty, integrity, security of the state or for the maintenance of public order/ friendly relations with foreign states. The term “public emergency,” however, has not been clearly defined by the legislature or by the courts. It thus vests arbitrary powers in a delegated official to order the interception of communication violating one’s Fundamental Rights.</p>
<h3>Tracing the History of the Expression “Public Emergency”</h3>
<p style="text-align: justify; ">The origins of the laws governing interception can be traced back to English laws of the late 19th Century; specifically one that imposed a penalty on a postal officer who delayed or intercepted a postal article.<a href="#_ftn7" name="_ftnref7">[7]</a> This law guided the drafting of the Indian Telegraph Act in 1885 that legitimised interception of communications by the state. The expression “public emergency” appeared in the original Telegraph Act of 1885 and has been adopted in that form in all subsequent renderings of provisions relating to interception. Despite the contentious and vague nature of the expression, no consensus regarding its interpretation seems to have been arrived at. One of the first post-independence analyses of this provision was undertaken by the Law Commission in 1968. The 38th Law Commission in its report on the Indian Post Office Act, raised concerns about the constitutionality of the expression. The Law Commission was of the opinion that the term not having been defined in the constitution cannot serve as a reasonable ground for suspension of Fundamental Rights.<a href="#_ftn8" name="_ftnref8">[8]</a> It further urged that a state of public emergency must be of such a nature that it is not secretive and is apparent to a reasonable man.<a href="#_ftn9" name="_ftnref9">[9]</a> It thus challenged the operation of the act in its then current form where the determination of public emergency is the discretion of a delegated administrative official. The Commission, in conclusion, implored the legislature to amend the laws relating to interception to bring them in line with the Constitution. This led to the Telegraph (Amendment) Act of 1981. Questions regarding the true meaning of the expression and its potential misuse were brought up in both houses of the Parliament during passing of the amendment. The Law Ministry, however, did not issue any additional clarifications regarding the terms used in the Act. Instead, the Government claimed that the expressions used in the Act are “exactly those that are used in the Constitution.” <a href="#_ftn10" name="_ftnref10">[10]</a> It may be of interest to note here that the Constitution of India, neither uses nor defines the term “public emergency.” Naturally, it is not contemplated as a ground for reasonably restricting Fundamental Rights provided under Article 19(1). <a href="#_ftn11" name="_ftnref11">[11]</a> Similarly, concerns regarding the potential misuse of the powers were defended with the logically incompatible and factually inaccurate position that the law had not been misused in the past.<a href="#_ftn12" name="_ftnref12">[12]</a></p>
<h3>Locating “Public Emergency” within a Proclamation of Emergency under the Constitution (?)</h3>
<p style="text-align: justify; ">Public emergency in not equivalent to a proclamation of emergency under Article 352 of the Constitution simply because it was first used in legislations over six decades before the drafting of the Indian Constitution began. Besides, orders for interception of communications have also been passed when the state was not under a proclamation of emergency. Moreover, public emergency is not the only prerequisite prescribed under the Act. §5(2) states that an order for interception can be passed either on the occurrence of public emergency or in the interest of public safety. Therefore, the thresholds for the satisfaction of both have to be similar or comparable. If the threshold for the satisfaction of public emergency is understood to be as high as a proclamation of emergency then any order for interception can be passed easily under the guise of public safety. The public emergency condition will then be rendered redundant. Public emergency is therefore a condition that is separate from a proclamation of emergency.</p>
<p style="text-align: justify; ">In a similar vein the Supreme Court has also clarified<a href="#_ftn13" name="_ftnref13">[13]</a> that terms like “public emergency” and “any emergency,” when used as statutory prerequisites, refer to the occurrence of different kinds of events. These terms cannot be equated with one another merely on the basis of the commonality of one word.</p>
<p style="text-align: justify; ">The Supreme Court in Hukam Chand v. Union of India,<a href="#_ftn14" name="_ftnref14">[14]</a> correctly stated that the terms public emergency and public safety must “take colour from each other.” However, the court erred in defining public emergency as a situation that “raises problems concerning the interest of the public safety, the sovereignty and integrity of India, the security of the State, friendly relations with foreign States or public order or the prevention of incitement to the commission of an offence.” This cyclic definition does not lend any clarity to the interpretive murk surrounding the term. The Act envisages public emergency as a sine qua non that must exist prior to a determination that there is a threat to public order and sovereignty and integrity of the state. The court’s interpretation on the other hand would suggest that a state of public emergency can be said to exist only when public order, sovereignty and integrity of the state are already threatened. Therefore, while conditions precedent exist for the exercise of powers under §5(2) of the Act, there are no objective standards against which they are to be tested.</p>
<h3>Interpretation of Threshold Requirements</h3>
<p style="text-align: justify; ">A similar question arose before the House of Lords in Liversidge v. Anderson.<a href="#_ftn15" name="_ftnref15">[15]</a> The case examined the vires of an Act that vested an administrative authority with the conditional power to detain a person if there was reasonable cause to believe that the person was of hostile origin. Therein, Lord Atkin dissenting with the majority opinion stated in no unclear terms that power vested in the secretary of state was conditional and not absolute. When a conditional authority is vested in an administrative official but there aren’t any prescriptive guidelines for the determination of the preconditions, then the statute has the effect of vesting an absolute power in a delegated official. This view was also upheld by the Supreme Court in State of Madhya Pradesh v. Baldeo Prasad.<a href="#_ftn16" name="_ftnref16">[16]</a> The court was of the opinion that a statute must not only provide adequate safeguards for the protection of innocent citizens but also require the administrative authority to be satisfied as to the existence of the conditions precedent laid down in the statute before making an order. If the statute failed to do so in respect of any condition precedent then the law suffered from an infirmity and was liable to be struck down as invalid.<a href="#_ftn17" name="_ftnref17">[17]</a> The question of the existence of public emergency, therefore being left to the sole determination of an administrative official is an absolute and arbitrary power and is ultra vires the Constitution</p>
<p style="text-align: justify; ">Interestingly, in its original unamended form, §5 contained a provisio stating that a determination of public emergency was the sole authority of the secretary of state and such a finding could not be challenged before a court of law. It is this provision that the government repealed through the Telegraph (Amendment) Act of 1981 to bring it in line with Constitutional principles. The preceding discussion shows that the amendment did not have the effect of rectifying the law’s constitutional infirmities. Nonetheless, the original Telegraph Act and its subsequent amendment are vital for understanding the compatibility of surveillance standards with the Constitutional principles. The draconian provisio in the original act vesting absolute powers in an administrative official illustrates that the legislative intent behind the drafting of a 130 year law cannot be relied on in today’s context. Vague terms like public emergency that have been thoughtlessly adopted from a draconian law find no place in a state that seeks to guarantee to its citizens rights of free speech and expression.</p>
<h3>Conclusion</h3>
<p style="text-align: justify; ">Interception of communications under the Telegraph Act and the Indian Post office act violate not only one’s privacy but also one’s freedom of speech and expression. Besides, orders for the tapping of telephones violate not only the privacy of the individual in question but also that of the person he/she is communicating with. Considering the serious nature of this breach it is absolutely necessary that the powers enabling such interception are not only constitutionally authorised but also adequately safeguarded. The Fundamental Rights declared by Article 19(1) cannot be curtailed on any ground outside the relevant provisions of Cls. 2-6.<a href="#_ftn18" name="_ftnref18">[18]</a> The restrictive clauses in Cls. (2)-(6) of Article 19 are exhaustive and are to be strictly construed.<a href="#_ftn19" name="_ftnref19">[19]</a> Public emergency is not one of the conditions enumerated under Article 19 for curtailing fundamental freedoms. Moreover, it lacks adequate safeguards by vesting absolute discretionary power in a non-judicial administrative authority. Even if one were to ignore the massive potential for misuse of these powers, it is difficult to conceive that the interception provisions would stand a scrutiny of constitutionality.</p>
<p style="text-align: justify; ">Over the course of the last few years, India has been dangerously toeing the line that keeps it from turning into a totalitarian surveillance state. <a href="#_ftn20" name="_ftnref20">[20]</a> In 2011, India was the third most intrusive state<a href="#_ftn21" name="_ftnref21">[21]</a> with 1,699 requests for removal made to Google; in 2012 that number increased to 2529<a href="#_ftn22" name="_ftnref22">[22]</a>. The media is abuzz with reports about the Intelligence Bureau wanting Internet Service Providers to log all customer details <a href="#_ftn23" name="_ftnref23">[23]</a> and random citizens being videotaped by the Delhi Police for “looking suspicious.” It becomes essential under these circumstances to question where the state’s power ends and a citizens’ privacy begins. Most of the information regarding projects like the CMS and the CCTNS is murky and unconfirmed. But under the pretext of national security, government officials have refused to divulge any information regarding the kind of information included within these systems and whether any accountability measures exist. For instance, there have been conflicting opinions from various ministers regarding whether the internet would also be under the supervision of the CMS <a href="#_ftn24" name="_ftnref24">[24]</a>. Even more importantly, citizens are unaware of what rights and remedies are available to them in instances of violation of their privacy.</p>
<p style="text-align: justify; ">The intelligence agencies that have been tasked with handling information collected under these systems have not been created under any legislation and therefore not subject to any parliamentary oversight. Attempts like the Intelligence Services (Powers and Regulation) Bill, 2011 have been shelved and not revisited since their introduction. The intelligence agencies that have been created through executive orders enjoy vast and unbridled powers that make them accountable to no one<a href="#_ftn25" name="_ftnref25">[25]</a>. Before, vesting the Indian law enforcement agencies with sensitive information that can be so readily misused it is essential to ensure that a mechanism to check the use and misuse of that power exists. A three judge bench of the Supreme Court has recently decided to entertain a Public Interest Litigation aimed at subjecting the intelligence agencies to auditing by the Comptroller and Auditor General of India. But the PIL even if successful will still only manage to scratch the surface of all the wide and unbridled powers enjoyed by the Indian intelligence agencies. The question of the constitutionality of interception powers, however, has not been subjected to as much scrutiny as is necessary. Especially at a time when the government has been rumoured to have already obtained the capability for mass dragnet surveillance such a determination by the Indian courts cannot come soon enough.</p>
<div>
<hr />
<div id="ftn1">
<p style="text-align: justify; "><a href="#_ftnref1" name="_ftn1">[1]</a> Indian Post Office Act, 1898, § 26</p>
</div>
<div id="ftn2">
<p><a href="#_ftnref2" name="_ftn2">[2]</a> Indian Telegraph Act, 1885 § 5(2)</p>
</div>
<div id="ftn3">
<p><a href="#_ftnref3" name="_ftn3">[3]</a> PUCL v. Union of India, AIR 1997 SC 568</p>
</div>
<div id="ftn4">
<p><a href="#_ftnref4" name="_ftn4">[4]</a> Govind vs. State of Madhya Pradesh, (1975) 2 SCC 148</p>
</div>
<div id="ftn5">
<p><a href="#_ftnref5" name="_ftn5">[5]</a> Malak Singh vs. State Of Punjab & Haryana, AIR 1981 SC 760</p>
</div>
<div id="ftn6">
<p><a href="#_ftnref6" name="_ftn6">[6]</a> <i>Supra</i> note 3</p>
</div>
<div id="ftn7">
<p><a href="#_ftnref7" name="_ftn7">[7]</a> Law Commission, Indian Post Office Act, 1898 (38<sup>th</sup> Law Commission Report) para 84</p>
</div>
<div id="ftn8">
<p><a href="#_ftnref8" name="_ftn8">[8]</a> ibid</p>
</div>
<div id="ftn9">
<p><a href="#_ftnref9" name="_ftn9">[9]</a> id</p>
</div>
<div id="ftn10">
<p><a href="#_ftnref10" name="_ftn10">[10]</a> <i>Lok Sabha Debates</i> , Minister of Communications, Shri H.N. Bahuguna, August 9, 1972</p>
</div>
<div id="ftn11">
<p><a href="#_ftnref11" name="_ftn11">[11]</a> The Constitution of India, Article 358- Suspension of provisions of Article 19 during emergencies</p>
</div>
<div id="ftn12">
<p><a href="#_ftnref12" name="_ftn12">[12]</a> <i>Lok Sabha Debates</i> , Minister of Communications, Shri H.N. Bahuguna, August 9, 1972</p>
</div>
<div id="ftn13">
<p><a href="#_ftnref13" name="_ftn13">[13]</a> Hukam Chand v. Union of India, AIR 1976 SC 789</p>
</div>
<div id="ftn14">
<p><a href="#_ftnref14" name="_ftn14">[14]</a> ibid</p>
</div>
<div id="ftn15">
<p><a href="#_ftnref15" name="_ftn15">[15]</a> Liversidge v. Anderson [1942] A.C. 206</p>
</div>
<div id="ftn16">
<p><a href="#_ftnref16" name="_ftn16">[16]</a> State of M.P. v. Baldeo Prasad, AIR 1961 (SC) 293 (296)</p>
</div>
<div id="ftn17">
<p><a href="#_ftnref17" name="_ftn17">[17]</a> ibid</p>
</div>
<div id="ftn18">
<p><a href="#_ftnref18" name="_ftn18">[18]</a> Ghosh O.K. v. Joseph E.X. Air 1963 SC 812; 1963 Supp. (1) SCR 789</p>
</div>
<div id="ftn19">
<p><a href="#_ftnref19" name="_ftn19">[19]</a> Sakal Papers (P) Ltd. v. Union of India, AIR 1962 SC 305 (315); 1962 (3) SCR 842</p>
</div>
<div id="ftn20">
<p style="text-align: justify; "><a href="#_ftnref20" name="_ftn20">[20]</a> <i>See</i> Notable Observations- July to December 2012, Google Transparency Report, available at <a href="http://www.google.com/transparencyreport/removals/government/">http://www.google.com/transparencyreport/removals/government/</a> (last visited on July 2, 2014) (a 90% increase in Content removal requests by the Indian Government in the last year)</p>
</div>
<div id="ftn21">
<p style="text-align: justify; "><a href="#_ftnref21" name="_ftn21">[21]</a> Willis Wee, <i>Google Transparency Report: India Ranks as Third ‘Snoopiest’ Country</i>, July 6, 2011 available at <a href="http://www.techinasia.com/google-transparency-report-india/">http://www.techinasia.com/google-transparency-report-india/</a> (last visited on July 2, 2014)</p>
</div>
<div id="ftn22">
<p style="text-align: justify; "><a href="#_ftnref22" name="_ftn22">[22]</a> <i>See</i> Notable Observations- July to December 2012, Google Transparency Report, available at <a href="http://www.google.com/transparencyreport/removals/government/">http://www.google.com/transparencyreport/removals/government/</a> (last visited on July 2, 2014) (a 90% increase in Content removal requests by the Indian Government in the last year)</p>
</div>
<div id="ftn23">
<p style="text-align: justify; "><a href="#_ftnref23" name="_ftn23">[23]</a> Joji Thomas Philip, <i>Intelligence Bureau wants ISPs to log all customer details, </i>December 30, 2010 <a href="http://articles.economictimes.indiatimes.com/2010-12-30/news/27621627_1_online-privacy-internet-protocol-isps"> http://articles.economictimes.indiatimes.com/2010-12-30/news/27621627_1_online-privacy-internet-protocol-isps </a> (last visited on July 2, 2014)</p>
</div>
<div id="ftn24">
<p style="text-align: justify; "><a href="#_ftnref24" name="_ftn24">[24]</a> Deepa Kurup, <i>In the dark about ‘India’s Prism’</i> June 16, 2013 available at <a href="http://www.thehindu.com/sci-tech/technology/in-the-dark-about-indias-prism/article4817903.ece"> http://www.thehindu.com/sci-tech/technology/in-the-dark-about-indias-prism/article4817903.ece </a></p>
</div>
<div id="ftn25">
<p style="text-align: justify; "><a href="#_ftnref25" name="_ftn25">[25]</a> Saikat Dutta, We, The Eavesdropped May 3, 2010 available at <a href="http://www.outlookindia.com/article.aspx?265191">http://www.outlookindia.com/article.aspx?265191</a> (last visited on July 2, 2014)</p>
</div>
</div>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/the-constitutionality-of-indian-surveillance-law'>https://cis-india.org/internet-governance/blog/the-constitutionality-of-indian-surveillance-law</a>
</p>
No publisherbedaavyasaPrivacyInternet GovernanceSurveillancesurveillance technologiesSecurityArticle 19(1)(a)2014-08-04T04:52:42ZBlog EntryModels for Surveillance and Interception of Communications Worldwide
https://cis-india.org/internet-governance/blog/models-for-surveillance-and-interception-of-communications-worldwide
<b>This is an evaluation of laws and practices governing surveillance and interception of communications in 9 countries. The countries evaluated represent a diverse spectrum not only in terms of their global economic standing but also their intrusive surveillance capabilities. The analysis is limited to the procedural standards followed by these countries for authorising surveillance and provisions for resolving interception related disputes.</b>
<table class="grid" style="text-align: justify; ">
<thead></thead>
</table>
<table class="plain" style="text-align: justify; ">
<thead>
<tr>
<th>Sl. No.</th> <th>Country</th> <th>Legislation</th> <th>Model</th>
</tr>
</thead>
<tbody>
<tr>
<td>1.</td>
<td>Australia</td>
<td><b>Telecommunications (Interceptions and Access) Act, 1979</b><br />
<ul>
<li>Governs interception of communications</li>
<li>Relevant provisions: S. 3, 7, 6A, 34, 46</li>
</ul>
<b> Surveillance Devices Act, 2004 </b>
<ul>
<li>Establishes procedure for obtaining warrants and for use of surveillance devices</li>
<li>Relevant Provisions: S.13, 14</li>
</ul>
</td>
<td>
<ul>
<li> <span style="text-align: justify; ">Authorisation for surveillance is granted in the form of a warrant from a <b>Judge or a nominated member of the Administrative Appeals Tribunal</b></span></li>
<li><span style="text-align: justify; ">The warrant issuing authority must be satisfied that information obtained through interception shall assist in the investigation of a serious crime</span></li>
<li>The Acts provide a list of prescribed offences for which interception of communication may be authorized</li>
<li>T<span style="text-align: justify; ">he Acts also specify certain federal and state law enforcement agencies that may undertake surveillance</span></li>
</ul>
</td>
</tr>
<tr>
<td>2.</td>
<td>Brazil</td>
<td><b style="text-align: justify; ">Federal Law No. 9,296, 1996</b><span style="text-align: justify; ">:</span>
<ul>
<li>Regulates wiretapping</li>
</ul>
</td>
<td>
<ul>
<li> <span style="text-align: justify; ">Authorisation for interception is granted on a <b>Judge’s order</b> for a period of 15 days at a time</span></li>
<li>Interception is only allowed for investigations into serious offences like drug smuggling, corruption murder and kidnapping</li>
</ul>
</td>
</tr>
<tr>
<td>3.</td>
<td>Canada</td>
