Centre for Internet and Society

Responses to the DIPP's Discussion Paper on SEPs and their Availability on FRAND Terms

Anubha Sinha, Nehaa Chaudhari, and Rohini Lakshané — 2016-07-07T16:24:01Z

The Department of Industrial Policy and Promotion (DIPP), Government of India, requested comments through its "Discussion Paper on Standard Essential Patents and Their Availability on FRAND Terms" on March 1, 2016. This post is a compilation of various comments submitted in response to it.

The Centre for Internet & Society (CIS) commends the DIPP for its efforts at seeking inputs from various stakeholders on this important and timely issue. CIS is thankful for the opportunity to put forth its views. The submission is divided in 3 main parts. The first part, ‘Preliminary’, introduces the document; the second part, ‘About CIS’, is an overview of the organization; and, the third part, ‘Submissions on the Issues’, answers the questions raised in the discussion paper. A list of annexures and their URLs is included at the end of the document. The submission to the DIPP was prepared by Anubha Sinha, Nehaa Chaudhari and Rohini Lakshané.

Download

Discussion Paper on Standard Essential Patents and their Availability on Frand Terms (Government of India, Department of Industrial Policy and Promotion, Ministry of Commerce and Industry, March 1, 2016)
Centre for Internet and Society
Centre for Internet and Society (hosted on Social Science Research Network)
Prof. Jorge L. Contreras
Joint Comments of the American Bar Association (ABA) Sections of Anti-Trust Law, Intellectual Property Law, International Law, and Science & Technology Law
Global Antitrust Institute, George Mason University School of Law
CMAI-TEMA (Communication Multimedia and Infrastructure Association of India - Telecom Equipment Manufacturers Association of India)
Software Freedom Law Centre (SFLC)
Yogesh Pai

For more details visit https://cis-india.org/a2k/blogs/responses-to-the-dipps-discussion-paper-on-seps-and-their-availability-on-frand-terms

Comments on Department of Industrial Policy and Promotion Discussion Paper on Standard Essential Patents and their Availability on Frand Terms

Anubha Sinha, Nehaa Chaudhari and Rohini Lakshane — 2016-05-03T02:30:15Z

The Centre for Internet & Society gave its comments to the Department of Industrial Policy and Promotion. The comments were prepared by Anubha Sinha, Nehaa Chaudhari and Rohini Lakshané.

Download the PDF To access other submissions to the DIPP Discussion Paper on SEP and FRAND, please click here

Authors

I. PRELIMINARY

1. This submission presents comments by the Centre for Internet and Society, India ("CIS") on the Discussion Paper on Standard Essential Patents and their Availability on FRAND Terms (dated 01 March, 2016), released by the Department of Industrial Policy and Promotion ("the DIPP"), Ministry of Commerce and Industry, Government of India (" the discussion paper/ discussion paper").

2. CIS commends the DIPP for its efforts at seeking inputs from various stakeholders on this important and timely issue. CIS is thankful for the opportunity to put forth its views.

3. This submission is divided into three main parts. The first part, 'Preliminary', introduces the document; the second part, 'About CIS', is an overview of the organization; and, the third part, 'Submissions on the Issues', answers the questions raised in the discussion paper. A list of annexures and their URLs is included at the end of the document.

II. ABOUT CIS

4. CIS is a non-profit organisation that undertakes interdisciplinary research on internet and digital technologies from policy and academic perspectives. The areas of focus include digital accessibility for persons with diverse abilities, access to knowledge, intellectual property rights, openness (including open data, free and open source software, open standards, open access, open educational resources, and open video), internet governance, telecommunication reform, freedom of speech and expression, intermediary liability, digital privacy, and cyber-security.

5. CIS values the fundamental principles of justice, equality, freedom and economic development. This submission is consistent with CIS' commitment to these values, the safeguarding of general public interest and the protection of India's national interest at the international level. Accordingly, the comments in this submission aim to further these principles. In addition, the comments are in line with the aims of the Make in India and Digital India initiatives of the Government of India.

III. SUBMISSION ON THE ISSUES FOR RESOLUTION

6. The following sections provide CIS' views and recommendations on the issues enumerated in section 11 of the discussion paper:

a) Whether the existing provisions in the various IPR-related legislations, especially the Patents Act, 1970 and antitrust legislations, are adequate to address the issues related to SEPs and their availability on FRAND terms? If not, then can these issues be addressed through appropriate amendments to such IPR-related legislations? If so, what changes should be affected?

A.1. The issues related to Standard Essential Patents ("SEPs") and their licensing on a fair, reasonable and non-discriminatory ("FRAND") basis lie at the intersection of intellectual property ("IP") law and competition law . As such, in India, the Patents Act, 1970 ("the Patents Act") and, the Competition Act, 2002 ("the Competition Act") are the relevant legislations to be studied. These have been recently discussed, most recently, by Justice Bakhru in his comprehensive order inTelefonaktiebolaget LM Ericsson (Publ) v. Competition Commission of India and Another.

A.2. It is our submission that at the moment, amendments to the Patents Act and the Competition Act may not be preferred. As Justice Bakhru has noted in the aforesaid decision, there is no conflict between the remedies in the Patents Act and in the Competition Act, and, the pursuit of rights and remedies under one of these legislations does not bar a party from pursuing rights and remedies in the other. Further, under both legislations, there are scenarios for the respective authorities - the Controller General of Patents, Designs and Trademarks ("the Controller") and the Competition Commission of India (" the CCI") for the Patents Act and for the Competition Act respectively - to seek inputs from each other.

A.3. We also note that the CCI is a fairly nascent regulator; one whose jurisdiction is not yet a settled matter of law. While the judgment in the Ericsson-CCI case is indeed a good beginning, we do not believe that the matter has been conclusively decided. Accordingly, given the complex legal questions involved, over not just the interpretation of the Patents Act and the Competition Act, but also constitutional issues around the jurisdiction of regulators and the power of judicial review of the courts, we believe that it would be prudent to examine the ruling of the courts on these issues in some detail, before considering amendments.

A.4. In addition, we are of the opinion that our IP law, and, our competition law, fully honor our international commitments, including the requirements under the TRIPS Agreement. As such, we would urge the Government of India to not enter into free trade agreements including, inter alia, the Regional Comprehensive Economic Partnership, that threaten our use of TRIPS flexibilities, and, impose 'TRIPS-plus' obligations.

A.5. We also urge the Government of India to adopt a balanced National IPR Policy, and, a National Competition Policy, both of which has been in abeyance for a considerable amount of time. We believe that these policies are crucial to realize the objectives of the Make in India and Digital India initiatives. At the same time, we submit that these policies be balanced, taking into account the interests of all stakeholders, developed through an extensive consultative process, and, suitably modified based on feedback.

b) What should be the IPR policy of Indian Standard Setting Organizations in developing Standards for Telecommunication sector and other sectors in India where Standard Essential Patents are used?

B.1. The discussion paper identifies four Standard Setting Organizations ("SSOs") in India, namely, the Telecom Standards Development Society of India ("TSDSI"), the Telecommunication Engineering Center ("TEC"), the Bureau of Indian Standards (" BIS"), the Global ICT Standardization Forum for India ("GISFI"), and, the Development Organization of Standards for Telecommunications in India ("DOSTI"). Comments on each of their policies have been made in the following paragraphs.

B.2. The BIS does not have an intellectual property rights ("IPR") policy of its own. The BIS Act, 2016 does not include one either. As the discussion paper notes, the BIS refers to the IPR policies of the relevant international SSO in the context of technology implemented in India, that is the same or equivalent to the ones developed or maintained by the respective SSOs.We recommend that BIS adopt an IPR policy at the earliest, factoring in India specific requirements differences: a large and exponentially growing mobile device market makes it possible for manufacturers, patent owners and implementers alike to achieve financial gains even with a low margin ("India specific requirements"). In addition, our comments on the IPR policy of the TSDSI in paragraph B.4. of this submission (below), may also be considered for the content of the BIS' future policy on IPR.

B.3 . According to the discussion paper, the TEC considers the IPR policies of the International Telecommunication Union. We recommend that like the BIS, the TEC also adopt its own IPR policy, factoring in the India specific requirements detailed above. In addition, our comments on the IPR policy of the TSDSI in paragraph B.4. of this submission (below), may also be considered for the content of the BIS' future policy on IPR.

B.4. The TSDSI, a relatively new standards body, has defined an IPR policy . In respect of this policy, the following observations are presented. First, this policy notes that IPR owners should be adequately and fairly rewarded.Second, it requires members to disclose essential IPRs in a "timely fashion." Third, as per its policy, the TSDSI can request the owner of an essential IPR to undertake, within three months, to license it irrevocably on FRAND terms. At the same time, the policy also states that the (aforesaid) ask may be subject to the condition that licensees agree to reciprocate. Should such an undertaking not be forthcoming, the TSDSI may suspend work on the standard or technical specification in question, or, adopt another course of action. Fourth, the policy identifies two scenarios for the non availability of licences prior to publication, based on the existence, or, the lack thereof, of alternative technologies. In the event of a lack of alternative technology, the policy requires a member to disclose in writing its reasons for not licensing its patents. Following this, it is submitted that there is no clarity on the concrete steps that the TSDSI would adopt in case the efforts to convince a member to license their essential IPRs, fail. The policy only states that "the TSDSI shall take further action as deemed fit." The same is also true where the IPR owner is not a member of the TSDSI. Fifth, the policy also envisages a scenario of non-availability post publication. The procedure for dealing with this is akin to the one detailed above, with the TSDSI asking for a written explanation, considering further action, including the possible withdrawal of the standard or technical specification in question. Sixth, it is observed that the policy does not require a commitment from its members to refrain from seeking injunctive relief. Seventh, it is accordingly recommended that the policy be suitably modified (a) to include India specific requirements discussed above; (b) to require a commitment from its members, that they refrain from seeking injunctive relief; (c) to delete the condition where FRAND negotiations may be subject to a condition of reciprocity; (d) to identify in detail the procedure to be followed in case of patent 'hold-ups' and patent 'hold-outs'; (e) to identify in detail the procedure to be followed in case of refusal to license by TSDSI members, and, non-members, both; and, (f) to include a detailed process on the declassification of a standard or technical specification.

B.5. The IPR policy of GISFI, is substantially similar to the IPR policy of the TSDSI, discussed in paragraph B.4. of this submission (above). Inter alia, GISFI's IPR policy also does not indicate the specific steps to be taken in case an IPR owner refuses to license essential IPRs for which no alternative technology is available. This is true in the cases both, where the refusal is by a member, and, by a non-member. Our recommendations on the IPR policy of the TSDSI in paragraph B.4. of this submission (above), may also be considered for the GISFI's IPR policy.

B.6. According to the discussion paper, the IPR policy of the DOSTI resembles that of the GIFSI. It is submitted that these policies are similar in the context of refusal to license by a member or non-member, and, like the TSDSI and the GISFI, the DOSTI also requires the patent holder to license its IPR irrevocably on FRAND terms. Accordingly, we reiterate our comments on the IPR policy of the TSDSI in paragraph B.4. of this submission (above). The aforesaid recommendations may also be considered to be relevant for the DOSTI's IPR policy.

B.7. We are also of the opinion that it would be useful for Indian SSOs to consider recommending the use of royalty-free licenses for IPRs. Illustratively, the World Wide Web Consortium ("W3C") and the Open Mobile Alliance ("OMA") encourage royalty-free licensing.

c) Whether there is a need for prescribing guidelines on working and operation of Standard Setting Organizations by Government of India? If so, what all areas of working of SSOs should they cover?

C.1. In our opinion, in a milieu where instances of SEP litigation are becoming increasingly complex, and, there is a tangible threat of the abuse of the FRAND process, it might be useful for the Government of India to make suggestions on the working of Indian SSOs.

C.2. It is suggested that the Government of India develop Model Guidelines that may be adopted by Indian SSOs, taking into account India specific requirements, including the ones detailed in paragraph B.2. of this submission (above). We believe that this measure will also enable the fulfilment of the objectives of the Make in India and Digital India initiatives.

C.3. We recommend that various stakeholders, including IP holders, potential licensees and users of IP, civil society organizations, academics, and, government bodies, including the the Indian Patent Office ("IPO"), the Department of Telecommunications, the DIPP, TRAI, and, the CCI be consulted in the creation of these Model Guidelines.

C.4. In our opinion, the Model Guidelines may cover (a) the composition of the SSO; (b) the process of admitting members; (c) the process of the determination of a standard or technical specification; (d) the process of declassification of a standard or technical specification; (e) the IPR Policy; (f) resolution of disputes; (g) applicable law.

d) Whether there is a need for prescribing guidelines on setting or fixing the royalties in respect of Standard Essential Patents and defining FRAND terms by Government of India? If not, which would be appropriate authority to issue the guidelines and what could be the possible FRAND terms?

D.1. In light of the inadequacies in the IPR policies (discussed above) of various SSOs in India, as well the the spate of ongoing patent infringement lawsuits around mobile technologies, we recommend that the Government of India intervene in the setting of royalties and FRAND terms.

D.2. We propose that the Government of India initiate the formation of a patent pool of critical mobile technologies and apply a compulsory license with a five per cent royalty. Further details of this proposal have been enumerated in answer to question 'f' of the discussion paper (below).

D.3. Our motivations for this proposal are many-fold. In our opinion, it is near-impossible for potential licensees to avoid inadvertent patent infringement. As a part of our ongoing research on technical standards applicable to mobile phones sold in India, we have found nearly 300 standards so far . It is submitted that carrying out patent searches for all the standards would be extremely expensive for potential licensees. Further, even if such searches were to be carried out, different patent owners, SSOs and potential licensees disagree on valuation, essentiality, enforceability, validity, and coverage of patents. In addition, some patent owners are non-practising entities ("NPEs") and may not be members of SSOs. The patents held by them are not likely to be disclosed. More importantly, home-grown manufacturers that have no patents to leverage and may be new entrants in the market would be especially disadvantaged by such a scenario. Budget phone manufacturers, standing to incur losses either as a result of heavy licensing fees, or, potential litigation, may close down. Alternatively, they may pass on their losses to consumers, driving the now-affordable phones out of their financial reach. With the objectives of Make in India and Digital India in sight, it is essential that Indian consumers continue to have access to devices within their purchasing power.

e) On what basis should the royalty rates in SEPs be decided? Should it be based on Smallest Saleable Patent Practicing Component (SSPPC), or on the net price of the Downstream Product, or some other criterion?

E.1. It is our submission that royalty rates for SEPs should be based on the smallest saleable patent practising component ("SSPPC"). Most modern telecommunication and IT devices are complex with numerous technologies working in tandem. Different studies indicate that the number of patents in the US applicable to smartphones is between 200,000 and 250,000. A comprehensive patent landscape of mobile device technologies conducted by CIS reveals that nearly 4,000 patents are applicable to mobile phones sold in India. It is thus extremely difficult to quantify the exact extent of interaction and interdependence between technologies in any device, in such a way that the exact contribution of the patented technology to the entire device can be determined.

E.2. The net cost of the device is almost always several times that of the chipset that implements the patented technology. Armstrong et al have found that the cost of a 4G baseband chip costs up to $20 including royalties in a hypothetical $400 phone sold in the US. One of the litigating parties in the ongoing patent infringement lawsuits in India has stated that one of the reasons for preferring to leverage its patents as downstream as possible in the value chain is that it will earn the company more royalties . In instances where patent exhaustion occurs much earlier in the value chain, such as in the case of the company's cross-licenses with Qualcomm (another company that owns patents to chip technologies), the company does not try to obtain royalties from the selling prices of devices for the cross-licensed technologies. It is submitted that such market practices could be detrimental to the government's objectives such as providing a mobile handset to every Indian by 2020 as a part of the Digital India programme . It is also worth noting in this context that the mobile device is the first and only medium of access to the Internet and telecom services for a large number of Indians, and, consequently, the only gateway to access to knowledge, information and critical services, including banking.

E.3. The discussion paper notes that J. Gregory Sidak, having studied the proceedings before the Delhi High Court, approved of the manner in which the court determined royalties. In his paper, Sidak(2015) notes that in determining royalties, the court relied, inter alia, on the decision of CSIRO v.Cisco ("the CSIRO case"), a 2015 decision of the US Court of Appeals for the Federal Circuit. 2015. We humbly disagree with the opinion of the Delhi High Court on the manner of determining royalties, and, with Sidak's approval of the same.

E.4. It is our submission that the CSIRO case relied on a previous judgment, which we disagree with. The decision, a 2014 district court judgment, analogises the determination of royalties on SEPs to the determination of royalties on a copyrighted book. The court notes, "[b]asing a royalty solely on chip price is like valuing a copyrighted book based only on the costs of the binding, paper, and ink needed to actually produce the physical product. While such a calculation captures the cost of the physical product, it provides no indication of its actual value." In our opinion, this analogy is flawed. While a book is a distinct product as a whole, a mobile phone is a sum-total of its parts. If at all, a mobile phone could be compared with a book with several authors, as multiple technologies belonging to several patent holders are implemented in it. This judgement bases valuation for one set of technologies on the whole device, thus awarding compensation to the licensor even for those technologies implemented in the device that are not related to the licensed technologies. In our opinion, charging royalty on the net selling price of a device for one technology or one set of technologies is thus more like a referral scheme and less like actual compensation for the value added. Accordingly, royalties must be charged on the SSPPC principle.

f) Whether total payment of royalty in case of various SEPs used in one product should be capped? If so, then should this limit be fixed by Government of India or some other statutory body or left to be decided among the parties?

F.1. CIS has proposed a compulsory licensing fee of five per cent on a patent pool of critical mobile technologies. The rationale for this figure is the royalty cap imposed by India in the early 1990s.

F.2. As part of regulating foreign technology agreements, the (former) Department of Industrial Development (later merged with the DIPP) capped royalty rates in the early 1990s. Payment of royalties was capped at either a lump sum payment of $2 million, or, 5 percent on the royalty rates charged for domestic sale, and, 8 percent for export of goods pertaining to "high priority industries". Royalties higher than 5 percent or 8 percent, as the case may be, required securing approval from the government.

F.3. While the early 1990s (specifically, 1991) was too early for the mobile device manufacturing industry to be listed among high priority industries, the public announcement by the government covered computer software, consumer electronics, and electrical and electronic appliances for home use. The cap on royalty rates was lifted by the DIPP in 2009.

F.4. It is submitted in the case of mobile device technology, we are witnessing a situation similar to that of the 1990s. In this sphere, most of the patent holders are multinational corporations which results in large royalty amounts leaving India. At the same time, in our opinion, litigation over patent infringement in India has limited the manufacture and sale of mobile devices of homegrown brands.

F.5. We believe that the aforementioned developments are detrimental to the Make in India and Digital India initiatives of the Government of India, and, the government's aim of encouraging local manufacturing, facilitating indigenous innovation, as well as strengthening India's intellectual property regime. It is our submission, therefore, that the payment of royalties on SEPs be capped.

F.6. We submit that such a measure is particularly important, given the nature of SEP litigation in India. While SEP litigation in India is indeed comparable to international SEP litigation on broader issues raised, specifically competition law concerns, but differs crucially where the parties are concerned. International SEP litigation is largely between multinational corporations with substantial patent portfolios, capable of engaging in long drawn out litigations, or engaging in other strategies including setting off against each other's patent portfolios. Dynamics in the Indian market differ - with a larger SEP holder litigating against smaller manufacturers, many of whom are indigenous, home-grown.

F.7. In June, 2013, we had recommended to the erstwhile Hon'ble Minister for Human Resource Development that a patent pool of essential technologies be established, with the compulsory licensing mechanism. Subsequently, in February, 2015, we reiterated this request to the Hon'ble Prime Minister. We propose that the Government of India initiate the formation of a patent pool of critical mobile technologies and mandate a five percent compulsory license. As we have stated in our request to the Hon'ble Prime Minister, we believe that such a pool would "possibly avert patent disputes by ensuring that the owners' rights are not infringed on, that budget manufacturers are not put out of business owing to patent feuds, and that consumers continue to get access to inexpensive mobile devices. Several countries including the United States issue compulsory licenses on patents in the pharmaceutical, medical, defence, software, and engineering domains for reasons of public policy, or to thwart or correct anti-competitive practices."

F.8. We believe that such a measure is not in breach of our international obligations under the TRIPS Agreement.

g) Whether the practice of Non-Disclosure Agreements (NDA) leads to misuse of dominant position and is against the FRAND terms?

G.1. The issue of Non Disclosure Agreements ("NDAs") in SEP/FRAND litigation is a contentious one. Patent holders argue that they are essential to the license negotiation process to protect confidential information, whereas potential licensees submit that NDAs result in the imposition of onerous conditions.

G.2. In India's SEP litigation, the use of NDAs has been raised as an issue in at least two cases - separately by Intex and by iBall , in their cases against Ericsson. Intex and iBall have both claimed that the NDAs that Ericsson asked them to sign were onerous, and favoured Ericsson.

G.3. According to Intex, the NDA in question would result in high legal costs for Intex, and, would render it unable to disclose crucial information to its vendors (who had agreed to supply to Intex on the condition that Intex was not infringing on any patents).

G.4. According to iBall, the parties had agreed to enter a global patent license agreement ("GPLA") but Ericsson insisted on an NDA. Upon receiving the terms of the NDA, iBall claimed before the CCI that Ericsson's refusal to identify the allegedly infringed SEPs; the threat of patent infringement proceedings; the attempt to coax iBall to enter into a "one-sided and onerous NDA"; the tying and bundling patents irrelevant to iBall's products by way of a GPLA; demanding unreasonably high royalties by way of a certain percentage value of handset as opposed to the cost of actual patented technology used all constituted abuse of Ericsson's dominant position under Section 4 of the Competition Act.

G.5. In India, the law on misuse (abuse) of dominant position by an 'enterprise' is found primarily in Section 4 of the Competition Act (read with Section 2(h) of the Competition Act, which defines 'enterprise'). In its recent decision in the Ericsson-CCI case , the Delhi High Court has found Ericsson to be an 'enterprise' for the purposes of the Competition Act, and hence subject to an inquiry under Section 4 of the same legislation. In the same decision, the court has also recognised the jurisdiction of the CCI to examine Ericsson's conduct for abuse of behaviour, based on complaints by Micromax and Intex. The use of NDAs is one of the grounds on which the parties have complained to the CCI.

G.6. Pending a final determination by the CCI (and subsequent appeals), it would be premature to make an absolute claim on whether the use of NDAs results in an abuse of dominant position in all instances. However, the following submissions are made: First, the determination of misuse/abuse of dominant position is influenced by a number of factors , i.e., such a determination should be made on a case to case basis. Second, the market regulator, the CCI, is best situated to determine (a) abuse of dominance, and (b) whether the use of NDAs by an enterprise constitutes an abuse of its dominance. Third, the question of whether the use of NDAs constitutes misuse of dominance needs to be addressed in two parts - (a) whether the use of the NDA itself is abusive, irrespective of its terms and, (b) whether the use of certain specific terms renders the NDA abusive. Fourth, NDAs could potentially lead to the patent owner abusing its dominant position in the market, as well as result in an invalidation of FRAND commitments and terms. NDAs make it impossible to determine if a patent holder is engaging in discriminatory licensing practices. Fifth, NDAs are especially harmful in the case of NPEs-- companies that hold patents and monetise them but don't build or manufacture the components or devices that implement the technology associated with the patents.

h) What should be the appropriate mode and remedy for settlement of disputes in matters related to SEPs, especially while deciding FRAND terms? Whether Injunctions are a suitable remedy in cases pertaining to SEPs and their availability on FRAND terms?

H.1. The licensing of SEPs on FRAND terms requires the parties to negotiate "reasonable" royalty rates in good faith, and apply the terms uniformly to all willing licensees. It is our submission that if the parties cannot agree to FRAND terms, they may enter into binding arbitration. Further, if all efforts fail, there exist remedies under the Patents Act and the Competition Act, 2002 to address the issues.

H.2. Section 115 of the Patents Act empowers the court to appoint an independent scientific adviser " to assist the court or to inquire and report upon any such question of fact or of opinion (not involving a question of interpretation of law) as it may formulate for the purpose. " Such an independent adviser may inform the court on the technical nuances of the matter.

H.3. Further, under the Patents Act, pending the decision of infringement proceedings the Court may provide interim relief, if the plaintiff proves first, a prima facie case of infringement; second, that the balance of convenience tilts in plaintiff's favour; and, third, that if an injunction is not granted the plaintiff shall suffer irreparable damage. H.4. However, it is our suggestion that courts adopt a more cautious stance towards granting injunctions in the field of SEP litigation. First, in our opinion, injunctions may prove to be a deterrent to arrive at a FRAND commitment, in particular, egregiously harming the willing licensee. Second, especially in the Indian scenario, where litigating parties operate in vastly different price segments (thereby targeting consumers with different purchasing power), it is difficult to establish that "irreparable damage" has been caused to the patent owner on account of infringement. Third, we note the approach of the European Court of Justice, which prohibited the patent holder from enforcing an injunction provided a willing licensee makes an offer for the price it wishes to pay to use a patent under the condition that it deposited an amount in the bank as a security for the patent holder. Fourth, we also note the approach of the Federal Trade Commission in the USA, which only authorizes patent holders to seek injunctive relief against potential licensees who have either stated that they will not license a patent on any terms, or refuse to enter into a license agreement on terms that have been set in the final ruling of a court or arbitrator. Further, as Contreras (2015) observes, that the precise boundaries of what constitutes as an unwilling licensee remains to be seen. We observe a similar ambiguity in Indian jurisprudence, and accordingly submit that courts should carefully examine the conduct of the licensee to injunct them from the alleged infringement.

i) What steps can be taken to make the practice of Cross-Licensing transparent so that royalty rates are fair & reasonable?

I.1. The Patents Act requires patentees and licensees to submit a statement on commercial working of the invention to the Controller every year. Form 27 under section 146(2) of the Act lists the details necessary to be disclosed for compliance of the requirement of "working". A jurisprudential analysis reveals the rationale and objective behind this mandatory requirement. Undeniably, the scheme of the Indian patent regime makes it amply clear that "working" is a very important requirement, and the public as well as competitors have a right to access this information in a timely manner, without undue hurdles. Indeed, as the decision in Natco Pharma v. Bayer Corporation reveals, the disclosures in Form 27 were crucial to determining the imposition of a compulsory license on the patentee. Thus, broadly, Form 27 disclosures can critically enable willing licensees to access patent "working" information in a timely manner.

I.2. However, there has been little compliance of this requirement by the patentees, despite the IPO reiterating the importance of compliance through the issuance of multiple public notices (suo motu and in response to a public interest litigation filed in 2011 ), and, reminding the patentees that non-compliance is punishable with a heavy fine. Findings of research submitted by one of the parties in the writ of the 2011 public interest litigationShamnad Basheer v. Union of India and others reveal as follows. First, a large number of Form 27s are unavailable for download from the website of the IPO. This possibly indicates that the forms have either not been filed by the patentees with the IPO, or have not been uploaded (yet) by the IPO. Second, a large number of filings in the telecom sector remain incomplete.

I.3. In 2015, CIS queried the IPO website for Form 27s of nearly 4,400 patents. CIS' preliminary research (ongoing and unpublished) echoes findings similar to the ones disclosed in the case discussed in paragraph I.2. of this submission (above).