<td><b>Criminal Code, 1985</b>
<ul>
<li><span style="text-align: justify; ">Governs general rules of criminal procedure including search and seizure protocols</span></li>
<li>Relevant Provision: §§ 184.2, 184.4</li>
</ul>
</td>
<td>
<ul>
<li><span style="text-align: justify; ">Grants power to intercept communication by obtaining authorisation from a </span><b style="text-align: justify; ">provincial court judge or a judge of the superior court</b></li>
<li>Before granting his authorisation, the judge must be satisfied that either the originator of the communication or the recipient thereof has given his/her consent to the interception</li>
<li>Under exceptional circumstances, however, a police officer owing to the exigency of the situation may intercept communication without prior authorisation</li>
</ul>
</td>
</tr>
<tr>
<td>4.</td>
<td>France</td>
<td><b style="text-align: justify; "><i>Loi d'orientation et de programmation pour la performance de la sécurité intérieure</i></b><b style="text-align: justify; "> (LOPPSI 2), 2011</b><span style="text-align: justify; ">:</span>
<ul>
<li>Authorises use of video surveillance and interception of communications</li>
<li>Relevant Provisions: Article 36</li>
</ul>
<b><i>Loi de Programmation Militaire</i></b><b> (LPM), 2013</b>:
<ul>
<li>Authorises<b> </b>surveillance for protection of national security and prevention of terrorism</li>
</ul>
</td>
<td>
<ul>
<li> <span style="text-align: justify; ">Interception of comm<b>unication under LOPPSI 2 requires previous authorization from an investigating Judge after consultation with the Public Prosecutor</b></span></li>
<li><span style="text-align: justify; ">
<div style="text-align: left; ">Such authorization is granted for a period of 4 months which is further extendable by another 4 months</div>
</span></li>
<li><span style="text-align: justify; ">
<div style="text-align: left; "><span style="text-align: justify; ">
<div style="text-align: left; "><span style="text-align: justify; ">Interception of communication <b>under LPM does not require prior sanction from an investigating judge and is instead provided by the </b></span><span style="text-align: justify; "><b>Prime Minister’s office</b></span></div>
</span></div>
</span></li>
<li>Information that can be intercepted under LPM includes not only metadata but also content and geolocation services</li>
</ul>
</td>
</tr>
<tr>
<td>5.</td>
<td>Germany</td>
<td><span style="text-align: justify; "> </span><b style="text-align: justify; "><i>Gesetz zur Beschränkung des Brief-, Post und Fernmeldegeheimnisses </i>(G10 Act)<i>, </i>2001</b>
<ul>
<li>Imposes restrictions on the right to privacy and authorizes surveillance for protecting freedom and democratic order, preventing terrorism and illegal drug trade</li>
<li>Relevant Provisions: §3</li>
</ul>
<b>The German Code of Criminal Procedure (StPO), 2002</b><br />
<ul>
<li><span style="text-align: justify; ">Lays down search and seizure protocol and authorizes interception of telecommunications for criminal prosecutions</span></li>
<li>Relevant Provisions: §§ 97, 100a</li>
</ul>
</td>
<td>
<ul>
<li><span style="text-align: justify; ">Authorises </span><b style="text-align: justify; ">warrantless</b><span style="text-align: justify; "> surveillance by specific German agencies like the </span><i style="text-align: justify; ">Bundesnachrichtendienst </i><span style="text-align: justify; ">(Federal Intelligence Service)</span></li>
<li>Lays down procedure that must be followed while undertaking surveillance and intercepting communications</li>
<li><span style="text-align: justify; ">Authorises sharing of intercepted intelligence for criminal prosecutions</span></li>
<li><span style="text-align: justify; ">Mandates </span><i style="text-align: justify; ">ex post</i><span style="text-align: justify; "> notification to persons whose privacy has been violated but no judicial remedies are available to such persons</span></li>
<li>The Code of Criminal Procedure authorises interception of communication of a person suspected of being involved in a serious offence only on the <b>order of a court</b> upon <b>application by the public prosecution office</b></li>
</ul>
</td>
</tr>
<tr>
<td>6.</td>
<td>Pakistan</td>
<td><b>Pakistan Telecommunications Reorganisation Act, 1996:</b>
<ul>
<li>Controls the flow of false and fabricated information and protects national security</li>
<li>Relevant Provisions: § 54</li>
</ul>
<b>Investigation for Fair Trial Act, 2013:</b>
<ul>
<li>Regulates the powers of law enforcement and intelligence agencies regarding covert surveillance and interception of communications</li>
<li><span style="text-align: left; ">Relevant Provisions: §§ 6,7, 8, 9</span><span style="text-align: left; "> </span></li>
</ul>
</td>
<td>
<ul>
<li><span style="text-align: justify; ">Authorisation for interception is provided by the </span><b style="text-align: justify; ">federal government</b><span style="text-align: justify; ">. No formal legal structure to monitor surveillance exists</span></li>
<li>Interception can be authorized in the interest of national security and on the apprehension of any offence</li>
<li><span style="text-align: justify; ">Requests for filtering and blocking of content are routed through the Inter-Ministerial Committee for the Evaluation of Websites, a confidential regulatory body</span></li>
<li><span style="text-align: justify; ">Under the Fair Trial Act, interception can only be authorised on application to the </span><b style="text-align: justify; ">Fedral Minister for Interior</b><span style="text-align: justify; "> who shall then permit the application to be placed before a </span><b style="text-align: justify; ">High Court Judge</b></li>
<li>The warrant shall be issued by a judge only on his satisfaction that interception will aid in the collection of evidence and that a reasonable threat of the commission of a scheduled offence exists</li>
</ul>
</td>
</tr>
<tr>
<td>7.</td>
<td>South Africa</td>
<td><b style="text-align: justify; ">The Regulation of Interception of Communications and Provision of Communication-related Information Act, 2002</b>
<ul>
<li>Regulates and authorizes monitoring and interception of telecommunications services</li>
<li><span style="text-align: left; ">Relevant Provisions: §§ 16, 22</span></li>
</ul>
</td>
<td>
<ul>
<li><span style="text-align: justify; ">Warrant for intercepting communications and installing surveillance devices is granted by a </span><b style="text-align: justify; ">designated judge</b></li>
<li>The warrant is issued on satisfaction of the judge that the investigation relates to a serious offence or that the information gathering is vital to public health or safety, national security or compelling national economic interests</li>
</ul>
</td>
</tr>
<tr>
<td>8.</td>
<td>United Kingdom</td>
<td><b style="text-align: justify; ">Regulation of Investigatory Powers Act, 2000</b><span style="text-align: justify; ">:</span>
<ul>
<li>Authorises interception of communications and surveillance</li>
<li><span style="text-align: left; ">Relevant Provisions: §§ 5, 6, 65</span></li>
</ul>
</td>
<td>
<ul>
<li><span style="text-align: justify; ">Authorisation for interception is granted in the form of a warrant by the </span><b style="text-align: justify; ">Secretary of State </b><span style="text-align: justify; ">or in certain special cases by a </span><b style="text-align: justify; ">‘senior officer’</b></li>
<li>Communications can be intercepted only it is necessary to do so in the interest of national security or for the purpose of preventing and detecting serious crimes</li>
<li>Complaints of alleged illegal surveillance are heard by the Investigatory Powers Tribunal</li>
</ul>
</td>
</tr>
<tr>
<td>9.</td>
<td>United States</td>
<td><b style="text-align: justify; ">Electronic Communications Privacy Act, 1986 (Title III, Omnibus Crime Control and Safe Streets Act)</b>
<ul>
<li>Governs authorisation for wiretapping and interception</li>
<li><span style="text-align: left; ">Relevant Provisions: §18</span></li>
</ul>
</td>
<td>
<ul>
<li><span style="text-align: justify; ">Authorisation for interception can be granted by </span><b style="text-align: justify; ">a district court or federal appeals court</b><span style="text-align: justify; "> on application by a law enforcement officer duly signed by the attorney general</span></li>
<li>Application mandates obtaining the information through a service provider before invading upon individual’s privacy</li>
</ul>
</td>
</tr>
</tbody>
</table>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/models-for-surveillance-and-interception-of-communications-worldwide'>https://cis-india.org/internet-governance/blog/models-for-surveillance-and-interception-of-communications-worldwide</a>
</p>
No publisherbedaavyasasurveillance technologiesInternet GovernanceSurveillance2014-07-10T07:50:08ZBlog EntryWSIS+10 High Level Event: A Bird's Eye Report
https://cis-india.org/internet-governance/blog/wsis-10-high-level-event-a-birds-eye-report
<b>The WSIS+10 High Level was organised by the ITU and collaborative UN entities on June 9-13, 2014. It aimed to evaluate the progress on implementation of WSIS Outcomes from Geneva 2003 and Tunis 2005, and to envision a post-2015 Development Agenda. Geetha Hariharan attended the event on CIS' behalf.</b>
<p style="text-align: justify; "><span>The World Summit on Information Society (WSIS) +10 </span><a href="http://www.itu.int/wsis/implementation/2014/forum/">High Level Event</a><span> (HLE) was hosted at the ITU Headquarters in Geneva, from June 9-13, 2014. The HLE aimed to review the implementation and progress made on information and communication technology (ICT) across the globe, in light of WSIS outcomes (</span><a href="http://www.itu.int/wsis/index-p1.html">Geneva 2003</a><span> and </span><a href="http://www.itu.int/wsis/index-p2.html">Tunis 2005</a><span>). Organised in three parallel tracks, the HLE sought to take stock of progress in ICTs in the last decade (High Level track), initiate High Level Dialogues to formulate the post-2015 development agenda, as well as host thematic workshops for participants (Forum track).</span><span> </span></p>
<h3 style="text-align: justify; ">The High Level Track:</h3>
<p style="text-align: justify; "><img src="https://cis-india.org/internet-governance/blog/copy2_of_HighLevelTrack.jpg/@@images/be5f993c-3553-4d63-bb66-7cd16f8407dc.jpeg" alt="High Level Track" class="image-inline" title="High Level Track" /></p>
<p style="text-align: justify; "><i>Opening Ceremony, WSIS+10 High Level Event </i>(<a class="external-link" href="https://twitter.com/ITU/status/334587247556960256/photo/1">Source</a>)</p>
<p style="text-align: justify; ">The High Level track opened officially on June 10, 2014, and culminated with the endorsement by acclamation (as is ITU tradition) of two <a href="http://www.itu.int/wsis/implementation/2014/forum/inc/doc/outcome/362828V2E.pdf">Outcome Documents</a>. These were: (1) WSIS+10 Statement on the Implementation of WSIS Outcomes, taking stock of ICT developments since the WSIS summits, (2) WSIS+10 Vision for WSIS Beyond 2015, aiming to develop a vision for the post-2015 global information society. These documents were the result of the WSIS+10 <a href="http://www.itu.int/wsis/review/mpp/">Multi-stakeholder Preparatory Platform</a> (MPP), which involved WSIS stakeholders (governments, private sector, civil society, international organizations and relevant regional organizations).</p>
<p style="text-align: justify; ">The <strong>MPP</strong> met in six phases, convened as an open, inclusive consultation among WSIS stakeholders. It was not without its misadventures. While ITU Secretary General Dr. Hamadoun I. Touré consistently lauded the multi-stakeholder process, and Ambassador Janis Karklins urged all parties, especially governments, to “<i>let the UN General Assembly know that the multi-stakeholder model works for Internet governance at all levels</i>”, participants in the process shared stories of discomfort, disagreement and discord amongst stakeholders on various IG issues, not least human rights on the Internet, surveillance and privacy, and multi-stakeholderism. Richard Hill of the Association for Proper Internet Governance (<a href="http://www.apig.ch/">APIG</a>) and the Just Net Coalition writes that like NETmundial, the MPP was rich in a diversity of views and knowledge exchange, but stakeholders <a href="http://www.ip-watch.org/2014/06/16/what-questions-did-the-wsis10-high-level-event-answer/">failed to reach consensus</a> on crucial issues. Indeed, Prof. Vlamidir Minkin, Chairman of the MPP, expressed his dismay at the lack of consensus over action line C9. A compromise was agreed upon in relation to C9 later.<span> </span></p>
<p style="text-align: justify; ">Some members of civil society expressed their satisfaction with the extensive references to human rights and rights-centred development in the Outcome Documents. While governmental opposition was seen as frustrating, they felt that the <strong><span style="text-decoration: underline;">MPP had sought and achieved a common understanding</span></strong>, a sentiment <a href="https://twitter.com/covertlight/status/476748168051580928">echoed</a> by the ITU Secretary General. Indeed, even Iran, a state that had expressed major reservations during the MPP and felt itself unable to agree with the text, <a href="https://twitter.com/covertlight/status/476748723750711297">agreed</a> that the MPP had worked hard to draft a document beneficial to all.</p>
<p style="text-align: justify; ">Concerns around the MPP did not affect the <strong><span style="text-decoration: underline;">review of ICT developments</span></strong> over the last decade. High Level Panels with Ministers of ICT from states such as Uganda, Bangladesh, Sweden, Nigeria, Saudi Arabia and others, heads of the UN Development Programme, UNCTAD, Food and Agriculture Organisation, UN-WOMEN and others spoke at length of rapid advances in ICTs. The focus was largely on ICT access and affordability in developing states. John E. Davies of Intel repeatedly drew attention to innovative uses of ICTs in Africa and Asia, which have helped bridge divides of affordability, gender, education and capacity-building. Public-private partnerships were the best solution, he said, to affordability and access. At a ceremony evaluating implementation of WSIS action-lines, the Centre for Development of Advanced Computing (C-DAC), India, <a href="https://twitter.com/covertlight/status/476748723750711297">won an award</a> for its e-health application MOTHER.</p>
<p style="text-align: justify; "><span>The Outcome Documents themselves shall be analysed in a separate post. But in sum, the dialogue around Internet governance at the HLE centred around the success of the MPP. Most participants on panels and in the audience felt this was a crucial achievement within the realm of the UN, where the Tunis Summit had delineated strict roles for stakeholders in paragraph 35 of the </span><a href="http://www.itu.int/wsis/docs2/tunis/off/6rev1.html">Tunis Agenda</a><span>. Indeed, there was palpable relief in Conference Room 1 at the </span><a href="http://www.cicg.ch/en/">CICG</a><span>, Geneva, when on June 11, Dr. Touré announced that the Outcome Documents would be adopted without a vote, in keeping with ITU tradition, even if consensus was achieved by compromise.</span></p>
<h3 style="text-align: justify; ">The High Level Dialogues:</h3>
<p style="text-align: justify; "><img src="https://cis-india.org/internet-governance/blog/HighLevelDialogues.jpg/@@images/3c30d94f-7a65-4912-bb42-2ccd3b85a18d.jpeg" alt="High Level Dialogues" class="image-inline" title="High Level Dialogues" /></p>
<p style="text-align: justify; "><i>Prof. Vladimir Minkin delivers a statement.</i> (<a class="external-link" href="https://twitter.com/JaroslawPONDER/status/476288845013843968/photo/1">Source</a>)</p>
<p style="text-align: justify; ">The High Level Dialogues on developing a post-2015 Development Agenda, based on WSIS action lines, were active on June 12. Introducing the Dialogue, Dr. Touré lamented the Millennium Development Goals as a “<i>lost opportunity</i>”, emphasizing the need to alert the UN General Assembly and its committees as to the importance of ICTs for development.</p>
<p style="text-align: justify; ">As on previous panels, there was <strong><span style="text-decoration: underline;">intense focus on access, affordability and reach in developing countries</span></strong>, with Rwanda and Bangladesh expounding upon their successes in implementing ICT innovations domestically. The world is more connected than it was in 2005, and the ITU in 2014 is no longer what it was in 2003, said speakers. But we lack data on ICT deployment across the globe, said Minister Knutssen of Sweden, recalling the gathering to the need to engage all stakeholders in this task. Speakers on multiple panels, including the Rwandan Minister for CIT, Marilyn Cade of ICANN and Petra Lantz of the UNDP, emphasized the need for ‘smart engagement’ and capacity-building for ICT development and deployment.</p>
<p style="text-align: justify; ">A crucial session on cybersecurity saw Dr. Touré envision a global peace treaty accommodating multiple stakeholders. On the panel were Minister Omobola Johnson of Nigeria, Prof. Udo Helmbrecht of the European Union Agency for Network and Information Security (ENISA), Prof. A.A. Wahab of Cybersecurity Malaysia and Simon Muller of Facebook. The focus was primarily on building laws and regulations for secure communication and business, while child protection was equally considered.<span> </span></p>
<p style="text-align: justify; ">The lack of laws/regulations for cybersecurity (child pornography and jurisdictional issues, for instance), or other legal protections (privacy, data protection, freedom of speech) in rapidly connecting developing states was noted. But the <strong><span style="text-decoration: underline;">question of cross-border surveillance and wanton violations of privacy went unaddressed</span></strong> except for the customary, unavoidable mention. This was expected. Debates in Internet governance have, in the past year, been silently and invisibly driven by the Snowden revelations. So too, at WSIS+10 Cybersecurity, speakers emphasized open data, information exchange, data ownership and control (the <a href="https://cis-india.org/internet-governance/blog/ecj-rules-internet-search-engine-operator-responsible-for-processing-personal-data-published-by-third-parties">right to be forgotten</a>), but did not openly address surveillance. Indeed, Simon Muller of Facebook called upon governments to publish their own transparency reports: A laudable suggestion, even accounting for Facebook’s own undetailed and truncated reports.</p>
<p style="text-align: justify; ">In a nutshell, the post-2015 Development Agenda dialogues repeatedly emphasized the importance of ICTs in global connectivity, and their impact on GDP growth and socio-cultural change and progress. The focus was on taking this message to the UN General Assembly, engaging all stakeholders and creating an achievable set of action lines post-2015.</p>
<h3 style="text-align: justify; ">The Forum Track:</h3>
<p><img src="https://cis-india.org/internet-governance/blog/copy_of_ForumTrack.jpg/@@images/dfcce68a-18d7-4f1e-897b-7208bb60abc9.jpeg" alt="Forum Track" class="image-inline" title="Forum Track" /></p>
<p><i>Participants at the UNESCO session on its Comprehensive Study on Internet-related Issues</i> (<a class="external-link" href="https://twitter.com/leakaspar/status/476690921644646400/photo/1">Source</a>)</p>
<p style="text-align: justify; ">The HLE was organized as an extended version of the WSIS Forum, which hosts thematic workshops and networking opportunities, much like any other conference. Running in parallel sessions over 5 days, the WSIS Forum hosted sessions by the ITU, UNESCO, UNDP, ICANN, ISOC, APIG, etc., on issues as diverse as the WSIS Action Lines, the future of Internet governance, the successes and failures of <a href="http://www.internetgovernance.org/2012/12/18/itu-phobia-why-wcit-was-derailed/">WCIT-2012</a>, UNESCO’s <a href="http://www.unesco.org/new/internetstudy">Comprehensive Study on Internet-related Issues</a>, spam and a taxonomy of Internet governance.<span> </span></p>