I.4. In view of the submissions above, CIS makes the following recommendations to make the practice of cross-licensing transparent so that royalty rates are fair & reasonable: first, that there be a strict enforcement of the submission of Form 27s on a regular and timely basis by the patentees; and, second, that guidelines may be drawn up on whether it was discriminatory to charge no royalties (whether on the SSPPU or on the whole device) for a patent holder in a cross-licensing arrangement with another, when it charges royalty on the selling price of the device from a non-cross-licensor.

j) What steps can be taken to make the practice of Patent Pooling transparent so that royalty rates are fair & reasonable?

J.1. Patent pools can be understood as an agreement between two or more patent owners to license one or more of their patents to one another or to third parties. Thus, the creation of a patent pool makes use of the legal instrument of licensing, similar to the practice of cross-licensing. Insofar, we reiterate our recommendations made in paragraph I.3. of this submission (above), which apply to the answer to the instant question.

J.2. In furtherance of the recommendation above, we also propose the alteration of the Form 27 template to include more disclosures. Presently, patentees are required to to declare number of licensees and sub-licensees. We specifically propose that the format of Form 27 filings be modified to include patent pool licenses, with an explicit declaration of the names of the licensees and not just the number.

J.3. It is also our submission that patent pools be required to offer FRAND licenses on the same terms to both members and non-members of the pool.

k) How should it be determined whether a patent declared as SEP is actually an Essential Patent, particularly when bouquets of patents are used in one device?

K.1. We submit that several studies on the essentiality of SEPs indicate that only a small percentage of SEPs are actually essential. A study conducted byGoodman and Myers (2004) showed that only 21% of SEPs pertaining to the 3G standard in the US were deemed to be actually essential. Another study conducted by the same authors in 2009 for WCDMA patents showed that 28% SEPs were essential.

K.2. In our opinion, first, the methodology adopted by Goodman and Myers could be replicated to determine the "essential" nature of an SEP. Second, while adopting their methodology, it would be useful to address some of the issues over which these studies were critiqued. Accordingly, we suggest that (a) laboratory tests may be conducted by an outside expert or by a commercial testing laboratory, and not at an in-house facility owned by either parties, so as to eliminate in the lab results; and, (b) expert opinions may be considered in order to determine essentiality.

l) Whether there is a need of setting up of an independent expert body to determine FRAND terms for SEPs and devising methodology for such purpose?

L.1. In our opinion, there is no need for an independent expert body to determine FRAND terms for SEPs and devising the methodology for such a purpose. The existing legal and regulatory framework is reasonably equipped to determine FRAND terms. A more detailed submission on the existing framework and suggested changes has been made in our answer to question 'a' of the discussion paper (above).

L.2. However, we observe that Indian courts, tribunals and the CCI are yet to endorse a methodology for making FRAND determinations. The judgments of the Delhi High Court do not provide a conclusive rationale or methodology for the imposition of royalty rates in the respective matters.

L.3. We submit that in the absence of definitive Indian jurisprudence for determination of FRAND terms, American jurisprudence provides certain guidance. Contreras (2015) informs us about the various case law American courts and regulators have developed and adhered to whilst making such determinations.The dominant analytical framework for determining "reasonable royalty" patent damages in the United States today was set out in 1970 by the District Court for the Southern District of New York in Georgia-Pacific Corp. v. U.S. Plywood Corp . While this may be used as a guiding framework, the question of methodology remains far from settled.

m) If certain Standards can be met without infringing any particular SEP, for instance by use of some alternative technology or because the patent is no longer in force, what should be the process to declassify such a SEP?

M.1. In our opinion, if a standard can be met without infringing a patent declared to be "essential" to it, then the patent is not actually "essential". In this instance, the methods suggested in response to question 'k' of the discussion paper (above) could be used to declassify the SEP.

M.2. We further submit that if a patent is no longer in force, that is, if it has expired, then it ceases to be patent, and therefore an SEP. The process to declassify such an SEP could be simply to declare it an expired patent.

M.3. In addition, if it is possible to implement a certain standard by using an alternative technology, then the SEP for such a standard is not actually an SEP. However, the scale of operations and that of mass manufacturing and compatibility requirements in devices and infrastructure mean that it is unlikely to have different methods of implementing the same standard.

M.4. In general, it is our submission that an Indian SSO could maintain a publicly accessible database of SEPs found to be invalid or non-essential in India.

7. We reiterate our gratitude to the DIPP for the opportunity to make these submissions. In addition to our comments above, we have shared some of our research on this issue, in the 'Annexures', below.

8. It would be our pleasure and privilege to discuss these comments with the DIPP; and, supplement these with further submissions if necessary. We also offer our assistance on other matters aimed at developing a suitable policy framework for SEPs and FRAND in India, and, working towards the sustained innovation, manufacture and availability of mobile technologies in India.

On behalf of the Centre for Internet and Society, 22 April, 2016

Anubha Sinha - anubha@cis-india.org | Nehaa Chaudhari - nehaa@cis-india.org

Rohini Lakshané - rohini@cis-india.org

___________________________________________________________________________

___________________________________________________________________________

ANNEXURES

___________________________________________________________________________

● Anubha Sinha, Fuelling the Affordable Smartphone Revolution in India, available at http://cis-india.org/a2k/blogs/digital-asia-hub-the-good-life-in-asias-21-st-century-anubha-sinha-fueling-the-affordable-smartphone-revolution-in-india (last accessed 22 April, 2016).

● Nehaa Chaudhari, Standard Essential Patents on Low-Cost Mobile Phones in India: A Case to Strengthen Competition Regulation?, available at http://www.manupatra.co.in/newsline/articles/Upload/08483340-C1B9-4BA4-B6A9-D6B6494391B8.pdf (last accessed 22 April, 2016).

● Nehaa Chaudhari, Pervasive Technologies:Patent Pools, available at http://cis-india.org/a2k/blogs/patent-pools (last accessed 22 April, 2016).

● Nehaa Chaudhari, The Curious Case of the CCI:Competition Law and SEP Regulation in India, presented at the 4th Global Congress on Intellectual Property and the Public Interest, available at http://cis-india.org/a2k/blogs/the-curious-case-of-the-cci-competition-law-and-sep-regulation-in-indi a (last accessed 22 April, 2016).

● Nehaa Chaudhari, Letter for Establishment of Patent Pool for Low Cost Access Devices through Compulsory Licences, available at http://cis-india.org/a2k/blogs/letter-for-establishment-of-patent-pool-for-low-cost-access-devices (last accessed 22 April, 2016).

● Prof Jorge L. Contreras and Rohini Lakshané, Patents and Mobile Devices in India: An Empirical Survey, available at http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2756486 (last accessed 22 April, 2016).

● Rohini Lakshané, CIS, List of technical standards and IP types (Working document), available at https://drive.google.com/file/d/0B8SgjShAjhbtaml5eW50bS01d2s/view?usp=sharing (last accessed 22 April, 2016).

● Rohini Lakshané, Open Letter to Prime Minister Modi, February 2015, available at http://cis-india.org/a2k/blogs/open-letter-to-prime-minister-modi (last accessed 22 April, 2016).

● Rohini Lakshané, FAQ: CIS' proposal to form a patent pool of critical mobile technology, September 2015, available at http://cis-india.org/a2k/blogs/faq-cis-proposal-for-compulsory-licensing-of-critical-mobile-technologies (last accessed 22 April, 2016).

● Rohini Lakshané, Joining the dots in India's big-ticket mobile phone patent litigation, May 2015, last updated October 2015, available at http://cis-india.org/a2k/blogs/joining-the-dots-in-indias-big-ticket-mobile-phone-patent-litigation (last accessed 22 April, 2016).

● Rohini Lakshané, Compilation of Mobile Phone Patent Litigation Cases in India, March 2015, last updated April 2016, available at http://cis-india.org/a2k/blogs/compilation-of-mobile-phone-patent-litigation-cases-in-india , (last accessed April 22, 2016).

● Rohini Lakshané, Patent landscaping in the Indian Mobile Device Marketplace, presented at the 4th Global Congress on Intellectual Property and Public Interest, December 2015, available at https://drive.google.com/open?id=0B8SgjShAjhbtME45N245SmowOGs (last accessed 22 April, 2016).

● Vikrant Narayan Vasudeva, Patent Valuation and Licence Fee Determination in the Context of Patent Pools, available at http://cis-india.org/a2k/blogs/patent-valuation-and-license-fee-determination-in-context-of-patent-pools (last accessed 22 April, 2016).

************

This submission has been authored by (alphabetically) Anubha Sinha, Nehaa Chaudhari and Rohini Lakshané, on behalf of the Centre for Internet and Society, India.

See The Centre for Internet and Society, available at http://cis-india.org (last accessed 22 April, 2016) for details of the organization, and, our work.

Make in India, available at http://www.makeinindia.com/home (last accessed 22 April, 2016).

Digital India, available at http://www.digitalindia.gov.in/ (last accessed 22 April, 2016).

See Nehaa Chaudhari, The Curious Case of the CCI:Competition Law and SEP Regulation in India, presented at the 4th Global Congress on Intellectual Property and the Public Interest, available at http://cis-india.org/a2k/blogs/the-curious-case-of-the-cci-competition-law-and-sep-regulation-in-india (last accessed 21 April, 2016) for further details on relevant provisions.

In the High Court of Delhi, W.P.(C) 464/2014 & CM Nos. 911/2014 & 915/2014, judgment delivered on 30 March, 2016. Hereafter referred to as the Ericsson-CCI judgment.

Id.

Under Articles 226 and 227 of the Constitution of India, and, under Article 32 of the Constitution of India, for the High Courts and the Supreme Court, respectively.

Agreement on Trade-Related Aspects of Intellectual Property Rights, available at https://www.wto.org/english/tratop_e/trips_e/t_agm0_e.htm (last accessed 22 April, 2016).

KEI Staff, 2015 October 15 version: RCEP IP Chapter, available at http://keionline.org/node/2472 (last accessed 22 April, 2016).

BIS Act, 2016, available at http://www.bis.org.in/bs/bsindex.asp (last accessed 21 April, 2016).

TSDSI, Intellectual Property Rights Policy, available at http://www.tsdsi.org/media/Help/2014-12-17/TSDSI-PLD-40-V1.0.0-20141217.pdf (last accessed 22 April, 2016).

Id at Clause 3.1.

Id at Clause 5.1.

Id at Clause 5.2.

Id at Clause 5.5.

Id at Clauses 7.1. and 7.2.

Id at Clause 7.2.1.a (iii).

Id at Clause 7.2.1.b(iii).

Id at Clause 7.3.

GISFI, Intellectual Property Rights Policy, available at http://www.gisfi.org/ipr_policy/gisfi_intellectual_property_righ.htm (last accessed 22 April, 2016).

Id at Clauses 6.2.1.a(iii) and 6.2.1.b(iii).

See W3C, Patent Policy, available at https://www.w3.org/Consortium/Patent-Policy-20040205/ (last accessed 22 April, 2016) for more details on their royalty-free licences.

See OMA, Use Agreement, available at http://openmobilealliance.org/about-oma/policies-and-terms-of-use/use-agreement/ (last accessed 22 April, 2016) for more details on their royalty-free licences.

See Rohini Lakshané, Open Letter to PM Modi, available at http://cis-india.org/a2k/blogs/open-letter-to-prime-minister-modi (last accessed 22 April, 2016) for further details of CIS' proposal.

Rohini Lakshané, CIS, List of Technical Standards and IP Types (Working document), available at https://drive.google.com/file/d/0B8SgjShAjhbtaml5eW50bS01d2s/view?usp=sharing (last accessed 22 April, 2016).

Mark Lemley and Carl Shapiro, Patent Holdup and Royalty Stacking, 85 Tex. L. Rev. at 2015; See also, for e.g., RPX Corporation, Amendment No. 3 to Form S-l, 11 Apr. 2011, at 59, available at http://www.sec.gov/Archives/edgar/data/1509432/000119312511101007/ds1a.htm (last accessed 22 April, 2016), quoting - "Based on our research, we believe there are more than 250,000 active patents relevant to today's smartphones…".; See further Steve Lohr, Apple- Samsung Case Shows Smartphone as Legal Magnet, New York Times, 25 Aug. 2012, available at http://www.nytimes.com/2012/08/26/technology/apple-samsung-case-shows-smartphone-as-lawsuit-magnet.html (last accessed 22 April, 2016).

Jorge L. Contreras and Rohini Lakshané, Patents and Mobile Devices in India: An Empirical Survey, available at http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2756486 (last accessed 22 April, 2016).

Ann Armstrong, Joseph J. Mueller and Timothy D. Syrett, The Smartphone- Royalty Stack:Surveying Royalty Demands for the Components Within Modern Smartphones, available at https://www.wilmerhale.com/uploadedFiles/Shared_Content/Editorial/Publications/Documents/The-Smartphone-Royalty-Stack-Armstrong-Mueller-Syrett.pdf (last accessed 22 April, 2016).

Florian Mueller, Ericsson Explained Publicly why it Collects Patent Royalties from Device (Not Chipset) Makers, available at http://www.fosspatents.com/2014/01/ericsson-explained-publicly-why-its.html (last accessed 22 April, 2016).

Romit Guha and Anandita Singh Masinkotia, PM Modi's Digital India Project:Government to Ensure that Every Indian has a Smartphone by 2019, available at http://articles.economictimes.indiatimes.com/2014-08-25/news/53205445_1_digital-india-india-today-financial-services (last accessed 22 April, 2016).

Nehaa Chaudhari, Standard Essential Patents on Low-Cost Mobile Phones in India: A Case to Strengthen Competition Regulation?, available at http://www.manupatra.co.in/newsline/articles/Upload/08483340-C1B9-4BA4-B6A9-D6B6494391B8.pdf (last accessed 22 April, 2016).

See part 10.2.2. of the Discussion Paper, at page 25.

J.Gregory Sidak, FRAND in India:The Delhi High Court's Emerging Jurisprudence on Royalties for Standard-Essential Patents, available at http://jiplp.oxfordjournals.org/content/early/2015/06/11/jiplp.jpv096.full (last accessed 22 April, 2016).

Appeal from the United States District Court for the Eastern District of Texas in No. 6:11-cv-00343-LED, decided on 03 December, 2015, available at. http://www.cafc.uscourts.gov/sites/default/files/opinions-orders/15-1066.Opinion.12-1-2015.1.PDF (last accessed 22 April, 2016).

Id.

Kumkum Sen, News on Royalty Payments Brings Cheer in New Year, available at http://www.business-standard.com/article/economy-policy/news-on-royalty-payment-brings-cheer-in-new-year-110010400044_1.html (last accessed 21 April, 2016).

See Sanjana Govil, Putting a Lid on Royalty Outflows- How the RBI Can Help Reduce India's IP Costs, available at http://cis-india.org/a2k/blogs/lid-on-royalty-outflows (last accessed 21 April, 2016), for a discussion on the introduction of royalty caps in the early 1990s, and its success in reducing the flow of money out of India.

Supra note 33.

Nehaa Chaudhari, Letter for Establishment of Patent Pool for Low-cost Access Devices through Compulsory Licenses, available at http://cis-india.org/a2k/blogs/letter-for-establishment-of-patent-pool-for-low-cost-access-devices (last accessed 21 April, 2016).

Supra note 26.

Rohini Lakshané, FAQ: CIS' proposal to form a patent pool of critical mobile technology, September 2015, available at http://cis-india.org/a2k/blogs/faq-cis-proposal-for-compulsory-licensing-of-critical-mobile-technologies (last accessed 22 April, 2016).

Id.

See the Ericsson-CCI case, supra note 6, for Intex's submissions as discussed by Justice Bakhru.

Id.

Rohini Lakshané, Compilation of Mobile Phone Patent Litigation Cases in India, available at http://cis-india.org/a2k/blogs/compilation-of-mobile-phone-patent-litigation-cases-in-india (last accessed 21 April, 2016).

See the Ericsson-CCI case, supra note 6, at paragraph 19.2.

Supra note 47.

See the Ericsson-CCI judgment, supra note 6, at paragraphs 88-105.

Section 19(4) of the Competition Act. See also Competition Commission of India v. Steel Authority of India and Another, (2010) 10 SCC 744.

Section 115 of the Patents Act, 1970.

Huawei Technologies Co. Ltd v. ZTE Corp. and ZTE Deutschland, Judgment of the Court (Fifth Chamber) of 16 July 2015 in GmbH C-170/13.

Third Party United States Fed. Trade Commission's Statement on the Public Interest, In re Certain Wireless Communication Devices, Portable Music and Data Processing Devices, Computers and Components Thereof, U.S. Int'l Trade Comm'n, Inv. No. 337-TA-745 (Jun. 6, 2012).

Jorge L. Contreras, A Brief History of FRAND: Analyzing Current Debates in Standard Setting and Antitrust Through a Historical Lens, 80 Antitrust Law Journal 39 (2015), available at http://ssrn.com/abstract=2374983 or http://dx.doi.org/10.2139/ssrn.2374983 (last accessed 22 April, 2016).

Section 146(2) of the Patents Act, 1970..

Sai Vinod, Patent Office Finally Takes Form 27s Seriously, available at http://spicyip.com/2013/02/patent-office-finally-takes-form-27s.html (last accessed 22 April, 2016).

Order No. 45/2013 (Intellectual Property Appellate Board, Chennai), available at http://www.ipab.tn.nic.in/045-2013.htm (last accessed 22 April, 2016).

Intellectual Property India, Public Notice, available at http://www.ipindia.nic.in/iponew/publicNotice_Form27_12Feb2013.pdf (last accessed 22 April, 2016) and Intellectual Property India, Public Notice, available at http://ipindia.nic.in/iponew/publicNotice_24December2009.pdf (last accessed 22 April, 2016).

Supra note 57.

Id.

See research findings available at http://spicyip.com/wp-content/uploads/2015/05/FORM-27-WP-1R-copy.pdf (last accessed 22 April, 2016).

In the High Court of Delhi, W.P.(C) 5590/2015. This litigation is currently ongoing. See, illustratively, Mathews P. George, Patent Working in India: Delhi HC issues notice in Shamnad Basheer v. Union of India & Ors. - I, available at http://spicyip.com/2015/09/patent-working-in-india-delhi-hc-issues-notice-in-shamnad-basheer-v-union-of-india-ors-i.html (last accessed 22 April, 2016).

In response to an RTI request made to the IPO in Mumbai for forms unavailable on the website, CIS received a reply stating, "As thousand [sic] of Form -27 are filed in this office, it is very difficult to segregate Form-27 for the patent numbers enlisted in your RTI application as it needs diversion of huge official staff/ manpower and it will affect day to day [sic] work of this office." This research is ongoing and unpublished. Please contact us for a copy of the RTI application and the response received.

WIPO Secretariat, Patent Pools and Antitrust - A Comparative Analysis, available at https://docs.google.com/viewer?url=http%3A%2F%2Fwww.wipo.int%2Fexport%2Fsites%2Fwww%2Fip-competition%2Fen%2Fstudies%2Fpatent_pools_report.pdf (last accessed 22 April, 2016).

Form 27, The Patents Act, available at http://ipindia.nic.in/ipr/patent/manual/HTML%20AND%20PDF/Manual%20of%20Patent%20Office%20Practice%20and%20Procedure%20-%20html/Forms/Form-27.pdf (last accessed 22 April, 2016).

David J. Goodman and Robert A. Myers, 3G Cellular Standards and Patents, available at http://patentlyo.com/media/docs/2009/03/wirelesscom2005.pdf (last accessed 22 April, 2016).

Darien CT, Review of Patents Declared as Essential to WCDMA through December, 2008, available at http://www.frlicense.com/wcdma1.pdf (last accessed 22 April, 2016).

Supra note 67.

Donald L. Martin and Carl De Meyer, Patent Counting, a Misleading Index of Patent Value: A Critique of Goodman & Myers and its Uses, available at http://papers.ssrn.com/sol3/papers.cfm?abstract_id=949439 (last accessed 22 April, 2016).

Rohini Lakshané, Joining the Dots in India's Big-Ticket Mobile Phone Patent Litigation, available at http://cis-india.org/a2k/blogs/joining-the-dots-in-indias-big-ticket-mobile-phone-patent-litigation (last accessed 22 April, 2016). See also supra note 47 for more details.

Supra note 55.

318 F. Supp. 1116, 1120 (S.D.N.Y. 1970), modified and aff'd, 446 F. 2d 295 (2d Cir. 1971), cert. denied, 404 U.S. 870 (1971).

2015

They filed it in 2011

The 2011 filing only includes pharma, BTW: http://spicyip.com/docs/Form%2027s.pdf. Also, this writ is from May 2015: http://spicyip.com/wp-content/uploads/2015/05/FORM-27-WP-1R-copy.pdf Anyway, I'll leave it as it is.

For more details visit https://cis-india.org/a2k/blogs/comments-on-department-of-industrial-policy-and-promotion-discussion-paper-on-standard-essential-patents-and-their-availability-on-frand-terms

National Resource Kit : The West Bengal Chapter (Call for Comments)

anandi — 2013-11-07T06:19:34Z

The National Resource Kit team is pleased to bring you its research on the state of laws, policies and programmes for persons with disabilities in the state of West Bengal.

Note: The chapter is an early draft and will undergo subsequent modifications. We welcome comments and feedback from our readers.

Executive Summary

The state of West Bengal has issued the West Bengal Persons with Disabilities (Equal Opportunities, Protection of Rights and Full Participation) Rules 1999 to implement the provisions under the central Persons with Disabilities (Protection of Rights, Equal Opportunities and Full Participation) Act 1995.

The Department of Women and Child Development and Social Welfare is primarily responsible for the welfare of persons with disabilities in the state. The government of West Bengal has issued six notifications in education, ten notifications in employment and training, ten notifications in health and rehabilitation, ten notifications in social protection and two notifications in transport for persons with disabilities.

Capital: Kolkata

Population: 91,347,736

Population of persons with disabilities: 1,847,184

Literacy: 77.08%

HDI: 0.625 Ranked: 19th (2005 status)

Department: Department of Women and Child Development and Social Welfare

Other authorities: Office of the Chief Commissioner for Persons with Disabilities

Click to download the West Bengal chapter (PDF, 344 Kb)

For more details visit https://cis-india.org/accessibility/blog/the-west-bengal-chapter

Privacy Matters — Analyzing the Right to "Privacy Bill"

natasha — 2012-02-15T04:27:28Z

On January 21, 2012 a public conference “Privacy Matters” was held at the Indian Institute of Technology in Mumbai. It was the sixth conference organised in the series of regional consultations held as “Privacy Matters”. The present conference analyzed the Draft Privacy Bill and the participants discussed the challenges and concerns of privacy in India.

The conference was organized by Privacy India in partnership with the Centre for Internet & Society, International Development Research Centre, Indian Institute of Technology, Bombay, the Godrej Culture Lab and Tata Institute of Social Sciences. Participants included a wide range of stakeholders that included the civil society, NGO representatives, consumer activists, students, educators, local press, and advocates.

Comments to the Right to Privacy Bill

Welcome

Prashant Iyengar was the Lead Researcher with Privacy India, opened the conference with an explanation of Privacy India’s mandate to raise awareness, spark civil action and promote democratic dialogue around privacy challenges and violations in India. He summarized the five “Privacy Matters” series previously organised across India in Kolkata on January 23, 2011, in Bangalore on February 5, 2011, in Ahmedabad on March 26, 2011, in Guwahati on June 23, 2011 and in Chennai on August 6, 2011.

Keynote Address

Na. Vijayashankar (popularly known as Naavi), a Bangalore based e-business consultant, delivered the key note address on the quest of a good privacy law in India.

He described the essential features of good privacy legislation. In analyzing the Draft Privacy Bill’s definition of the right to privacy, he suggested it should be defined through the “right to personal liberty” rather than through what constitutes “infringements”. Mr. Vijayashankar went on to explain that the “privacy right” should be taken beyond “information protection” and defined as a “personal privacy or a sense of personal liberty without constraints by the society”. He explained the various classifications and levels of protection associated with the availability and disclosure of data. He expressed concerns regarding monitoring of data processors and suggested that data controllers have contractual agreements between data processors, so as to ensure an obligation of data security practices. He also called for the simplification and division of offences and suggested numerous reasons as to why the Cyber Appellate Tribunal would not be an ideal monitoring mechanism or authority. See Naavi's presenation here

Session I: Privacy and the Legal System

Dr. Sudhir Krishnaswamy, Assistant Professor at the National Law School of India

Dr. Krishnaswamy started off the presentation by questioning the normative assumptions the Draft Privacy Bill makes. He referred to the controversy of Newt Gingrich's second marriage, to question the range of moral interests that were involved. The Bill falls short in accounting for dignity in relation to privacy.

He described the Draft Privacy Bill as a reasonable advance, given where privacy laws were before. Although, he feels that it does fall short, in terms of a narrow position, on what privacy law should do. He also questioned if it satisfies constitutional standards. He stressed the importance of philosophical work around the Draft Privacy Bill considering that the nature of privacy is not neat and over-arching.

Privacy and the Constitutional Law

N S Nappinai, Advocate, High Court, Mumbai,

Nappinai spoke on the constitutional right to privacy. She explained the substantial development of Article 21 of the Constitution of India to include the ‘right to privacy’ with regards to its interpretation and application. She described the different shift of the application of the right to privacy in the West in comparison to India. The West has moved from the right to privacy pertaining to property to the right to privacy concerning personal rights, whereas India moved from personal rights to property rights. She outlined three aspects of privacy: dignity, liberty and property rights.

Ms. Nappinai dissected the Bill in its major components: interception, surveillance, method and manner of personal data, health information, collection, processing and use of personal data. Using these components, she questioned what precedence exists? What should be further protected or reversed? What lessons should legislators draw from?

Shortcomings of the Draft Right to Privacy Bill falls include:

The objects and reasons section in the Draft Privacy Bill declares the right to privacy to every citizen as well as delineates the collection and dissemination of data. Nappinai dismisses the need for this delineation on the grounds that data protection is an inherent part of the right to privacy, it is not exclusive.
Large focus on transmission of data. The provisions do not account for property rights pertaining to the right to privacy. Therefore, the ‘knock-and-enter’ rule, the ‘right to be left alone’ and the ‘right to happiness’ should be included.
Applicability of the Bill should extend to all persons as well as data residing within the territory. It would be self-defeating if it only includes citizens, considering that the Constitution extends to all persons within the territory.
The right to dignity is unaccounted for.

See Nappinai's presentation here

Session II: Privacy and Freedom of Expression

Apar Gupta, Advocate, Delhi

Apar Gupta is an advocate based in Delhi who specializes in IP and electronic commerce law, spoke predominantly on the interplay between privacy and freedom of expression. He used the example of an advocate tweeting about his criticism of a judges’ ruling, to illustrate how different realms of online anonymity enable freedom of speech. He went beyond the traditional realm of journalistic architecture such as television channels or newspapers and explained online community disclosure.

Mr. Gupta provided a practical example of Indian Kanoon, a popular online database of Indian court decisions. Because Indian Kanoon is linked to the Google search engine, many individuals involved in civil and criminal matters have requested Indian Kanoon to remove the court judgments, under privacy claims. This particularly occurs with individuals involved in matrimonial cases. However, as court judgment constitute public records India Kanoon only removes court judgments when requested by a court order.

He described the several ways legislators can define privacy and freedom of expression. Considering that the privacy of an individual may border upon freedom of speech and expression, he questioned whether or not privacy should override the right to freedom of speech and expression. In addition, Mr. Gupta discussed the debate on whether or not the Privacy Bill should override all existing provisions in other laws.