<p style="text-align: justify; ">Detailed explanation of each session I attended is beyond the scope of this report, so I will limit myself to the interesting issues raised.<span> </span></p>
<p style="text-align: justify; ">At ICANN’s session on its own future (June 9), Ms. Marilyn Cade emphasized the <strong><span style="text-decoration: underline;">importance of national and regional IGFs</span></strong> for both issue-awareness and capacity-building. Mr. Nigel Hickson spoke of engagement at multiple Internet governance fora: “<i>Internet governance is not shaped by individual events</i>”. In light of <a href="http://www.internetgovernance.org/2014/04/16/icann-anything-that-doesnt-give-iana-to-me-is-out-of-scope/">criticism</a> of ICANN’s apparent monopoly over IANA stewardship transition, this has been ICANN’s continual <a href="https://www.icann.org/resources/pages/process-next-steps-2014-06-06-en">response</a> (often repeated at the HLE itself). Also widely discussed was the <strong><span style="text-decoration: underline;">role of stakeholders in Internet governance</span></strong>, given the delineation of roles and responsibilities in the Tunis Agenda, and governments’ preference for policy-monopoly (At WSIS+10, Indian Ambassador Dilip Sinha seemed wistful that multilateralism is a “<i>distant dream</i>”).<span> </span></p>
<p style="text-align: justify; ">This discussion bore greater fruit in a session on Internet governance ‘taxonomy’. The session saw <a href="https://www.icann.org/profiles/george-sadowsky">Mr. George Sadowsky</a>, <a href="http://www.diplomacy.edu/courses/faculty/kurbalija">Dr. Jovan Kurbalija</a>, <a href="http://www.williamdrake.org/">Mr. William Drake</a> and <a href="http://www.itu.int/wsis/implementation/2014/forum/agenda/session_docs/170/ThoughtsOnIG.pdf">Mr. Eliot Lear</a> (there is surprisingly no official profile-page on Mr. Lear) expound on dense structures of Internet governance, involving multiple methods of classification of Internet infrastructure, CIRs, public policy issues, etc. across a spectrum of ‘baskets’ – socio-cultural, economic, legal, technical. Such studies, though each attempting clarity in Internet governance studies, indicate that the closer you get to IG, the more diverse and interconnected the eco-system gets. David Souter’s diagrams almost capture the flux of dynamic debate in this area (please see pages 9 and 22 of <a href="http://www.internetsociety.org/sites/default/files/ISOC%20framework%20for%20IG%20assessments%20-%20D%20Souter%20-%20final_0.pdf">this ISOC study</a>).</p>
<p style="text-align: justify; ">There were, for most part, insightful interventions from session participants. Mr. Sadowsky questioned the effectiveness of the Tunis Agenda delineation of stakeholder-roles, while Mr. Lear pleaded that techies be let to do their jobs without interference. <a href="http://internetdemocracy.in/">Ms. Anja Kovacs</a> raised pertinent concerns about <strong><span style="text-decoration: underline;">including voiceless minorities in a ‘rough consensus’ model</span></strong>. Across sessions, <strong><span style="text-decoration: underline;">questions of mass surveillance, privacy and data ownership rose</span></strong> from participants. The protection of human rights on the Internet – especially freedom of expression and privacy – made continual appearance, across issues like spam (<a href="http://www.itu.int/ITU-D/CDS/sg/rgqlist.asp?lg=1&sp=2010&rgq=D10-RGQ22.1.1&stg=1">Question 22-1/1</a> of ITU-D Study Group 1) and cybersecurity.</p>
<h3 style="text-align: justify; ">Conclusion:</h3>
<p style="text-align: justify; ">The HLE was widely attended by participants across WSIS stakeholder-groups. At the event, a great many relevant questions such as the future of ICTs, inclusions in the post-2015 Development Agenda, the value of muti-stakeholder models, and human rights such as free speech and privacy were raised across the board. Not only were these raised, but cognizance was taken of them by Ministers, members of the ITU and other collaborative UN bodies, private sector entities such as ICANN, technical community such as the ISOC and IETF, as well as (obviously) civil society.<span> </span></p>
<p style="text-align: justify; ">Substantively, the HLE did not address mass surveillance and privacy, nor of expanding roles of WSIS stakeholders and beyond. Processually, the MPP failed to reach consensus on several issues comfortably, and a compromise had to be brokered.</p>
<p style="text-align: justify; "><span>But perhaps a big change at the HLE was the positive attitude to multi-stakeholder models from many quarters, not least the ITU Secretary General Dr. Hamadoun Touré. His repeated calls for acceptance of multi-stakeholderism left many members of civil society surprised and tentatively pleased. Going forward, it will be interesting to track the ITU and the rest of UN’s (and of course, member states’) stances on multi-stakeholderism at the ITU Plenipot, the WSIS+10 Review and the UN General Assembly session, at the least.</span></p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/wsis-10-high-level-event-a-birds-eye-report'>https://cis-india.org/internet-governance/blog/wsis-10-high-level-event-a-birds-eye-report</a>
</p>
No publishergeethaWSIS+10PrivacyCybersecurityHuman Rights OnlineSurveillanceFreedom of Speech and ExpressionInternet GovernanceFacebookData ProtectionMulti-stakeholderICANNInternet AccessITUInternet StudiesE-GovernanceICT2014-06-20T15:57:32ZBlog EntryUN Human Rights Council urged to protect human rights online
https://cis-india.org/internet-governance/blog/un-human-rights-council-urged-to-protect-human-rights-online
<b>63 civil society groups urged the UN Human Rights Council to address global challenges to freedom of expression, privacy and other human rights on the Internet. Centre for Internet & Society joined in the statement, delivered on behalf of the 63 groups by Article 19.
</b>
<p style="text-align: justify; ">The 26th session of the United Nations Human Rights Council (UNHRC) is currently ongoing (June 10-27, 2014). <span>On June 19, 2014, 63 civil society groups joined together to urge the United Nations Human Rights Council to protect human rights online and address global challenged to their realization. Centre for Internet & Society joined in support of the statement ("<strong>the Civil Society Statement</strong>"), which was delivered by Article 19 on behalf of the 63 groups.</span></p>
<p style="text-align: justify; ">In its consensus resolution <a class="external-link" href="http://ap.ohchr.org/documents/dpage_e.aspx?si=A/HRC/RES/20/8">A/HRC/20/8 (2012)</a>, the UNHRC affirmed that the "<span><i>same rights that people have offline must also be protected online, in particular freedom of expression, which is applicable regardless of frontiers and through any media of one’s choice</i>". India, a current member of the UNHRC, stood in support of resolution 20/8. The protection of human rights online was also a matter of popular agreement at <a class="external-link" href="http://netmundial.br/wp-content/uploads/2014/04/NETmundial-Multistakeholder-Document.pdf">NETmundial 2014</a>, which similarly emphasised the importance of protecting human rights online in accordance with international human rights obligations. Moreover, the WSIS+10 High Level Event, organised by the ITU in collaboration with other UN entities, emphasized the criticality of expanding access to ICTs across the globe, including infrastructure, affordability and reach.</span></p>
<p style="text-align: justify; ">The Civil Society Statement at HRC26 highlights the importance of retaining the Internet as a global resource - a democratic, free and pluralistic platform. However, the recent record of freedom of expression and privacy online have resulted in a deficit of trust and free, democratic participation. <a class="external-link" href="http://www.nytimes.com/2014/03/21/world/europe/turkish-officials-block-twitter-in-leak-inquiry.html">Turkey</a>, <a class="external-link" href="http://www.bbc.com/news/blogs-trending-25756864">Malaysia</a>, <a class="external-link" href="http://www.washingtonpost.com/blogs/monkey-cage/wp/2014/05/27/thailands-cybercoup/">Thailand</a>, <a class="external-link" href="http://www.theguardian.com/world/2014/jun/02/egypt-police-monitor-social-media-dissent-facebook-twitter-protest">Egypt</a> and <a class="external-link" href="http://timesofindia.indiatimes.com/tech/tech-news/Facebook-under-fire-for-blocking-pages-in-Pakistan/articleshow/36194872.cms">Pakistan</a> have blocked web-pages and social media content, while Edward Snowden's <a class="external-link" href="https://www.eff.org/deeplinks/2014/05/looking-back-one-year-after-edward-snowden-disclosures-international-perspective">revelations</a> have heightened awareness of human rights violations on the Internet.</p>
<p style="text-align: justify; ">At a time when governance of the Internet and its institutions is evolving, a human rights centred perspective is crucial. Openness and transparency - both in the governance of Internet institutions and rights online - are crucial to continuing growth of the Internet as a global, democratic and free resource, where freedom of expression, privacy and other rights are respected regardless of location or nationality. In particular, the Civil Society Statement calls attention to <a class="external-link" href="https://en.necessaryandproportionate.org/take-action/EFF">principles of necessity and proportionality</a> to regulate targeted interception and collection of personal data.</p>
<p style="text-align: justify; ">The UNHRC, comprising 47 member states, is called upon to address these global challenges. Guided by resolutions A/HRC/20/8 and <a class="external-link" href="http://www.un.org/ga/search/view_doc.asp?symbol=A/C.3/68/L.45/Rev.1">A/RES/68/167</a>, the WSIS+10 High Level Event <a class="external-link" href="http://www.itu.int/wsis/implementation/2014/forum/inc/doc/outcome/362828V2E.pdf">Outcome Documents</a> (especially operative paragraphs 2, 8 and 11 of the Vision Document) and the <a class="external-link" href="http://www.ohchr.org/EN/Issues/DigitalAge/Pages/DigitalAgeIndex.aspx">forthcoming report</a> of the UN High Commissioner for Human Rights regarding privacy in the digital age, the UNHRC as well as other states may gather the opportunity and intention to put forth a strong case for human rights online in our post-2015 development-centred world.</p>
<h3><span>Civil Society Statement:</span></h3>
<p style="text-align: justify; ">The full oral statement can be accessed <b><a href="https://cis-india.org/internet-governance/blog/unhrc-civil-society-statement-26th-session" class="internal-link">here</a></b>.</p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/un-human-rights-council-urged-to-protect-human-rights-online'>https://cis-india.org/internet-governance/blog/un-human-rights-council-urged-to-protect-human-rights-online</a>
</p>
No publishergeethaSocial MediaFreedom of Speech and ExpressionHuman Rights OnlineSurveillanceInternet GovernanceUNHRC2014-06-19T13:28:32ZBlog EntryFOEX Live: June 1-7, 2014
https://cis-india.org/internet-governance/blog/foex-live-june-1-7-2014
<b>A weekly selection of news on online freedom of expression and digital technology from across India (and some parts of the world). </b>
<p><i><span>Delhi NCR</span></i>:</p>
<p>Following a legal notice from Dina Nath Batra, publisher Orient BlackSwan <a href="http://indianexpress.com/article/india/india-others/its-batra-again-book-on-sexual-violence-in-ahmedabad-riots-is-set-aside-by-publisher/">“set aside… for the present”</a> <i>Communalism and Sexual Violence: Ahmedabad Since 1969</i> by Dr. Megha Kumar, citing the need for a “comprehensive assessment”. Dr. Kumar’s book is part of the ‘Critical Thinking on South Asia’ series, and studies communal and sexual violence in the 1969, 1985 and 2002 riots of Ahmedabad. Orient BlackSwan insists this is a pre-release assessment, while Dr. Kumar contests that her book went to print in March 2014 after extensive editing and peer review. Dina Nath Batra’s civil suit <a href="http://www.nybooks.com/articles/archives/2014/may/08/india-censorship-batra-brigade/">led Penguin India to withdraw</a> Wendy Doniger’s <i>The Hindus: An Alternative History</i> earlier this year.</p>
<p>The Delhi Police’s Facebook page aimed at reaching out to Delhi residents hailing from the North East <a href="http://www.assamtribune.com/scripts/detailsnew.asp?id=jun0114/at044">proved to be popular</a>.</p>
<p><i><span>Goa</span></i>:</p>
<p>Shipbuilding engineer Devu Chodankar’s <a href="http://www.ifex.org/india/2014/06/02/anti_modi_comments/">ordeal continued</a>. Chodankar, in a statement to the cyber crime cell of the Goa police, <a href="http://timesofindia.indiatimes.com/India/Police-question-Devu-Chodankar-on-Facebook-posts-for-over-5-hours/articleshow/35965869.cms">clarified</a> that his allegedly inflammatory statements were directed against the induction of the Sri Ram Sene’s Pramod Muthalik into the BJP. Chodankar’s laptop, hard-disk and mobile Internet dongle were <a href="http://www.thehindu.com/news/national/other-states/goa-police-seizes-chodankars-laptop-dongle/article6075406.ece">seized</a>.</p>
<p><i><span>Jammu & Kashmir</span></i>:</p>
<p>Chief Minister Omar Abdullah announced the <a href="http://www.onislam.net/english/news/asia-pacific/473153-youth-cheer-kashmirs-sms-ban-lift.html">withdrawal of a four-year-old SMS ban</a> in the state. The ban was instituted in 2010 following widespread protests, and while it was lifted for post-paid subscribers six months later, pre-paid connections were banned from SMSes until now.</p>
<p><i><span>Maharashtra</span></i>:</p>
<p><a href="http://timesofindia.indiatimes.com/india/Maharashtra-police-to-crack-whip-on-those-who-like-offensive-Facebook-posts/articleshow/35974198.cms?utm_source=twitter.com&utm_medium=referral&utm_campaign=timesofindia">In a move to contain public protests</a> over ‘objectionable posts’ about Chhatrapati Shivaji, Dr. B.R. Ambedkar and the late Bal Thackeray (comments upon whose death <a href="http://www.bbc.com/news/world-asia-india-20490823">led to the arrests</a> of Shaheen Dhada and Renu Srinivasan under Section 66A), Maharashtra police will take action against even those who “like” such posts. ‘Likers’ may be charged under the Information Technology Act and the Criminal Procedure Code, say Nanded police.</p>
<p>A young Muslim man was <a href="http://indianexpress.com/article/india/politics/muslim-techie-beaten-to-death-in-pune-7-men-of-hindu-outfit-held/">murdered</a> in Pune, apparently connected to the online publication of ‘derogatory’ pictures of Chhatrapati Shivaji and Bal Thackarey. Members of Hindu extremists groups <a href="http://www.hindustantimes.com/india-news/pune-techie-killed-sms-boasts-of-taking-down-first-wicket/article1-1226023.aspx">celebrated</a> his murder, it seems. Pune’s BJP MP, Anil Shirole, <a href="http://timesofindia.indiatimes.com/India/Pune-techie-murder-BJP-MP-says-some-repercussions-to-derogatory-FB-post-natural/articleshow/36112291.cms">said</a>, “some repercussions are natural”. Members of the Hindu Rashtra Sena <a href="http://www.thehindu.com/news/national/other-states/seven-rightwing-activists-held-over-techies-killing-in-pune/article6081812.ece">were held</a> for the murder, but it seems that the photographs were uploaded from <a href="http://www.deccanchronicle.com/140606/nation-crime/article/pune-techie-murder-fb-pictures-uploaded-foreign-ip-addresses">foreign IP addresses</a>. Across Maharashtra, 187 rioting<a href="http://timesofindia.indiatimes.com/city/mumbai/Offensive-FB-posts-187-rioting-cases-filed-710-held/articleshow/36176283.cms">cases have been registered</a> against a total of 710 persons, allegedly in connection with the offensive Facebook posts.</p>
<p>On a lighter note, <a href="http://post.jagran.com/what-bollywood-expects-from-new-ib-minister-1401860268">Bollywood hopes</a> for a positive relationship with the new government on matters such as film censorship, tax breaks and piracy.</p>
<p><i><span>News & Opinion</span></i>:</p>
<p>Shocking the world, Vodafone <a href="http://www.theguardian.com/business/2014/jun/06/vodafone-reveals-secret-wires-allowing-state-surveillance">reported</a> the existence of secret, direct-access wires that enable government surveillance on citizens. India is among 29 governments that sought access to its networks, <a href="http://www.dailymail.co.uk/indiahome/indianews/article-2651060/Unprecedented-terrifying-Scale-mobile-phone-snooping-uncovered-Vodaphone-reveals-government-requested-access-network.html">says Vodafone</a>.</p>
<p>I&B Minister <a href="http://www.exchange4media.com/55952_theres-no-need-for-the-govt-to-intervene-in-self-regulation-prakash-javadekar.html">Prakash Javadekar expressed his satisfaction</a> with media industry self-regulation, and stated that while cross-media ownership is a <a href="http://www.newstrackindia.com/newsdetails/2014/06/05/146--Japan-to-ban-possession-of-child-pornography-except-comics-.html">matter for debate</a>, it is the <i>legality</i> of transactions such as the <a href="http://caravanmagazine.in/vantage/biggest-problem-network18">Reliance-Network18 acquisition</a> that is important.</p>
<p>Nikhil Pahwa of <i>Medianama</i> wrote of a <a href="http://www.medianama.com/2014/06/223-right-to-be-forgotten-india/">‘right to be forgotten’ request they received</a> from a user in light of the recent European Court of Justice <a href="https://cis-india.org/internet-governance/blog/ecj-rules-internet-search-engine-operator-responsible-for-processing-personal-data-published-by-third-parties">ruling</a>. The right raises a legal dilemma in India, <i>LiveMint</i> <a href="http://www.livemint.com/Industry/5jmbcpuHqO7UwX3IBsiGCM/Right-to-be-forgotten-poses-a-legal-dilemma-in-India.html">reports</a>. <i>Medianama </i>also <a href="http://www.medianama.com/2014/06/223-maharashtra-police-warns-against-liking-objectionable-posts-on-facebook/">comments</a> on Maharashtra police’s decision to take action against Facebook ‘likes’, noting that at the very least, a like and a comment do not amount to the same thing.</p>
<p><i>The Hindu</i> was scorching in its <a href="http://www.thehindu.com/opinion/editorial/no-tolerance-for-hate-crimes/article6090098.ece">editorial on the Pune murder</a>, warning that the new BJP government stands to lose public confidence if it does not clearly demonstrate its opposition to religious violence. The <i>Times of India</i> <a href="http://timesofindia.indiatimes.com/home/opinion/edit-page/PM-Modi-must-condemn-Sadique-Shaikhs-murder-and-repeal-draconian-Section-66A/articleshow/36114346.cms">agrees</a>.</p>
<p>Sanjay Hegde <a href="http://articles.economictimes.indiatimes.com/2014-06-01/news/50245814_1_blasphemy-laws-puns-speech">wrote</a> of Section 66A of the Information Technology Act, 2000 (as amended in 2008) as a medium-focused criminalization of speech. dnaEdit also <a href="http://www.dnaindia.com/analysis/editorial-dnaedit-netizens-bugbear-1992826">published</a> its criticism of Section 66A.</p>
<p>Ajit Ranade of the <i>Mumbai Mirror</i> <a href="http://www.mumbaimirror.com/columns/columnists/ajit-ranade/Republic-of-hurt-sentiments/articleshow/36191142.cms">comments</a> on India as a ‘republic of hurt sentiments’, criminalizing exercises of free speech from defamation, hate speech, sedition and Section 66A. But in this hurt and screaming republic, <a href="http://www.newindianexpress.com/cities/bangalore/Why-Dissent-Needs-to-Stay-Alive/2014/06/03/article2261386.ece1">dissent is crucial</a> and must stay alive.</p>
<p>A cyber security expert is of the opinion that the police find it <a href="http://www.dnaindia.com/mumbai/report-derogatory-post-difficult-to-block-on-networking-sites-cyber-security-experts-1993093">difficult to block webpages</a> with derogatory content, as servers are located outside India. But <a href="http://blogs.wsj.com/indiarealtime/2014/06/05/indias-snooping-and-snowden/">data localization will not help</a> India, writes Jayshree Bajoria.</p>
<p>Dharma Adhikari <a href="http://www.myrepublica.com/portal/index.php?action=news_details&news_id=76335">tries to analyze</a> the combined impact of converging media ownership, corporate patronage of politicians and elections, and recent practices of forced and self-censorship and criminalization of speech.</p>
<p><i><span>Elsewhere in the world</span></i>:</p>
<p>In Pakistan, Facebook <a href="http://timesofindia.indiatimes.com/tech/tech-news/Facebook-under-fire-for-blocking-pages-in-Pakistan/articleshow/36194872.cms">has been criticized</a> for blocking pages of a Pakistani rock band and several political groups, primarily left-wing. Across the continent in Europe, Google <a href="http://timesofindia.indiatimes.com/Tech/Tech-News/Googles-new-problem-in-Europe-A-negative-image/articleshow/35936971.cms">is suffering</a> from a popularity dip.</p>
<p>The National Council for Peace and Order, the military government in Thailand, has taken over not only the government,<a href="http://www.washingtonpost.com/blogs/monkey-cage/wp/2014/05/27/thailands-cybercoup/">but also controls the media</a>. The military <a href="http://www.ibtimes.com/thai-junta-calls-meetings-google-facebook-over-allegedly-anti-coup-content-photo-1593088">cancelled its meetings</a> with Google and Facebook. Thai protesters <a href="http://www.nytimes.com/2014/06/03/world/asia/thai-protesters-flash-hunger-games-salute-to-register-quiet-dissent.html">staged a quiet dissent</a>. The Asian Human Rights Commission <a href="http://www.humanrights.asia/news/forwarded-news/AHRC-FST-035-2014">condemned</a> the coup. For an excellent take on the coup and its dangers, please redirect <a href="http://www.worldpolicy.org/blog/2014/06/02/thailand%E2%80%99s-military-coup-tenuous-democracy">here</a>. For a round-up of editorials and op-eds on the coup, redirect <a href="http://asiancorrespondent.com/123345/round-up-of-op-eds-and-editorials-on-the-thai-coup/">here</a>.</p>
<p>China <a href="http://economictimes.indiatimes.com/tech/internet/china-escalates-attack-on-google/articleshow/35993349.cms">has cracked down</a> on Google, affecting Gmail, Translate and Calendar. It is speculated that the move is connected to the 25<sup>th</sup> anniversary of the Tiananmen Square protests and government reprisal. At the same time, a Tibetan filmmaker who was jailed for six years for his film, <i>Leaving Fear Behind</i>, <a href="http://chinadigitaltimes.net/2014/06/china-releases-tibetan-filmmaker-jail/">has been released</a> by Chinese authorities. <i>Leaving Fear Behind </i>features a series of interviews with Tibetans of the Qinghai province in the run-up to the controversial Beijing Olympics in 2008.</p>
<p>Japan looks set to <a href="http://www.newstrackindia.com/newsdetails/2014/06/05/146--Japan-to-ban-possession-of-child-pornography-except-comics-.html">criminalize</a> possession of child pornography. According to reports, the proposed law does not extend to comics or animations or digital simulations.</p>
<p>Egypt’s police is looking to build a <a href="http://www.theguardian.com/world/2014/jun/02/egypt-police-monitor-social-media-dissent-facebook-twitter-protest">social media monitoring system</a> to track expressions of dissent, including “<i>profanity, immorality, insults and calls for strikes and protests</i>”.</p>
<p>Human rights activists <a href="http://www.theguardian.com/world/2014/jun/02/facebook-bashar-al-assad-campaign-syria-election">asked Facebook to deny its services</a> to the election campaign of Syrian President Bashar al-Assad, ahead of elections on June 3.</p>
<p><i><span>Call for inputs</span></i>:</p>
<p>The Law Commission of India seeks comments from stakeholders and citizens on media law. The consultation paper may be found <a href="http://www.lawcommissionofindia.nic.in/views/Consultation%20paper%20on%20media%20law.doc">here</a>. The final date for submission is June 19, 2014.</p>
<p>____________________________________________________________________________________________________________</p>
<p>For feedback and comments, Geetha Hariharan is available by email at <span>geetha@cis-india.org or on Twitter, where her handle is @covertlight. </span></p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/foex-live-june-1-7-2014'>https://cis-india.org/internet-governance/blog/foex-live-june-1-7-2014</a>
</p>
No publishergeethaIT ActSocial MediaFreedom of Speech and ExpressionPrivacyFOEX LiveSurveillanceCensorship2014-06-07T13:33:45ZBlog EntryWho Governs the Internet? Implications for Freedom and National Security
https://cis-india.org/internet-governance/blog/yojana-april-2014-sunil-abraham-who-governs-the-internet-implications-for-freedom-and-national-security
<b>The second half of last year has been quite momentous for Internet governance thanks to Edward Snowden. German Chancellor Angela Merkel and Brazilian President Dilma Rousseff became aware that they were targets of US surveillance for economic not security reasons. They protested loudly.</b>
<hr />
<p>The article was published in Yojana (April 2014 Issue). <a href="https://cis-india.org/internet-governance/blog/yojana-april-2014-who-governs-the-internet.pdf" class="external-link">Click to download the original here</a>. (PDF, 177 Kb)</p>
<hr />
<p style="text-align: justify; ">The role of the US perceived by some as the benevolent dictator or primary steward of the Internet because of history, technology, topology and commerce came under scrutiny again. The I star bodies also known as the technical community - Internet Corporation for Assigned Names and Numbers (ICANN); five Regional Internet Registries (RIRs) ie. African, American, Asia-Pacific, European and Latin American; two standard setting organisations - World Wide Web Consortium (W3C) & Internet Engineering Task Force (IETF); the Internet Architecture Board (IAB); and Internet Society (ISOC) responded by issuing the Montevideo Statement <a href="#fn1" name="fr1">[1] </a> on the 7th of October. The statement expressed "strong concern over the undermining of the trust and confidence of Internet users globally due to recent revelations of pervasive monitoring and surveillance." It called for "accelerating the globalization of ICANN and IANA functions..." - did this mean that the I star bodies were finally willing to end the special role that US played in Internet governance? However, that dramatic shift in position was followed with the following qualifier "...towards an environment in which all stakeholders, including all governments, participate on an equal footing." Clearly indicating that for the I star bodies multistakeholderism was non-negotiable. Two days later President Rousseff after a meeting with Fadi Chehadé, announced on Twitter that Brazil would host "an international summit of governments, industry, civil society and academia." <a href="#fn2" name="fr2">[2] </a> The meeting has now been dubbed Net Mundial and 188 proposals for “principles” or “roadmaps for the further evolution of the Internet governance ecosystem” have been submitted for discussion in São Paulo on the 23rd and 24th of April. The meeting will definitely be an important milestone for multilateral and multi-stakeholder mechanisms in the ecosystem.</p>
<p style="text-align: justify; ">It has been more than a decade since this debate between multilateralism and multi-stakeholderism has ignited. Multistakeholderism is a form of governance that seeks to ensure that every stakeholder is guaranteed a seat at the policy formulation table (either in consultative capacity or in decision making capacity depending who you ask). The Tunis Agenda, which was the end result of the 2003-05 WSIS upheld the multistakeholder mode. The 2003–2005 World Summit on the Information Society process was seen by those favouring the status quo at that time as the first attempt by the UN bodies or multilateralism - to takeover the Internet. However, the end result i.e. Tunis Agenda <a href="#fn3" name="fr3">[3]</a> clarified and reaffirmed multi-stakeholderism as the way forward even though multilateral governance mechanisms were also accepted as a valid component of Internet governance. The list of stakeholders included states, the private sector, civil society, intergovernmental organisations, international standards organisations and the “academic and technical communities within those stakeholder groups mentioned” above. The Tunis Agenda also constituted the Internet Governance Forum (IGF) and the process of Enhanced Cooperation.</p>
<p style="text-align: justify; ">The IGF was defined in detail with a twelve point mandate including to “identify emerging issues, bring them to the attention of the relevant bodies and the general public, and, where appropriate, make recommendations.” In brief it was to be a learning Forum, a talk shop and a venue for developing soft law not international treaties. Enhanced Cooperation was defined as “to enable governments, on an equal footing, to carry out their roles and responsibilities, in international public policy issues pertaining to the Internet, but not in the day-to-day technical and operational matters, that do not impact on international public policy issues” – and to this day, efforts are on to define it more clearly.</p>
<p style="text-align: justify; ">Seven years later, during the World Conference on Telecommunication in Dubai, the status quoists dubbed it another attempt by the UN to take over the Internet. Even those non-American civil society actors who were uncomfortable with US dominance were willing to settle for the status quo because they were convinced that US court would uphold human rights online more robustly than most other countries. In fact, the US administration had laid a good foundation for the demonization of the UN and other nation states that preferred an international regime. "Internet freedom" was State Department doctrine under the leadership of Hillary Clinton. As per her rhetoric – there were good states, bad states and swing states. The US, UK and some Scandinavian countries were the defenders of freedom. China, Russia and Saudi Arabia were examples of authoritarian states that were balkanizing the Internet. And India, Brazil and Indonesia were examples of swing states – in other words, they could go either way – join the good side or the dark side.</p>
<p style="text-align: justify; ">But Internet freedom rhetoric was deeply flawed. The US censorship regime is really no better than China’s. China censors political speech – US censors access to knowledge thanks to the intellectual property (IP) rightsholder lobby that has tremendous influence on the Hill. Statistics of television viewership across channels around the world will tell us how the majority privileges cultural speech over political speech on any average day. The great firewall of China only affects its citizens – netizens from other jurisdictions are not impacted by Chinese censorship. On the other hand, the US acts of censorship are usually near global in impact.</p>
<p style="text-align: justify; ">This is because the censorship regime is not predominantly based on blocking or filtering but by placing pressure on identification, technology and financial intermediaries thereby forcing their targets offline. When it comes to surveillance, one could argue that the US is worse than China. Again, as was the case with censorship, China only conducts pervasive blanket surveillance upon its citizens – unlike US surveillance, which not only affects its citizens but targets every single user of the Internet through a multi-layered approach with an accompanying acronym soup of programmes and initiatives that include malware, trojans, software vulnerabilities, back doors in encryption standards, over the top service providers, telcos, ISPs, national backbone infrastructure and submarine fibre optic cables.</p>
<p class="callout" style="text-align: justify; ">Security guru Bruce Schneier tells us that "there is no security without privacy. And liberty requires both security and privacy.” Blanket surveillance therefore undermines the security imperative and compromises functioning markets by make e-commerce, e-banking, intellectual property, personal information and confidential information vulnerable. Building a secure Internet and information society will require ending mass surveillance by states and private actors.</p>
<h3 style="text-align: justify; ">The Opportunity for India</h3>
<p style="text-align: justify; ">Unlike the America with its straitjacketed IP regime, India believes that access to knowledge is a precondition for freedom of speech and expression. As global intellectual property policy or access to knowledge policy is concerned, India is considered a leader both when it comes to domestic policy and international policy development at the World Intellectual Property Organisation. From the 70s our policy-makers have defended the right to health in the form of access to medicines. More recently, India played a critical role in securing the Marrakesh Treaty for Visually Impaired Persons in June 2013 which introduces a user right [also referred to as an exception, flexibility or limitation] which allows the visually impaired to convert books to accessible formats without paying the copyright-holder if an accessible version has not been made available. The Marrakesh Treaty is disability specific [only for the visually impaired] and works specific [only for copyright]. This is the first instance of India successfully exporting policy best practices. India's exception for the disabled in the Copyright Act unlike the Marrakesh Treaty, however, is both disability-neutral and works-neutral.</p>
<p style="text-align: justify; ">Given that the Internet is critical to the successful implementation of the Treaty ie. cross border sharing of works that have been made accessible to disabled persons in one country with the global community, it is perhaps time for India to broaden its influence into the sphere of Internet governance and the governance of information societies more broadly.</p>
<p style="text-align: justify; ">Post-Snowden, the so called swing states occupy the higher moral ground. It is time for these states to capitalize on this moment using strong political will. Instead of just being a friendly jurisdiction from the perspective of access to medicine, it is time for India to also be the enabling jurisdiction for access to knowledge more broadly. We could use patent pools and compulsory licensing to provide affordable and innovative digital hardware [especially mobile phones] to the developing world. This would ensure that rights-holders, innovators, manufactures, consumers and government would all benefit from India going beyond being the pharmacy of the world to becoming the electronics store of the world. We could explore flat-fee licensing models like a broadband copyright cess or levy to ensure that users get content [text, images, video, audio, games and software] at affordable rates and rights-holders get some royalty from all Internet users in India. This will go a long way in undermining the copyright enforcement based censorship regime that has been established by the US. When it comes to privacy – we could enact a world-class privacy law and establish an independent, autonomous and proactive privacy commissioner who will keep both private and state actors on a short lease. Then we need a scientific, targeted surveillance regime that is in compliance with human rights principles. This will make India simultaneously an IP and privacy haven and thereby attract huge investment from the private sector, and also earn the goodwill of global civil society and independent media. Given that privacy is a precondition for security, this will also make India very secure from a cyber security perspective. Of course this is a fanciful pipe dream given our current circumstances but is definitely a possible future for us as a nation to pursue.</p>
<h3 style="text-align: justify; ">What is the scope of Internet Governance?</h3>
<p style="text-align: justify; ">Part of the tension between multi-stakeholderism and multilateralism is that there is no single, universally accepted definition of Internet governance. The conservative definitions of Internet Governance limits it to management of critical Internet resources, including the domain name system, IP addresses and root servers – in other words, the ICANN, IANA functions, regional registries and other I* bodies. This is where US dominance has historically been most explicit. This is also where the multi-stakeholder model has clearly delivered so far and therefore we must be most careful about dismantling existing governance arrangements. There are very broadly four approaches for reducing US dominance here – a) globalization [giving other nation-states a role equal to the US within the existing multi-stakeholder paradigm], b) internationalization [bring ICANN, IANA functions, registries and I* bodies under UN control or oversight], c) eliminating the role for nation states in the IANA functions<a href="#fn4" name="fr4">[4]</a> and d) introducing competitors for names and numbers management. Regardless of the final solution, it is clear that those that control domain names and allocate IP addresses will be able to impact the freedom of speech and expression. The impact on the national security of India is very limited given that there are three root servers <a href="#fn5" name="fr5">[5] </a> within national borders and it would be near impossible for the US to shut down the Internet in India.</p>
<p style="text-align: justify; ">For a more expansive definition – The Working Group on Internet Governance report<a href="#fn6" name="fr6">[6] </a>has four categories for public policy issues that are relevant to Internet governance:</p>
<p style="text-align: justify; ">“(a) Issues relating to infrastructure and the management of critical Internet resources, including administration of the domain name system and Internet protocol addresses (IP addresses), administration of the root server system, technical standards, peering and interconnection, telecommunications infrastructure, including innovative and convergent technologies, as well as multilingualization. These issues are matters of direct relevance to Internet governance and fall within the ambit of existing organizations with responsibility for these matters;</p>
<p style="text-align: justify; ">(b) Issues relating to the use of the Internet, including spam, network security and cybercrime. While these issues are directly related to Internet governance, the nature of global cooperation required is not well defined;</p>
<p style="text-align: justify; ">(c)Issues that are relevant to the Internet but have an impact much wider than the Internet and for which existing organizations are responsible, such as intellectual property rights (IPRs) or international trade. ...;</p>
<p style="text-align: justify; ">(d) Issues relating to the developmental aspects of Internet governance, in particular capacity-building in developing countries.”</p>
<p style="text-align: justify; ">Some of these categories are addressed via state regulation that has cascaded from multilateral bodies that are associated with the United Nations such as the World Intellectual Property Organisation for "intellectual property rights" and the International Telecommunication Union for “telecommunications infrastructure”. Other policy issues such as "cyber crime" are currently addressed via plurilateral instruments – for example the Budapest Convention on Cybercrime – and bilateral arrangements like Mutual Legal Assistance Treaties. "Spam" is currently being handled through self-regulatory efforts by the private sector such as Messaging, Malware and Mobile Anti-Abuse Working Group.<a href="#fn7" name="fr7">[7] </a> Other areas where there is insufficient international or global cooperation include "peering and interconnection" - the private arrangements that exist are confidential and it is unclear whether the public interest is being adequately protected.</p>
<h3 style="text-align: justify; ">So who really governs the Internet?</h3>
<p style="text-align: justify; ">So in conclusion, who governs the Internet is not really a useful question. This is because nobody governs the Internet per se. The Internet is a diffuse collection of standards, technologies and actors and dramatically different across layers, geographies and services. Different Internet actors – the government, the private sector, civil society and the technical and academic community are already regulated using a multiplicity of fora and governance regimes – self regulation, coregulation and state regulation. Is more regulation always the right answer? Do we need to choose between multilateralism and multi-stakeholderism? Do we need stable definitions to process? Do we need different version of multi-stakeholderism for different areas of governance for ex. standards vs. names and numbers? Ideally no, no, no and yes. In my view an appropriate global governance system will be decentralized, diverse or plural in nature yet interoperable, will have both multilateral and multistakeholder institutions and mechanisms and will be as interested in deregulation for the public interest as it is in regulation for the public interest.</p>