Additionally, he analyzed the provisions of the Draft Privacy Bill using three judgments. In these judgments, different entities sought of various forms of speech to be blocked under privacy claims. He spoke about the dangers of a statutory right for privacy that does not safeguard freedom of speech and expression. Considering that the privacy statute may allow for a form of civil action permitting private parties to approach courts to stop certain publications, he stressed the importance for legislators to ensure balanced privacy legislation inclusive of freedom of speech and expression.

Sexual Minorities and Privacy

Danish Sheikh, researcher at Alternative Law Forum

Danish examined the status of sexual minorities in the light of privacy framework in India. The tag of decriminalization has served to greatly alter the way institutions approach the question of privacy when it comes to sexual minorities. He used the Naz Foundation judgment as a chronological marker to map the developments in the right to privacy and sexual minorities over the years.

He outlined four key effects on the right to privacy due to the Naz Foundation judgment:

Prepared the understanding of privacy as a positive right and placed obligations on the state,
Discussed privacy as dealing with persons and not just places, it took into account decisional privacy as well as zonal privacy,
Connected privacy with dignity and the valuable worth of individuals, and
Included privacy on one’s autonomous identity.

He described various incidents that took place before the Naz Foundation judgment, pre-Naz, that altered the way we conceived of queer rights in general and privacy in particular, including the Lucknow incidents, transgender toilets, passport forms, the medical establishment and lesbian unions. Post-Naz, he described two incidents including the Allahabad Muslim University sting operation as well as the TV9 “Expose” that captured public imagination.

He concluded by asking: “What do these stories tell us about privacy?” The issues faced by the transgender community tell us that privacy doesn’t necessarily encompass a one-size-fits-all approach, and can raise as many questions as it answers. The issues faced by the Lucknow NGOs display the institutionalized disrespect for privacy and that has marginally more devastating consequences for the homosexual community by the spectre of outing. The issues faced by lesbian women evidence yet another need for breaching the public/private divide, demonstrating how the protection of the law might be welcome in the family sphere. Alternate sexual orientation and gender identity might bring the community under a common rubric, but distilling the components of that rubric is essential for engaging in any kind of useful understanding of the community and the kind of privacy violations it suffers – or engage with situations when the lack of privacy is empowering.

Session III: Privacy and National Security

Menaka Guruswamy, Advocate, Supreme Court of India

Menaka explored national security and its relationship to privacy. In her presentation, she compared the similar manner in which the courts approach national security and privacy issues. The courts feel national security and privacy issues are too complex to define, therefore, they take a case-by-case approach.

Ms. Guruswamy described three incidents that urged her to question national security and privacy. First, she was interested in the lack of regulation surrounding intelligence agencies and was involved in the introduction of the Regulations of Intelligence Agencies Bill as a private members bill. Second, national security litigation between the Salwa Judum judgment and the State of Chhattisgarh is an example of how national security triumphs constitutional rights and values. Third, privacy in the context of the impending litigation of Naz Foundation in the Supreme Court. She described the larger conversation of national security focus on values of equality and privacy. She discussed the following questions that serve in advancing certain conception of rights:

How do we posit privacy which necessarily, philosophically as well as judicially, is carved out as the right of an individual to be left alone?
What are the consequences when national security, which is posited as the rights of the nation, is in conflict with the right of the individual to be left alone?
Considering that constitutional rights are posited as a public facet of citizenship how does a right to privacy play in that context?

Privacy and UID

R. Ramakumar, professor at the Tata Institute of Social Sciences

Prof. Ramakumar spoke on UID, its collection of information and the threat to individual privacy. First, he provided a historical trajectory of national security that has led to increased identity card schemes. He described the concrete connection between UID and national security.

He briefed the gathering on the objectives of the UID project. He described several false claims as proposed by the UIDAI. He explicitly disproved the UIDAI claim that Aadhaar is voluntary. He did this by comparing various legislations associated with the National Population Registrar that had provisions mandating the inclusion of the UID number.

He went on to explain that the misplaced emphasis of technology to handle large populations remains unproven. He described two specific violations of privacy inherent in the UID system: convergence of information and consent. The UID database makes it possible for the linking or convergence of information across silos. In addition, consent is unaccounted for in the UID system. The UID enrollment form requires consent from a person to share their information. However, the software of the enrollment form automatically checks ‘yes’, therefore you are not asked. Even if you disagree, it automatically checks ‘yes’. Default consent raises the important question, “to what extent are we the owners of our information?” and “what are the privacy implications?”

Mr. Ramakumar was once asked, by Yashwant Sinha in a Parliamentary Standing Committee meeting, “Is the Western concept of privacy important in developing country like India?”. Using this question posed to him, he stressed the importance of privacy to be understood as a globally valued right, entitlement and freedom. He also referred to Amartya Sen’s work on individual freedoms.

Conclusion

During the daylong consultation numerous questions and themes relating to privacy were discussed:

How is the right to privacy defined?
How can the Draft Privacy Bill redefine the right to privacy?
How can reasonable deterrence mechanisms be included?
Does duplication of the right to privacy exists in different statutes?
Is the Cyber Appellate Tribunal an ideal monitoring mechanism or authority?
What are the circumstances under which authorized persons can exercise the Right of privacy invasion?
How can the Draft Privacy Bill account for the right to dignity?
How much information should the State be allowed to collect?
How can citizens become more informed about the use of their information and the privacy implications involved?
What would be the appropriate balance or trade-off between security and civil liberties?
What are the dangers with permitting the needs of national security to trump competing values?
What are the consequences for the homosexual community, when faced with institutionalized disregard for privacy?

For more details visit https://cis-india.org/internet-governance/privacy-matters-analyzing-the-right-to-privacy-bill

Workshop on Open Data for Human Development - Sessions Report

sumandro — 2015-08-28T08:16:09Z

CIS facilitated a workshop on open data policy and tools for government officials from Sikkim, Meghalaya, and Tripura, and those from Bhutan and Maldives, in June 2015. The workshop was co-facilitated with Akvo, DataMeet, and Mapbox, and was supported by International Centre for Human Development of UNDP India. Here we share the workshop report and other related documents. The report is written by Sumandro, along with Amitangshu Acharya of Akvo.

Day 01, June 03, 2015

The first day of the workshop began with Mr. Prem Das Rai, Honourable MP, Loksabha, Sikkim, briefly addressing the participants. He contextualised the workshop against the background of technological changes and emerging opportunities of governance through effective usages of data. Dr. A.K. Shiva Kumar, Director of the International Centre for Human Development (IC4HD), UNDP India, welcomed the participants and initiated a panel discussion on data, ICTs and governance. The panel had three speakers: Mr. Srivatsa Krishna, IAS and Secretary, Department of Information Technology, Biotechnology, and Science and Technology, Government of Karnataka; Dr. B. Gangaiah, Additional Director General, Centre for Good Governance, Hyderabad; and Sunil Abraham, Executive Director, the Centre for Internet and Society, Bengaluru and Delhi.

Mr. Krishna spoke about the strategies adopted in setting up IT and ITES clusters in Cyberabad, Andhra Pradesh and in Bengaluru, Karnataka. He noted that tax cuts and accelerated land allocation are key to incentivising the private sector to set up IT and ITES units. Another major concern is that of ensuring supply of good quality IT workers. He also emphasised on the need for governments to build effective public facing electronic services - either in the form of Nemmadi Kendras, where people can physically go to access various government services, or in the form of mobile applications that bring different civic services into one digital interface, like Bangalore One and Karnataka Mobile One.

Dr. Gangaiah gave an extensive overview of the idea and applications of open data in the contexts of governance and development. He noted that government data (in India) often suffers from criticisms related to quality, as well as the lack of availability of the same in public domain. The key problems, he identified, for opening up government data in India are that most often the data is collected by a government agency for a very specific purpose, and the steps required to ensure wider circulation and use of the same is not taken (such as lack of documentation and interoperability of data); and that the government agencies most often consider the collected data as a source of power, and hence as something to be retained and not disclosed in full details. The slides from Dr. Gangaiah’s presentation can be accessed here.

Mr. Abraham’s presentation highlighted several areas of concern when deploying data-driven techniques and solutions for human development challenges. He described how the current phase of open data discussions by central and state governments in India represent the third phase of ‘openness’ in governance in India. While the first phase focused on usage of Free/Libre Open Source Softwares in building electronic governance applications and information systems, the second phase involved embracing of open software standards and formats across government information systems and IT solutions. It is very important to note that with the third phase of openness focusing on opening up of data and information, both of these earlier foci of free and open source softwares, and open standards and interoperability are returning as complementary components to ensure seamless publication of open government data. However, he argued, when deploying data-driven techniques and solutions for human development challenges, it is imperative to remember three things: 1) collection of data is a time- and effort-consuming task, and hence must be optimised so as to not to take away time and effort from actual developmental interventions, 2) bad quality of development data is a structural problem, often emanating from the data being not useful to the person actually collecting it, and 3) availability of data does not automatically change or open up the process of decision-making.

The second session of the day started with a detailed presentation by Mr. T. Samdup, Joint Director, Department of Information Technology, Government of Sikkim, on the context, the making, and the salient features of the Sikkim Open Data Acquisition and Accessibility Policy (SODAAP), 2014. He explained that the Policy mandates setting up of an online state data portal that will host all data sets generated by various agencies of the Government of Sikkim, and making such data available, subject to concerns of privacy and security, across all state government agencies and the citizens in general. The key needs driving this Policy have been that for availability of accurate and timely data on various aspects of human development in the state, as well as for reducing expenses and confusions due to duplication of data collection efforts. The slides from Mr. Samdup’s presentation can be accessed here.

The presentation by Mr. Samdup was followed by one by Mr. Sumandro Chattapadhyay of the Centre for Internet and Society on an initial set of questions and concerns that should be addressed by the implementation plan of the SODAAP. He took a detailed look at the four objectives mentioned in the Policy document, and discussed what tasks, decisions, and deliberations are needed to achieve each of those. In conclusion, he listed a set of core components of the implementation process that must also be discussed in the implementation plan document, namely: 1) governance and oversight structure for implementation, 2) incentivising government personnel for opening up data across departments, including financial support for the same, 3) metadata, documentation of data collection process, and implementing unique identifiers, and 4) developing processes of sharing of data between the Union and the state government, especially in reference to national Management Information Systems. The slides from Mr. Chattapadhyay’s presentation can be accessed here.

These presentations were followed by a general discussion on various aspects of the SODAAP and the challenges to be overcome during its implementation. This session provided a general introduction to the SODAAP, especially for workshop participants who are not from Sikkim, and also set up the key questions to be discussed and answered while preparing the first draft of the SODAAP implementation plan.

After the second session ended, the participants were asked to individually write down the key challenges they identify for the implementation process of SODAAP. These responses were compiled by Sumandro and made available as a reference document for the implementation plan. The chart below summarises these responses.

In the third session of the day, Joy Ghosh and Amitangshu Acharya of Akvo talked about the challenges of collecting structured born-digital data from the grassroots level, and how using mobile-based applications, like Akvo FLOW, can address such challenges. Akvo FLOW runs on all Android-based smartphones, and allows ground level development workers to directly feed data into the phone, as well as collect related materials like GPS location and photographs, based upon a form that is centrally designed and downloaded into their phones by the development workers. The data is then kept in the phone till it is sent back to the main server, where data coming from all different surveyors using the same form is shown on a map-based interface for easy navigation of the data across space and time. In this session, Mr. Acharya first introduced the participants to the issues around digital data collection, touching upon issues of ethics, capacity, prioritisation of data collection process along with tools. Mr. Ghosh then took over to describe the functioning of the tool, and then distributed several smartphones, pre-loaded with Akvo FLOW, among the participants for an applied data collection exercise where the participants walked around the NIAS campus and collected data using the FLOW interface. They returned to see their data mapped and analysed on the online dashboard. Their presentation can be accessed here.

Day 02, June 04, 2015

The second day started with two consecutive presentations by Mr. Thejesh GN of DataMeet, and Mr. Sivaram Ramachandran of Mapbox on the tools and techniques for working with statistical data and with geospatial data, respectively. The former presentation took the participants through the stages of working with statistical data: from collecting and finding data, to cleaning and validating, and finally analysing the data. Various free and open source tools for each of these stages were also discussed in brief, such as PDF Tables and Tabula for converting PDF tables to spreadsheets, Open Refine for cleaning data, and RAW and DataWrapper for generating web-based dynamic charts. The latter presentation explored the various ways in which geospatial data can be used to inform and support decision-making, and the tools that can be used to render and present geospatial data in forms that are accessible for decision-makers within government and also for individual users. Mr. Ramachandran presented the various free and open source tools available for working with geospatial data, such as Mapbox Studio, Quantum GIS, and Leaflet JS. He also gave a brief introduction to OpenStreetMap, the wiki-like user-contributed global map data platform. Both the presentations can be accessed here and here, respectively. After this session, the participants were divided into two groups. One group engaged further with tools and techniques of working with statistical and geospatial data. The second group took part in a series of exercises to identify and document the current data flows and bottlenecks thereof across several key departments of Government of Sikkim.

The group engaging in applications of various software tools for working with statistical and geospatial data was facilitated by Mr. Thejesh and Mr. Ramachandran. This group worked with a sample statistical data set, taking it across the stages of finding, cleaning, analysing, and visualising as discussed earlier. The participants used the online version of Tableau to create dynamic charts. Afterwards, they were introduced to various methods of contributing and downloading data from the OpenStreetMap, including directly adding data points through the online editor named iD. The participants went out in the NIAS campus to collect geospatial data about various natural and human-made features of the campus, such as trees, pathways, etc.

The second group working on documenting data flows and identifying bottlenecks was facilitated by Mr. Chattapadhyay, Mr. Acharya, and Ms. Rajashi Mukherjee from Akvo. The group was further divided into department-wise teams, one each for the Department of Health, the Department of Economic Statistics, Monitoring, and Evaluation (DESME), the Human Resource Development Department (HRDD), and representatives from Gram Panchayat Units. The exercise began with each of the teams discussing and drawing the flow of data for one of the major data set maintained by the agency concerned. The data flows were drawn by identifying key moments of its processing (such as primary collection, verification, digitisation, analysis, storage, reporting, etc.), the actors involved in that moment, the tools and data formats relevant for each moment, and which agency finally stores and uses the data. Once these processes were described on paper, the next part of the exercise focused on identifying which challenges exist at which part of these data flows. This was followed up by a ranking of all these challenges, in terms of how critically they affect the ability of the agency concerned to use and share the final data. All the teams worked separately, and conversed with the facilitators as needed, to develop the data flow diagrams and identify the key challenges.

The major common challenges noted by these teams were: 1) delays in collection, verification, and digitisation of data, 2) inability of state government agencies to access data collected as part of centrally-funded welfare schemes, and 3) parallel systems of data collection employed by different departments leading to duplication of efforts and data.

Several interesting insights came through in this exercise. For example, data related to education is collected both by the HRDD, and the Sarva Shiksha Abhiyaan (SSA). However, SSA data is not shared with the HRDD. Also, the HRDD publishes all its data, including the name of students, on their website, making it publicly available. One of the data challenges identified by the HRDD was their difficulty in tracking if scholarship money is reaching the suitable students. When a student moves from one school to another, the records do not get updated easily. This leads to different schools continuing to receive funds for the same scholarship. Aligning school records is important to prevent such leakages.

After these two grouped exercises, all the participants gathered back so that the data flows diagrams and identification of key challenges documented by departmental teams could be presented to the entire group. Each team presented their data flow diagram, and discussed challenges and opportunities. This created a context for different departments to discuss what kind of data they often needed from each other, and how there was neither a platform for inter-departmental discussion on such issues, nor systems that facilitate the same. There was an agreement that an open data platform could address this issue to a great extent. The discussion also highlighted that the most significant data collecting government agency in Sikkim is DESME, however, it does not publish any data in machine-readable formats, and does not even have a website.

This data flow and bottleneck exercise made it very clear that there are several data production and collection processes in place in Sikkim, and also systems that are digesting, processing, and reporting data. Hence, implementing the open data policy will need to negotiate with such complexity.

In the final session of the day, Dr. Shiban Ganju made a presentation on applications of open data in healthcare. His talk focused on how converting medical information about a patient being stored at various locations to a combined and shareable Electronic Health Record can save the patient as well as the medical practitioners from duplication of medical tests, easier mobility from one medical institute to another, and a clearer macro-level understanding of key public health indicators. Dr. Ganju discussed the open health data initiatives in the United States, in the United Kingdom, and in Sweden, before discussing the challenges faced in implementing interoperable standards for open health data in India. The slides from Dr. Ganju’s presentation can be accessed here.

Day 03, June 05, 2015

The final day started with a set of presentations from Mr. Garab Dorji, Deputy Chief IT Officer, Office of the Prime Minister, Thimphu, Bhutan of the Government of Bhutan, Mr. Birendra Tiwari, Senior Informatic Officer, Department of Information Technology, Government of Meghalaya, and Mr. Milan Chhetri of Melli Dara Paiyong Gram Panchayat Unit, Sikkim, on various technological solutions being explored, implemented, and practiced by the respective governments and administrative units.

Mr. Milan Chhetri’s presentation was on the operationalisation of Cyber Villages in Sikkim, which had been initiated in 2013 with support from the Honourable Chief Minister of Sikkim, Pawan Kumar Chamling. Cyber Villages aim to address digital divide, by empowering local village units with handheld data devices to collect data from every household and connect the same to a real time dashboard. All village related data is expected to be available in one place. At the same time as part of e-governance initiative, SMS based updates on Government programmes and services will be sent to all villagers. Mr. Chhetri ended his presentation with a short promotional video of the concept, which is embedded below.

The second session of the day started with a presentation from Mr. D. P. Misra, National Data Sharing and Accessibility Policy - Programme Management Unit (NDSAP-PMU), National Informatics Centre, Government of India. The presentation focused on the process of implementation of the National Data Sharing and Accessibility Policy approved by the Government of India in 2012. Mr. Misra has played a key role in the NDSAP-PMU that was trusted with development of the national open government data platform of India and in setting up the procedures and standards for publication of government data by various central and state government agencies through that Platform. His talk described the technical solutions designed by the NDSAP-PMU to make data accessible for the end-users in various file formats, to make visualisation of available data easy, and to make it possible for users to comment upon existing data and to request for data that is unavailable at the moment. Further, he emphasised the need for outreach initiatives by the government so as to build awareness and activities around the available open government data. The slides from Mr. Misra’s presentation can be accessed here.

The presentation by Mr. Misra was followed by a group exercise where various teams, self-selected by the participants, worked on different sections of the SODAAP implementation plan to put together ideas and plans for the first draft of the document. Five groups were formed and each of them worked on a separate section of the implementation plan: 1) Governance Framework and Budgetary Support, 2) Data Inventory and Negative List, 3) Data Acquisition and Open Standards, 4) Data Publication Process, Licenses, and Timeframes, and 5) Awareness, Capacity, and Demand of Data. The initial section titled ‘Introduction to the Policy and its Principles’ was put together by Vashistha Iyer on the basis of the SODAAP document. The technical section on the ‘Sikkim Open Data Portal’ was left out of this drafting exercise, as it was decided that the representatives of the Department of Information Technology will prepare this section on the basis of their interactions with the NDSAP-PMU later in June.

The drafting session was followed by presentations by each team working on a separate section, and quick feedbacks from all the participants. These drafts, along with the feedbacks, have been compiled together by Mr. Chattapadhyay, and is shared with the officials from the Government of Sikkim for their further discussion and eventual finalisation of the SODAAP implementation plan document.

The workshop ended with a round of final words and sharing of learning by the participants, and a vote of thanks on the behalf of the organisers.

For more details visit https://cis-india.org/openness/workshop-on-open-data-for-human-development-2015-06-report

AI for Healthcare: Understanding Data Supply Chain and Auditability in India

2024-11-30T08:17:48Z

This report aims to understand the prevalence and use of AI auditing practices in the healthcare sector. By mapping the data supply chain underlying AI technologies, the study aims to unpack i) how AI systems are developed and deployed to achieve healthcare outcomes and, ii) how AI audits are perceived and implemented by key stakeholders in the healthcare ecosystem.

Read our full report here.

The use of artificial intelligence (AI) technologies constitutes a significant development in the Indian healthcare sector, with industry and government actors showing keen interest in designing and deploying these technologies. Even as key stakeholders explore ways to incorporate AI systems into their products and workflows, a growing debate on the accessibility, success, and potential harms of these technologies continues, along with several concerns over their large-scale adoption. A recurring question in India and the world over is whether these technologies serve a wider interest in public health. For example, the discourse on ethical and responsible AI in the context of emerging technologies and their impact on marginalised populations, climate change, and labour practices has been especially contentious.

For the purposes of this study, we define AI in healthcare as the use of artificial intelligence and related technologies to support healthcare research and delivery. The use cases include assisted imaging and diagnosis, disease prediction, robotic surgery, automated patient monitoring, medical chatbots, hospital management, drug discovery, and epidemiology. The emergence of AI auditing mechanisms is an essential development in this context, with several stakeholders ranging from big-tech to smaller startups adopting various checks and balances while developing and deploying their products. While auditing as a practice is neither uniform nor widespread within healthcare or other sectors in India, it is one of the few available mechanisms that can act as guardrails in using AI systems.

Our primary research questions are as follows:

What is the current data supply chain infrastructure for organisations operating in the healthcare ecosystem in India?
What auditing practices, if any, are being followed by technology companies and healthcare institutions?
What best practices can organisations based in India adopt to improve AI auditability?

This was a mixed methods study, comprising a review of available literature in the field, followed by quantitative and qualitative data collection through surveys and in-depth interviews. The findings from the study offer essential insights into the current use of AI in the healthcare sector, the operationalisation of the data supply chain, and policies and practices related to health data sourcing, collection, management, and use. It also discusses ethical and practical challenges related to privacy, data protection and informed consent, and the emerging role of auditing and other related practices in the field. Some of the key learnings related to the data supply chain and auditing include:

Technology companies, medical institutions, and medical practitioners rely on an equal mix of proprietary and open sources of health data and there is significant reliance on datasets from the Global North.
Data quality checks are extant, but they are seen as an additional burden; with the removal of personally identifiable information being a priority during processing.
Collaboration between medical practitioners and AI developers remains limited, and feedback between users and developers of these technologies is limited.
There is a heavy reliance on external vendors to develop AI models, with many models replicated from existing systems in the Global North.
Healthcare professionals are hesitant to integrate AI systems into their workflows, with a significant gap stemming from a lack of training and infrastructure to integrate these systems successfully.
The understanding and application of audits are not uniform across the sector, with many stakeholders prioritising more mainstream and intersectional concepts such as data privacy and security in their scope.

Based on these findings, this report offers a set of recommendations addressed to different stakeholders such as healthcare professionals and institutions, AI developers, technology companies, startups, academia, and civil society groups working in health and social welfare. These include:

Improve data management across the AI data supply chain

Adopt standardised data-sharing policies. This would entail building a standardised policy that adopts an intersectional approach to include all stakeholders and areas where data is collected to ensure their participation in the process. This would also require robust feedback loops and better collaboration between the users, developers, and implementers of the policy (medical professionals and institutions), and technologists working in AI and healthcare.

Emphasise not just data quantity but also data quality. Given that the limited quantity and quality of Indian healthcare datasets present significant challenges, institutions engaged in data collection must consider their interoperability to make them available to diverse stakeholders and ensure their security. This would include recruiting additional support staff for digitisation to ensure accuracy and safety and maintain data quality.

Streamline AI auditing as a form of governance

Standardise the practice of AI auditing. A certain level of standardisation in AI auditing would contribute to the growth and contextualisation of these practices in the Indian healthcare sector. Similarly, it would also aid in decision-making among implementing institutions.

Build organisational knowledge and inter-stakeholder collaboration. It is imperative to build knowledge and capacity among technical experts, healthcare professionals, and auditors on the technical details of the underlying architecture and socioeconomic realities of public health. Hence, collaboration and feedback are essential to enhance model development and AI auditing.

Prioritise transparency and public accountability in auditing standards. Given that most healthcare institutions procure externally developed AI systems, some form of internal or external AI audit would contribute to better public accountability and transparency of these technologies.

Centre public good in India’s AI industrial policy

Adopt focused and transparent approaches to investing in and financing AI projects. An equitable distribution of AI spending and associated benefits is essential to guarantee that these investments and their applications extend beyond private healthcare, and that implementation approaches prioritise the public good. This would involve investing in entire AI life cycles instead of merely focusing on development and promoting transparent public–private partnerships.

Strengthen regulatory checks and balances for AI governance.
While an overarching law to regulate AI technologies may still be under debate, existing regulations may be amended to bring AI within their ambit. Furthermore, all regulations must be informed by stakeholder consultations to guarantee that the process is transparent, addresses the rights and concerns of all the parties involved, and prioritises the public good.

For more details visit https://cis-india.org/internet-governance/blog/ai-for-healthcare-understanding-data-supply-chain-and-auditability-in-india

Not Just Fancy Television

nishant — 2015-04-24T11:45:14Z

Nishant Shah reviews Ben Hammersley's book "64 Things You Need to Know for Then: How to Face the Digital Future Without Fear ", published by Hodder & Stoughton

The review was published in the Indian Express on December 8, 2012.

Let us begin by acknowledging that when the world was learning how to drive on the information highway, Ben Hammersley was out there, instructing us how to do it best. So it doesn’t surprise that 64 Things You Need to Know for Then: How to Face the Digital Future Without Fear, despite its untweetable title, is quite spot-on when it comes to describing our digital pasts, demystifying our interweb presents and preparing us for technosocial futures. Well-written, interspersed with illustrative anecdotes, reflective experiences and speculative ideas, the book looks at the good, the bad and the downright bizarre that the digital turn has introduced in our lives. Working through moments of nostalgia for things that have already become obsolete, and through experiences that morph even before we can comprehend them, Hammersley writes (or, as he suggests in his introduction — co-writes with hundreds of anonymous contributors) a book that is readable, for those seeking to understand how the digital world moves and those who want to remember their own role in shaping forgotten trends.

The book also attempts to answer some of the troublesome tensions in our understanding of our contemporary digital lives. Hammersley’s basic intention in writing the book is to show how technological shifts are not merely about changing usage patterns. It radically (and often dramatically) restructures our domains of life, language and labour. Older structures have become redundant and the new ones have not yet found their feet. There are many who attempt to think of the internet as a mere extension of older media practices. But as he says, “The internet is absolutely not just fancy television.” It is a technology that is reshaping everything we had understood about who we are and how we relate to the world around us.

However, Hammersley suggests, the ways in which the internet is rapidly transforming the world leads to a clear divide around technology literacy. The “technologically literate” are shaping the digital turn, experimenting and exploring the possibilities, but unable to fall back upon older structures of assurance to know whether the choices they are making are sustainable. At the same time, the “technologically illiterate” are still responsible for shaping a world that they are quickly losing track of.

This book clearly explains the technological, legal, cultural, social and economic shifts of the last 20 years, and how they foretell our futures, without complicating it with geeky discourses on code or theoretical bluster.