<hr />
<p style="text-align: justify; ">[<a href="#fr1" name="fn1">1</a>]. Montevideo Statement on the Future of Internet Cooperation <a class="external-link" href="https://www.icann.org/en/news/announcements/announcement-07oct13-en.htm">https://www.icann.org/en/news/announcements/announcement-07oct13-en.htm</a></p>
<p style="text-align: justify; ">[<a href="#fr2" name="fn2">2</a>]. Brazil to host global internet summit in ongoing fight against NSA surveillance <a class="external-link" href="http://rt.com/news/brazil-internet-summit-fight-nsa-006/">http://rt.com/news/brazil-internet-summit-fight-nsa-006/</a></p>
<p style="text-align: justify; ">[<a href="#fr3" name="fn3">3</a>]. Tunis Agenda For The Information Society <a class="external-link" href="http://www.itu.int/wsis/docs2/tunis/off/6rev1.html">http://www.itu.int/wsis/docs2/tunis/off/6rev1.html</a></p>
<p style="text-align: justify; ">[<a href="#fr4" name="fn4">4</a>]. Roadmap for globalizing IANA: Four principles and a proposal for reform: a submission to the Global Multistakeholder Meeting on the Future of Internet Governance by Milton Mueller and Brenden Kuerbis March 3rd 2014 See: <a class="external-link" href="http://www.internetgovernance.org/wordpress/wp-content/uploads/ICANNreformglobalizingIANAfinal.pdf">http://www.internetgovernance.org/wordpress/wp-content/uploads/ICANNreformglobalizingIANAfinal.pdf</a></p>
<p style="text-align: justify; ">[<a href="#fr5" name="fn5">5</a>]. Mumbai (I Root), Delhi (K Root) and Chennai (F Root). See: <a class="external-link" href="http://nixi.in/en/component/content/article/36-other-activities-/77-root-servers">http://nixi.in/en/component/content/article/36-other-activities-/77-root-servers</a></p>
<p style="text-align: justify; ">[<a href="#fr6" name="fn6">6</a>]. Report of the Working Group on Internet Governance to the President of the Preparatory Committee of the World Summit on the Information Society, Ambassador Janis Karklins, and the WSIS Secretary-General, Mr Yoshio Utsumi. Dated: 14 July 2005 See: <a class="external-link" href="http://www.wgig.org/WGIG-Report.html">http://www.wgig.org/WGIG-Report.html</a></p>
<p>[<a href="#fr7" name="fn7">7</a>].Messaging, Malware and Mobile Anti-Abuse Working Group website See: <a class="external-link" href="http://www.maawg.org/">http://www.maawg.org/</a></p>
<hr />
<p style="text-align: justify; "><i>The author is is the Executive Director of the Centre for Internet and Society (CIS), Bangalore. He is also the founder of Mahiti, a 15 year old social enterprise aiming to reduce the cost and complexity of information and communication technology for the voluntary sector by using free software. He is an Ashoka fellow. For three years, he also managed the International Open Source Network, a project of United Nations Development Programme's Asia-Pacific Development Information Programme, serving 42 countries in the Asia-Pacific region</i>.</p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/yojana-april-2014-sunil-abraham-who-governs-the-internet-implications-for-freedom-and-national-security'>https://cis-india.org/internet-governance/blog/yojana-april-2014-sunil-abraham-who-governs-the-internet-implications-for-freedom-and-national-security</a>
</p>
No publishersunilSurveillanceInternet GovernancePrivacy2014-04-05T16:23:36ZBlog EntrySpreadsheet data on sample of 50 security companies
https://cis-india.org/internet-governance/blog/data-on-surveillance-technology-companies
<b></b>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/data-on-surveillance-technology-companies'>https://cis-india.org/internet-governance/blog/data-on-surveillance-technology-companies</a>
</p>
No publishermariaInternet GovernanceSurveillance2014-02-28T16:13:39ZFileBig Democracy, Big Surveillance: India's Surveillance State
https://cis-india.org/internet-governance/blog/big-democracy-big-surveillance-indias-surveillance-state
<b>In India, surveillance is on the rise by the state to tackle crime and terrorism, and private companies are eager to meet the demand.</b>
<p>This article by Maria Xynou was<a class="external-link" href="http://www.opendemocracy.net/opensecurity/maria-xynou/big-democracy-big-surveillance-indias-surveillance-state"> published by OpenDemocracy</a> on 10 February 2014.</p>
<p style="text-align: justify; "><span>Worried about the secret, mass surveillance schemes being carried out by the NSA? While we should be, some of the surveillance schemes in the world's largest democracy, India, are arguably</span><a href="http://www.thehindu.com/news/national/indias-surveillance-project-may-be-as-lethal-as-prism/article4834619.ece"> in the same league</a><span>.</span></p>
<p style="text-align: justify; "><span><a href="http://www.amazon.com/Globalization-Surveillance-Armand-Mattelart/dp/0745645119">Surveillance is being globalised</a> to the extent that even India, a country with huge poverty issues, is investing millions of dollars in creating an <a href="http://www.thehindu.com/news/national/indias-surveillance-project-may-be-as-lethal-as-prism/article4834619.ece">expansive surveillance regime</a>. However, why would communications monitoring interest Indian authorities, when the majority of the population lives below the line of poverty and <a href="http://wearesocial.net/tag/india/">only 17% of the population</a><a href="http://wearesocial.net/tag/india/"> has access to the Internet</a>?</span></p>
<p style="text-align: justify; "><span>The official political motivation behind surveillance in India appears to be the government's <a href="http://digitaljournal.com/article/268467">determination to tackle terrorism</a> in the country. The <a href="http://edition.cnn.com/2013/09/18/world/asia/mumbai-terror-attacks/">2008 Mumbai terrorist attacks</a> were arguably a similar landmark to the 9/11 terrorist attacks in the US, and both governments officially announced their intention to carry out surveillance as a counter-terrorism measure. However, unlike in the west, terrorist attacks in India are much more common, and the National Security Adviser reported in 2008 that 800 terrorist cells were operational in the country. With India’s history of <a href="http://www.thenews.com.pk/Todays-News-2-210676-Major-terror-attacks-in-India-during-last-25-years">major terror attacks in India over the last 25 years</a>, it's easy for one to be persuaded that terrorism is actually a major threat to national security.</span></p>
<h2><b>India's surveillance schemes</b></h2>
<p style="text-align: justify; ">India’s surveillance programs mostly started following the 2008 Mumbai terror attacks. That was when the Ministry of Home Affairs first proposed the creation of a <a href="http://www.pib.nic.in/newsite/erelease.aspx?relid=56395">National Intelligence Grid (NATGRID)</a>, which will give <a href="http://articles.economictimes.indiatimes.com/2013-09-10/news/41938113_1_executive-order-national-intelligence-grid-databases">11 intelligence and investigative agencies real-time access to 21 citizen data sources</a> to track terror activities. These citizen data sources will be provided by various ministries and departments, otherwise called “provider agencies”, and will include <a href="http://articles.economictimes.indiatimes.com/2013-09-10/news/41938113_1_executive-order-national-intelligence-grid-databases">bank account details, telephone records, passport data and vehicle registration details</a>, among other types of data.</p>
<p style="text-align: justify; ">The Ministry of Home Affairs has <a href="http://www.deccanherald.com/content/181065/mha-seeks-over-rs-3400.html">sought over Rs. 3,400 crore</a> (around USD 540 million!) for the implementation of NATGRID, which aims to create comprehensive patterns of intelligence by collecting sensitive information from databases of departments like the police, banks, tax and telecoms to supposedly track any terror suspect and incident.</p>
<p style="text-align: justify; ">But NATGRID is far from India's only data sharing scheme. In 2009 the Cabinet Committee on Economic Affairs approved the creation and implementation of the <a href="http://pib.nic.in/newsite/erelease.aspx?relid=49261">Crime and Criminal Tracking Network & </a><a href="http://pib.nic.in/newsite/erelease.aspx?relid=49261">Systems</a> (CCTNS), which would facilitate the sharing of databases among <a href="http://ncrb.nic.in/AboutCCTNS.htm">14,000 police stations across all 35 states and Union Territories</a> of India, excluding 6,000 police offices which are high in the police hierarchy. <a href="http://www.thehindu.com/news/national/govt-launches-crime-tracking-pilot-project/article4272857.ece">Rs. 2,000 crore</a> (around USD 320 million) have been allocated for the CCTNS, which is being implemented by the National Crime Records Bureau under the national e-governance scheme. The CCTNS not only increases transparency by automating the function of police stations, but also <a href="http://ncrb.nic.in/AboutCCTNS.htm">provides the civil police with tools, technology and information</a> to facilitate the investigation of crime and detection of criminals.</p>
<p style="text-align: justify; ">But apparently, sharing data and linking databases is not enough to track criminals and terrorists. As such, in the aftermath of the 2008 Mumbai terror attacks, the Indian government also implemented various interception systems. In September 2013<a href="http://www.thehindu.com/news/national/govt-violates-privacy-safeguards-to-secretly-monitor-internet-traffic/article5107682.ece"> it was reported</a> that the Indian government has been operating Lawful Intercept & Monitoring (LIM) systems, widely in secret. In particular, <a href="http://www.thehindu.com/news/national/govt-violates-privacy-safeguards-to-secretly-monitor-internet-traffic/article5107682.ece">mobile operators in India have deployed their own LIM systems</a> allowing for the so-called “lawful interception” of calls by the government. And possibly to enable this, mobile operators are required to provide <a href="http://telecomtalk.info/dot-tightens-norms-no-mobile-connection-without-physical-verification/102120/">subscriber verification</a> to the Telecom Enforcement, Resource and Monitoring (TERM) cells of the Department of Telecommunications.</p>
<p style="text-align: justify; ">In the case of Internet traffic, the LIM systems are deployed at the <a href="http://www.thehindu.com/news/national/govt-violates-privacy-safeguards-to-secretly-monitor-internet-traffic/article5107682.ece">international gateways of large Internet Service Providers (ISPs) </a>and expand to a broad search across all Internet traffic using “keywords” and “key-phrases”. In other words, security agencies using LIM systems are capable of launching a search for suspicious words, resulting in the indiscriminate monitoring of all Internet traffic, possibly without court oversight and without the knowledge of ISPs.</p>
<p style="text-align: justify; ">India has also automated and centralized the interception of communications through the <a href="https://cis-india.org/internet-governance/blog/indias-big-brother-the-central-monitoring-system">Central Monitoring System (CMS)</a>. This project was initially envisioned in 2009, following the 2008 Mumbai terror attacks and was approved in 2011. The CMS intercepts all telecommunications in India and <a href="https://cis-india.org/internet-governance/blog/india-central-monitoring-system-something-to-worry-about">centrally stores the data in national and regional databases</a>. The CMS will be connected with the Telephone Call Interception System (TCIS) which will help monitor voice calls, SMS and MMS, fax communications on landlines, CDMA, video calls, GSM and 3G networks. <a href="https://cis-india.org/internet-governance/blog/indias-big-brother-the-central-monitoring-system">Agencies</a> which will have access to the CMS include the Intelligence Bureau (IB), the Central Bureau of Investigation (CBI), the Directorate of Revenue Intelligence (DRI), the Research and Analysis Wing (RAW) and the National Investigation Agency (NIA).</p>
<p style="text-align: justify; ">Unlike mainstream interception, where service providers are required to intercept communications and provision interception requests to law enforcement agencies, the Central Monitoring System will automate the entire process of interception. This means that the CMS authority will have centralized access to all intercepted data and that the authority can also bypass service providers in gaining such access. Once security agencies have access to this data, they are equipped with <a href="https://cis-india.org/internet-governance/blog/indias-big-brother-the-central-monitoring-system">Direct Electronic Provisioning, filters and alerts on the target numbers</a>, as well as with Call Details Records (CDR) analysis and data mining tools to identify the personal information of target numbers.</p>
<p style="text-align: justify; ">Given that roughly <a href="http://wearesocial.net/tag/india/">73% of India's population uses mobile phones</a>, this means that the Central Monitoring System can potentially affect about 893 million people, more than double the population of the United States! However, how is it even possible for Indian authorities to mine the data of literally millions of people? Who supplies Indian authorities with the technology to do this and what type of technology is actually being used?</p>
<h2><b>India's surveillance industry</b></h2>
<p style="text-align: justify; ">India has the world's second largest population, consisting of more than a billion people and an expanding middle class. Undoubtedly, India is a big market and many international companies aspire in investing in the country. Unfortunately though, along with everything else being imported into India, surveillance technologies are no exception.</p>
<p style="text-align: justify; ">Some of the biggest and most notorious surveillance technology companies in the world, such as ZTE, Utimaco and Verint, have offices in India. Even <a href="https://citizenlab.org/2013/04/for-their-eyes-only-2/">FinFisher command and control servers</a> have been found in India. However, in addition to allowing foreign surveillance technology companies to create offices and to sell their products and solutions in the country, local companies selling controversial spyware appear to be on the rise too.</p>
<p style="text-align: justify; ">Kommlabs Dezign is an Indian company which loves to show off its Internet monitoring solutions at<a href="http://www.kommlabs.com/events.asp"> various ISS trade shows</a>, otherwise known as <a href="http://www.wired.com/beyond_the_beyond/2011/12/at-the-wiretappers-ball/">“the Wiretapper's Ball”</a>. In particular, Kommlabs Dezign sells VerbaNET, an Internet Interception Solution, as well as VerbaCENTRE, which is a Unified Monitoring Centre that can even detect cognitive and emotional stress in voice calls and flag them! In other words, Kommlabs Dezign makes a point that not only should we worry about what we text and say over our phones, but that we should also worry about what we sound like when on the phone.</p>
<p style="text-align: justify; ">Vehere is another Indian company which sells various surveillance solutions and notably sells vCRIMES, which is a Call Details Records (CDR) analysis system. VCRIMES is used to analyse and gather intelligence and to unveil hidden interconnections and relations through communications. This system also includes a tool for detecting sleeper cells through advanced statistical analysis and <a href="http://www.veheretech.com/products/vcrimes/">can analyse more than 40 billion records in less than 3 seconds</a>.</p>
<p style="text-align: justify; "><a href="http://www.paladion.net/">Paladion Networks</a> is headquartered in Bangalore, India and sells various Internet Monitoring Systems, Telecom Operator Interception Systems, SSL Interception and Decryption Systems and Cyber Cafe Monitoring Systems to law enforcement agencies in India and abroad. In fact, Paladion Networks even states in its website that its <a href="http://www.paladion.net/client_list.html">customers include India's Ministry of Information Technology and the U.S Department of Justice</a>.</p>
<p style="text-align: justify; ">ClearTrail Technologies is yet another Indian company which not only <a href="http://www.issworldtraining.com/iss_europe/sponsors.html">sponsors global surveillance trade shows</a> but also sells a wide range of monitoring solutions to law enforcement agencies in India and abroad. ComTrail is a solution for the <a href="http://www.wikileaks.org/spyfiles/docs/CLEARTRAIL-2011-Intemonisuit-en.pdf">centralised mass interception and monitoring of voice and data networks</a>, including Gmail, Yahoo, Hotmail, BlackBerry, ICQ and GSM voice calls. Furthermore, ComTrail is equipped to handle millions of communications per day, correlating identities across multiple networks, and can instantly analyse data across thousands of terabytes.</p>
<p style="text-align: justify; ">ClearTrail also sells xTrail, which is a solution for the <a href="http://www.wikileaks.org/spyfiles/docs/CLEARTRAIL-2011-Intemonisuit-en.pdf">targeted interception, decoding and analysis of data traffic over IP networks</a> and which enables law enforcement agencies to intercept and monitor targeted communications without degrading the service quality of the IP network. Interestingly, xTrail can filter based on a “pure keyword”, a URL/Domain with a keyword, a mobile number or even with just a user identity, such as an email ID, chat ID or VoIP ID.</p>
<p style="text-align: justify; ">Apparently, some the biggest challenges that law enforcement agencies face when monitoring communications include cases when targets operate from public Internet networks and/or use encryption. However, it turns out that ClearTrail's QuickTrail solution is designed to <a href="http://www.wikileaks.org/spyfiles/docs/CLEARTRAIL-2011-Intemonisuit-en.pdf">gather intelligence from public Internet networks</a>, when a target is operating from a cyber cafe, a hotel, a university campus or a free Wi-Fi zone. This device can remotely deploy spyware into a target's computer and supports protocol decoding, including HTTP, SMTP, POP3 and HTTPS.</p>
<p style="text-align: justify; ">Additionally, QuickTrail can identify a target machine on the basis of metadata, such as an IP address, and can monitor Ethernet LANs in real time, as well as monitor Gmail, Yahoo and all other HTTPS-based communications. ClearTrail's mTrail is designed for the passive <a href="http://www.wikileaks.org/spyfiles/docs/CLEARTRAIL-2011-Intemonisuit-en.pdf">'off-the-air' interception of GSM communications</a>, including the interception of targeted calls from pre-defined suspect lists and the monitoring of SMS and protocol information. MTrail also identifies a target's location by using signal strength, target numbers, such as IMSI, TIMSI, IMEI or MSI SDN, which makes it possible to listen to the conversation of so-called “lawfully intercepted” calls in near real-time.</p>
<p style="text-align: justify; ">In short, it looks like India is reaching the top league when it comes to surveillance technologies, especially since many of its companies and their products appear to be just as scary as some of the most sophisticated spying gear sold by the West. India may be the world's largest (by population) democracy, but that means that it has a huge population with way too many opinions...and apparently, the private and public sectors in India appear to be joining forces to do something about it.</p>
<h2><b>So do Indians have nothing to hide?</b></h2>
<p style="text-align: justify; ">A very popular rhetoric in both India and the west is that citizens should <i>not</i> be concerned about surveillance because, after all, if they are not terrorists, they should have nothing to hide. However, privacy advocate <a href="https://cis-india.org/internet-governance/blog/interview-with-caspar-bowden-privacy-advocate">Caspar Bowden</a> has rightfully stated that this rhetoric is fundamentally flawed and that we should all indeed “have something to hide”. But is privacy just about “having something to hide”? <a href="http://www.youtube.com/watch?v=GMN2360LM_U">Jacob Appelbaum</a> has stated that this rhetoric is merely a psychological copying mechanism when dealing with security.</p>
<p style="text-align: justify; ">It's probably rather comforting and reassuring to think that we are not special or important enough for surveillance to affect us personally. But is that really up to us to decide? Unfortunately not. The very point of data mining is to match patterns, create profiles of individuals and to unveil hidden interconnections and relations. A data analyst can uncover more information about us than what we are even aware of and it is they who decide if our data is “incriminating” or not. Or even worse: in many cases it's up to <i>data mining software</i> to decide how “special” or “important” we are. And unfortunately, technology is <i>not</i> infallible.</p>
<p style="text-align: justify; ">The world's largest democracy, which is also <a href="http://www.hindustantimes.com/india-news/india-less-corrupt-than-pakistan-ranks-94th-in-world-survey/article1-1158513.aspx">one of the most corrupt countries in the world</a>, is implementing many controversial surveillance schemes which lack transparency, accountability and adequate legal backing, and which are largely being carried out in secret. And to make matters worse, India lacks privacy legislation. Over a billion people in a democratic regime are exposed to inadequately regulated surveillance schemes, while a local surveillance industry is thriving without any checks or balances whatsoever. What will this mean for the global future of democracy?</p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/big-democracy-big-surveillance-indias-surveillance-state'>https://cis-india.org/internet-governance/blog/big-democracy-big-surveillance-indias-surveillance-state</a>
</p>
No publishermariaInternet GovernanceSurveillance2014-02-28T10:35:09ZBlog EntrySurveillance and the Indian Constitution - Part 3: The Public/Private Distinction and the Supreme Court’s Wrong Turn
https://cis-india.org/internet-governance/blog/surveillance-and-the-indian-consitution-part-3
<b>After its decision in Gobind, the Supreme Court's privacy floodgates opened; a series of claims involving private parties came before its docket, and the resulting jurisprudence ended up creating confusion between state-individual surveillance, and individual-individual surveillance.</b>
<p style="text-align: justify; ">Gautam Bhatia's blog post was originally <a class="external-link" href="http://indconlawphil.wordpress.com/2013/12/17/privacy-and-surveillance-in-india-iii-the-publicprivate-distinction-and-the-supreme-courts-wrong-turn/">published on Indian Constitutional Law and Philosophy Blog</a></p>
<hr />
<p style="text-align: justify; ">We have seen that <i>Gobind </i>essentially crystallized a constitutional right to privacy as an aspect of personal liberty, to be infringed only by a narrowly-tailored law that served a compelling state interest. After the landmark decision in <i>Gobind</i>, <i><a href="http://indiankanoon.org/doc/971635/">Malak Singh v State of P&H</a> </i>was the next targeted-surveillance history-sheeter case to come before the Supreme Court. In that case, Rule 23 of the Punjab Police Rules was at issue. Its vires was not disputed, so the question was a direct matter of constitutionality. An order of surveillance was challenged by two individuals, on the ground that there were no reasonable bases for suspecting them of being repeat criminals, and that their inclusion in the surveillance register was politically motivated. After holding that entry into a surveillance sheet was a purely administrative measure, and thus required no prior hearing (<i>audi alteram partem</i>), the Court then embarked upon a lengthy disquisition about the scope and limitations of surveillance, which deserves to be reproduced in full:</p>
<p style="text-align: justify; ">“<i>But all this does not mean that the police have a licence to enter the names of whoever they like (dislike?) in the surveillance register; nor can the surveillance be such as to squeeze the fundamental freedoms guaranteed to all citizens or to obstruct the free exercise and enjoyment of those freedoms; nor can the surveillance so intrude as to </i><i><span>offend the dignity of the individual</span></i><i>. Surveillance of persons who do not fall within the categories mentioned in Rule 23.4 or for reasons unconnected with the prevention of crime, or excessive surveillance falling beyond the limits prescribed by the rules, will entitle a citizen to the Court’s protection which the court will not hesitate to give. The very rules which prescribe the conditions for making entries in the surveillance register and the mode of surveillance appear to recognise the caution and care with which the police officers are required to proceed. The note following R. 23.4 is instructive. It enjoins a duty upon the police officer to construe the rule strictly and confine the entries in the surveillance register to the class of persons mentioned in the rule. Similarly R.23.7 demands that there should be no illegal interference in the guise of surveillance. Surveillance, therefore, has to be unobstrusive and within bounds. Ordinarily the names of persons with previous criminal record alone are entered in the surveillance register. </i><i><span>They must be proclaimed offenders, previous convicts, or persons who have already been placed on security for good behaviour. In addition, names of persons who are reasonably believed to be habitual offenders or receivers of stolen property whether they have been convicted or not may be entered</span></i><i>. It is only in the case of this category of persons that there may be occasion for abuse of the power of the police officer to make entries in the surveillance register. But, here, the entry can only be made by the order of the Superintendent of Police who is prohibited from delegating his authority under Rule 23.5. Further it is necessary that the Superintendent of Police must entertain </i><i><span>a reasonable belief</span></i><i> that persons whose names are to be entered in Part II are habitual offenders or receivers of stolen property. While it may not be necessary to supply the grounds of belief to the persons whose names are entered in the surveillance register it may become necessary in some cases to satisfy the Court when an entry is challenged </i><i><span>that there are grounds to entertain such reasonable belief</span></i><i>. In fact in the present case we sent for the relevant records and we have satisfied ourselves that there were sufficient grounds for the Superintendent of Police to entertain a reasonable belief. In the result we reject both the appeals subject to our observations regarding the mode of surveillance. There is no order as to costs.”</i></p>
<p style="text-align: justify; ">Three things emerge from this holding: <i>first</i>, the Court follows <i>Gobind</i> in locating the right to privacy within the philosophical concept of individual <i>dignity</i>, found in Article 21’s guarantee of personal liberty. <i>Secondly</i>, it follows <i>Kharak Singh, Malkani and Gobind</i> in insisting that the surveillance be targeted, limited to fulfilling the government’s crime-prevention objectives, and be limited – not even to suspected criminals, but – repeat offenders or serious criminals. And <i>thirdly</i>, it leaves open a role for the Court – that is, <i>judicial review</i> – in examining the grounds of surveillance, if challenged in a particular case.</p>
<p style="text-align: justify; ">After <i>Malak Singh, </i>there is another period of quiet. <a href="http://www.indiankanoon.org/doc/304068/"><i>LIC v Manubhai D Shah</i></a>, in 1993, attributed – wrongly – to <i>Indian Express Newspapers </i>the proposition that Article 19(1)(a)’s free expression right included privacy of communications (<i>Indian Express </i>itself had cited a UN Report without incorporating it into its holding).</p>
<p style="text-align: justify; ">Soon afterwards, <i><a href="http://www.indiankanoon.org/doc/501107/">R. Rajagopal v State of TN</a> </i>involved the question of the publication of a convicted criminal’s autobiography by a publishing house; Auto Shankar, the convict in question, had supposedly withdrawn his consent after agreeing to the book’s publication, but the publishing house was determined to go ahead with it. Technically, this wasn’t an Article 21 case: so much is made clear by the very manner in which the Court frames its issues: the question is whether a <i><span>citizen</span></i> of the country can prevent <i><span>another person</span></i><i> </i>from writing his biography, or life story. (Paragraph 8) The Court itself made things clear when it held that the right of privacy has two aspects: the <i>tortious </i>aspect, which provides damages for a breach of individual privacy; and the <i>constitutional aspect</i>, which protects privacy against <span><b>unlawful governmental intrusion.</b></span> (Paragraph 9) Having made this distinction, the Court went on to cite a number of American cases that were precisely about the right to privacy against governmental intrusion, and therefore – ideally – irrelevant to the present case (Paras 13 – 16); and then, without quite explaining how it was using these cases – or whether they were relevant at all, it switched to examining the law of defamation (Para 17 onwards). It would be safe to conclude, therefore, in light of the clear distinctions that it made, the Court was concerned in <i>R. Rajagopal </i>about an action between private parties, and therefore, privacy in the context of tort law. It’s confusing observations, however, were to have rather unfortunate effects, as we shall see.</p>
<p style="text-align: justify; ">We now come to a series of curious cases involving privacy and medical law. In <a href="http://indiankanoon.org/doc/382721/"><i>Mr X v Hospital Z</i></a>, the question arose whether a Hospital that – in the context of a planned marriage – had disclosed the appellant’s HIV+ status, leading to his social ostracism – was in breach of his right to privacy. The Court cited <i>Rajagopal</i>, but unfortunately failed to understand it, and turned the question into one of the <i>constitutional right to privacy, and not the private right. </i>Why the Court turned an issue between two private parties – adequately covered by the tort of breach of confidentiality – into an Article 21 issue is anybody’s guess. <i>Surely</i> Article 21 – the right to life and personal liberty – is not horizontally applicable, because if it was, we might as well scrap the entire Indian Penal Code, which deals with exactly these kinds of issues – individuals violating each others’ rights to life and personal liberty. Nonetheless, the Court cited <i>Kharak Singh, Gobind </i><span><b>and</b></span> Article 8 of the European Convention of Human Rights, further muddying the waters, because Article 8 – in contrast to American law – embodies a <i>proportionality test</i> for determining whether there has been an impermissible infringement of privacy. The Court then came up with the following observation:</p>
<p style="text-align: justify; ">“<i>Where there is a clash of two Fundamental Rights, as in the instant case, namely, the appellant’s right to privacy as part of right to life and Ms. Akali’s right to lead a healthy life which is her Fundamental Right under Article 21, the RIGHT which would advance the public morality or public interest, would alone be enforced through the process of Court, for the reason that moral considerations cannot be kept at bay.”</i></p>
<p style="text-align: justify; ">With respect, this is utterly bizarre. If there is a clash of two rights, then that clash must be resolved by referring to the <i>Constitution</i>, and not to the Court’s opinion of what an amorphous, elastic, malleable, many-sizes-fit “public morality” says. The mischief caused by this decision, however, was replicated in <i><a href="http://indiankanoon.org/doc/1309207/">Sharda v Dharmpal</a>, </i>decided by the Court in 2003. In that case, the question was whether the Court could require a party who had been accused of unsoundness of mind (as a ground for divorce under the wonderfully progressive Hindu Marriage Act) to undergo a medical examination – and draw an adverse inference if she refused. Again, whether this was a case in which Article 21 ought to be invoked is doubtful; at least, it is arguable, since it was the Court making the order. Predictably, the Court cited from <i>Mr X v Hospital Z </i>extensively. It cited <i>Gobind</i> (compelling State interest) <i>and</i> the ECHR (proportionality). It cited a series of cases involving custody of children, where various Courts had used a “balancing test” to determine whether the best interests of the child overrode the privacy interest exemplified by the client-patient privilege. It applied this balancing test to the case at hand by balancing the “right” of the petitioner to obtain a divorce for the spouse’s unsoundness of mind under the HMA, vis-à-vis the Respondent’s right to privacy.</p>
<p style="text-align: justify; ">In light of the above analysis, it is submitted that although the outcome in <i>Mr X v Hospital Z </i>and <i>Sharda v Dharmpal </i>might well be correct, the Supreme Court has misread what <i>R. Rajagopal </i>actually held, and its reasoning is deeply flawed. Neither of these cases are Article 21 cases: they are private tort cases between private parties, and ought to be analysed under private law, as <i>Rajagopal</i> itself was careful to point out. In private law, also, the balancing test makes perfect sense: there are a series of interests at stake, as the Court rightly understood, such as certain rights arising out of marriage, all of a private nature. In any event, whatever one might make of these judgments, one thing is clear: they are both logically and legally irrelevant to the <i>Kharak Singh </i>line of cases that we have been discussing, which are to do with the Article 21 right to privacy <i>against the State</i>.</p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/surveillance-and-the-indian-consitution-part-3'>https://cis-india.org/internet-governance/blog/surveillance-and-the-indian-consitution-part-3</a>
</p>
No publisherpraneshSurveillanceInternet GovernancePrivacy2014-03-06T23:02:45ZBlog EntryCounter Surveillance Panel: DiscoTech & Hackathon
https://cis-india.org/events/counter-surveillance-panel-disco-tech-hackathon
<b>We invite you to a Counter Surveillance DiscoTech and Hackathon at the Centre for Internet and Society in Bangalore on Saturday, March 1, 2014 (9.00 a.m. to 5.00 p.m.). The event is being co-organized by the Centre for Internet and Society in tandem with the MIT Centre for Civic Media Co-Design Lab, with support from members of Tactical Technology Collective, Hackteria.org and Srishti School of Art Design and Technology. Registrations begin at 9.00 a.m. The event shall close with a featured talk by renown information activist and maker lab innovator Smari McCarthy, titled "Privacy for Humanity" at 5.00 p.m.</b>
<h2>Overview</h2>
<p style="text-align: justify; ">Mirroring the call by MIT Civic Media Lab <a href="http://codesign.mit.edu/discotechs/">Co-Design Studio</a>, this event brings together students, technologists, designers and citizens to explore counter-surveillance strategies. The event will be held simultaneously across various locations including Boston, Palestine, Lisbon and Buenos Aires. Click here for the definition of <a href="http://codesign.mit.edu/discotechs/">DiscoTech</a>.(Discovering Technology)<b> </b></p>
<h2 style="text-align: justify; ">Agenda</h2>
<p class="Default" style="text-align: justify; ">We shall begin with brief contextualized introductions catalyzed by researchers in the field of privacy & surveillance, followed by workshops and hackathons led by expert practitioners. Participants are welcome from diverse backgrounds looking to be involved in designing engaging and creative ways to counter surveillance. The event shall close with a featured talk by renown information activist and maker lab innovator <a href="http://en.wikipedia.org/wiki/Sm%C3%A1ri_McCarthy"><b>Smari McCarthy</b></a> , titled "<b>Privacy for Humanity</b>" at 5.00 p.m.</p>
<h3 class="Default" style="text-align: justify; ">Introductory Catalyst Sessions</h3>
<ul>
<li style="text-align: justify; "><b>Malavika Jayaram</b>: Fellow at <a class="external-link" href="http://cyber.law.harvard.edu/people/mjayaram">Berkman Center for Internet and Society at Harvard University</a> and the <a class="external-link" href="http://www.cis-india.org/">Centre for Internet and Society, Bangalore</a></li>
<li style="text-align: justify; "><b>Laird Brown</b>: DesiSec Project at the <a href="https://cis-india.org/" class="external-link">Centre for Internet and Society, Bangalore</a> and University of Toronto</li>
<li style="text-align: justify; "><b>Kaustubh Srikant</b>: Head of Technology, <a class="external-link" href="https://tacticaltech.org/kaustubh-srikanth-head-technology">Tactical Technology Collective</a> and <b>Maya Indira Ganesh</b> (Program Director)</li>
<li style="text-align: justify; "><b>Abhay Raj Naik</b>: Assistant Professor,<a class="external-link" href="http://www.azimpremjiuniversity.edu.in/abhayraj-naik"> Azim Premji University</a></li>
</ul>
<h3>Design and Hackathon Lead Catalysts</h3>
<ul>
<li style="text-align: justify; "><a href="http://hackteria.org/?p=278"><b>Yashas</b></a><a href="http://hackteria.org/?p=278"><b> </b></a><a href="http://hackteria.org/?p=278"><b>Shetty</b></a>:Faculty@ <a href="http://www.srishti.ac.in/">www.srishti.ac.in</a> and Co-Founder <a href="http://www.hackteria.org/">Hackteria.org</a> (DNA Spoofing, Surveillance Camera: Avoidance, Microscopic Re-Appropriation & Bacterial Discotheque)</li>
</ul>
<ul>
<li style="text-align: justify; "><b>Hari Dilip Kumar</b>: Co, Founder, <a class="external-link" href="http://www.fluxgentech.com/people">FluxGen</a>: (Introducing data transmission protocols, Software Defined Radio (SDR) design and surveillance detection )</li>
</ul>
<ul>
<li style="text-align: justify; "><b>Sharath Chandra Ram</b>: Researcher @ CIS <a class="external-link" href="http://dorkbot.org/dorkbotbangalore/">Open Lab</a> and Faculty@<a class="external-link" href="http://www.srishti.ac.in/">Srishti</a> (Civic Media solutions using open citizen networks and the web, spectrum scanning, visual communication design strategies, finger print mash-up publishing) </li>
</ul>
<h3 style="text-align: justify; ">Featured Talk and Interactive Closing Session by <a class="external-link" href="http://en.wikipedia.org/wiki/Sm%C3%A1ri_McCarthy">Smari McCarthy</a><b><a class="external-link" href="http://en.wikipedia.org/wiki/Sm%C3%A1ri_McCarthy"> </a></b></h3>
<p style="text-align: justify; "><b>(Executive Director, International Modern Media Institute and Founder, Icelandic Pirate Party & Icelandic Digital Freedom Society)</b><b></b></p>
<p class="callout" style="text-align: justify; "><b>Title of Talk: PRIVACY for HUMANITY - 5.00 p.m.<br /></b></p>
<hr />
<p><a href="https://cis-india.org/internet-governance/blog/counter-surveillance.pdf" class="internal-link"> </a><b><a href="https://cis-india.org/internet-governance/blog/counter-surveillance.pdf" class="internal-link">Click to download the flyer invite</a></b><br />Date: Saturday, March 1, 2014<br />Time: 9.00 a.m. to 5.00 p.m. (Registration 9.00 a.m. sharp)<br />Venue: Centre for Internet and Society, Bangalore<br />Map : <a href="http://bit.ly/1fcDDLG">http://</a><a href="http://bit.ly/1fcDDLG">bit.ly</a><a href="http://bit.ly/1fcDDLG">/1fcDDLG</a><b><br /></b><a href="mailto:sharath@cis-india.org"><br /></a><i>Please RSVP due to limited space and logistics for lunch and refreshments</i></p>
<p>
For more details visit <a href='https://cis-india.org/events/counter-surveillance-panel-disco-tech-hackathon'>https://cis-india.org/events/counter-surveillance-panel-disco-tech-hackathon</a>
</p>
No publisherpraskrishnaSurveillanceEventInternet GovernancePrivacy2014-02-28T05:36:15ZEventIndia's Central Monitoring System (CMS): Something to Worry About?