Hammersley also ensures that the book is not merely a glossary of terms. He has the most interesting anecdotes from around the world like Harry Potter fan-fiction and crowdsourced translations in Germany challenging intellectual property rights regimes, the Human Flesh Search Engines in China, which threaten to reinforce regressive mob politics while also enabling cultural vigilantes in our societies. He also goes beyond individual concerns and reflects on the larger political concerns of censorship, control and freedom, discussing with great lucidity, the complicated nuances of hacker groups like Anonymous, political effects of collectives like WikiLeaks, etc. It is an exciting mash-up of events that will make you smile at the audacity and irreverence of the players in the digital playground, but will also make you shiver as it lays bare the new authoritarian and violent regimes that emerge with digital technologies.

Instead of taking partisan positions about something as necessarily good or bad, Hammersley documents some of the practices, effects and affects of technology, to show how our world has changed. There is no explanation of why the list stops at 64 things. But it is a well curated list of social, cultural, economic and political concerns and provides a conversational account of the present and future, speculating, like an old friend on the living room couch on a Sunday afternoon.

The only criticism against Hammersley is that he is too dependent on the rules of the internet to explain the internet. The different laws that have evolved in computing and network theory, in the sociology of the Web and the economic analysis of information societies, are accepted too easily, and used as self-evident explanatory frameworks. But then, this is not a book pretending to argue for a new conceptual framework. It is a book that has set out to educate and entertain, slowly unfolding the fractured narratives of the Web from its military origins to its Arab Spring manifestations. Of the many books that are already flooding the market, trying to decode the Web, Hammersley’s list of 64 things is going to be at the top.

The writer is Director (Research), Centre for Internet and Society, Bangalore

For more details visit https://cis-india.org/digital-natives/blog/indian-express-december-8-2012-nishant-shah-not-just-fancy-television

Privacy in Healthcare: Policy Guide

tanvi — 2014-08-31T15:18:12Z

The Health Policy Guide seeks to understand what are the legal regulations governing data flow in the health sector — particularly hospitals, and how are these regulations implemented. Towards this objective, the research reviews data practices in a variety of public and private hospitals and diagnostics labs. The research is based on legislation, case law, publicly available documents, and anonymous interviews.

Click to download the PDF (320 Kb)

Introduction

To this date, there exists no universally acceptable definition of the right to privacy. It is a continuously evolving concept whose nature and extent is largely context driven. There are numerous aspects to the right to privacy, each different from the other in terms of the circumstance in which it is invoked. Bodily privacy however, is to date, the most guarded facet of this vastly expansive right. The privacy over one’s own body including the organs, genetic material and biological functions that make up one’s health is an inherent right that does not; as in the case of other forms of privacy such as communication or transactional privacy, emanate from the State. It is a right that has its foundations in the Natural Law conceptions of The Right to Life, which although regulated by the State can at no point be taken away by it except under extreme circumstances of a superseding Right to Life of a larger number of people.

The deliberation leading to the construction of a universally applicable Right to Privacy has up until now however only been in terms of its interpretation as an extension of the Fundamental Right to Life and Liberty as guaranteed under Article 21 as well as the freedom of expression and movement under Articles 19(1)(a) and (b) of the Constitution of India. While this may be a valid interpretation, it narrows the ambit of the right as one that can only be exercised against the State. The Right to privacy however has much larger implications in spheres that are often removed from the State. There is thus an impending need to create an efficient and durable structure of Law and policy that regulates the protection of privacy in Institutions that may not always be agents of the State.

It is in this regard that the following analysis studies the existing conceptions of privacy in the Healthcare sector. It aims to study the existing mechanisms of privacy protection and their pragmatic application in everyday practices. Further, it determines definitive policy gaps in the existing framework and endeavors to provide effective recommendations to not only redress these shortcomings but also create a system that is efficient in its fulfillment of the larger objective of the actualization of the Right to Privacy at an individual, state and institutional level.

Purpose

The purpose of this research study is to formulate a comprehensive guide that maps the synthesis, structure and implementation of privacy regulations within the healthcare sector in India. It traces the domestic legislation pertaining to various aspects of the healthcare sector and the specific provisions of the law that facilitate the protection of the privacy of individuals who furnish their personal information as well as genetic material to institutions of healthcare, either for the purpose of seeking treatment or to contribute to research studies. It is however imperative that the nature and extent of the information collected be restricted through the establishment of requisite safeguards at an institutional level that percolate down to everyday practices of data collection, handling and storage within healthcare institutions. The study thus aims to collate the existing systems of privacy protection in the form of laws, regulations and guidelines and compare these with actual practices in government and private hospitals and diagnostic laboratories to determine whether these laws are in fact effective in meeting the required standards of privacy protection. Further, the study also broadly looks at International practices of privacy protection and offers recommendations to better the existing mechanisms of delimiting unnecessary intrusions on the privacy of patients.

Importance

The Indian Healthcare sector although at par with international standards in its methods of diagnosis, treatment and the use of contemporary technology, is still nascent in the nature and extent of its interaction with the Law. There are a number of aspects of healthcare that lie on the somewhat blurred line between the interest of the public and the sole right of the individual seeking treatment. One such aspect is the slowly evolving right to privacy. The numerous facets of this right have come to the fore largely through unique case laws that are reflective of a dynamic social structure, one that seeks to reconcile the socio economic rights that once governed society with individual interests that it has slowly come to realize. The right of an individual to disclose the nature of his disease, the liberty of a woman not to be compelled to undergo a blood test, the bodily autonomy to decide to bear children or not, the decisional privacy with regards to the termination of a pregnancy and the custodial rights of two individuals to their child are certain contentious aspects of healthcare that have constructed the porous interface between the right to privacy and the need for medical treatment. It is in this context that this study aims to delve into the existing basic structure of domestic legislation, case laws and regulations and their subsequent application in order to determine important gaps in the formulation of Law and Policy. The study thus aims to draw relevant conclusions to fill these gaps through recommendations sourced from international best practice in order to construct a broad framework upon which one can base future policy considerations and amendments to the existing law.

Methodology

This research study was undertaken in two major parts. The first part assesses domestic legislation and its efficacy in the current context. This is done through the determination of relevant provisions within the Act that are in consonance with the broader privacy principles as highlighted in the A.P Shah Committee report on Privacy Protection[1]. This part of the research paper is based on secondary sources, both in terms of books as well as online resources. The second part of the paper analyses the actual practices with regard to the assimilation, organization, use and storage of personal data as practiced in Government and Private hospitals and Diagnostic laboratories. Three Private hospitals, a prominent Government hospital and a Diagnostic laboratory were taken into consideration for this study. The information was provided by the concerned personnel at the medical records department of these institutions of healthcare through a survey conducted on the condition of anonymity. The information provided was analyzed and collated in accordance with the compliance of the practices of these institutions with the Principles of privacy envisioned in the Report of the Group of Experts on Privacy.

The Embodiment of Privacy Regulation within Domestic Legislation

This section of the study analyses the viability of an approach that takes into account the efficacy of domestic legislation in regulating practices pertaining to the privacy of individuals in the healthcare sector. This approach perceives the letter and spirit of the law as the foundational structure upon which internal practices, self regulation and the effective implementation of policy considerations that aim to create an atmosphere of effective privacy regulation take shape, within institutions that offer healthcare services. To this effect, domestic legislationthat provides for the protection of a patient’s privacy has been examined. The law has been further studied with respect to its tendency to percolate into the everyday practices, regulations and guidelines that private and government hospitals adhere to. The extent of its permeation into actual practice; in light of its efficacy in fulfilling the perambulatory objectives of ensuring safe and unobtrusive practices,within the construct of which a patient is allowed to recover and seek treatment, has also been examined.

The term ‘Privacy’ is used in a multitude of domestic legislations primarily in the context of the foundation of the fiduciary relationship between a doctor and a patient.This fiduciary relationship emanates from a reasonable expectation of mutual trust between the doctor and his patients and is established through the Indian Medical Council Act of 1952, specifically section 20(A) of the Act which lays down the code of ethics which a doctor must adhere to at all times. Privacy within the healthcare sector includes a number of aspects including but not limited to informational privacy (e.g., confidentiality, anonymity, secrecy and data security); physical privacy (e.g., modesty and bodily integrity); associational privacy (e.g. intimate sharing of death, illness and recovery); proprietary privacy (e.g., self-ownership and control over personal identifiers, genetic data, and body tissues); and decisional privacy (e.g., autonomy and choice in medical decision-making).

Privacy Violations stem from policy and information gaps: Violations in the healthcare sector that stem from policy formulation as well and implementation gaps[2] include the disclosure of personal health information to third parties without consent, inadequate notification to a patient of a data breach, unlimited or unnecessary collection of personal health data, collection of personal health data that is not accurate or relevant, the purpose of collecting data is not specified, refusal to provide medical records upon request by client, provision of personal health data to public health, research, and commercial uses without de-identification of data and improper security standards, storage and disposal. The disclosure of personal health information has the potential to be embarrassing, stigmatizing or discriminatory.[3] Furthermore, various goods such as employment, life, and medical insurance, could be placed at risk [4]if the flow of medical information were not restricted. ^{^[5]}

Disclosure of personal health information is permitted and does not amount to a violation of privacy in the following situations: 1) during referral, 2) when demanded by the court or by the police on a written requisition, 3) when demanded by insurance companies as provided by the Insurance Act when the patient has relinquished his rights on taking the insurance, and 4) when required for specific provisions of workmen's compensation cases, consumer protection cases, or for income tax authorities,^{^[6]} 5) disease registration, 6) communicable disease investigations, 7) vaccination studies, or 8) drug adverse event reporting. ^{^[7]}

The following domestic legislations have been studied and relevant provisions of the Act have been accentuated in order to analyse their compliance with the basic principles of privacy as laid out in the A.P Shah Committee report on Privacy.

Mental Health Act, 1987[8]
The Provisions under the Act pertaining to the protection of privacy of the patient have been examined. The principles embodied within the Act include aspects of the Law that determine the nature and extent of oversight exercised by the relevant authorities over the collection of information, the limitation on the collection of data and the restrictions on the disclosure of the data collected. The principle of oversight is embodied under the legislation within the provisions that allow for the inspection of records in psychiatric hospitals and nursing homes only by officers authorized by the State Government.^{^[9]} The limitation on the Collection of information is imposed by the Inspection of living conditionsby a psychiatrist and two social workers are on a monthly basis. This would include analyzing the living condition of every patient and the administrative processes of the psychiatric hospital and/or psychiatric nursing home. ^{^[10]}Additionally, Visitors must maintain a book regarding their observations and remarks.^{^[11]} Medical certificates may be issued by a doctor, containing information regarding the nature and degree of the mental disorder as reasons for the detention of a person in a psychiatric hospital or psychiatric nursing home. ^{^[12]}Lastly, the disclosure of personal records of any facility under this Act by inspecting officers is prohibited^{^[13]}

Pre-Conception and Pre-Natal Diagnostic Techniques (Prohibition of Sex Selection) Act, 1994 ^{^[14]}
The Act was instituted in light of a prevalent public interest consideration of preventing female foeticide. However, it is imperative that the provision of the Act remain just shy of unnecessarily intrusive techniques and do not violate the basic human requirement of privacy in an inherently personal sphere. The procedure that a mother has to follow in order to avail of pre-natal diagnostic testing is mandatory consent of age, abortion history and family history. These conditions require a woman to reveal sensitive information concerning family history of mental retardation or physical deformities.[15] Aspecial concern for privacy and confidentiality should be exercised with regards to disclosure of genetic information. [16]

Medical Termination of Pregnancy Act, 1971 ^{^[17]}
Although, the right to an abortion is afforded to a woman within the construct of her inherent right to bodily privacy, decisional privacy (for e.g., autonomy and choice in medical decision-making) is not afforded to patients and their families with regards to determining the sex of the baby. The sections of the Act that have been examined lay down the provisions available within the Act to facilitate the protection of a woman’s right to privacy during the possible termination of a pregnancy. These include the principles pertaining to the choice and consent of the patient to undergo the procedure, a limit on the amount of information that can be collected from the patient, the prevention of disclosure of sensitive information and the security measures in place to prevent the unauthorized access to this information. The Medical Termination of Pregnancy Regulations, 2003 supplement the Act and provide relevant restrictions within every day practices of data collection use and storage in order to protect the privacy of patients. The Act mandates Written Consent of the patient in order to facilitate an abortion .Consent implies that the patient is aware of all her options, has been counselled about the procedure, the risks and post-abortion care.[18]. The Act prohibits the disclosure of matters relating to treatment for termination of pregnancy to anyone other than the Chief Medical Officer of the State. [19]The Register of women who have terminated their pregnancy, as maintained by the hospital, must be destroyed on the expiry of a period of five years from the date of the last entry.[20] The Act also emphasizes upon the security of information collected. The medical practitioner assigns a serial number for the woman terminating her pregnancy.[21]Additionally, the admission register is stored in safe custody of the head of the hospital. [22]

Indian Medical Council (Professional conduct, Etiquette and Ethics) Regulations, 2002 (Code of Ethics Regulations, 2002)
The Medical Council of India (MCI) Code of Ethics Regulations^{^[23]} sets the professional standards for medical practice. These provisions regulate the nature and extent of doctor patient confidentiality. It also establishes universally recognized norms pertaining to consent to a particular medical procedure and sets the institutionally acceptable limit for intrusive procedure or gathering excessively personal information when it is not mandatorily required for the said procedure. The provisions addressed under these regulations pertain to the Security of the information collected by medical practitioners and the nature of doctor patient confidentiality.

Physicians are obliged to protect the confidentiality of patients⁵during all stages of the procedure and with regard to all aspects of the information provided by the patient to the doctor, includinginformation relating to their personal and domestic lives. ^{^[24]}The only exception to this mandate of confidentiality is if the law requires the revelation of certain information, or if there is a serious and identifiable risk to a specific person and / or community ofa notifiable disease.

Ethical Guidelines for Biomedical Research on Human Subjects [25]
The provisions for the regulation of privacy pertaining to biomedical research include aspects of consent as well as a limitation on the information that may be collected and its subsequent use. The provisions of this act aim to regulate the protection of privacy during clinical trials and during other methods of research. The principal of informed consent is an integral part of this set of guidelines. ThePrivacy related information included in the participant/ patient information sheet includes: the choice to prevent the use of their biological sample, the extent to which confidentiality of records could be maintained and the consequences of breach of confidentiality, possible current and future uses of the biological material and of the data to be generated from the research and if the material is likely to be used for secondary purposes or would be shared with others, the risk of discovery of biologically sensitive information and publications, including photographs and pedigree charts.[26] The Guidelines require special concern for privacy and confidentiality when conducting genetic family studies. [27]The protection of privacy and maintenance of confidentiality, specifically surrounding the identity and records, is maintained whenusing the information or genetic material provided by participants for research purposes. ^{^[28]}The Guidelines require investigators to maintain confidentiality of epidemiological data due to the particular concern that some population based data may also have implications on issues like national security or public safety.[29]All documentation and communication of the Institutional Ethics Committee (IEC) must be dated, filed and preserved according to the written procedures.Data of individual participants can be disclosed in a court of law under the orders of the presiding judge, if there is a threat to a person’s life, communication to the drug registration authority regarding cases of severe adverse reaction and communication to the health authority if there is risk to public health.[30]

Insurance Regulatory and Development Authority (Third Party Administrators) Health Services Regulations, 2001
The provisions of the Act that have been addressed within the scope of the study regulate the practices of third party administrators within the healthcare sector so as to ensure their compliance with the basic principles of privacy.An exception to the maintenance and confidentiality of information confidentiality clause in the code of conduct, requires TPAs to provide relevant information to any Court of Law/Tribunal, the Government, or the Authority in the case of any investigation carried out or proposed to be carried out by the Authority against the insurance company, TPA or any other person or for any other reason.[31]In July 2010, the IRDA notified theInsurance Regulatory and Development Authority (Sharing of Database for Distribution of Insurance Products) Regulations [32]. These regulations restrict referral companies from providing details of their customers without their prior consent.[33]TPAs must maintain the confidentiality of the data collected by it in the course of its agreement and maintain proper records of all transactions carried out by it on behalf of an insurance company and are also required to refrain from trading information and the records of its business[34].TPA’s must keep records for a period of not less than three years.[35]

IDRA Guidelines on Outsourcing of Activities by Insurance Companies [36]
These guidelines require the insurer to take appropriate steps that require third party service providers protect confidential information of both the Insurer and its clients from intentional or inadvertent disclosure to unauthorized persons.[37]

Exceptions to the Protection of Privacy
The legal provisions with regard to privacy, confidentiality and secrecy are often superseded by Public Interest Considerations. The right to privacy, although recognized in the course of Indian jurisprudence and embodied within domestic legislation is often overruled prima facie when faced with situations or instances that involve a larger interest of a greater number of people. This policy is in keeping with India’s policy goals as a social welfare state to aid in the effectuation of its utilitarian ideals. This does not allow individual interest to at any point surpass the interest of the masses.

Epidemic Diseases Act, 1897 [38]
Implicit within this formulation of this Act is the assumption that in the case of infectious diseases, the right to privacy, of infected individuals must give way to the overriding interest of protecting public health.[39] This can be ascertained not only from the black letter of the Law but also from its spirit. Thus, in the absolute positivist as well as a more liberal interpretation, at the crux of the legislation lies the undeniable fundamental covenant of the preservation of public health, even at the cost of the privacy of a select few individuals [40].

Policy and Regulations

National Policy for Persons with Disabilities, 2006[41]
The following provisions of the Act provide for the incorporation of privacy considerations in prevalent practices with regard to persons with disabilities. The National Sample Survey Organization collects the following information on persons with disabilities: the socio- economic and cultural context, cause of disabilities, early childhood education methodologies and all matters connected with disabilities, at least once in five years.[42]This data is collected by non-medical investigators. [43]There is thus an inherent limit on the information collected. Additionally, this information is used only for the purpose for which it has been collected.

The Special Employment Exchange, as established under The Persons with Disabilities (Equal Opportunities, Protection of Rights and Full Participation) Act, 1995 Act, collects and furnishes information in registers, regarding provisions for employment. Access to such data is limited to any person who is authorized by the Special Employment Exchange as well as persons authorized by general or special order by the Government, to access, inspect, question and copy any relevant record, document or information in the possession of any establishment. [44] When conducting research on persons with disabilities consent is required from the individual or their family members or caregivers.[45]

HIV Interventions
In 1992, the Government of India instituted the National AIDS Control Organization (NACO) for the prevention and control of AIDS. NACO aims to control the spread of HIV in India through the implementation of Targeted Interventions (TIs) for most at risk populations (MARPs) primarily, sex workers, men having sex with men and people who inject drugs.[46]The Targeted Interventions (TIs) system of testing under this organization has however raised numerous concerns about relevant policy gaps in the maintenance of the confidentiality and privacy of persons living with HIV/ AIDS. The shortcomings in the existing policy framework include: The Lack of a limitation and subsequent confidentiality in the amount of Information collected. Project staff inTIsrecordthe name, address and other contact information of MARPs and share this data with Technical Support Unit and State AIDS Control Societies.[47] Proof of address and identity documents are required to get enrolled in government ART programs.[48]Peer-educators operate under a system known as line-listing, used to make referrals and conduct follow-ups. Peer-educators have to follow-up with those who have not gone at regular intervals for testing. [49] This practice can result in peer-educators noticing and concluding that the names missing are those who have tested positive. [50] Although voluntary in nature, the policy encourage the fulfillment of fulfilling of numerical targets, and in doing so supports unethical ways of testing.[51]

The right to privacy is an essential requirement for persons living with HIV/AIDS due to the potential stigmatizing and discriminatory impact of the revelation of this sensitive information, in any form.[52] The lack of privacy rights often fuels the spread of the disease and exacerbates its impact on high risk communities of individuals. Fears emanating from a privacy breach or a disclosure of data often deter people from getting tested and seeking medical care. The impact of such disclosure of sensitive information including the revelation of tests results to individuals other than the person being tested include low self esteem, fear of loss of support from family/peers, loss of earnings especially for female and transgender sex workers, fear of incrimination for illicit sex/drug use and the insensitivity of counselors. [53]HIV positive individualslive in constant fear of their positive status being leaked. They also shy away from treatment as they fear people might see them taking their medicines and thereby guess their status. Thus breaches in confidentiality and policy gaps in privacy regulation, especially with respect to diseases such as HIV also prevents people from seeking out treatment. [54]

Case Law

The following cases have been used to deliberate upon important points of contention within the ambit of the implementation and impact of Privacy Regulationsin the healthcare sector. This includes the nature and extent of privacy enjoyed by the patient and instances where in the privacy of the patient can be compromised in light of public interest considerations.

Mr. Surupsingh Hrya Naik vs. State of Maharashtra ,[55] (2007)

The decision in this case held that The RTI Act 2005 would supersede The Medical Council Code of Ethics. The health records of an individual in judicial custody should be made available under the Act and can only be denied in exceptional cases, for valid reasons.

Since the Code of Ethics Regulations are only delegated legislation, it was held in the case of Mr. SurupsinghHrya Naik v.State Of Maharashtra[56] that these would not prevail over the Right to Information Act, 2005 (RTI Act) unless the information sought falls under the exceptions contained in Section 8 of the RTI Act. This case dealt with the important point of contention of whether making the health records public under the RTI Act would constitute a violation of the right to privacy. These health records were required to determine why the convict in question was allowed to stay in a hospital as opposed to prison. In this context the Bombay High Court held thatThe Right to Information Act supersedes the regulation that mandate the confidentiality od a person, or in this case a convict’s medical records. It was held that the medical records of a a person sentenced or convicted or remanded to police or judicial custody, if during that period such person is admitted in hospital and nursing home, should be made available to the person asking the information provided such hospital nursing home is maintained by the State or Public Authority or any other Public Body. It is only in rare and in exceptional cases and for good and valid reasons recorded in writing can the information may be denied.

Radiological & Imaging Association v. Union of India ,^{^[57]} (2011)
On 14 January 2011 a circular was issued by the Collector and District Magistrate, Kolhapur requiring the Radiologists and Sonologists to submit an on-line form “F” under the PNDT Rules. This was challenged by the Radiological and Imaging Association, inter alia, on the ground that it violates the privacy of their patients. Deciding the above issue the Bombay High Court held that .The images stored in the silent observer are not transmitted on-line to any server and thus remain embedded in the ultra-sound machine. Further, the silent observer is to be opened only on request of the Collector/ the civil surgeonin the presence of the concerned radiologist/sonologist/doctor incharge of the Ultra-sound Clinic. In light of these considerations and the fact that the `F' form submitted on-line is submitted only to the Collector and District Magistrate is no violation of the doctor's duty of confidentiality or the patient's right to privacy. It was further observed that The contours of the right to privacy must be circumscribed by the compelling public interest flowing through each and every provision of the PC&PNDT Act, when read in the background of the following figures of declining sex ratio in the last five decades.

The use of a Silent Observer system on a sonograph has requisite safeguards and doesn’t violate privacy rights. The declining sex ratio of the country was considered a compelling public Interest that could supersede the right to privacy.

Smt. Selvi and Ors. v.State of Karnataka (2010)
The Supreme Court held that involuntary subjection of a person to narco analysis, polygraph test and brain-mapping violates the ‘right against self-incrimination' which finds its place in Article 20(3)[58] of the Constitution. [59] The court also found that narco analysis violated individuals’ right to privacy by intruding into a “subject’s mental privacy,” denying an opportunity to choose whether to speak or remain silent, and physically restraining a subject to the location of the tests and amounted to cruel, inhuman or degrading treatment.[60]

The Supreme Court found that Narco-analysis violated an individuals’ right to privacy by intruding into a “subject’s mental privacy,” denying an opportunity to choose whether to speak or remain silent.

Neera Mathur v. Life Insurance Corporation (LIC),[61] (1991)
In this casethe plaintiff contested a wrongful termination after she availed of maternity leave. LIC required women applicants to furnish personal details like their menstrual cycles, conceptions, pregnancies, etc. at the time of appointment. Such a requirement was held to go against the modesty and self respect of women. The Court held that termination was only because of disclosures in application, which was held to be intrusive, embarrassing and humiliating. LIC was directed to delete such questions.

The Court did not refer to the term privacy however it used the term personal details as well as modesty and self respect, but did not specifically link them to the right to life or any other fundamental right. These terms (modesty and self respect) are usually not connected to privacy but although they may be the harm which comes from an intrusion of one’s privacy.

The Supreme Court held that Questions related to an individual’s reproductive issues are personal details and should not be asked in the service application forms.

Ms. X vs. Mr. Z &Anr ,[62] (2001)
In this case, the Delhi High Court held that an aborted foetus was not a part of the body of a woman and allowed the DNA test of the aborted foetus at the instance of the husband. The application for a DNA test of the foetus was contested by the wife on the ground of “Right to Privacy”.7In this regard the court held that The Supreme Court had previously decided that a party may be directed to provide blood as a DNA sample but cannot be compelled to do so. The Court may only draw an adverse interference against such party who refuses to follow the direction of the Court in this respect.The position of the court in this case was that the claim that the preservation of a foetus in the laboratory of the All India Institute of Medical Science, violates the petitioner’s right to privacy, cannot be entertained as the foetus had been voluntarily discharges from her body previously, with her consent. The foetus, that she herself has dischargedis claimed to be subjected to DNA test. Thus, in light of the particular facts and the context of the case, it was held that petitioner does not have any right of privacy.

A woman’s right to privacy does not extend to a foetus, which is no longer a part of her body. The right to privacy may arise from a contract as well as a specific relationship, including a marital relationship. The principle in this case has been laid down in broad enough terms that it may be applied to other body parts which have been disassociated from the body of the individual.

It is important to note here that the fact that the Court is relying upon the principles laid down in the case of R. Rajagopal seems to suggest that the Court is treating organic tissue preserved in a public hospital in the same manner as it would treat a public document, insofar as the exception to the right to privacy is concerned.

B.K Parthasarthi vs. Government of Andhra Pradesh ,[63] (1999)
In this case, the Andhra Pradesh High Court was to decide the validity of a provision in the Andhra Pradesh Panchayat Raj Act, 1994 which stipulated that any person having more than two children should be disqualified from contesting elections. This clause was challenged on a number of grounds including the ground that it violated the right to privacy. The Court, in deciding upon the right to privacy and the right to reproductive autonomy, held thatThe impugned provision, i.eSection 19(3) of the said Act does not compel directly anyone to stop procreation, but only disqualifies any person who is otherwise eligible to seek election to various public offices coming within the ambit of the Andhra Pradesh Panchayat Raj Act, 1994 or declares such persons who have already been holding such offices to be disqualified from continuing in such offices if they procreate more than two children.Therefore, the submission made on behalf of the petitioners 'right to privacy' is infringed, is untenable and must be rejected.”

Mr. X v. Hospital Z, Supreme Court of India ,[64] (1998 and 2002)
The petitioner was engaged to be married and thereafter during tests for some other illness in the hospital it was found that the petitioner was HIV positive. This information was released by the doctor to the petitioner’s family and through them to the family of the girl to whom the petitioner was engaged, all without the consent of the petitioner. The Court held that:

“The Right to privacy is not treated as absolute and is subject to such action as may be lawfully taken for the prevention of crime or disorder or protection of health or morals or protection of rights and freedoms of others.”

Right to privacy and is subject to such action as may be lawfully taken for the prevention of crime or disorder or protection of health or morals or protection of rights and freedoms of others.

This decision of this case could be interpreted to extend the principle, of disclosure to the person at risk, to other communicable and life threatening diseases as well. However, a positivist interpretation would render these principle applicable to only to HIV+ cases.

M. Vijaya v. Chairman and Managing Director, Singareni Collieries Co. Ltd. [65] (2001)
The petitioner alleged that she had contracted the HIV virus due to the negligence of the authorities of Maternity and Family Welfare Hospital, Godavarikhani, a hospital under the control of Singareni Collieries Company Ltd., (SCCL), in conducting relevant precautionary blood tests before transfusion of blood of her brother (donor) into her body when she was operated for hysterectomy (Chronic Cervicitis) at the hospital. The petition was initially filed as a Public Interest Litigation,which the court duly expanded in order to address the problem of the lack of adequate precautionary measures in hospitals, thereby also dealing with issues of medical confidentiality and privacy of HIV patients. The court thus deliberated upon the conflict between the right to privacy of an HIV infected person and the duty of the state to prevent further transmission and held:

In the interests of the general public, it is necessary for the State to identify HIV positive cases and any action taken in that regard cannot be termed as unconstitutional. As under Article 47 of the Constitution, the State was under an obligation to take all steps for the improvement of the public health. A law designed to achieve this object, if fair and reasonable, in our opinion, will not be in breach of Article 21 of the Constitution of India

The right of reproductive autonomy is a component of the right to privacy .A provision disqualifying a person from standing for elections due to the number of children had, does not violate the right to privacy as the object of the legislation is not to violate the autonomy of an individual but to mitigate the population growth in the country. Measures to control population growth shall be considered legal unless they impermissibly violate a fundamental right.

However, another aspect of the matter is whether compelling a person to take HIV test amounts to denying the right to privacy? The Court analyzed the existing domestic legislation to arrive at the conclusion that there is no general law that can compel a person to undergo an HIV-AIDS test. However, specific provisions under the Prison Laws[66]

provide that as soon as a prisoner is admitted to prison, he is required to be examined medically and the record of prisoner's health is to be maintained in a register. Further, Under the ITP Act, the sex workers can also be compelled to undergo HIV/ AIDS test.[67]

Additionally, under Sections 269 and 270 of the Indian Penal Code, 1860, a person can be punished for negligent act of spreading infectious diseases.

The right to privacy of a person suspected to be HIV+ would be subordinate to the power and duty of the state to identify HIV+ patients in order to protect public interest and improve public health. However any law designed to achieve this object must be fair and reasonable. In a conflict between the individual’s privacy right and the public’s right in dealing with the cases of HIV-AIDS, the Roman Law principle 'SalusPopuliestSuprema' (regard for the public wealth is the highest law) applies when there is a necessity.

After mapping legislation that permit the invasion of bodily privacy, the Court concluded that they are not comprehensive enough to enable the State to collect information regarding patients of HIV/AIDS and devise appropriate strategies and therefore the State should draft a new legislation in this regard. Further the Court gave certain directions to the state regarding how to handle the epidemic of HIV/AIDS and one of those directions was that the “Identity of patients who come for treatment of HIV+/AIDS should not be disclosed so that other patients will also come forward for taking treatment.”

Sharda v. Dharmpal ,[68] (2003)

The basic question in this case was whether a party to a divorce proceeding can be compelled to a medical examination. The wife in the divorce proceeding refused to submit herself to medical examination to determine whether she was of unsound mind on the ground that such an act would violate her right to personal liberty. Discussing the balance between protecting the right to privacy and other principles that may be involved in matrimonial cases such as the ‘best interest of the child’ in case child custody is also in issue, the Court held:

If the best interest of a child is in issue in the case then the patient’s right to privacy and confidentiality would get limited. The right to privacy of an individual would be subordinate to the power of a court to arrive at a conclusion in a matrimonial dispute and the right of a party to protect his/her rights in a Court of law would trump the right to privacy of the other.

"Privacy" is defined as "the state of being free from intrusion or disturbance in one's private life or affairs". However, the right to privacy in India, is only conferred through an extensive interpretation of Article 21 and cannot therefore in any circumstance be considered an absolute right. Mental health treatment involves disclosure of one's most private feelings However, like any other privilege the psychotherapist-patient privilege is not absolute and may only be recognized if the benefit to society outweighs the costs of keeping the information private. Thus if a child's best interest is jeopardized by maintaining confidentiality the privilege may be limited.” Thus, the power of a court to direct medical examination of a party to a matrimonial litigation in a case of this nature cannot beheld to violate the petitioner’s right to privacy.

Regulation of Privacy in Government and Private Hospitals and Diagnostic Laborataries

A. Field Study
The Hospitals that have been chosen for the analysis of the efficacy of these legislations include prominent Government Hospitals, Private Hospitals and Diagnostic Centers. These Institutes were chosen because of their widely accredited status as centers of medical research and cutting edge treatment. They have also had a long standing reputation due to their staff of experienced and skilled on call doctors and surgeons. The Private Hospitals chosen had patient welfare centers that addressed the concerns of patients including questions and doubts relating to but not limited to confidentiality and consent. The Government hospitals had a public relations office that addressed the concerns of discharged patients. They also provided counseling services to patients to aid them in addressing concerns relate to the treatment that they might want to be kept confidential. Diagnostic laboratories also have an HR department that addresses similar concerns. The laboratory also has a patient welfare manager who addresses the concerns and queries of the patient prior to and during the procedure.

The following section describes the practices promulgated by Government and Private Hospitals, as well as Diagnostic Laboratories in their endeavor to comply with the basic principles of privacy as laid down in the A.P Shah Committee report on Privacy.

(i) Notice

Through an analysis of the information provided by Government and Private hospitals and diagnostic laboratories, relevant conclusions were drawn with regard to the nature, process and method in which the patient information is recorded. Through interviews of various medical personnel including administrative staff in the patient welfare and medical records departments we observed an environment of openness and accountability within the structure of the patient registration system.

In Government Hospitals, the patient is notified of all types of information that is collected, in terms of both personal information as well as medical history. The Patient admission as well as the patient consent form is filled out by the patient or the attending relative accompanying the patient and assistance for the same is provided by the attending staff members, who explain the required details that need to be filled in a language that the patient is able to understand. The patient is notified of the purpose for which such information is collected and the procedure that he/ she might have to undergo depending on his injury or illness. The patient is not however, notified of the method in which he/she may correct or withdraw the information that is provided. There is no protocol provided for the correction or withdrawal of information, once provided. The patient is, at all times notified of the extent and nature of doctor patient confidentiality including the fact that his/her personal information would not be shared even with his/her immediate relatives , insurance companies, consulting doctors who are not directly involved with his/her treatment or any unauthorized third party without requisite consent from the patient. The patient is informed of the fact that in some cases the medical records of the patient will have to be shared with consulting doctors and that all the patient’s medical records would be provided to insurance companies, but this will only be done with the consent of the patient.

The same system of transparency and accountability transcends across private hospitals and diagnostic laboratories as well. In private hospitals, the patient is informed of all the information that is collected and the purpose for which such information may be collected. Diagnostic laboratories have specific patient consent forms for specific types of procedures which the patient will have to fill out depending on the required tests. These forms contain provisions with regard to the confidential nature of all the information provided. This information can only be accessed by the patient and the consulting doctor with the consent of the patient. Both private hospitals and diagnostic laboratories have a specific protocol and procedure in place to correct or withdraw information that has been provided. In order to do so the patient would have to contact the medical records department with requisite proof of the correct information. Private hospitals inform patients of the nature and extent of doctor patient confidentiality at every stage of the registration process. Some private hospitals contain patient safety brochures which inform patients about the nature and extent of consent and confidentiality, even with regard to consulting doctors and insurance agencies. If the patient does not want certain information revealed to insurance agencies the hospital will retain such records and refraining from providing them to third party insurance agencies. Thus, all information provided by the patient remains confidential at the behest of the patient.

(ii) Choice and Consent

Choice and consent are two integral aspects of the regulation of privacy within the healthcare sector. Government and Private hospitals as well as diagnostic laboratories have specific protocols in place to ensure that the consent of the patient is taken at every stage of the procedure. The consent of the patient can also be withdrawn just prior to the procedure even if this consent has already been given by the patient in writing, previously. The choice of the patient is also given ample importance at all stages of the procedure. The patient can refuse to provide any information that may not mandatorily required for the treatment provided basic information regarding his identity and contact information in case of emergency correspondence has been given.

(iii) Collection Limitation

The information collected from the patient in both government and private hospitals is used solely for the purpose that the patient has been informed of. In case this information is used for purposes other than for the purpose that the patient has been informed of, the patient is informed of this new purpose as well. Patient records in both Government and Private hospitals are stored in the Medical Records Department as hard copies and in some cases as scanned soft copies of the hard copy as well. These Medical Records are all stored within the facility. The duration for which the records are stored range from a minimum of two years to a maximum of ten years in most private hospitals. Some private hospitals store these records for life. Government hospitals store these records for a term of thirty years only as hard copies after which the records are discarded. Private hospitals make medical records accessible to any medical personnel who may ask for it provided the requisite proof of identity and reasons for accessing the same are provided, along with an attested letter of authorization of the doctor who is currently involved or had been involved in the treatment of the patient. Government hospitals however do not let any medical personnel access these records except for the doctor involved in the treatment of that particular patient. Both private and government hospitals are required to share the medical records of the patient with the insurance companies. Government Hospitals only share patient records with nationalized insurance agencies such as The Life Insurance Corporation of India (LIC) but not with private insurance agencies. The insurance claims forms that are required prior to providing medical records to the insurance companies mandatorily require the signature of the patient. The patient is thus informed that his records will be shared with the insurance agencies and his signature is a proof of his implied consent to the sharing of these records with the company with which he has filed a health insurance claim.

Diagnostic laboratories collect patient information solely for the purpose of the particular test that they have been asked to conduct by the treating or consulting doctor. Genetic samples (Blood, Semen, Urine etc) are collected at one time and the various tests required are conducted on these samples. In case of any additional testing that is required to be conducted on these samples, the patient is informed. Additional testing is conducted only in critical cases and in cases where the referral doctor requests for the same to be conducted on the collected samples. In critical cases, where immediate testing is required and the patient is unreachable, the testing is conducted without informing the patient. The patient is mandatorily informed after the test that such additional testing was conducted. The patient sample is stored for one week within the same facility. The Patient records are digitized. They can only be accessed by the patient, who is provided with a particular username and password using which he can access only his records. The information is stored for a minimum of two years. This information can be made available to a medical personnel only if such medical personnel has the required lab no, the patients name, and reason for which it needs to be accessed. He thus requires the permission of the authorities at the facility as well as the permission and consent of the patient to access such records. The Medical test records of a patient are kept completely confidential. Even insurance companies cannot access such records unless they are provided to the company by the patient himself. In critical cases however, the patient information and tests results are shared with the treating or referral doctor without the consent of the patient.

(iv) Purpose Limitation

In Government and Private Hospitals, the information is only used for the purpose for which it is collected. There is thus a direct and relevant connection between the information collected and the purpose for which it used. Additional information is collected to gauge the medical history of the patient that may be relevant to the disease that has to be treated. The information is never deleted after it has been used for the purpose for which it had been collected. The Medical Records of the patient are kept for extended periods in hard copy as well as soft copy versions. There is a provision for informing the patient in case the information is used for any purpose other than the purpose for which it was collected. Consent of the patient is taken at all stages of collecting and utilizing the information provided by him.

Diagnostic Laboratories have a database of all the information collected which is saved in the server. The information is mandatorily deleted after it has been used for the purpose for which it was collected after a period of two years. In case the information is used for any purpose other than the purpose for which it was collected, for example, in critical cases where additional tests have to be conducted the patient is\ always informed of the same.

(v) Access and Correction

In private hospitals, the patient is allowed to access his own records during his stay at the hospital. He is given a copy of his file upon his discharge from the hospital in the form of a discharge summary. However, if he needs to access the original records at a later stage, he can do so by filing a request for the same at the Medical Records Department of the hospital. A patient can make amendments or corrections to his records by providing requisite proof to substantiate the amended information. The patient however at no stage can confirm if the hospital is holding or processing personal information about him or her with the exception of the provisions provided for the amendment or correction to the information held.

The Medical records of a patient in a government hospital are completely sealed. A patient has no access to his own records. Only the concerned doctor who was treating the patient during his stay at the hospital can access the records of the patient. This doctor has to be necessarily associated with the hospital and had to have been directly involved in the patient’s treatment in order to access the records. The patient is allowed to amend information in his medical records but only generic information such as the spelling of his name, his address, telephone number etc. The patient is at no point allowed to access his own records and therefore cannot confirm if the hospital is holding or processing any information about him/her. The patient is only provided with a discharge summary that includes his personal information, the details of his disease and the treatment provided in simple language.

Diagnostic laboratories have an online database of patient records. The patient is given a username and a password and can access the information at any point. The patient may also amend or correct any information provided by contacting the Medical records department for the same. The patient can at any time view the status of his record and confirm if it is being held or processed by the hospital. A copy of such information can be obtained by the patient at any time.

(vi) Disclosure of Information

Private Hospitals are extremely cautious with regard to the disclosure of patient information. Medical records of patients cannot be accessed by anyone except the doctor treating that particular patient or consulting on the case. The patient is informed whenever his records are disclosed even to doctors. Usually, even immediate relatives of the patient cannot access the patient’s records without the consent of the patient except in cases where the condition of the patient is critical. The patient is always informed about the type and extent of information that may be disclosed whenever it is disclosed. No information of the patient is made available publicly at any stage. The patient can refuse to consent to sharing of information collected from him/her with non-authorized agencies. However, in no circumstance is the information collected from him/her shared with non authorized agencies. Some private hospitals also provide the patient with patient’s safety brochures highlighting the extent of doctor patient confidentiality, the patient’s rights including the right to withdraw consent at any stage and refuse access of records by unauthorized agencies.

In government hospitals, the medical records of the patient can only be disclosed to authorized agencies with the prior approval of patient. The patient is made aware of the type and extent of information that is collected from him/her and is mandatorily shared with authorized bodies such as insurance agencies or the treating doctor. No information of the patient is made publicly available. In cases where the information is shared with insurance agencies or any such authorized body the patient gives an undertaking via a letter of his consent to such disclosure. The insurance companies only use medical records for verification purposes and have to do so at the facility. They cannot take any original documents or make copies of the records without the consent of the patient as provided in the undertaking.

Diagnostic Laboratories provide information regarding the patient’s medical records only to the concerned or referred doctor. The patient is always informed of any instance where his information may be disclosed and the consent of the patient is always taken for the same. No information is made available publicly or shared with unauthorized agencies at any stage. Information regarding the patient’s medical records is not even shared with insurance companies.

Government and Private Hospitals provide medical records of patients to the police only when a summons for the same has been issued by a judge. Diagnostic laboratories however do not provide information regarding a patient’s records at any stage to any law enforcement agencies unless there is summons from a judge specifying exactly the nature and extent of information required.

Patients are not made aware of laws which may govern the disclosure of information in private and government hospitals as well as in diagnostic laboratories. The patient is merely informed that the information provided by him to the medical personnel will remain confidential.

(vii) Security

The security measures that are put in place to ensure the safety of the collected information is not adequately specified in the forms or during the collection of information from the patient in Government or Private Hospitals. Diagnostic laboratories however do provide the patient with information regarding the security measures put in place to ensure the confidentiality of the information.

(viii) Openness

The information made available to the patient at government and private hospital and diagnostic laboratories is easily intelligible. At every stage of the procedure the explicit consent of the patient is obtained. In government and private hospitals the signature of the patient is obtained on consent forms at every stage of the procedure and the nature and extent of the procedure is explained to the patient in a language that he understands and is comfortable speaking. The information provided is detailed and is provided in simplistic terms so that the patient does at all stages understand the nature of any procedure he is consenting to undergo.

(ix) Accountability

Private hospitals and Diagnostic laboratories have internal and external audit mechanisms in place to check the efficacy of privacy measures. They both have grievance redress mechanisms in the form of patient welfare cells and complaint cells. There is an assigned officer in place to take patient feedback and address and manage the privacy concerns of the patient.

Government hospitals do not have an internal or external audit mechanism in place to check the efficacy of privacy measures. There is however a grievance redressal mechanism in government hospitals in the form of a Public Relations Office that addresses the concerns, complaints, feedback and suggestions of the patients. There is an officer in charge of addressing and managing the privacy concerns of patients. This officer also offers counseling to the patients in case of privacy concerns regarding sensitive information.

International Best Practices and Recommendations

A. European Union
An official EU data protection regulation [69]was issued in January 2012. A key objective of this was to introduce a uniform policy directive across all member states. The regulation, once implemented was to be applicable in all member states and left no room for alteration or amendments.

The regulation calls for Privacy Impact Assessments[70]when there are specific risks to privacy which would include profiling, sensitive data related to health, genetic material or biometric information. This is an important step towards evaluating the nature and extent of privacy regulation required for various procedures and would be effective in the creation of a systematic structure for the implementation of these regulations. The regulation also established the need for explicit consent for sensitive personal data. The basis for this is an inherent imbalance in the positions of the data subject and the data controller, or in simpler terms the patient and the hospital or the life sciences company conducting the research. Thus, implied consent is not enough [71]and a need arises to proceed with the testing only when there is explicit informed consent.

Embedded within the regulation is the right to be forgotten [72]wherein patients can request for their data to be deleted after they have been discharged or the clinical trial has been concluded. In the Indian scenario, patient information is kept for extended periods of time. This can be subject to unauthorized access and misuse. The deletion of patient information once it has been used for the purpose for which it was collected is thus imperative towards the creation of an environment of privacy protection.

Article 81 of the regulation specifies that health data may be processed only for three major processes[73] :

a) In cases of Preventative or occupational medicine, medical diagnosis, the care, treatment or management of healthcare services, and in cases where the data is processed by the healthcare professionals, the data is subject to the obligation of professional secrecy;

b) Considerations of public interest bearing a direct nexus to public health, for example, the protection of legitimate cross border threats to health or ensuring a high standard of quality and safety for medicinal products or services;

c) Or other reasons of public interest such as social protection.

An added concern is the nature and extent of consent. The consent obtained during a clinical trial may not always be sufficient to cover additional research even in instances of data being coded adequately. Thus, it may not be possible to anticipate additional research while carrying out initial research. Article 83[74] of the regulation prohibits the use of data collected for an additional purpose, other that the purpose for which it was collected.

Lastly, the regulation covers data that may be transferred outside the EEA, unless there is an additional level of data protection. If a court located outside the EU makes a request for the disclosure of personal data, prior authorization must be obtained from the local data protection authority before such transfer is made. It is imperative that this be implemented within Indian legislation as currently there is no mechanism to regulate the cross border transfer of personal data.

B. The United States of America
The Health Maintenance Organizations Act, 1973 [75]was enacted with a view to keep up with the rapid development in the Information Technology sector. The digitization of personal information led to new forms of threats with regard to the privacy of a patient. In the face of this threat, the overarching goal of providing effective and yet unobtrusive healthcare still remains paramount.

To this effect, several important federal regulations have been implemented. These include the Privacy and Security Ruled under the Health Insurance Portability and Accountability Act (HIPAA) 1996[76] and the State Alliance for eHealth (2007) [77].The HIPAA privacy rules addressed the use and subsequent disclosure of a patient's personal information under various healthcare plans, medical providers, and clearinghouses. These insurance agencies were the primary agents involved in obtaining a patients information for purposes such as treatment, payment, managing healthcare operations, medical research and subcontracting. Under the HIPAA it is required of insurance agencies to ensure the implementation of various administrative safeguards such as policies, guidelines, regulations or rules to monitor and control inter as well as intra organizational access.

Apart from the HIPAA, approximately 60 laws related to privacy in the healthcare sector have been enacted in more than 34 states. These legislations have been instrumental in creating awareness about privacy requirements in the healthcare sector and improving the efficiency of data collection and transfer. Similar legislative initiative is required in the Indian context to aid in the creation of a regulated and secure atmosphere pertaining to the protection of privacy within the healthcare sector.

C. Australia
Australia has a comprehensive law that deals with sectoral regulations of the right to privacy.An amendment to the Privacy Act1988 [78]applies to all healthcare providers and was made applicable from 21st December 2001.The privacy Act includes the followingpractices:

a. A stringent requirement for informed consent prior to the collection of health related information

b. A provision regarding the information that needs to be provided to individuals before information is collected from them

c. The considerations that have to be taken into account before the transfer of information to third parties such as insurance agencies, including the specific instances wherein this information can be passed on

d. The details that must be included in the Privacy policy of the healthcare service providers' Privacy Policy

e. The securing and storing of information; and

f. Providing individuals with a right to access their health records.

These provisions are in keeping with the 13 National Privacy [79]Principles that represent the minimum standards of privacy regulation with respect to the handling of personal information in the healthcare sector.These guidelines are advisory in nature and have been issued by the Privacy Commissioner in exercise of his power under Section 27(1)(e) [80]of the Privacy Act.

The Act also embodiessimilar privacy principles which include a collection limitation, a definitive use and purpose for the information collected, a specific set of circumstance and an established protocol for the disclosure of information to third parties including the nature and extent of such disclosure, maintenance accuracy ofthe data collected, requisite security measures to ensure the data collected is at all times protected, a sense of transparency,accountability and openness in the administrative functioning of thehealthcare provider and accessibility of the patient to his ownrecords for the purpose of viewing, corroboration or correction.

Additionally, the Act includes the system of identifiers which includes a number assigned by the organization to an individual to identify the purpose of that person's data for the operation of the organization. Further, the Act provides for anonymity wherein individuals have the optionnot to identify themselves while entering into transactions with an organization. The Act also provides for restrictions on the transfer of personal data outside Australia and establishes conclusive and stringent barriers to the extent of collection of personal and sensitive data.These principles although vaguely similar to those highlighted in the A.P. Shah Committee report can be usedto streamline the regulations pertaining to privacy in the healthcare sector and make them more efficient.

Key Recommendations

It is Imperative that Privacy concerns relating to the transnational flow of Private data be addressed in the most efficient way possible. This would involve international cooperation and collaboration to address privacy concerns including clear provisions and the development of coherent minimum standards pertaining to international data transfer agreements. This exchange of ideas and multilateral deliberation would result in creating more efficient methods of applying the provisions of privacy legislation even within domestic jurisdictions.

There is a universal need for the development of a foundational structure for the physical collection, use and storage of human biological specimens (in contrast to the personalinformation that may be derived from those specimens) as these are extremely important aspects of biomedical research and clinical trials. The need for Privacy Impact Assessments would also arise in the context of clinical trials, research studies and the gathering of biomedical data.

Further, there also arises the need for patients to be allowed to request for the deletion of their personal information once it has served the purpose for which it was obtained. The keeping of records for extended periods of time by hospitals and laboratories is unnecessary and can often result in the unauthorized access to and subsequent misuse of such data.

There is a definitive need to ensure the incorporation of safeguards to regulate the protection of patient’s data once accessed by third parties, such as insurance companies. In the Indian Context as well as insurance agencies often have unrestricted access to a patient's medical records however there is a definitive lack of sufficient safeguards to ensure that this information is not released to or access by unauthorized persons either within these insurance agencies or outsourced consultants

The system of identifiers which allocate specific numbers to an individual’s data which can only be accessed using that specific number or series of numbers can be incorporated into the Indian system as well and can simplify the administrative process thus increasing its efficacy. This would afford individuals the privilege of anonymity while entering into transactions with specific healthcare institutions.

An important means of responding to public concerns over potential unauthorized use ofpersonal information gathered for research, could be through the issuing of Certificates of confidentiality as issued in the United States to protectsensitive information on research participants from forced disclosure. [81]

Additionally, it is imperative that frequent discussions, deliberations, conferences and roundtables take place involving multiple stakeholders form the healthcare sector, insurance companies, patient’s rights advocacy groups and the government. This would aid in evolving a comprehensive policy that would aid in the protection of privacy in the healthcare sector in an efficient and collusive manner.

Conclusions

The Right to Privacy has been embodied in a multitude of domestic legislations pertaining to the healthcare sector. The privacy principles envisioned in the A.P Shah Committee report have also been incorporated into the everyday practices of healthcare institutions to the greatest possible extent. There are however significant gaps in the policy formulation that essentially do not account for the data once it has been collected or its subsequent transfer. There is thus an imminent need for institutional collaboration in order to redress these gaps. Recommendations for the same have been made in the report. However, for an effective framework to be laid down there is still a need for the State to play an active role in enabling the engagement between different institutions both in the private and public domain across a multitude of sectors including insurance companies, online servers that are used to harbour a data base of patient records and civil action groups that demand patient privacy while at the same time seek to access records under the Right to Information Act. The collaborative efforts of these multiple stakeholders will ensure the creation of a strong foundational framework upon which the Right to Privacy can be efficiently constructed.

[1] . Report of the group of experts on Privacy chaired by Justice A.P Shah <http://planningcommission.nic.in/reports/genrep/rep_privacy.pdf> [Accessed on 14^th May 2014]

[2] . Nissenbaum, H. (2004). Privacy as Contextual Integrity. Washington Law Review, 79(1), 101-139.

[3] . Ibid.

[4] . Thomas, J. (2009). Medical Records and Issues in Negligence, Indian Journal of Urology : IJU : Journal of the Urological Society of India, 25(3), 384-388. doi:10.4103/0970-1591.56208.

[5] . Ibid

[6] . Plaza, J., &Fischbach, R. (n.d.). Current Issues in Research Ethics : Privacy and Confidentiality. Retrieved December 5, 2011, from http://ccnmtl.columbia.edu/projects/cire/pac/foundation/index.html.

[7] . Ibid.

[8] . The Mental Health Act, 1987 <https://sadm.maharashtra.gov.in/sadm/GRs/Mental%20health%20act.pdf> [Accessed on 14^th May 2014]

[9] . The Mental Health Act, 1987, s. 13(1).

[10] .The Mental Health Act, 1987, s. 38.

[11] .The Mental Health Act, 1987, s. 40.

[12] .The Mental Health Act, 1987, s. 21(2).

[13] .The Mental Health Act, 1987, s. 13(1), Proviso.

[14] . Also see the: Pre-Conception and and Pre-Natal Diagnostic Techniques (Prohibition of Sex Selection) Rules, 1996.

[15] . Pre-Conception and Pre-Natal Diagnostic Techniques (Prohibition of Sex Selection) Act, 1994, s. 4(3).

[16] . Pre-Conception and Pre-Natal Diagnostic Techniques (Prohibition of Sex Selection) Act, 1994, s. 4(2). Pre-natal diagnostic techniques shall be conducted for the purposes of detection of: chromosomal abnormalities, genetic metabolic diseases, haemoglobinopathies, sex-linked genetic diseases, congenital anomalies any other abnormalities or diseases as may be specified by the Central Supervisory Board.

[17] .Medical Termination of Pregnancy Amendment Act, 2002, Notification on Medical Termination of Pregnancy (Amendment) Act, Medical Termination of Pregnancy Regulations, 2003 and Medical Termination of Pregnancy Rules, 2003.

[18] .Medical Termination of Pregnancy Act, 1971 (Amended in 2002), s. 2(4) and 4, and Medical Termination of Pregnancy Rules, 2003, Rule 8

[19] .Medical Termination of Pregnancy Regulations, 2003, Regulation 4(5).

[20] .Medical Termination of Pregnancy Regulations, 2003, Regulation 5.

[21] .Medical Termination of Pregnancy Regulations, 2003, Regulation 4(2).

[22] .Medical Termination of Pregnancy Regulations, 2003, Regulations 4(2) and 4(4).