https://cis-india.org/internet-governance/blog/india-central-monitoring-system-something-to-worry-about
<b>In this article, Maria Xynou presents new information about India's controversial Central Monitoring System (CMS) based on official documents which were shared with the Centre for Internet and Society (CIS). Read this article and gain an insight on how the CMS actually works!</b>
<p style="text-align: justify; ">The idea of a Panoptikon, of monitoring all communications in India and centrally storing such data is not new. It was first envisioned in 2009, following the 2008 Mumbai terrorist attacks. As such, the Central Monitoring System (CMS) started off as <span class="internal-link">a project run by the Centre for Communication Security Research and Monitoring (CCSRM)</span>, along with the Telecom Testing and Security Certification (TTSC) project.</p>
<p align="JUSTIFY">The Central Monitoring System (CMS), which was <a class="external-link" href="http://india.blogs.nytimes.com/2013/07/10/how-surveillance-works-in-india/">largely covered by the media in 2013</a>, was actually <span class="internal-link">approved by the Cabinet Committee on Security (CCS) on 16th June 2011</span> and the pilot project was completed by 30th September 2011. Ever since, the CMS has been operated by India's Telecom Enforcement Resource and Monitoring (TERM) cells, and has been implemented by the Centre for Development of Telematics (C-DOT), which is an Indian Government owned telecommunications technology development centre. The CMS has been implemented in three phases, each one taking about 13-14 months. As of June 2013, <span class="internal-link">government funding of the CMS has reached at least Rs. 450 crore</span> (around $72 million).</p>
<p align="JUSTIFY">In order to require Telecom Service Providers (TSPs) to intercept all telecommunications in India as part of the CMS, <a href="https://cis-india.org/internet-governance/blog/uas-license-agreement-amendment" class="internal-link">clause 41.10 of the Unified Access Services (UAS) License Agreement was amended</a> in June 2013. In particular, the amended clause includes the following:</p>
<blockquote class="italized">“<i>But, in case of Centralized Monitoring System (CMS), Licensee shall provide the connectivity upto the nearest point of presence of MPLS (Multi Protocol Label Switching) network of the CMS at its own cost in the form of dark fibre with redundancy. If dark fibre connectivity is not readily available, the connectivity may be extended in the form of 10 Mbps bandwidth upgradeable upto 45 Mbps or higher as conveyed by the Governemnt, till such time the dark fibre connectivity is established. However, LICENSEE shall endeavor to establish connectivity by dark optical fibre at the earilest. From the point of presence of MPLS network of CMS onwards traffic will be handled by the Government at its own cost.”</i></blockquote>
<p align="JUSTIFY">Furthermore, <span class="internal-link">draft Rule 419B</span> under Section 5(2) of the Indian Telegraph Act, 1885, allows for the disclosure of “message related information” / Call Data Records (CDR) to Indian authorities. <a class="external-link" href="http://books.google.gr/books?id=dO2wCCB7w9sC&pg=PA111&dq=%22Call+detail+record%22&hl=en&sa=X&ei=s-iUUO6gHseX0QGXzoGADw&redir_esc=y#v=onepage&q=%22Call%20detail%20record%22&f=false">Call Data Records</a>, otherwise known as Call Detail Records, contain metadata (data about data) that describe a telecomunication transaction, but not the content of that transaction. In other words, Call Data Records include data such as the phone numbers of the calling and called parties, the duration of the call, the time and date of the call, and other such information, while excluding the content of what was said during such calls. According to <span class="internal-link">draft Rule 419B</span>, directions for the disclosure of Call Data Records can only be issued on a national level through orders by the Secretary to the Government of India in the Ministry of Home Affairs, while on the state level, orders can only be issued by the Secretary to the State Government in charge of the Home Department.</p>
<p align="JUSTIFY">Other than this draft Rule and the <a href="https://cis-india.org/internet-governance/blog/uas-license-agreement-amendment" class="internal-link">amendment to clause 41.10 of the UAS License Agreement</a>, no law exists which mandates or regulates the Central Monitoring System (CMS). This mass surveillance system is merely regulated under Section 5(2) of the <a class="external-link" href="http://www.ijlt.in/pdffiles/Indian-Telegraph-Act-1885.pdf">Indian Telegraph Act, 1885</a>, which empowers the Indian Government to intercept communications on the occurence of any “public emergency” or in the interest of “public safety”, when it is deemed “necessary or expedient” to do so in the following instances:</p>
<ul>
<li>
<p align="JUSTIFY">the interests of the sovereignty and integrity of India</p>
</li>
<li>
<p align="JUSTIFY">the security of the State</p>
</li>
<li>
<p align="JUSTIFY">friendly relations with foreign states</p>
</li>
<li>
<p align="JUSTIFY">public order</p>
</li>
<li>
<p align="JUSTIFY">for preventing incitement to the commission of an offense</p>
</li>
</ul>
<p align="JUSTIFY">However, Section 5(2) of the Indian Telegraph Act, 1885, appears to be rather broad and vague, and fails to explicitly regulate the details of how the Central Monitoring System (CMS) should function. As such, the CMS appears to be inadequately regulated, which raises many questions with regards to its potential misuse and subsequent violation of Indian's right to privacy and other human rights.</p>
<h2><b>So how does the Central Monitoring System (CMS) actually work?</b></h2>
<p align="JUSTIFY">We have known for quite a while now that the Central Monitoring System (CMS) gives India's security agencies and income tax officials centralized <a href="https://cis-india.org/internet-governance/blog/indias-big-brother-the-central-monitoring-system" class="external-link">access to the country's telecommunications network</a>. The question, though, is how.</p>
<p align="JUSTIFY">Well, prior to the CMS, all service providers in India were required to have <a class="external-link" href="http://www.thehindu.com/news/national/govt-violates-privacy-safeguards-to-secretly-monitor-internet-traffic/article5107682.ece">Lawful Interception Systems</a> installed at their premises in order to carry out targeted surveillance of individuals by monitoring communications running through their networks. Now, in the CMS era, all TSPs in India are <span class="internal-link">required to integrate Interception Store & Forward (ISF) servers with their pre-existing Lawful Interception Systems</span>. Once ISF servers are installed in the premises of TSPs in India and integrated with Lawful Interception Systems, they are then connected to the Regional Monitoring Centres (RMC) of the CMS. Each Regional Monitoring Centre (RMC) in India is connected to the Central Monitoring System (CMS). In short, the CMS involves the collection and storage of data intercepted by TSPs in central and regional databases.</p>
<p align="JUSTIFY">In other words, all data intercepted by TSPs is automatically transmitted to Regional Monitoring Centres, and subsequently automatically transmitted to the Central Monitoring System. This means that not only can the CMS authority have centralized access to all data intercepted by TSPs all over India, but that <a href="https://cis-india.org/internet-governance/blog/new-cms-doc-2" class="internal-link">the authority can also bypass service providers in gaining such access</a>. This is due to the fact that, unlike in the case of so-called “lawful interception” where the nodal officers of TSPs are notified about interception requests, the CMS allows for data to be automatically transmitted to its datacentre, without the involvement of TSPs.</p>
<p align="JUSTIFY">The above is illustrated in the following chart:</p>
<p align="JUSTIFY"><img src="https://cis-india.org/chart_11.png" title="CMS chart" height="372" width="689" alt="CMS chart" class="image-inline" /></p>
<p align="JUSTIFY">The interface testing of TSPs and their Lawful Interception Systems has already been completed and, as of June 2013, <span class="internal-link">70 ISF servers have been purchased for six License Service Areas</span> and are being integrated with the Lawful Interception Systems of TSPs. The Centre for Development of Telematics has already fully installed and integrated two ISF servers in the premises of two of India's largest service providers: MTNL and Tata Communications Limited. In Delhi, ISF servers which connect with the CMS have been installed for all TSPs and testing has been completed. In Haryana, three ISF servers have already been installed in the premises of TSPs and the rest of currently being installed. In Chennai, five ISF servers have been installed so far, while in Karnataka, ISF servers are currently being integrated with the Lawful Interception Systems of the TSPs in the region.</p>
<p align="JUSTIFY">The Centre for Development of Telematics plans to <span class="internal-link">integrate ISF servers which connect with the CMS in the premises of service providers </span>in the following regions:</p>
<ul>
<li>
<p align="JUSTIFY">Delhi</p>
</li>
<li>
<p align="JUSTIFY">Maharashtra</p>
</li>
<li>
<p align="JUSTIFY">Kolkata</p>
</li>
<li>
<p align="JUSTIFY">Uttar Pradesh (West)</p>
</li>
<li>
<p align="JUSTIFY">Andhra Pradesh</p>
</li>
<li>
<p align="JUSTIFY">Uttar Pradesh (East)</p>
</li>
<li>
<p align="JUSTIFY">Kerala</p>
</li>
<li>
<p align="JUSTIFY">Gujarat</p>
</li>
<li>
<p align="JUSTIFY">Madhya Pradesh</p>
</li>
<li>
<p align="JUSTIFY">Punjab</p>
</li>
<li>
<p align="JUSTIFY">Haryana</p>
</li>
</ul>
<p align="JUSTIFY">With regards to the UAS License Agreement that TSPs are required to comply with, <a href="https://cis-india.org/internet-governance/blog/uas-license-agreement-amendment" class="internal-link">amended clause 41.10</a> specifies certain details about how the CMS functions. In particular, the amended clause mandates that TSPs in India will provide connectivity upto the nearest point of presence of MPLS (Multi Protocol Label Switching) network of the CMS at their own cost and in the form of dark optical fibre. From the MPLS network of the CMS onwards, traffic will be handled by the Government at its own cost. It is noteworthy that a <span class="internal-link">Memorandum of Understanding (MoU) for MPLS connectivity</span> has been signed with one of India's largest ISPs/TSPs: BSNL. In fact, <span class="internal-link">Rs. 4.8 crore have been given to BSNL</span> for interconnecting 81 CMS locations of the following License Service Areas:</p>
<ul>
<li>
<p align="JUSTIFY">Delhi</p>
</li>
<li>
<p align="JUSTIFY">Mumbai</p>
</li>
<li>
<p align="JUSTIFY">Haryana</p>
</li>
<li>
<p align="JUSTIFY">Rajasthan</p>
</li>
<li>
<p align="JUSTIFY">Kolkata</p>
</li>
<li>
<p align="JUSTIFY">Karnataka</p>
</li>
<li>
<p align="JUSTIFY">Chennai</p>
</li>
<li>
<p align="JUSTIFY">Punjab</p>
</li>
</ul>
<p align="JUSTIFY"><a href="https://cis-india.org/internet-governance/blog/uas-license-agreement-amendment" class="internal-link">Clause 41.10 of the UAS License Agreement</a> also mandates that the hardware and software required for monitoring calls will be engineered, provided, installed and maintained by the TSPs at their own cost. This implies that TSP customers in India will likely have to pay for more expensive services, supposedly to “increase their safety”. Moreover, this clause mandates that TSPs are required to monitor <i>at least 30 simultaneous calls</i> for each of the nine designated law enforcement agencies. In addition to monitored calls, clause 41.10 of the UAS License Agreement also requires service providers to make the following records available to Indian law enforcement agencies:</p>
<ul>
<li>
<p align="JUSTIFY">Called/calling party mobile/PSTN numbers</p>
</li>
<li>
<p align="JUSTIFY">Time/date and duration of interception</p>
</li>
<li>
<p align="JUSTIFY">Location of target subscribers (Cell ID & GPS)</p>
</li>
<li>
<p align="JUSTIFY">Data records for failed call attempts</p>
</li>
<li>
<p align="JUSTIFY">CDR (Call Data Records) of Roaming Subscriber</p>
</li>
<li>
<p align="JUSTIFY">Forwarded telephone numbers by target subscriber</p>
</li>
</ul>
<p align="JUSTIFY">Interception requests from law enforcement agencies are provisioned by the CMS authority, which has access to the intercepted data by all TSPs in India and which is stored in a central database. As of June 2013, <span class="internal-link">80% of the CMS Physical Data Centre has been built so far</span>.</p>
<p align="JUSTIFY">In short, the CMS replaces the existing manual system of interception and monitoring to an automated system, which is operated by TERM cells and implemented by the Centre for Development of Telematics. <span class="internal-link">Training has been imparted to the following law enforcement agencies</span>:</p>
<ul>
<li>
<p align="JUSTIFY">Intelligence Bureau (IB)</p>
</li>
<li>
<p align="JUSTIFY">Central Bureau of Investigation (CBI)</p>
</li>
<li>
<p align="JUSTIFY">Directorate of Revenue Intelligence (DRI)</p>
</li>
<li>
<p align="JUSTIFY">Research & Analysis Wing (RAW)</p>
</li>
<li>
<p align="JUSTIFY">National Investigation Agency (NIA)</p>
</li>
<li>
<p align="JUSTIFY">Delhi Police</p>
</li>
</ul>
<h2><b>And should we even be worried about the Central Monitoring System?</b></h2>
<p align="JUSTIFY">Well, according to the <a href="https://cis-india.org/internet-governance/blog/new-cms-doc-2" class="internal-link">brief material for the Honourable MOC and IT Press Briefing</a> on 16th July 2013, we should <i>not</i> be worried about the Central Monitoring System. Over the last year, <a class="external-link" href="http://www.livemint.com/Politics/pR5zc8hCD1sn3NWQwa7cQJ/The-new-surveillance-state.html">media reports</a> have expressed fear that the Central Monitoring System will infringe upon citizen's right to privacy and other human rights. However,<a href="https://cis-india.org/internet-governance/blog/new-cms-doc-2" class="internal-link"> Indian authorities have argued that the Central Monitoring System will <i>better protect</i> the privacy of individuals </a>and maintain their security due to the following reasons:</p>
<ol>
<li>
<p align="JUSTIFY">The CMS will <i>just automate</i> the existing process of interception and monitoring, and all the existing safeguards will continue to exist</p>
</li>
<li>
<p align="JUSTIFY">The interception and monitoring of communications will continue to be in accordance with Section 5(2) of the Indian Telegraph Act, 1885, read with Rule 419A</p>
</li>
<li>
<p align="JUSTIFY">The CMS will enhance the privacy of citizens, because it will no longer be necessary to take authorisation from the nodal officer of the Telecom Service Providers (TSPs) – who comes to know whose and which phone is being intercepted</p>
</li>
<li>
<p align="JUSTIFY">The CMS authority will provision the interception requests from law enforcement agencies and hence, a complete check and balance will be ensured, since the provisioning entity and the requesting entity will be different and the CMS authority will not have access to content data</p>
</li>
<li>
<p align="JUSTIFY">A non-erasable command log of all provisioning activities will be maintained by the system, which can be examined anytime for misuse and which provides an additional safeguard</p>
</li>
</ol>
<p align="JUSTIFY">While some of these arguments may potentially allow for better protections, I personally fundamentally disagree with the notion that a centralised monitoring system is something not to worry about. But let's start-off by having a look at the above arguments.</p>
<p align="JUSTIFY">The first argument appears to imply that the pre-existing process of interception and monitoring was privacy-friendly or at least “a good thing” and that existing safeguards are adequate. As such, it is emphasised that the process of interception and monitoring will <i>“just” </i>be automated, while posing no real threat. I fundamentally disagree with this argument due to several reasons. First of all, the pre-existing regime of interception and monitoring appears to be rather problematic because India lacks privacy legislation which could safeguard citizens from potential abuse. Secondly, the very interception which is enabled through various sections of the <a class="external-link" href="http://police.pondicherry.gov.in/Information%20Technology%20Act%202000%20-%202008%20%28amendment%29.pdf">Information Technology (Amendment) Act, 2008</a>, and the <a class="external-link" href="http://www.ijlt.in/pdffiles/Indian-Telegraph-Act-1885.pdf">Indian Telegraph Act, 1885</a>, potentially <a class="external-link" href="http://www.outlookindia.com/article.aspx?283149">infringe upon individual's right to privacy</a> and other human rights.</p>
<p align="JUSTIFY">May I remind you of <a class="external-link" href="http://police.pondicherry.gov.in/Information%20Technology%20Act%202000%20-%202008%20%28amendment%29.pdf">Section 69 of the Information Technology (Amendment) Act, 2008</a>, which allows for the interception of all information transmitted through a computer resource and which requires users to assist authorities with the decryption of their data, if they are asked to do so, or face a jail sentence of up to seven years. The debate on the constitutionality of the various sections of the law which allow for the interception of communications in India is still unsettled, which means that the pre-existing interception and monitoring of communications remains an <a class="external-link" href="http://india.blogs.nytimes.com/2013/07/10/how-surveillance-works-in-india/?_php=true&_type=blogs&_r=0">ambiguous matter</a>. And so, while the interception of communications in general is rather concerning due to dracodian sections of the law and due to the absence of privacy legislation, automating the process of interception does not appear reassuring at all. On the contrary, it seems like something in the lines of: “We have already been spying on you. Now we will just be doing it quicker and more efficiently.”</p>
<p align="JUSTIFY">The second argument appears inadequate too. <a class="external-link" href="http://www.ijlt.in/pdffiles/Indian-Telegraph-Act-1885.pdf">Section 5(2) of the Indian Telegraph Act, 1885</a>, states that the interception of communications can be carried out on the occurence of a “public emergency” or in the interest of “public safety” when it is deemed “necessary or expedient” to do so under certain conditions which were previously mentioned. However, this section of the law does not mandate the establishment of the Central Monitoring System, nor does it regulate how and under what conditions this surveillance system will function. On the contrary, Section 5(2) of the Indian Telegraph Act, 1885, clearly mandates <i>targeted</i> surveillance, while the Central Monitoring System could potentially undertake <i>mass</i> surveillance. Since the process of interception is automated and, under clause 41.16 of the <a class="external-link" href="http://www.dot.gov.in/sites/default/files/DOC270613-013.pdf">Unified License (Access Services) Agreement</a>, service providers are required to provision at least 3,000 calls for monitoring to nine law enforcement agencies, it is likely that the CMS undertakes mass surveillance. Thus, it is unclear if the very nature of the CMS falls under Section 5(2) of the Indian Telegraph Act, 1885, which mandates targeted surveillance, nor is it clear that such surveillance is being carried out on the occurence of a specific “public emergency” or in the interest of “public safety”. As such, the vagueness revolving around the question of whether the CMS undertakes targeted or mass surveillance means that its legality remains an equivocal matter.</p>
<p align="JUSTIFY">As for the third argument, it is not clear how <a href="https://cis-india.org/internet-governance/blog/new-cms-doc-2" class="internal-link">bypassing the nodal officers of TSPs</a> will enhance citizen's right to privacy. While it may potentially be a good thing that nodal officers will not always be aware of whose information is being intercepted, that does not guarantee that those who do have access to such data will not abuse it. After all, the CMS appears to be largely unregulated and India lacks privacy legislation and all other adequate legal safeguards. Moreover, by bypassing the nodal officers of TSPs, the opportunity for unauthorised requests to be rejected will seize to exist. It also implies an increased centralisation of intercepted data which can potentially create a centralised point for cyber attacks. Thus, the argument that the CMS authority will monopolise the control over intercepted data does not appear reassuring at all. After all, who will watch the watchmen?</p>
<p align="JUSTIFY">While the fourth argument makes a point about <a href="https://cis-india.org/internet-governance/blog/new-cms-doc-2" class="internal-link">differentiating the provisioning and requesting entities</a> with regards to interception requests, it does not necessarily ensure a complete check and balance, nor does it completely eliminate the potential for abuse. The CMS lacks adequate legal backing, as well as a framework which would ensure that unauthorised requests are not provisioned. Thus, the recommended chain of custody of issuing interception requests does not necessarily guarantee privacy protections, especially since a legal mechanism for ensuring checks and balances is not in place.</p>
<p align="JUSTIFY">Furthermore, this argument states that the <a href="https://cis-india.org/internet-governance/blog/new-cms-doc-2" class="internal-link">CMS authority will not have access to content data</a>, but does not specify if it will have access to metadata. What's concerning is that <a href="https://cis-india.org/internet-governance/blog/fin-fisher-in-india-and-myth-of-harmless-metadata" class="external-link">metadata can potentially be more useful for tracking individuals than content data</a>, since it is ideally suited to automated analysis by a computer and, unlike content data which shows what an individuals says (which may or may not be true), metadata shows what an individual does. As such, metadata can potentially be more “harmful” than content data, since it can potentially provide concrete patterns of an individual's interests, behaviour and interactions. Thus, the fact that the CMS authority might potentially have access to metadata appears to tackle the argument that the provisioning and requesting entities will be seperate and therefore protect individual's privacy.</p>
<p align="JUSTIFY">The final argument appears to provide some promise, since <a href="https://cis-india.org/internet-governance/blog/new-cms-doc-2" class="internal-link">the maintenance of a command log of all provisioning activities</a> could potentially ensure some transparency. However, it remains unclear who will maintain such a log, who will have access to it, who will be responsible for ensuring that unlawful requests have not been provisioned and what penalties will be enforced in cases of breaches. Without an independent body to oversee the process and without laws which predefine strict penalties for instances of misuse, maintaining a command log does not necessarily safeguard anything at all. In short, the above arguments in favour of the CMS and which support the notion that it enhances individual's right to privacy appear to be inadequate, to say the least.</p>
<p align="JUSTIFY">In contemporary democracies, most people would agree that freedom is a fundamental human right. The right to privacy should be equally fundamental, since it <a class="external-link" href="https://www.schneier.com/blog/archives/2008/03/privacy_and_pow.html">protects individuals from abuse by those in power</a> and is integral in ensuring individual liberty. India may literally be the largest democracy in the world, but it lacks privacy legislation which establishes the right to privacy, which guarantees data protection and which safeguards individuals from the potentially unlawful interception of their communications. And as if that is not enough, India is also carrying out a surveillance scheme which is largely unregulated. As such, it is highly recommended that India establishes a privacy law now.</p>
<p align="JUSTIFY">If we do the math, here is what we have: a country with extremely high levels of corruption, no privacy law and an unregulated surveillance scheme which lacks public and parliamentary debate prior to its implementation. All of this makes it almost impossible to believe that we are talking about a democracy, let alone the world's largest (by population) democracy! Therefore, if Indian authorities are interested in preserving the democratic regime they claim to be a part of, I think it would be highly necessary to halt the Central Monitoring System and to engage the public and the parliament in a debate about it.</p>
<p align="JUSTIFY">After all, along with our right to privacy, freedom of expression and other human rights...our right to freedom from suspicion appears to be at stake.</p>
<p align="JUSTIFY"><i>How can we not be worried about the Central Monitoring System?</i></p>
<p align="JUSTIFY"> </p>
<p align="JUSTIFY"> </p>
<p align="JUSTIFY">The Centre for Internet and Society (CIS) is in possession of the documents which include the information on the Central Monitoring System (CMS) as analysed in this article, as well as of the draft Rule 419B under the Indian Telegraph Act, 1885.</p>
<ul>
</ul>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/india-central-monitoring-system-something-to-worry-about'>https://cis-india.org/internet-governance/blog/india-central-monitoring-system-something-to-worry-about</a>
</p>
No publishermariaSurveillanceInternet GovernanceSAFEGUARDS2014-02-22T13:50:37ZBlog EntryUAS License Agreement Amendment regarding the Central Monitoring System (CMS)
https://cis-india.org/internet-governance/blog/uas-license-agreement-amendment
<b></b>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/uas-license-agreement-amendment'>https://cis-india.org/internet-governance/blog/uas-license-agreement-amendment</a>
</p>
No publishermariaSurveillanceInternet GovernanceSAFEGUARDS2014-01-30T12:43:56ZFileNew Document on India's Central Monitoring System (CMS) - 2
https://cis-india.org/internet-governance/blog/new-cms-doc-2
<b></b>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/new-cms-doc-2'>https://cis-india.org/internet-governance/blog/new-cms-doc-2</a>
</p>
No publishermariaSurveillanceInternet GovernanceSAFEGUARDS2014-01-30T12:40:31ZFileSurveillance and the Indian Constitution - Part 2: Gobind and the Compelling State Interest Test
https://cis-india.org/internet-governance/blog/surveillance-and-the-indian-consitution-part-2
<b>Gautam Bhatia analyses the first case in which the Supreme Court recognized a constitutional right to privacy, Gobind v. State of Madhya Pradesh, and argues that the holding in that case adopted the three-pronged American test of strict scrutiny, compelling State interest, and narrow tailoring in its approach to privacy violations.</b>
<p style="text-align: justify; ">After its judgment in Kharak Singh, the Court was not concerned with the privacy question for a while. The next case that dealt – peripherally – with the issue came eleven years later. In <i>R.M. Malkani v State of Maharashtra</i>, the Court held that attaching a recording device to a person’s telephone did not violate S. 25 of the Telegraph Act, because</p>
<blockquote class="italized" style="text-align: justify; ">"where a person talking on the telephone allows another person to record it or to hear it, it can-not be said that the other person who is allowed to do so is damaging, removing, tampering, touching machinery battery line or post for intercepting or acquainting himself with the contents of any message. There was no element of coercion or compulsion in attaching the tape recorder to the telephone."</blockquote>
<p style="text-align: justify; ">Although this case was primarily about the admissibility of evidence, the Court also took time out to consider – and reject – a privacy-based Article 21 argument, holding that:</p>
<p style="text-align: justify; ">"Article 21 was invoked by submitting that the privacy of the appellant’s conversation was invaded. Article 21 contemplates procedure established by law with regard to deprivation of life or personal liberty. The telephonic conversation of an innocent citizen will be protected by Courts against wrongful or high handed interference by tapping the conversation. The protection is not for the guilty citizen against the efforts of the police to vindicate the law and prevent corruption of public servants. It must not be understood that the Courts will tolerate safeguards for the protection of the citizen to be imperiled by permitting the police to proceed by unlawful or irregular methods."<br /><br /> Apart from the fact that it joined Kharak Singh in refusing to expressly find a privacy right within the contours of Article 21, there is something else that unites Kharak Singh and R.M. Malkani: they hypothetical in Kharak Singh became a reality in Malkani – what saved the telephone tapping precisely because it was directed at "… a guilty person", with the Court specifically holding that the laws were not for targeting innocent people. Once again, then, the targeted and specific nature of interception became a crucial – and in this case, a decisive – factor. One year later, in another search and seizure case, Pooran Mal v Inspector, the Court cited M.P. Sharma and stuck to its guns, refusing to incorporate the Fourth Amendment into Indian Constitutional law.<br /><br />It is <i>Gobind v State of MP</i>, decided in 1975, that marks the watershed moment for Indian privacy law in the Constitution. Like Kharak Singh, Gobind also involved domiciliary visits to the house of a history-sheeter. Unlike Kharak Singh, however, in Gobind the Court found that the Regulations did have statutory backing – S. 46(2)(c) of the Police Act, which allowed State Government to make notifications giving effect to the provisions of the Act, one of which was the prevention of commission of offences. The surveillance provisions in the impugned regulations, according to the Court, were indeed for the purpose of preventing offences, since they were specifically aimed at repeat offenders. To that extent, then, the Court found that there existed a valid “law” for the purposes of Articles 19 and 21.<br /><br />By this time, of course, American constitutional law had moved forward significantly from eleven years ago, when Kharak Singh had been decided. The Court was able to invoke <i>Griswold v Connecticut</i> and <i>Roe v Wade</i>, both of which had found a "privacy" as an "interstitial" or "penumbral" right in the American Constitution – that is, not reducible to any one provision, but implicit in a number of separate provisions taken together. The Court ran together a number of American authorities, referred to Locke and Kant, to dignity, to liberty and to autonomy, and ended by holding, somewhat confusingly:<br /><br />“the right to privacy must encompass and protect the personal intimacies of the home, the family marriage, motherhood, procreation and child rearing. This catalogue approach to the question is obviously not as instructive as it does not give analytical picture of that distinctive characteristics of the right of privacy. Perhaps, the only suggestion that can be offered as unifying principle underlying the concept has been the assertion that a claimed right must be a fundamental right implicit in the concept of ordered liberty… there are two possible theories for protecting privacy of home. The first is that activities in the home harm others only to the extent that they cause offence resulting from the mere thought that individuals might he engaging in such activities and that such ‘harm’ is not Constitutionally protective by the state. The second is that individuals need a place of sanctuary where they can be free from societal control. The importance of such a sanctuary is that individuals can drop the mask, desist for a while from projecting on the world the image they want to be accepted as themselves, an image that may reflect the values of their peers rather than the realities of their natures… the right to privacy in any event will necessarily have to go through a process of case-by-case development."<br /><br />But if no clear principle emerges out of the Court’s elucidation of the right, it was fairly unambiguous in stressing the importance of the right itself. Interestingly, it grounded the right within the context of the freedom struggle. "Our founding fathers," it observed, "were thoroughly opposed to a Police Raj even as our history of the struggle for freedom has borne eloquent testimony to it." (Para 30) The parallels to the American Fourth Amendment are striking here: in his historical analysis Akhil Amar tells us that the Fourth Amendment was meant precisely to avoid the various abuses of unreasonable searches and seizures that were common in England at the time.<br /><br />The parallels with the United States become even more pronounced, however, when the Court examined the grounds for limiting the right to privacy. "Assuming that the fundamental rights explicitly guaranteed to a citizen have penumbral zones and that the right to privacy is itself a fundamental right, that fundamental right must be subject to restriction on the basis of compelling public interest." "Compelling public interest" is an interesting phrase, for two reasons. First, “public interest” is a ground for fundamental rights restrictions under Article 19 (see, e.g., Article 19(6)), but the text of the Article 19 restrictions do not use – and the Court, in interpreting them, has not held – that the public interest must be “compelling”. This suggests a stricter standard of review for an Article 21 privacy right violation than Article 19 violations. This is buttressed by the fact that in the same paragraph, the Court ended by observing: “even if it be assumed that Article 19(5) [restrictions upon the freedom of movement] does not apply in terms, as the right to privacy of movement cannot be absolute, a law imposing reasonable restriction upon it for compelling interest of State must be upheld as valid.” The Court echoes the language of 19(5), and adds the word “compelling”. This surely cannot be an oversight.<br /><br />More importantly – the compelling State interest is an American test, used often in equal protection cases and cases of discrimination, where “suspect classes” (such as race) are at issue. Because of the importance of the right at issue, the compelling state interest test goes hand-in-hand with another test: narrow tailoring. Narrow tailoring places a burden upon the State to demonstrate that its restriction is tailored in a manner that infringes the right as narrowest manner that is possible to achieve its goals. The statement of the rule may be found in the American Supreme Court case of Grutter v Bollinger:<br /><br />"Even in the limited circumstance when drawing racial distinctions is permissible to further a compelling state interest, government is still constrained under equal protection clause in how it may pursue that end: the means chosen to accomplish the government’s asserted purpose must be specifically and narrowly framed to accomplish that purpose."<br /><br /> To take an extremely trivial example that will illustrate the point: the State wants to ban hate speech against Dalits. It passes legislation that bans “all speech that disrespects Dalits.” This is not narrowly tailored, because while all hate speech against Dalits necessarily disrespects them, all speech that disrespects Dalits is not necessarily hate speech. It was possible for the government to pass legislation banning only hate speech against Dalits, one that would have infringed upon free speech more narrowly than the “disrespect law”, and still achieved its goals. The law is not narrowly tailored.<br /><br />Crucially, then, the Court in Gobind seemed to implicitly accept the narrow-tailoring flip side of the compelling state interest coin. On the constitutionality of the Police Regulations itself, it upheld their constitutionality by reading them narrowly. Here is what the Court said:<br /><br />“Regulation 855, in our view, empowers surveillance only of persons against whom reasonable materials exist to induce the opinion that they show a determination, to lead a life of crime – crime in this context being confined to such as involve public peace or security only and if they are dangerous security risks. Mere convictions in criminal cases where nothing gravely imperiling safety of society cannot be regarded as warranting surveillance under this Regulation. Similarly, domiciliary visits and picketing by the police should be reduced to the clearest cases of danger to community security and not routine follow-up at the end of a conviction or release from prison or at the whim of a police officer.”<br /><br /> But Regulation 855 did not refer to the gravity of the crime at all. Thus, the Court was able to uphold its constitutionality only by narrowing its scope in a manner that the State’s objective of securing public safety was met in a way that minimally infringed the right to privacy.<br /><br />Therefore, whether the Gobind bench was aware of it or not, its holding incorporates into Indian constitutional law and the right to privacy, not just the compelling State interest test, but narrow tailoring as well. The implications for the CMS are obvious. Because with narrow tailoring, the State must demonstrate that bulk surveillance of all individuals, whether guilty or innocent, suspected of crimes or not suspected of crimes (whether reasonably or otherwise), possessing a past criminal record or not, speaking to each other of breaking up the government or breaking up a relationship – every bit of data must be collected to achieve the goal of maintaining public security, and that nothing narrower will suffice. Can the State demonstrate this? I do not think it can, but at the very least, it should be made to do so in open Court.</p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/surveillance-and-the-indian-consitution-part-2'>https://cis-india.org/internet-governance/blog/surveillance-and-the-indian-consitution-part-2</a>
</p>
No publisherpraneshSurveillanceConstitutional LawInternet GovernancePrivacy2014-01-27T18:03:38ZBlog Entry