[23] . Code of Ethics Regulations, 2002 available at

http://www.mciindia.org/RulesandRegulations/CodeofMedicalEthicsRegulations2002.aspx .

[24] . Code of Ethics Regulations, 2002 Chapter 2, Section 2.2.

[25] .Ethical Guidelines for Biomedical Research on Human Subjects. (2006) Indian Council of Medical Research New Delhi.

[26] . Informed Consent Process, Ethical Guidelines for Biomedical ResearchonHuman Subjects (2006). Indian Council of Medical Research New Delhi.P. 21.

[27] . Statement of Specific Principles for Human Genetics Research, Ethical Guidelines for Biomedical ResearchonHuman Subjects (2000) . Indian Council of Medical Research New Delhi.P. 62.

[28] . General Ethical Issues. Ethical Guidelines for Biomedical ResearchonHuman Subjects (2006). Indian Council of Medical Research New Delhi.P. 29.

[29] . Statement of Specific Principles for Epidemiological Studies, Ethical Guidelines for Biomedical ResearchonHuman Subjects (2000) . Indian Council of Medical Research New Delhi P. 56.

[30] . Statement of General Principles, Principle IV and Essential Information on Confidentiality for Prospective Research Participants, Ethical Guidelines for Biomedical ResearchonHuman Subjects (2006). Indian Council of Medical Research New Delhi.P. 29.

[31] . The IRDA (Third Party Administrators - Health Services) Regulations 2001, (2001), Chapter 5. Section 2.

[32] . The IRDA (Sharing Of Database for Distribution of Insurance Products) Regulations 2010.

[33] . The IRDA (Sharing Of Database For Distribution Of Insurance Products) Regulations 2010.

[34] . The IRDA (Sharing Of Database For Distribution Of Insurance Products) Regulations 2010

[35] . List of TPAs Updated as on 19th December, 2011, Insurance Regulatory and Development Authority (2011), http://www.irda.gov.in/ADMINCMS/cms/NormalData_Layout.aspx?page=PageNo646 (last visited Dec 19, 2011).

[36] . The IRDA, Guideline on Outsourcing of Activities by Insurance Companies, (2011).

[37] . The IRDA, Guideline on Outsourcing of Activities by Insurance Companies, (2011), Section 9.11. P. 8.

[38] .The Epidemic Diseases Act, 1897.

[39] .The Epidemic Diseases Act, 1897. s. 2.1.

[40] .The Epidemic Diseases Act, 1897, s. 2.2(b).

[41] . The National Policy for Persons with Disabilities, 2006, Persons with Disabilities (Equal Opportunities, Protection of Rights and Full Participation) Act, 1995, Persons with Disabilities (Equal Opportunities, Protection of Rights and Full Participation) Rules, 1996.

[42] . Research, National Policy for Persons with Disabilities, 1993.

[43] . Survey of Disabled Persons in India. (December 2003) National Sample Survey Organization. Ministry of Statistics and Programme Implementation. Government of India.

[44] .Persons With Disabilities (Equal Opportunities, Protection of Rights and Full Participation) Act. 1995, Section 35.

[45]. Research. National Policy for Persons with Disabilities, 2003.

[46]. http://www.lawyerscollective.org/files/Anti%20rights%20practices%20in%20Targetted%20Interventions.pdf

[47]. http://www.lawyerscollective.org/files/Anti%20rights%20practices%20in%20Targetted%20Interventions.pdf

[48]. Aneka, Karnataka Sexual Minorities Forum. (2011)“Chasing Numbers, Betraying People: Relooking at HIV Services in Karnataka”, p.22.

[49]. Aneka, Karnataka Sexual Minorities Forum. (2011)“Chasing Numbers, Betraying People: Relooking at HIV Services in Karnataka”, p.16.

[50]. Aneka, Karnataka Sexual Minorities Forum. (2011)“Chasing Numbers, Betraying People: Relooking at HIV Services in Karnataka”, p.16.

[51]. Aneka, Karnataka Sexual Minorities Forum. (2011)“Chasing Numbers, Betraying People: Relooking at HIV Services in Karnataka”, p.14.

[52]. http://www.hivaidsonline.in/index.php/HIV-Human-Rights/legal-issues-that-arise-in-the-hiv-context.html

[53]. Chakrapani et al, (2008) ‘HIV Testing Barriers and Facilitators among Populations at-risk in Chennai, India’, INP, p 12.

[54]. Aneka, Karnataka Sexual Minorities Forum. (2011)“Chasing Numbers, Betraying People: Relooking at HIV Services in Karnataka”, p.24.

[55] .http://www.indiankanoon.org/doc/570038/

[56] .http://www.indiankanoon.org/doc/570038/

[57] .http://www.indiankanoon.org/doc/680703/

[58] . No person accused of any offence shall be compelled to be a witness against himself’, (the 'right to silence').

[59] . http://indiankanoon.org/doc/338008/

[60] . http://www.hrdc.net/sahrdc/hrfeatures/HRF205.pdf

[61] . AIR 1992 SC 392.

[62] . 96 (2002) DLT 354.

[63] .AIR 2000 A.P 156.

[64] .http://indiankanoon.org/doc/382721/

[65] .http://indiankanoon.org/doc/859256/

[66] .See Sections 24, 37, 38 and 39 of The Prisons Act, 1894 (Central Act 9 of 1894) Rules 583 to 653 (Chapter XXXV) and Rules 1007 to 1014 (Chapter LVII) of Andhra Pradesh Prisons Rules, 1979

[67] .Section 10-A,17(4) ,19(2) Immoral Traffic (Prevention) Act 1956

[68] .http://www.indiankanoon.org/doc/1309207/

[69] . http://ec.europa.eu/justice/data-protection/document/review2012/com_2012_11_en.pdf

[70] . Article 33, Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation) < http://ec.europa.eu/justice/data-protection/document/review2012/com_2012_11_en.pdf> [Accessed on 14^th May, 2014]

[71] .Article 4 (Definition of “Data Subject’s Consent”), Article 7, Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

[72] . Article 17, “Safeguarding Privacy in a Connected World – A European Data Protection Framework for the 21st

Century” COM(2012) 9 final. Based on, Article 12(b), EU Directive 95/46/EC – The Data Protection Directive at <http://www.dataprotection.ie/docs/EU-Directive-95-46-EC-Chapter-2/93.htm> [Accessed on 14^th May, 2014]

[73] . Article 81, Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

[74] .Article 83, Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

[75] . Health Maintainence and Organization Act 1973, Notes and Brief Reports available at http://www.ssa.gov/policy/docs/ssb/v37n3/v37n3p35.pdf [Accessed on 14th May 2014].

[76] . Health Insurance Portability and Accountability Act, 1996 available at http://www.hhs.gov/ocr/privacy/hipaa/administrative/statute/hipaastatutepdf.pdf [Accessed on 14th May 2014]

[77] . Illinois Alliance for Health Innovation plan available at http://www2.illinois.gov/gov/healthcarereform/Documents/Alliance/Alliance%20011614.pdf [Accessed on 14^th May 2014]

[78] . The Privacy Act 1988 available at http://www.comlaw.gov.au/Series/C2004A03712 [Accessed on 14th May 2014]

[79] . Schedule 1, Privacy Act 1988 [Accessed on 14^th May 2014]

[80] .Section 27(e), Privacy Act 1988 [Accessed on 14^th May 2014]

[81] . Guidance on Certificates of Confidentiality, Office of Human Research Protections, U.S Department of Health and Human Services available at http://www.hhs.gov/ohrp/policy/certconf.pdf [Accessed on 14^th May, 2014].

For more details visit https://cis-india.org/internet-governance/blog/privacy-in-healthcare-policy-guide

Internet Researchers' Conference 2017 (IRC17) - Call for Sessions

sumandro — 2016-12-12T13:40:08Z

It gives us great pleasure to announce that the second Internet Researchers' Conference (IRC17) will take place in Bengaluru on March 03-05, 2017. It will be organised by the Centre for Internet and Society (CIS) in partnership with the Centre for Information Technology and Public Policy at the International Institute of Information Technology Bangalore (IIIT-B). It is a free and open conference. Sessions must be proposed by teams of two or more members on or before Friday, October 28. All submitted session proposals will go though an open review process, followed by each team that has proposed a session being invited to select ten sessions of their choice to be included in the Conference agenda. Final sessions will be chosen through these votes, and be announced on January 09, 2017.

IRC17 Call for Sessions: Download (PDF)

IRC17 Selection of Sessions: http://cis-india.org/raw/irc17-selection

Deadline for submission was Friday, October 28.

IRC17: Key Provocations

Two critical questions that emerged from the conversations at the previous edition of the Conference (IRC16) were about the digital objects of research, and the digital/internet experiences in Indic languages. As we discussed various aspects and challenges of 'studying internet in India', it was noted that we have not sufficiently explored how ongoing research methods, assumptions, and analytical frames are being challenged (if at all) by the becoming-digital of the objects of research across disciplines: from various artifacts and traces of human and machinic interactions, to archival entries and sites of ethnography, to practices and necessities of collaboration.

We found that the analyses of such digital objects of research often tend to assume either an aesthetic and functional uniqueness or sameness vis-à-vis the pre-/proto-digital objects of research, while neither of these positions are discussed in detail. Further, we tend to universalise the English-speaking user's/researcher's experience of working with such digital objects, without sufficiently considering their lives and functions in other (especially, Indic) languages.

These we take as the key provocations of the 2017 edition of IRC:

How does the becoming-digital of the research objects challenge our current research practices, concerns, and assumptions?
How do we appreciate, study, and theorise the functioning of and meaning-making by digital objects in Indic languages?
What research tools and infrastructures are needed to study, document, annotate, analyse, archive, cite, and work with (in general) digital objects, especially those in Indic languages?

Call for Sessions

We invite teams of two or more researchers and practitioners to propose sessions for IRC17. We do understand that finding team members for a session you have in mind might be difficult in certain cases. Please feel free to share initial sessions ideas on the researchers@cis-india mailing list [1]. Also, please keep an eye on the list to see what potential topics are being discussed.

All sessions will be one and half hours long, and will be fully designed and facilitated by the team concerned, including moderation (if any). The sessions are expected to drive conversations on the topic concerned. They may include presentation of research papers but this is not at all mandatory.

If you plan to organise a session structured around presentation of research papers, please note that we are exploring potential publication outlets for a collection of full-length research papers. If your session is selected for IRC17, we will notify you of guidelines to be followed for the submission and review of full-length papers prior to the conference. If you are interested in this publication possibility, please indicate that in your session proposal submission.

Sessions that involve collaborative work (either in group or otherwise), including discussions, interactions, documentation, learning, and making, are most welcome.

Further, we look forward to sessions conducted in Indic languages. The proposing team, in such a case, should consider how participants who do not understand the language can participate in it. IRC organisers and other participants will play an active role in making such engagements possible.

The only eligibility criteria for proposing sessions are that they must be proposed by a team of at least two members, and that they must engage with one (or more) of the three key provocations mentioned above. Further, the teams whose sessions are selected for IRC17 must commit to producing at least one post-conference essay/documentation on the topic of their session.

The deadline for submission of sessions proposals for IRC17 is Friday, October 28.

To propose a session, please send the following documents (as attached text files) to raw[at]cis-india[dot]org:

Title and Description of the Session: The session should be named in the form of a hashtag (check the IRC16 sessions for reference [2]). The description of the session should clearly state what the key focus of the session is, and which of the three central concerns it will address. The description should be approximately 300 words long.
Session plan: This should describe how the session will be conducted and moderated. Any specific requirements (technical, language support, etc.) of the session should also be noted here. This should not be more than 200 words long. If your session plan involves presentation of research papers, please indicate whether you would be interested in having these papers considered for academic publication.
Documentation plan: This should indicate how documentation will be done during the session, and more importantly what form the post-conference essay/documentation will take and what issue(s) it will address. This should not be more than 100 words long.
Short Abstracts (Only for Sessions with Paper Presentations): If your session involves presentation of research papers, please share a 250 words abstract for each paper.
Details of the Team: Please share brief biographic notes of each member of the session team, and contact details.

Session Selection Process

October 28: Deadline of submission of session proposals.

October 31: All submitted sessions will be posted on the CIS website, along with the names, biographic brief, and contact details of the members of the session teams.

November 01 - December 24: Open review period. All session teams, as well as other interested contributors, may review the submitted proposals and share comments directly with the session teams, or discuss the session on the researchers@cis-india list. The session teams may fully and continuously edit the proposal during this period, including adding/changing session teams.

December 25: Open review ends and voting begins. All session teams will select 10 sessions to be included in the IRC17 programme. The votes will be anonymous, that is which session team has voted for which set of sessions will not be made public.

January 05: Voting ends.

January 09: Announcement of selected sessions.

February 12: Deadline for selected session teams to submit a detailed session plan, information about which will be shared later. If a selected session involves presentation of papers, then the draft papers are to be submitted by this date (no need to submit a detailed session plan in that case).

Venue, Accommodation, and Travel

The conference will take place at the International Institute of Information Technology Bangalore (IIIT-B) during March 03-05, 2017 [3].

The conference does not have any participation fees. The organisers will cover all costs related to accommodation and hospitality during the conference. We look forward to offer a limited number of (domestic) travel fellowships for students and other deserving applicants. We will also confirm this on January 02, 2017.

About the IRC Series

The Researchers at Work (RAW) programme [4] at the Centre for Internet and Society (CIS) initiated the Internet Researchers' Conference (IRC) series to address these concerns, and to create an annual temporary space in India, for internet researchers to gather and share experiences.

The IRC series is driven by the following interests:

creating discussion spaces for researchers and practitioners studying internet in India and in other comparable regions,
foregrounding the multiplicity, hierarchies, tensions, and urgencies of the digital sites and users in India, accounting for the various layers, conceptual and material, of experiences and usages of internet and networked digital media in India, and
exploring and practicing new modes of research and documentation necessitated by new (digital) objects of power/knowledge.

The first edition of the Internet Researchers' Conference series was held in February 2016 [5]. It was hosted by the Centre for Political Studies at Jawaharlal Nehru University [6], and was supported by the CSCS Digital Innovation Fund [7]. The Conference was constituted by eleven discussion sessions (majority of which were organised around presentation of several papers), four workshop sessions (which involved group discussions, activities, and learnings), a book sprint over three sessions to develop an outline of a (re)sourcebook for internet researchers in India, and a concluding round table. The audio recordings and notes from IRC16 are now being compiled into an online Reader. A detailed reflection note on the IRC16 has already been published [8].

Endnotes

[1] See: https://lists.ghserv.net/mailman/listinfo/researchers.

[2] See: http://cis-india.org/raw/irc16.

[3] See: http://iiitb.ac.in/.

[4] See: http://cis-india.org/raw/.

[5] See: http://cis-india.org/raw/irc16.

[6] See: http://www.jnu.ac.in/SSS/CPS/.

[7] See: http://cis-india.org/raw/cscs-digital-innovation-fund.

[8] See: http://cis-india.org/raw/iirc-reflections-on-irc16.

For more details visit https://cis-india.org/raw/irc17-call

RBI Directions on Account Aggregators

Vipul Kharbanda and Elonnai Hickok — 2016-10-21T15:25:01Z

The Reserve Bank of India's (RBI) Directions for account aggregator services in India seem to lay great emphasis on data security by allowing only direct access between institutions and do away with data scraping techniques.

These days’ people have access to various financial services and manage their finances in a diverse manner while dealing with a large number of financial service providers, each providing one or more services that the user may need such as banking, credit card services, investment services, etc. This multiplicity of financial service providers could make it inconvenient for the users to keep track of their finances since all the information cannot be provided at the same place. This problem is sought to be solved by the account aggregators by providing all the financial data of the user at a single place. Account aggregation is the consolidation of online financial account information (e.g., from banks, credit card companies, etc.) for online retrieval at one site. In a typical arrangement, an intermediary (e.g., a portal) agrees with a third party service provider to provide the service to consumers, the intermediary would then generally privately label the service and offer consumers access to it at the intermediary’s website.[1] There are two major ways in which account aggregation takes place, (i) direct access: wherein the account aggregator gets direct access to the data of the user residing in the computer system of the financial service provider; and (ii) scraping: where the user provides the account aggregator the username and password for its account in the different financial service providers and the account aggregator scrapes the information off the website/portal of the different financial service providers.

Since account aggregation involves the use and exchange of financial information there could be a number of potential risks associated with it such as (i) loss of passwords; (ii) frauds; (iii) security breaches at the account aggregator, etc. It is for this reason that on the advice of the Financial Stability and Development Council,[2] the Reserve Bank of India (“RBI”) felt the need to regulate this sector and on September 2, 2016 issued the Non-Banking Financial Company - Account Aggregator (Reserve Bank) Directions, 2016 to provide a framework for the registration and operation of Account Aggregators in India (the “Directions”). The Directions provide that no company shall be allowed to undertake the business of account aggregators without being registered with the RBI as an NBFC-Account Aggregator. The Directions also specify the conditions that have to be fulfilled for consideration of an entity as an Account Aggregator such as:

the company should have a net owned fund of not less than rupees two crore, or such higher amount as the Bank may specify;
the company should have the necessary resources and wherewithal to offer account aggregator services;
the company should have adequate capital structure to undertake the business of an account aggregator;
the promoters of the company should be fit and proper individuals;
the general character of the management or proposed management of the company should not be prejudicial to the public interest;
the company should have a plan for a robust Information Technology system;
the company should not have a leverage ratio of more than seven;
the public interest should be served by the grant of certificate of registration; and
Any other condition that made be specified by the Bank from time to time.[3]

The Direction further talk about the responsibilities of the Account Aggregators and specify that the account aggregators shall have the duties such as: (a) Providing services to a customer based on the customer’s explicit consent; (b) Ensuring that the provision of services is backed by appropriate agreements/ authorisations between the Account Aggregator, the customer and the financial information providers; (c) Ensuring proper customer identification; (d) Sharing the financial information only with the customer or any other financial information user specifically authorized by the customer; (e) Having a Citizen's Charter explicitly guaranteeing protection of the rights of a customer.[4]

The Account Aggregators are also prohibited from indulging in certain activities such as: (a) Support transactions by customers; (b) Undertaking any other business other than the business of account aggregator; (c) Keeping or “residing” with itself the financial information of the customer accessed by it; (d) Using the services of a third party for undertaking its business activities; (e) Accessing user authentication credentials of customers; (f) Disclosing or parting with any information that it may come to acquire from/ on behalf of a customer without the explicit consent of the customer.[5] The fact that there is a prohibition on the information accessed from actually residing with the Account Aggregator will ensure greater security and protection of the information.

Consent Framework

The Directions specify that the function of obtaining, submitting and managing the customer’s consent should be performed strictly in accordance with the Directions and that no information shall be retrieved, shared or transferred without the explicit consent of the customer.[6] The consent is to be taken in a standardized artefact, which can also be obtained in electronic form,[7] and shall contain details as to (i) the identity of the customer and optional contact information; (ii) the nature of the financial information requested; (iii) purpose of collecting the information; (iv) the identity of the recipients of the information, if any; (v) URL or other address to which notification needs to be sent every time the consent artefact is used to access information; (vi) Consent creation date, expiry date, identity and signature/ digital signature of the Account Aggregator; and (vii) any other attribute as may be prescribed by the RBI.[8] The account aggregator is required to inform the customer of all the necessary attributes to be contained in the consent artefact as well as the customer’s right to file complaints with the relevant authorities.[9] The customers shall also be provided an option to revoke consent to obtain information that is rendered accessible by a consent artefact, including the ability to revoke consent to obtain parts of such information.[10]

Comments: While the Directions have specific provisions regarding how the financial data shall be dealt with, it is pertinent to note that the actual consent artefact also has personal information and it is not clear whether Account Aggregators are allowed disclose that information to third parties are not.

Disclosure and sharing of financial information

Financial information providers such as banks, mutual funds, etc. are allowed to share information with account aggregators only upon being presented with a valid consent artifact and also have the responsibility to verify the consent as well as the credentials of the account aggregator.[11] Once the verification is done, the financial information provider shall digitally sign the financial information and transmit the same to the Account Aggregator in a secure manner in real time, as per the terms of the consent.[12] In order to ensure smooth flow of data, the Directions also impose an obligation on financial information providers to:

implement interfaces that will allow an Account Aggregator to submit consent artefacts, and authenticate each other, and enable secure flow of financial information;
adopt means to verify the consent including digital signatures;
implement means to digitally sign the financial information; and
maintain a log of all information sharing requests and the actions performed pursuant to such requests, and submit the same to the Account Aggregator.[13]

Comments: The Directions provide that the Account Aggregator will not support any transactions by the customers and this seems to suggest that in case of any mistakes in the information the customer would have to approach the financial information provider and not the Account Aggregator.

Use of Information

The Directions provide that in cases where financial information has been provided by a financial information provider to an Account Aggregator for transferring the same to a financial information user with the explicit consent of the customer, the Account Aggregator shall transfer the same in a secure manner in accordance with the terms of the consent artefact only after verifying the identity of the financial information user.[14] Such information, as well as information which may be provided for transferring to the customer, shall not be used or disclosed by the Account Aggregator or the Financial Information user except as specified in the consent artefact.[15]

Data Security

The Directions specify that the business of an Account Aggregator will be entirely Information Technology (IT) driven and they are required to adopt required IT framework and interfaces to ensure secure data flows from the financial information providers to their own systems and onwards to the financial information users.[16] This technology should also be scalable to cover any other financial information or financial information providers as may be specified by the RBI in the future.[17] The IT systems should also have adequate safeguards to ensure they are protected against unauthorised access, alteration, destruction, disclosure or dissemination of records and data.[18] Information System Audit of the internal systems and processes should be in place and be conducted at least once in two years by CISA certified external auditors whose report is to be submitted to the RBI.[19] The Account Aggregators are prohibited from asking for or storing customer credentials (like passwords, PINs, private keys) which may be used for authenticating customers to the financial information providers and their access to customer’s information will be based only on consent-based authorisation (for scraping).[20]

Grievance Redressal

The Directions require the Account Aggregator to put in place a policy for handling/ disposal of customer grievances/ complaints, which shall be approved by its Board and also have a dedicated set-up to address customer grievances/ complaints which shall be handled and addressed in the manner prescribed in the policy.[21] The Account Aggregator also has to display the name and details of the Grievance Redressal Officer on its website as well as place of business.[22]

Supervision

The Directions require the Account Aggregators to put in place various internal checks and balances to ensure that the business of the Account Aggregator does not violate any laws or regulations such as constitution of an Audit Committee, a Nomination Committee to ensure the “fit and proper” status of its Directors, a Risk Management Committee and establishment of a robust and well documented risk management framework.[23] The Risk Management Committee is required to (a) give due consideration to factors such as reputation, customer confidence, consequential impact and legal implications, with regard to investment in controls and security measures for computer systems, networks, data centres, operations and backup facilities; and b) have oversight of technology risks and ensure that the organisation’s IT function is capable of supporting its business strategies and objectives.[24] Further the RBI also has the power to inspect any Account Aggregator at any time.[25]

Penalties

The Directions themselves do not provide for any penalties for non compliance, however since the Directions are issued under Section 45JA of the Reserve Bank of India Act, 1934 (“RBI Act”), this means that any contravention of these directions will be punishable under Section 58B of the RBI Act which provides for an imprisonment of upto 3 years as well as a fine for any contravention of such directions.

Conclusion

The Directions by the RBI provide a number of regulations and checks on Account Aggregators with the view to ensure safety of customer financial data. These Directions appear to be quite trendsetting in the sense that in most other jurisdictions such as the United States or even Europe there are no specific regulations governing Account Aggregators but their activities are mainly being governed under existing privacy or consumer protection legislations.[26]

The entire regulatory regime for Account Aggregators seems to suggest that the RBI wants Account Aggregators to be like funnels to channel information from various platforms right to the customer (or financial information user) and it does not want to take a chance with the information actually residing with the Account Aggregators. Further, by prohibiting Account Aggregators from accessing user authentication credentials, the RBI is trying to eliminate the possibility of this information being leaked or stolen. Although this may make it more onerous for Account Aggregators to provide their services, it is a great step to ensure the safety and security of customer data.

In recent months the RBI has been trying to actively engage with the various new products being introduced in the financial sector owing to various technological advancements, be it the circular informing the public about the risks of virtual currencies including Bitcoin, the consultation paper on P2P lending platforms or these current guidelines on Account Aggregators. These recent actions of the RBI seem to suggest that the RBI is well aware of various technological advancements in the financial sector and is keeping a keen eye on these technologies and products, but appears to be taking a cautious and weighted approach regarding how to deal with them.

[1] Ann S. Spiotto, Financial Account Aggregation: The Liability Perspective, Fordham Journal of Corporate & Financial Law, 2006, Volume 8, Issue 2, Article 6, available at http://ir.lawnet.fordham.edu/cgi/viewcontent.cgi?article=1181&context=jcfl

[2] https://rbi.org.in/scripts/BS_PressReleaseDisplay.aspx?prid=34345

[3] Clause 4.2.2 of the Directions.

[4] Clause 5 of the Directions.

[5] Clause 5 of the Directions.

[6] Clauses 6.1 and 6.2 of the Directions.

[7] Clause 6.4 of the Directions.

[8] Clause 6.3 of the Directions.

[9] Clause 6.5 of the Directions.

[10] Clause 6.6 of the Directions.

[11] Clauses 7.1 and 7.2 of the Directions.

[12] Clauses 7.3 and 7.4 of the Directions.

[13] Clause 7.5 of the Directions.

[14] Clause 7.6.1 of the Directions.

[15] Clause 7.6.2 of the Directions.

[16] Clause 9(a) of the Directions.

[17] Clause 9(c) of the Directions.

[18] Clause 9(d) of the Directions.

[19] Clause 9(f) of the Directions.

[20] Clause 9(b) of the Directions.

[21] Clauses 10.1 and 10.2 of the Directions.

[22] Clause 10.3 of the Directions.

[23] Clauses 12.2, 12.3 and 12.4 of the Directions.

[24] Clause 12.4 of the Directions.

[25] Clause 15 of the Directions.

[26] http://www.canadiancybersecuritylaw.com/2016/07/german-regulator-finds-banks-data-rules-impede-non-bank-competitors/

For more details visit https://cis-india.org/internet-governance/blog/rbi-directions-on-account-aggregators

Big Data in India: Benefits, Harms, and Human Rights - Workshop Report

Vidushi Marda, Akash Deep Singh and Geethanjali Jujjavarapu — 2016-11-18T12:58:19Z

The Centre for Internet and Society held a one-day workshop on “Big Data in India: Benefits, Harms and Human Rights” at India Habitat Centre, New Delhi on the 1st of October, 2016. This report is a compilation of the the issues discussed, ideas exchanged and challenges recognized during the workshop. The objective of the workshop was to discuss aspects of big data technologies in terms of harms, opportunities and human rights. The discussion was designed around an extensive study of current and potential future uses of big data for governance in India, that CIS has undertaken over the last year with support from the MacArthur Foundation.

Contents

Big Data: Definitions and Global South Perspectives

Aadhaar as Big Data

Seeding

Aadhaar and Data Security

Aadhaar’s Relational Arrangement with Big Data Scheme

The Myths surrounding Aadhaar

IndiaStack and FinTech Apps

Problems with UID

Big Data: Definitions and Global South Perspectives

“Big Data” has been defined by multiple scholars till date. The first consideration at the workshop was to discuss various definitions of big data, and also to understand what could be considered Big Data in terms of governance, especially in the absence of academic consensus. One of the most basic ways to define it, as given by the National Institute of Standards and Technology, USA, is to take it to be the data that is beyond the computational capacity of current systems. This definition has been accepted by the UIDAI of India. Another participant pointed out that Big Data is not only indicative of size, but rather the nature of data which is unstructured, and continuously flowing. The Gartner definition of Big Data relies on the three Vs i.e. Volume (size), Velocity (infinite number of ways in which data is being continuously collected) and Variety (the number of ways in which data can be collected in rows and columns).

The presentation also looked at ways in which Big Data is different from traditional data. It was pointed out that it can accommodate diverse unstructured datasets, and it is ‘relational’ i.e. it needs the presence of common field(s) across datasets which allows these fields to be conjoined. For e.g., the UID in India is being linked to many different datasets, and they don’t constitute Big Data separately, but do so together. An increasingly popular definition is to define data as “Big Data” based on what can be achieved through it. It has been described by authors as the ability to harness new kinds of insight which can inform decision making. It was pointed out that CIS does not subscribe to any particular definition, and is still in the process of coming up with a comprehensive definition of Big Data.

Further, discussion touched upon the approach to Big Data in the Global South. It was pointed out that most discussions about Big Data in the Global South are about the kind of value that it can have, the ways in which it can change our society. The Global North, on the other hand, has moved on to discussing the ethics and privacy issues associated with Big Data.

After this, the presentation focussed on case studies surrounding key Central Government initiatives and projects like Aadhaar, Predictive Policing, and Financial Technology (FinTech).

Aadhaar as Big Data

In presenting CIS’ case study on Aadhaar, it was pointed out that initially, Aadhaar, with its enrollment dataset was by itself being seen as Big Data. However, upon careful consideration in light of definitions discussed above, it can be seen as something that enables Big Data. The different e-governance projects within Digital India, along with Aadhaar, constitute Big Data. The case study discussed the Big Data implications of Aadhaar, and in particular looked at a ‘cradle to grave’ identity mapping through various e-government projects and the datafication of various transaction generated data.

Seeding

Any digital identity like Aadhaar typically has three features: 1. Identification i.e. a number or card used to identify yourself; 2. Authentication, which is based on your number or card and any other digital attributes that you might have; 3. Authorisation: As bearers of the digital identity, we can authorise the service providers to take some steps on our behalf. The case study discussed ‘seeding’ which enables the Big Data aspects of Digital India. In the process of seeding, different government databases can be seeded with the UID number using a platform called Ginger. Due to this, other databases can be connected to UIDAI, and through it, data from other databases can be queried by using your Aadhaar identity itself. This is an example of relationality, where fractured data is being brought together. At the moment, it is not clear whether this access by UIDAI means that an actual physical copy of such data from various sources will be transferred to UIDAI’s servers or if they will just access it through internet, but the data remains on the host government agency’s server. An example of even private parties becoming a part of this infrastructure was raised by a participant when it was pointed out that Reliance Jio is now asking for fingerprints. This can then be connected to the relational infrastructure being created by UIDAI. The discussion then focused on how such a structure will function, where it was mentioned that as of now, it cannot be said with certainty that UIDAI will be the agency managing this relational infrastructure in the long run, even though it is the one building it.

Aadhaar and Data Security

This case study also dealt with the sheer lack of data protection legislation in India except for S.43A of the IT Act. The section does not provide adequate protection as the constitutionality of the rules and regulations under S.43A is ambivalent. More importantly, it only refers to private bodies. Hence, any seeding which is being done by the government is outside the scope of data protection legislation. Thus, at the moment, no legal framework covers the processes and the structures being used for datasets. Due to the inapplicability of S.43A to public bodies, questions were raised as to the existence of a comprehensive data protection policy for government institutions. Participants answered the question in the negative. They pointed out that if any government department starts collecting data, they develop their own privacy policy. There are no set guidelines for such policies and they do not address concerns related to consent, data minimisation and purpose limitation at all. Questions were also raised about the access and control over Big Data with government institutions. A tentative answer from a participant was that such data will remain under the control of the domain specific government ministry or department, for e.g. MNREGA data with the Ministry of Rural Development, because the focus is not on data centralisation but rather on data linking. As long as such fractured data is linked and there is an agency that is responsible to link them, this data can be brought together. Such data is primarily for government agencies. But the government is opening up certain aspects of the data present with it for public consumption for research and entrepreneurial purposes.The UIDAI provides you access to your own data after paying a minimal fee. The procedure for such access is still developing.

Aadhaar’s Relational Arrangement with Big Data Scheme

The various Digital India schemes brought in by the government were elucidated during the workshop. It was pointed out that these schemes extend to myriad aspects of a citizen’s daily life and cover all the essential public services like health, education etc. This makes Aadhaar imperative even though the Supreme Court has observed that it is not mandatory for every citizen to have a unique identity number. The benefits of such identity mapping and the ecosystem being generated by it was also enumerated during the discourse. But the complete absence of any data ethics or data confidentiality principles make us unaware of the costs at which these benefits are being conferred on us. Apart from surveillance concerns, the knowledge gap being created between the citizens and the government was also flagged. Three main benefits touted to be provided by Aadhaar were then analysed. The first is the efficient delivery of services. This appears to be an overblown claim as the Aadhaar specific digitisation and automation does not affect the way in which employment will be provided to citizens through MNREGA or how wage payment delays will be overcome. These are administrative problems that Aadhaar and associated technologies cannot solve. The second is convenience to the citizens. The fallacies in this assertion were also brought out and identified. Before the Aadhaar scheme was rolled in, ration cards were issued based on certain exclusion and inclusion criteria.. The exclusion and inclusion criteria remain the same while another hurdle in the form of Aadhaar has been created. As India is still lacking in supporting infrastructure such as electricity, server connectivity among other things, Aadhaar is acting as a barrier rather than making it convenient for citizens to enroll in such schemes.The third benefit is fraud management. Here, a participant pointed out that this benefit was due to digitisation in the form of GPS chips in food delivery trucks and electronic payment and not the relational nature of Aadhaar. Aadhaar is only concerned with the linking up or relational part. About deduplication, it was pointed out how various government agencies have tackled it quite successfully by using technology different from biometrics which is unreliable at the best of times.

The Myths surrounding Aadhaar

The discussion also reflected on the fact that Aadhaar is often considered to be a panacea that subsumes all kinds of technologies to tackle leakages. However, this does not take into account the fact that leakages happen in many ways. A system should have been built to tackle those specific kinds of leakages, but the focus is solely on Aadhaar as the cure for all. Notably, participants who have been a part of the government pointed out how this myth is misleading and should instead be seen as the first step towards a more digitally enhanced country which is combining different technologies through one medium.

IndiaStack and FinTech Apps

What is India Stack?

The focus then shifted to another extremely important Big Data project, India Stack, being conceptualised and developed by a team of private developers called iStack, for the NPCI. It builds on the UID project, Jan Dhan Yojana and mobile services trinity to propagate and develop a cashless, presence-less, paperless and granular consent layer based on UID infrastructure to digitise India.

A participant pointed out that the idea of India Stack is to use UID as a platform and keep stacking things on it, such that more and more applications are developed. This in turn will help us to move from being a ‘data poor’ country to a ‘data rich’ one. The economic benefits of this data though as evidenced from the TAGUP report - a report about the creation of National Information Utilities to manage the data that is present with the government - is for the corporations and not the common man. The TAGUP report openly talks about privatisation of data.

Problems with India Stack

The granular consent layer of India Stack hasn’t been developed yet but they have proposed to base it on MIT Media Lab’s OpenPDS system. The idea being that, on the basis of the choices made by the concerned person, access to a person’s personal information may be granted to an agency like a bank. What is more revolutionary is that India Stack might even revoke this access if the concerned person expresses a wish to do so or the surrounding circumstances signal to India Stack that it will be prudent to do so. It should be pointed out that the the technology required for OpenPDS is extremely complex and is not available in India. Moreover, it’s not clear how this system would work. Apart from this, even the paperless layer has its faults and has been criticised by many since its inception, because an actual government signed and stamped paper has been the basis of a claim.. In the paperless system, you are provided a Digilocker in which all your papers are stored electronically, on the basis of your UID number. However, it was brought to light that this doesn’t take into account those who either do not want a Digilocker or UID number or cases where they do not have access to their digital records. How in such cases will people make claims?

A Digital Post-Dated Cheque: It’s Ramifications

A key change that FinTech apps and the surrounding ecosystem want to make is to create a digital post-dated cheque so as to allow individuals to get loans from their mobiles especially in remote areas. This will potentially cut out the need to construct new banks, thus reducing the capital expenditure , while at the same time allowing the credit services to grow. The direct transfer of money between UID numbers without the involvement of banks is a step to further help this ecosystem grow. Once an individual consents to such a system, however, automatic transfer of money from one’s bank accounts will be affected, regardless of the reason for payment. This is different from auto debt deductions done by banks presently, as in the present system banks have other forms of collateral as well. The automatic deduction now is only affected if these other forms are defaulted upon. There is no knowledge as to whether this consent will be reversible or irreversible. As Jan Dhan Yojana accounts are zero balance accounts, the account holder will be bled dry. The implication of schemes such as “Loan in under 8 minutes” were also discussed. The advantage of such schemes is that transaction costs are reduced.The financial institution can thus grant loans for the minimum amount without any additional enquiries. It was pointed out that this new system is based on living on future income much like the US housing bubble crash. Interestingly, in Public Distribution Systems, biometrics are insisted upon even though it disrupts the system. This can be seen as a part of the larger infrastructure to ensure that digital post-dated cheques become a success.

The Role of FinTech Apps

FinTech ‘apps’ are being presented with the aim of propagating financial inclusion. The Technology Advisory Group for Unique Projects report stated that as managing such information sources is a big task, just like electricity utilities, a National Information Utilities (NIU) should be set up for data sources. These NIUs as per the report will follow a fee based model where they will be charging for their services for government schemes. The report identified two key NIUs namely the National Payments Corporation of India (NPCI) and the Goods and Services Tax Network (GSTN). The key usage that FinTech applications will serve is credit scoring. The traditional credit scoring data sources only comprised a thin file of records for an individual, but the data that FinTech apps collect - a person’s UID number, mobile number. and bank account number all linked up, allow for a far more comprehensive credit rating. Government departments are willing to share this data with FinTech apps as they are getting analysis in return. Thus, by using UID and the varied data sources that have been linked together by UID, a ‘thick file’ is now being created by FinTech apps. Banking apps have not yet gone down the route of FinTech apps to utilise Big Data for credit scoring purposes.

The two main problems with such apps is that there is no uniform way of credit scoring. This distorts the rate at which a person has to pay interest. The consent layer adds another layer of complication as refusal to share mobile data with a FinTech app may lead to the app declaring one to be a risky investment thus, subjecting that individual to a higher rate of interest .

Regulation of FinTech Apps and the UID Infrastructure

India Stack and the applications that are being built on it, generate a lot of transaction metadata that is very intimate in nature. The privacy aspects of the UID legislation doesn't cover such data. The granular consent layer which has been touted to cover this still has to come into existence. Also, Big Data is based on sharing and linking of data. Here, privacy concerns and Big Data objectives clash. Big Data by its very nature challenges privacy principles like data minimisation and purpose limitation.The need for regulation to cover the various new apps and infrastructure which are being developed was pointed out.

Problems with UID

It has been observed that any problem present with Aadhaar is usually labelled as a teething problem, it’s claimed that it will be solved in the next 10 years. But, this begs the question - why is the system online right now?

Aadhaar is essentially a new data condition and a new exclusion or inclusion criteria. Data exclusion modalities as observed in Rajasthan after the introduction of biometric Point of Service (POS) machines at ration shops was found to be 45% of the population availing PDS services. This number also includes those who were excluded from the database by being included in the wrong dataset. There is no information present to tell us how many actual duplicates and how many genuine ration card holders were weeded out/excluded by POS.

It was also mentioned that any attempt to question Aadhaar is considered to be an attempt to go back to the manual system and this binary thinking needs to change. Big Data has the potential to benefit people, as has been evidenced by the scholarship and pension portals. However, Big Data’s problems arise in systems like PDS, where there is centralised exclusion at the level of the cloud. Moreover, the quantity problem present in the PDS and MNREGA systems persists. There is still the possibility of getting lesser grains and salary even with analysis of biometrics, hence proving that there are better technologies to tackle these problems. Presently, the accountability mechanisms are being weakened as the poor don’t know where to go to for redressal. Moreover, the mechanisms to check whether the people excluded are duplicates or not is not there. At the time of UID enrollment, out of 90 crores, 9 crore were rejected. There was no feedback or follow-up mechanism to figure out why are people being rejected. It was just assumed that they might have been duplicates.

Another problem is the rolling out of software without checking for inefficiencies or problems at a beta testing phase. The control of developers over this software, is so massive that it can be changed so easily without any accountability.. The decision making components of the software are all proprietary like in the the de-duplication algorithm being used by the UIDAI. Thus, this leads to a loss of accountability because the system itself is in flux, none of it is present in public domain and there are no means to analyse it in a transparent fashion..

These schemes are also being pushed through due to database politics. On a field study of NPR of citizens, another Big Data scheme, it was found that you are assumed to be an alien if you did not have the documents to prove that you are a citizen. Hence, unless you fulfill certain conditions of a database, you are excluded and are not eligible for the benefits that being on the database afford you.

Why is the private sector pushing for UIDAI and the surrounding ecosystem?

Financial institutions stand to gain from encouraging the UID as it encourages the credit culture and reduces transaction costs.. Another advantage for the private sector is perhaps the more obvious one, that is allows for efficient marketing of products and services..

The above mentioned fears and challenges were actually observed on the ground and the same was shown through the medium of a case study in West Bengal on the smart meters being installed there by the state electricity utility. While the data coming in from these smart meters is being used to ensure that a more efficient system is developed,it is also being used as a surrogate for income mapping on the basis of electricity bills being paid. This helps companies profile neighbourhoods. The technical officer who first receives that data has complete control over it and he can easily misuse the data. This case study again shows that instruments like Aadhaar and India Stack are limited in their application and aren’t the panacea that they are portrayed to be.

A participant pointed out that in the light of the above discussions, the aim appears to be to get all kinds of data, through any source, and once you have gotten the UID, you link all of this data to the UID number, and then use it in all the corporate schemes that are being started. Most of the problems associated with Big Data are being described as teething problems. The India Stack and FinTech scheme is coming in when we already know about the problems being faced by UID. The same problems will be faced by India Stack as well.

Can you opt out of the Aadhaar system and the surrounding ecosystem?

The discussion then turned towards whether there can be voluntary opting out from Aadhaar. It was pointed out that the government has stated that you cannot opt out of Aadhaar. Further, the privacy principles in the UIDAI bill are ambiguously worded where individuals only have recourse for basic things like correction of your personal information. The enforcement mechanism present in the UIDAI Act is also severely deficient. There is no notification procedure if a data breach occurs. . The appellate body ‘Cyber Appellate Tribunal’ has not been set up in three years.

CCTNS: Big Data and its Predictive Uses

What is Predictive Policing?

The next big Big Data case study was on the Crime and Criminal Tracking Network & Systems (CCTNS). Originally it was supposed to be a digitisation and interconnection scheme where police records would be digitised and police stations across the length and breadth of the country would be interconnected. But, in the last few years some police departments of states like Chandigarh, Delhi and Jharkhand have mooted the idea of moving on to predictive policing techniques. It envisages the use of existing statistical and actuarial techniques along with many other tropes of data to do so. It works in four ways: 1. By predicting the place and time where crimes might occur; 2. To predict potential future offenders; 3. To create profiles of past crimes in order to predict future crimes; 4. Predicting groups of individuals who are likely to be victims of future crimes.

How is Predictive Policing done?

To achieve this, the following process is followed: 1. Data collection from various sources which includes structured data like FIRs and unstructured data like call detail records, neighbourhood data, crime seasonal patterns etc. 2. Analysis by using theories like the near repeat theory, regression models on the basis of risk factors etc. 3. Intervention

Flaws in Predictive Policing and questions of bias

An obvious weak point in the system is that if the initial data going into the system is wrong or biased, the analysis will also be wrong. Efforts are being made to detect such biases. An important way to do so will be by building data collection practices into the system that protect its accuracy. The historical data being entered into the system is carrying on the prejudices inherited from the British Raj and biases based on religion, caste, socio-economic background etc.

One participant brought about the issue of data digitization in police stations, and the impact of this haphazard, unreliable data on a Big Data system. This coupled with paucity of data is bound to lead to arbitrary results. An effective example was that of black neighbourhoods in the USA. These are considered problematic and thus they are policed more, leading to a higher crime rate as they are arrested for doing things that white people in an affluent neighbourhood get away with. This in turn further perpetuates the crime rate and it becomes a self-fulfilling prophecy. In India, such a phenomenon might easily develop in the case of migrants, de-notified tribes, Muslims etc. A counter-view on bias and discrimination was offered here. One participant pointed out that problems with haphazard or poor quality of data is not a colossal issue as private companies are willing to fill this void and are actually doing so in exchange for access to this raw data. It was also pointed out how bias by itself is being used as an all encompassing term. There are multiplicities of biases and while analysing the data, care should be taken to keep it in mind that one person’s bias and analysis might and usually does differ from another. Even after a computer has analysed the data, the data still falls into human hands for implementation.

The issue of such databases being used to target particular communities on the basis of religion, race, caste, ethnicity among other parameters was raised. Questions about control and analysis of data were also discussed, i.e. whether it will be top-down with data analysis being done in state capitals or will this analysis be done at village and thana levels as well too. It was discussed as topointed out how this could play a major role in the success and possible persecutory treatment of citizens, as the policemen at both these levels will have different perceptions of what the data is saying. . It was further pointed out, that at the moment, there’s no clarity on the mode of implementation of Big Data policing systems. Police in the USA have been seen to rely on Big Data so much that they have been seen to become ‘data myopic’. For those who are on the bad side of Big Data, in the Indian context, laws like preventive detention can be heavily misused.There’s a very high chance that predictive policing due to the inherent biases in the system and the prejudices and inefficiency of the legal system will further suppress the already targeted sections of the society. A counterpoint was raised and it was suggested that contrary to our fears, CCTNS might lead to changes in our understanding and help us to overcome longstanding biases.

Open Knowledge Architecture as a solution to Big Data biases?

The conference then mulled over the use of ‘Open Knowledge’ architecture to see whether it can provide the solution to rid Big Data of its biases and inaccuracies if enough eyes are there. It was pointed out that Open Knowledge itself can’t provide foolproof protection against these biases as the people who make up the eyes themselves are predominantly male belonging to the affluent sections of the society and they themselves suffer from these biases.

Who exactly is Big Data supposed to serve?

The discussion also looked at questions such as who is this data for? Janata Information System (JIS), is a concept developed by MKSS where the data collected and generated by the government is taken to be for the common citizens. For e.g. MNREGA data should be used to serve the purposes of the labourers. The raw data as is available at the moment, usually cannot be used by the common man as it is so vast and full of information that is not useful for them at all. It was pointed out that while using Big Data for policy planning purposes, the actual string of information that turned out to be needed was very little but the task of unravelling this data for civil society purposes is humongous. By presenting the data in the right manner, the individual can be empowered. The importance of data presentation was also flagged. It was agreed upon that the content of the data should be for the labourer and not a MNC, as the MNC has the capability to utilise the raw data on it’s own regardless.

Concerns about Big Data usage

Participants pointed out that privacy concerns are usually brushed under the table due to a belief that the law is sufficient or that the privacy battle has already been lost.
In the absence of knowledge of domain and context, Big Data analysis is quite limited. Big Data’s accuracy and potential to solve problems needs to be factually backed.
The narrative of Big Data often rests on the assumption that descriptive statistics take over inferential statistics, thus eliminating the need for domain specific knowledge. It is claimed that the data is so big that it will describe everything that we need to know.
Big Data is creating a shift from a deductive model of scientific rigour to an inductive one. In response to this, a participant offered the idea that troves of good data allow us to make informed questions on the basis of which the deductive model will be formed. A hybrid approach combining both deductive and inductive might serve us best.
The need to collect the right data in the correct format, in the right place was also expressed.

Potential Research Questions & Participants’ Areas of Research

Following this discussion, participants brainstormed to come up with potential areas of research and research questions. They have been captured below:

Big Data, Aadhaar and India Stack:

Has Aadhaar been able to tackle illegal ways of claiming services or are local negotiations and other methods still prevalent?
Is the consent layer of India Stack being developed in a way that provides an opportunity to the UID user to give informed consent? The OpenPDS and its counterpart in the EU i.e. the My Data Structure were designed for countries with strong privacy laws. Importantly, they were meant for information shared on social media and not for an individual’s health or credit history. India is using it in a completely different sphere without strong data protection laws. What were the granular consent layer structures present in the West designed for and what were they supposed to protect?
The question of ownership of data needs to be studied especially in context of a globalised world where MNCs are collecting copious amounts of data of Indian citizens. What is the interaction of private parties in this regard?

Big Data and Predictive Policing:

How are inequalities being created through the Big Data systems? Lessons should be taken from the Western experience with the advent of predictive policing and other big data techniques - they tend to lead to perpetuation of the current biases which are already ingrained in the system.
It was also pointed out how while studying these topics and anything related to technology generally, we become aware of a divide that is present between the computational sciences and social sciences. This divide needs to be erased if Big Data or any kind of data is to be used efficiently. There should be a cross-pollination between different groups of academics. An example of this can be seen to be the ‘computational social sciences departments’ that have been coming up in the last 3-4 years.
Why are so many interim promises made by Big Data failing? A study of this phenomenon needs to be done from a social science perspective. This will allow one to look at it from a different angle.

Studying Big Data:

What is the historical context of the terms of reference being used for Big Data? The current Big Data debate in India is based on parameters set by the West. For better understanding of Big Data, it was suggested that P.C. Mahalanobis’ experience while conducting the Indian census, (which was the Big Data of that time) can be looked at to get a historical perspective on Big Data. This comparison might allow us to discover questions that are important in the Indian context. It was also suggested that rather than using ‘Big Data’ as a catchphrase to describe these new technological innovations, we need to be more discerning.
What are the ideological aspects that must be considered while studying Big Data? What does the dialectical promise of technology mean? It was contended that every time there is a shift in technology, the zeitgeist of that period is extremely excited and there are claims that it will solve everything. There’s a need to study this dialectical promise and the social promise surrounding it.
Apart from the legitimate fears that Big Data might lead to exclusion, what are the possibilities in which it improve inclusion too?
The diminishing barrier between the public and private self, which is a tangent to the larger public-private debate was mentioned.
How does one distinguish between technology failure and process failure while studying Big Data?

Big Data: A Friend?

In the concluding session, the fact that the Big Data moment cannot be wished away was acknowledged. The use of analytics and predictive modelling by the private sector is now commonplace and India has made a move towards a database state through UID and Digital India. The need for a nuanced debate, that does away with the false equivalence of being either a Big Data enthusiast or a luddite is crucial.

A participant offered two approaches to solving a Big Data problem. The first was the Big Data due process framework which states that if a decision has been taken that impacts the rights of a citizen, it needs to be cross examined. The efficacy and practicality of such an approach is still not clear. The second, slightly paternalistic in nature, was the approach where Big Data problems would be solved at the data science level itself. This is much like the affirmative algorithmic approach which says that if in a particular dataset, the data for the minority community is not available then it should be artificially introduced in the dataset. It was also suggested that carefully calibrated free market competition can be used to regulate Big Data. For e.g. a private personal wallet company that charges higher, but does not share your data at all can be an example of such competition.

Another important observation was the need to understand Big Data in a Global South context and account for unique challenges that arise. While the convenience of Big Data is promising, its actual manifestation depends on externalities like connectivity, accurate and adequate data etc that must be studied in the Global South.

While the promises of Big Data are encouraging, it is also important to examine its impacts and its interaction with people's rights. Regulatory solutions to mitigate the harms of big data while also reaping its benefits need to evolve.

For more details visit https://cis-india.org/internet-governance/big-data-in-india-benefits-harms-and-human-rights-a-report

Internet Researchers' Conference 2017 (IRC17) - Selection of Sessions

sumandro — 2016-12-12T13:37:23Z

We have a wonderful range of session proposals for the second Internet Researchers' Conference (IRC17) to take place in Bengaluru on March 03-05, 2017. From the 23 submitted session proposals, we will now select 10 to be part of the final Conference agenda. The selection will be done through votes casted by the teams that have proposed the sessions. This will take place in December 2016. Before that, we invite the session teams and other contributors to share their comments and suggestions on the submitted sessions. Please share your comments by December 14, either on session pages directly, or via email (sent to raw at cis-india dot org).

The Internet Researchers' Conference 2017 (IRC17) will be organised by the Centre for Internet and Society (CIS) in partnership with the Centre for Information Technology and Public Policy at the International Institute of Information Technology Bangalore (IIIT-B).

Proposed Sessions

01. #NotFewNotWeird (Surfatial: Malavika Rajnarayan, Prayas Abhinav, and Satya Gummuluri)

02. #VirtualFringe (Ritika Pant, Sagorika Singha, and Vibhushan Subba)

03. #StudentIndicUsageOnline (Shruti Nagpal and Sneha Verghese)

04. #SpeakMyLanguageInternet (Anubhuti Yadav, Sunetra Sen Narayan, Shalini Narayanan, Anand Pradhan, and Shashwati Goswami)

05. #ArchivesForStorytelling (V Jayant, Venkat Srinivasan, Chaluvaraju, Bhanu Prakash, and Dinesh)

06. #SelfiesFromTheField (Kavitha Narayanan, Oindrila Matilal and Onkar Hoysala)

07. #OpenAccessScholarlyPublishing (Nirmala Menon, Abhishek Shrivastava and Dibyaduti Roy)

08. #DigitalPedagogies (Nidhi Kalra, Ashutosh Potdar, and Ravikant Kisana)

09. #DigitalMusicAndDigitalReactions (Shivangi Narayan and Sarvpriya Raj)

10. #RenarrationWeb (Dinesh, Venkatesh Choppella, Srinath Srinivasa, and Deepak Prince)

11. IndicLanguagesAndInternetCoHabitation (Sreedhar Kallahalla, Ranjeet Kumar, Mohan Rao, and Anjali K. Mohan)

12. #DigitalPedagogy (Padmini Ray Murray and Dibyaduti Roy)

13. #CopyLeftRightLeft (Ravishankar Ayyakkannu and Srikanth Lakshmanan)

14. #ObjectsofDigitalGovernance (Marine Al Dahdah, Rajiv K. Mishra, Khetrimayum Monish Singh, and Sohan Prasad Sha)

15. #MaterializingWriting (Sneha Puthiya Purayil, Padmini Ray Murray, Dibyadyuti Roy, and Indrani Roy)

16. #DotBharatAdoption (V. Sridhar and Amit Prakash)

17. #DigitalDesires (Dhiren Borisa, Akhil Kang, and Dhrubo Jyoti)

18. #TheDigitalCommonplace (Ammel Sharon and Sujeet George)

19. #DigitalIdentities (Janaki Srinivasan, Savita Bailur, Emrys Schoemaker, Jonathan Donner, and Sarita Seshagiri)

20. #ToolsToAMultitextUniverse (Spandana Bhowmik and Sunanda Bose)

21. #DigitalisingKnowledge (Sneha Ragavan)

22. #ICTDEthics (Bidisha Chaudhuri, Andy Dearden, Linus Kendall, Dorothea Kleine, and Janaki Srinivasan)

23. #RepresentationAndPower (Bidisha Chaudhuri, Andy Dearden, Linus Kendall, Dorothea Kleine, and Janaki Srinivasan)

For more details visit https://cis-india.org/raw/irc17-selection

CIS Statement on Right to Privacy Judgment

amber — 2017-08-31T18:13:14Z

In an emphatic endorsement of the right to privacy, a nine judge constitutional bench unanimously upheld a fundamental right to privacy. The events leading to this bench began during the hearings in the ongoing Aadhaar case, when in August 2015, Mukul Rohatgi, the then Attorney General stated that there is no constitutionally guaranteed right to privacy.

reliance was on two Supreme Court judgments in MP Sharma v Satish Chandra (1954) and Kharak Singh v State of Uttar Pradesh (1962): both cases, decided by eight- and six-judge benches respectively, denied the existence of a constitutional right to privacy. As the subsequent judgments which upheld the right to privacy were by smaller benches, he claimed that MP Sharma and Kharak Singh still prevailed over them, until they were overruled by a larger bench. This landmark judgment was in response to a referral order to clear the confusion over the status of privacy as a right.

We, at the Centre for Internet and Society (CIS) welcome this judgement and applaud the depth and scope of the Supreme Court’s reasoning. CIS has been producing research on the different aspects of the right to privacy and its implications for the last seven years and had the privilege of serving on the Justice AP Shah Committee and contributing to the Report of the Group of Experts on Privacy.[1] We are honoured that some of our research has also been cited by the judgment.[2] Such judicial recognition is evidence of the impact sound research can have on policymaking.

In the course of a 547 page judgment, the bench affirmed the fundamental nature of the right to privacy reading it into the values of dignity and liberty. The judgment is instructive in its reference to scholarly works and jurisprudence not only in India but other legal systems such as USA, South Africa, EU and UK, while recognising a broad right to privacy with various dimensions across spatial, informational and decisional spheres. We note with special appreciation that women’s bodily integrity and citizens’ sexual orientation are among those aspects of privacy that were clearly recognised in the judgment. For researchers studying privacy and its importance, this judgment is of great value as it provides clear reasoning to reject oft-quoted arguments which are used to deny privacy’s significance. The judgement is also cognizant of the implications of the digital age and emphasise the need for a robust data protection framework.

The right to privacy has been read into into Article 21 (Right to life and liberty), and Part III (Chapter on Fundamental Rights) of the Constitution. This means that any limitation on the right in the form of reasonable restrictions must not only satisfy the tests evolved under Article 21, but where loss of privacy leads to infringement on other rights, such as chilling effects of surveillance on free speech, the tests for constitutionality under those provisions for also be satisfied by the limiting action. This provides a broad protection to citizens’ privacy which may not be easily restricted. We expect that this judgment will have far reaching impacts, not just with respect to the immediate Aadhaar case, but also to in a score of other matters such as protection of sexual choice by decriminalising Section 377 of the Indian Penal Code, oversight of statutory search and seizure provisions such as Section 132 of the Income Tax Act, personal data collection and processing practices by both state and private actors and mass surveillance programmes in the interest of national security.

As this judgment comes in response to a referral order, the judges were not dealing with any questions of fact to ground the legal principles in. Subsequent judgments which deal with privacy will apply these principles and further evolve the contours of this right on a case-by-case basis. For now, we welcome this judgment and look forward to its consistent application in the future.

[1]. http://planningcommission.nic.in/reports/genrep/rep_privacy.pdf

[2]. CIS was quoted in the judgement on footnote 46, page 33 and 34: http://supremecourtofindia.nic.in/pdf/LU/ALL%20WP(C)%20No.494%20of%202012%20Right%20to%20Privacy.pdf The quote is " Illustratively, the Centre for Internet and Society has two interesting articles tracing the origin of privacy within Classical Hindu Law and Islamic Law. See Ashna Ashesh and Bhairav Acharya ,“Locating Constructs of Privacy within Classical Hindu Law”, The Centre for Internet and Society, available at https://cis-india.org/internet-governance/blog/loading-constructs-of-privacy-within-classical-hindu-law. See also Vidushi Marda and Bhairav Acharya, “Identifying Aspects of Privacy in Islamic Law”, The Centre for Internet and Society, available at https://cis-india.org/internet-governance/blog/identifying-aspects-of-privacy-in-islamic-law " Further, research commissioned by CIS cited in the judgment includes a reference in page 201 footnote 319, "Bhairav Acharya, “The Four Parts of Privacy in India”, Economic & Political Weekly (2015), Vol. 50 Issue 22, at page 32."

For more details visit https://cis-india.org/internet-governance/blog/cis-statement-on-right-to-privacy-judgment

Digital Natives Video Contest

praskrishna — 2015-05-08T12:35:27Z

The Everyday Digital Native Video Contest has its top five winners through public voting.

A Day in the Life of a Digital Native: Story scripted, shot and edited by Leandra (Cole) Flor. The video is an extension of Cole's photo essay "Mirror Exercises" conceptualized for 'Digital AlterNatives with a Cause' Book 1 To Be. Download the book.

Top 5 winners of the Digital Native video contest selected through public votes. From left to right: Marie Jude Bendiola, T.J. KM, Thomas Burks, John Musila and MJ.

The Jury Prize for Two Best Videos goes to John Musila (Kenya) and Marie Jude Bendiola (Singapore)! Congratulations to all winners. The Top 5 winners win the grand prize of EUR 500 each!

Our Top 10 contestants: Click on their profile to watch their videos

	Marie Jude Bendiola I come from a third world country where technology seemed to be hard to reach back in the 90s; especially by the not-so-privileged. As we progressed, technology has not only become ubiquitous (in malls, various institutions and technological hubs) but also, it has come to be used by the common man. My video will answer how technology bridges the gap between dreams and reality. It will be a fusion of documentary and re-enactment of real life events and dramas. Read More
	Cijo Abraham Mani The power of digital media will be presented to audience with the help of showing tweet-a-thon panel discussions, blood aid tweets getting spread, etc. Read More
	TJ K.M. My video explores the spiritual aspect of digital technology and how rather than getting in the way of our spiritual expression, it is actually bringing us face to face with it, if only we choose to look. The video will be a mixture of live action and stop motion animation/puppetry where digital devices take on a transcendent character similar to nature spirits in various cultures. I plan to investigate the tendency to exclude digital devices and technology from being categorized alongside nature as if it is somehow exempt from or superior to this category. Using symbolism and motifs from various cultures such as the Native American Hopi, Balinese Hinduism and Japanese Shintoism, my video will create a world where the technology we use daily is viewed not just as a means for socio-cultural exchange and communication but is available for the nurturing of our souls if we so choose. Read More
	Thomas Burks We have a small production company in Birmingham, Alabama. I was hired on a year ago to do film and commercials for them as they expand into advertising and video coverage of events. We only have about 3 employees including myself, working out of our homes. We recently acquired a space to open a studio and retail location downtown where we live. We use Facebook, blogs, and viral marketing all the time to get our name out there. Our account executive is constantly monitoring our Facebook for client orders and bookings. We are beginning to use twitter to provide information more fluidly to people. We believe this might be a year of growth for our small company, as we are becoming able to provide much higher quality content. We're fully digital; constantly updating our websites and blogs, and I believe we would be able to tell a great digital story. We submit numerous small films and skits; we cover awesome concerts, and rely so heavily on the digital world to show our content. That will be the gist of our video. Read More
	John Musila Map Kibera Trust is an organization based in Kenya’s Kibera slums. Using digital gadgets and technology, they have transformed the community by placing it on the map as it was only seen as forest when viewed on a map. They also film stories around the community and share them with the world on their YouTube channel and other social networks like Facebook and Twitter. Through this they have been able to highlight and raise awareness about the challenges the community faces. Our video would show Kibera’s role in bringing about change. Read More
	Andrés Felipe Arias Palma I think many people are digital natives unknowingly. Being a digital native is a relationship with activism and society, not as they initially thought. It was a condition of being born in specific times and external factors. In the video, I will interview people about who and what is a digital native? How to use the Internet? What are the advantages and disadvantages for society where everything is run with the power of the Internet? Read More
	Martin Potter Over a period of nearly four years, moving across small towns in Australia and South East Asia, I have seen the most extraordinary innovations at a local community level. My video will focus on these local stories with global impact. I am pursuing a PhD in participatory media and this will lend a uniquely academic perspective on the concept of collaboration, community life and innovation. Read More
	E. James Rajasekaran I live in the temple town of Madurai in the south Indian state of Tamil Nadu. I am a social worker and the plight of people living in slims is something that my NGO is closely associated with. My video will bring out the efforts of the people who live in the slums of Madurai. Read More
	Anand Jha Bangalore is home to a lot of technology start-ups. A lot of geeks, who find it limiting to work for corporations, are driving a very open source-oriented, frugally-built and extremely demanding culture. While their products are standing at the bleeding edge of technology, their personal lives too are constantly driven on the edge, every launch being a make or break day for them. The project would aim at capturing their stories, their frustration and motivation, looking at the possibilities of Indian software scene moving beyond the services and back-end office culture into a more risk prone but more passionate business of technology. Read More
	MJ As a digital native living in a developing country, I have carried out a series of both online and offline projects, which have always striven to benefit Zimbabweans in a number of ways since 2000. These projects have greatly increased my interactions with computers. I might say, I got married to a computer in 2000 when I bought my first PC; in a way, my relationship with my computer is intimate. Even though this computer I bought is an old 386 machine made obsolete by the faster Pentium III models, this did not change my love for the computer. My video will focus on a dream-like moment of my digital life. Read more

Jury Members

Shashwati Talukdar Shashwati Talukdar grew up in India where her engagement with theatre and sculpture led to filmmaking, and a Masters degree from the AJ Kidwai Mass Communication Research Center in Jamia Millia Islamia, New Delhi. She developed an interest in American Avant-Garde film and eventually got an MFA in Film and Media Arts from Temple University, Philadelphia (1999). Her work covers a wide range of forms, including documentary, narrative and experimental. Her work has shown at venues including the Margaret Mead Festival, Berlin, Institute of Contemporary Art in Philadelphia, Kiasma Museum of Art and the Whitney Biennial. She has been supported by entities including the Asian Cine Fund in Busan, the Jerome Foundation, New York State Council on the Arts among others.
Leon Tan Leon Tan, PhD, is a media-art historian, cultural theorist and psychoanalyst based in Gothenburg, Sweden. He has written on art, media, globalization and copyright in journals such as CTheory and Ephemera, and curated media-art projects and art symposia in international sites such as KHOJ International Artists’ Association (New Delhi, 2011), ISEA (Singapore, 2008) and Digital Arts Week (Zurich, 2007). He is currently researching media-art practices in India, and networked museums as an expanded field of cultural memory making.
Jeroen van Loon Jeroen, digital media artist, investigates the (non-) impact of digital technology on our lives. For two months he went analogue, refrained from connecting to the World Wide Web, and communicated through his Analogue Blog. He is currently working on Life Needs Internet in which he travels around the world and collects people's personal handwritten internet stories.
Becky Band Jain Becky Band Jain is a non-profit communications specialist and blogs on everything from technology to psychology and culture. She spent the last five years living in India and she’s now based in New York. She’s a dedicated yoga and meditation practitioner and is passionate about ICTD and new media.
Namita A. Malhotra Namita A. Malhotra is a legal researcher and media practitioner and a core member of Alternative Law Forum in Bangalore, India. Her areas of interest are image, technology, media and law, and her work takes the form of interdisciplinary research, video and film making and exploring possibilities of recombining material, practice and discipline. She is also a founder member of Pad.ma (Public Access Digital Media Archive) which is a densely annotated online video archive.

Share this page on:

For more details visit https://cis-india.org/digital-natives/video-contest/digital-natives-contest

Digital Humanities in India?

sneha-pp — 2016-06-30T05:05:29Z

An extended survey of digital initiatives in arts and humanities practices in India was undertaken during the last year. Provocatively called 'mapping digital humanities in India', this enquiry began with the term 'digital humanities' itself, as a 'found' name for which one needs to excavate some meaning, context, and location in India at the present moment. Instead of importing this term to describe practices taking place in this country - especially when the term itself is relatively unstable and undefined even in the Anglo-American context - what I chose to do was to take a few steps back, and outline a few questions/conflicts that the digital practitioners in arts and humanities disciplines are grappling with. The final report of this study will be published serially. This is the first among seven sections.

Sections

01. Digital Humanities in India?

02. A Question of Digital Humanities

03. Reading from a Distance – Data as Text

04. The Infrastructure Turn in the Humanities

05. Living in the Archival Moment

06. New Modes and Sites of Humanities Practice

07. Digital Humanities in India – Concluding Thoughts

Background

It has only been a couple of years since I began hearing the term Digital Humanities (henceforth, DH) being uttered quite prominently, though mostly in academic circles. For the uninitiated, it almost sounds like an oxymoron. After all, for most practical purposes the digital and humanities have always been seen almost as contradictory terms, existing in distinct silos. A couple of workshops and conferences, one national-level consultation, three new centres, and two academic courses later the term still needs a definition in India, if not also in other parts of the world. But what was by then, and even now, is interesting is the emergence of pockets of work in India either claiming to be DH or even remotely related to it, and the interest in the term, either as one full of a seemingly diverse, innovative, and generative potential for interdisciplinary work in academia and practice, or as something that is just a reinvention of old questions that have been the focus of humanistic enquiry for several decades now.

The enquiry for this mapping began with the term itself, as a 'found' name for which I needed to excavate some meaning, context and location in India at the present moment. A consultation on Digital Humanities for Indian Higher Education organised in Bangalore in July 2013 [1] and a proposed short course in ‘Digital Humanities and Cultural Informatics’ [2] at Jadavpur University, Kolkata, were some of the early prominent instances of the use of the term. I later learnt from one of the people interviewed for this study that DH was already discussed in academic workshops as early as 2010 [3]. The general interest in the term has steadily picked up in the last couple of years however, albeit in specific pockets of the country, and it would be safe to say that it has been approached in markedly different ways by several institutions.

The source of the term itself is the history and body of literature around humanities computing in the UK and US, which essentially explores the use of computational methods in humanities research and practice. Roberto A. Busa (2010) describes it as “… precisely the automation of every possible analysis of human expression (therefore, it is exquisitely a "humanistic" activity), in the widest sense of the word, from music to the theater, from design and painting to phonetics, but whose nucleus remains the discourse of written texts”. However, locating such a history in India seems not only to be a difficult project, but largely a futile one. It seemed irrelevant to import a concept or discourse that in itself was (and still is to some extent) relatively unstable and undefined even in the Anglo-American context, and then try to locate it here. Instead, what I chose to do was to take a few steps back - firstly to outline a couple of questions/conflicts that seemed to be troubling about this concept to begin with:

Are ‘digital’ and ‘humanities’ really two contradictory terms that are being bridged together? Is this a reiteration of the ‘two cultures’ (Snow 1990) debate?
What are the changes in the object(s) of enquiry in humanities disciplines due to the advent of the internet and digital technologies?
What methods are to be used to study and work with digital objects? How are these affecting the traditional methods of the humanities?
Is DH a fringe academic phenomena, and can it be related to academic disciplines only? With several groups of practitioners engaging with questions and methods akin to DH outside universities, how do we define its institutional boundaries?
What are the new skills and tools emerging with, and in turn defining, DH practices in India?

Context

An immediate context for the growth of DH has been the steady debate around a ‘crisis’ of the disciplines, the humanities in particular, and how DH in a strange paradox, seemed to be both the phenomenon posing this question and offering an answer to it. Particularly in the Anglo-American context, while there has been a sustained decline in funding for the arts, especially post the global recession in the late 1990s, the Science, Technology, Engineering and Math (STEM) and other disciplines in natural sciences still seem to be on a steady footing. The ‘crisis’ here exists here at several levels - budgetary cuts across universities for liberal arts and humanities programmes, a steep fall in gainful employment for graduates (whose numbers are much more than the jobs available in the market, the adjunct system that has become popular in the US, which has resulted in reduced full-time employment and poor compensation for faculty, and in general a lack of opportunities and resources for research in the arts and humanities. The problem however, of which these are only the symptoms, lies much deeper, at the heart of what is seen as the lack of interest due to the diminishing practical value of the humanities, which further makes them seem most dispensable in a moment of economic crisis. Martha Nussbaum calls this a ‘silent crisis’, spurred by the growth of a profit-driven model of education, which has led to an increased focus on science and technology programmes, and emphasized the fostering of certain specific skills in these domains much to the detriment of arts and humanities programmes at every level of formal education, thus also doing away with “cultivated capacities of critical thinking and reflection, which are crucial in keeping democracies alive and wide awake.”

Gary Gutting on the other hand sees this definition of crisis in terms of numbers itself as misleading, but proposes that this decline also as a result of a cultural and economic system that is inhospitable to the humanities in general, and the ‘cultural middle class’ in particular. He writes:

Our economic system works well for those who find meaning in economic competition and the material rewards it brings. To a lesser but still significant extent, our system provides meaningful work in service professions (like health and social work) for those fulfilled by helping people in great need. But for those with humanistic and artistic life interests, our economic system has almost nothing to offer. Or rather, it has a great deal to offer but only for a privileged elite (the cultural parallel to our economic upper class) who have had the ability and luck to reach the highest levels of humanistic achievement. If you have (in Pierre Bourdieu’s useful term) the “cultural capital” to gain a tenured professorship at a university, play regularly in a major symphony orchestra or write mega bestsellers, you can earn an excellent living doing what you love. Short of that, you must pursue your passion on the side. (Gutting 2013)

Paul Jay and Gerald Graff locate the problem within the notion of the humanities as being inherently averse to a market-driven, utilitarian form of education, which emphasises only credentials, thus rendering the field esoteric and lacking when it comes to solving problems in the ‘real world’. Instead they favour the approach of humanities students developing diverse skill sets, in addition to traditional skills of their disciplines, and being open to engage with opportunities in the larger marketplace outside of academy as well. As the essay states:

We believe it is time to stop the ritualized lamentation over the crisis in the humanities and get on with the task of making them relevant in the 21st century. Such lamentation only reveals the inability of many humanists to break free of a 19th-century vision of education that sees the humanities as an escape from the world of business and science. As Cathy Davidson has forcefully argued in her new book, Now You See It, this outmoded way of thinking about the humanities as a realm of high-minded cultivation and pleasure in which students contemplate the meaning of life is a relic of the industrial revolution with its crude dualism of lofty spiritual art vs. mechanized smoking factories, a way of thinking that will serve students poorly in meeting the challenges of the 21st century. (Jay and Duff 2002)

While many of the traditional humanities scholars may still look at this as the result of a certain techno capitalistic impulse - wherein a new research regime based on knowledge creation to fulfil corporate interests emerges – it is prudent to examine how and why fields like the digital humanities have now emerged around the time of such a crisis, as they seemingly fit well within this nebulous space, and what are their implications for the humanities, education and research at large.

In the India, the context is a rather chequered one – with most conversations around the internet and digital technologies located within the domain of the development of Information and Communication technologies for Development (ICT4D), in sectors ranging from education to governance. The introduction to the digital has been in multifarious ways for countries in the global south, largely through rhetoric about its potential to address and even resolve social and economic problems, so much so that, as several of the people interviewed in this study also mentioned, now anything digital automatically translates to ‘good’ and ‘beneficial’. Addressing the digital divide has been a mandate of all stakeholders, whether the state and policy-makers, private organisations, NGOs or academia. With around 300 million internet users and counting, India has the second largest internet user base in the world. However, the conditions and quality of access to the internet and other digital technologies, and who is using these and for what purposes continue to remain a bone of contention. The ambitious Digital India initiative of the current government is the latest in a slew of measures undertaken to address some of these concerns in the last several years, and it proposes to do so by tackling three key areas – digital infrastructure, governance and services on demand, and empowerment of citizens through increased digital literacy [4]. As such it seeks to resolve some of the challenges of last mile connectivity that have forever been an issue with many ICT4D initiatives, particularly with countries in the Global South. The advent of a techno-democracy or a model of governance that successfully integrates technology within a framework of rights and social development seems to be larger vision of these proposed initiatives.

The ICT-fication of education has been a major objective and challenge within this larger vision, specifically with respect to the problem of access, and more importantly quality of access which stands out as pertinent, again a problem attributed to the lack of last mile connectivity. In 2009, the MHRD launched the ambitious National Mission in Education and Information and Communication Technologies (NMEICT) programme [5], which along with the National Commission for Higher Education and Research (NCHER) Bill [6] and the recommendations of the Yashpal Committee report [7], was expected to address some long-standing concerns in making higher education more accessible and hospitable to students, particularly those from underprivileged backgrounds. Ashish Rajadhyaksha (2011) argues that the last-mile problem is a more of a conceptual or cultural problem than merely a technological one. This is illustrated in the manner of implementation of several projects under the NMEICT, particularly in the imagination, as Rajadhyaksha says, of technology as neutral and therefore capable of addressing issues of democratisation within higher education.

Following the NMEICT, several initiatives such as the National Programme on Technology Enhanced Learning (NPTEL) [8] programme, and the use of low-cost devices such as the Aakash tablets [9] were also field tested to get a better understanding of how digital technologies could be integrated seamlessly into classroom instruction. The Indira Gandhi National Open University (IGNOU) [10] and Information and Library Network (INFLIBNET) [11], and more recently the National Knowledge Network (NKN) [12] are some of the more established efforts in distance education and open courseware. Digitisation initiatives were also launched on a large scale in the last decade, some notable ones being National Mission for Manuscripts [13], Digital Library of India [14], and National Library of India [15], among many others. There is also a growing number of closed/commercial archives, some examples being the South Asia Archive [16] and Asia Art Archive [17]. Digitisation, while being taken up in the interest of preservation and record, also brought with it a number of challenges, particularly with respect to the manner in which the projects were implemented. Whether with regard to preservation of the original material, problems with copyright or defining metadata standards, digitisation has never been an easy process. The Google Books library project is an example of this, where many books were damaged and had to be discarded in the process of digitisation, and the project itself came under criticism for several copyright violations, errors produced due to conversion of scanned texts using Optical Character Recognition (OCR) software and incorrect or unavailable metadata.

The move towards digitisation also provided the much needed impetus for archival practice to make a transition to the digital space, this has been an inevitable but rather fraught endeavour to begin with, as some of the observations made in the later chapters will illustrate. The emergence of independent, private online archives, often seen as a fallout of the hegemony of state-funded archives is an important development of this time. An influx of funding from government and private donors, has led to a lot of work in media and communication technologies getting concentrated in so-called ‘alternative’ spaces outside the university. The growth of these in between spaces has been an interesting phenomenon, particularly with respect to the possibilities offered for different kinds of research and other creative practices that are often unable to find a space within the confines of a university or other large, established knowledge institutions.

In the last decade or so, DH seems to have become one of the most highly funded areas in humanities research and practice. While this has seemingly helped to either save and/or reinvent some the humanities programmes, a lot of traditional humanists also view the field and the term with scepticism – as a threat to more traditional forms of humanities pedagogy and practice. Whether such a context exists in India and is still a matter of question, and hinges largely on how we understand the digital itself - as an object, concept or space. For that seems to be where the questions about the field, its emergence and its epistemological concerns lie.

This report, therefore, takes a slightly broader look, somewhat like a scoping exercise to see what some present concerns are and what could be the possibilities of DH in India. The areas of focus are few – the notion of crisis, and disciplines, the archive and so forth which form the crux of the debate in India. It also looks at changes that have come about, and are imminent with the ‘digital turn’, from the perspective of selected disciplines, and practices of knowledge-making. More importantly, it tries to extrapolate, from the common issues and conflicts traced across several conversations, larger questions of a conflict of authority that disciplines in the humanities have come to undergo, and whether the digital has amplified of tried to resolve the same. The conflict is tied to questions of ownership/authorship and authenticity that emerge with new collaborative modes of knowledge production, and the politics of circulation. It is reflected in the shift from more traditional spaces of knowledge-making to newer methods, objects, figures and processes in the online world, which seem to at one level replace older ones. This perceived threat of irrelevance or obsolescence is one of the manifestations of this conflict of authority. The Wikipedia is one example of this conflict, wherein the authenticity and authority of its content and recognition as scholarship has been intensely debated owing to, among other things, the fact that it cannot be attributed to any single author. In the ways in which the digital now mediates such activities, what has become the space and understanding of the digital in our lives, in the ways we consume and produce information and knowledge, and increasingly become uneven stakeholders in a dynamic knowledge economy, are some of the questions explored therein.

Methodology

With few 'digital humanists' (a term many DH scholars in India have consciously chosen to stay away from) and DH centres around, and the discourse being far from stable in India, the best way to explore this supposedly new phenomenon then seemed to be to understand some of the immediate problems and questions with the notion of the ‘digital’ itself. This approach was not just the result of constraints of the immediate context, but also turned out to be a productive methodological gesture, as it widened the scope of this mapping exercise to include several proto/perhaps-DH initiatives that have come up around the same time, or been in existence for a while and have been trying to work around similar questions. The mapping did not begin with an assumption of a field called DH as being extant in India, and therefore as an examination of its challenges and possibilities, but rather to understand how DH-like practices have evolved and converged at the moment under what appears to be like a place-holder term, and the implications of this for research and learning. Being located in India, it also provided a good vantage point to reflect on some of the literature and discourse around the term being produced in the Anglo-American context. The consultation on Digital Humanities for Indian Higher Education held in July 2013 was helpful in bringing together a number of people and key questions of what was then understood as something of a field. It is largely from the discussions at this consultation that this report approaches the term and what it may offer for humanities and related interdisciplinary research in India; somewhere it also hopes to serve as a point of departure. A major concern then was the lack of a proper definition of the field, and its instability, which continued to be a recurrent topic in my discussions with people as part of this exercise. However, the merits of embarking upon an exercise to ‘define DH in India’ were highly contentious, so the mapping took a more descriptive route, and did a discursive analysis of work in DH and allied fields and what people were saying about it in India. What I found were a range of views, some informed by practice and scholarship, others based on conjecture and some purely non-committal. As one of the people interviewed for this mapping pointed out, there is something provisional about which, if I may add, also inhibits us from saying anything definitive about it, just yet.

Given that the lack of a definition of the field remained one of the main issues, I went into conducting the mapping with a working definition/assumption that DH ‘is an interdisciplinary area of research, practice and pedagogy that looks at the interaction of digital tools, methods and spaces with core concerns of humanistic enquiry’. This definition was developed based on a review of existing literature in the Anglo-American context on DH, and deliberately made expansive enough to include within its fold, the different kinds of practices that had already chosen to adopt the term, and others which seemed to be inclined towards similar theoretical and practical concerns. Another useful definition, from the Digital Humanities Quarterly useful was the following:

Digital humanities is a diverse and still emerging field that encompasses the practice of humanities research in and through information technology, and the exploration of how the humanities may evolve through their engagement with technology, media, and computational methods. (Digital Humanities Quarterly 2010)

Deliberating on the interaction between humanities and technology, Susan Schreibman, in one the earliest books on DH describes the 'field' as follows:

The digital humanities, then, and their interdisciplinary core found in the field of humanities computing, have a long and dynamic history best illustrated by examination of the locations at which specific disciplinary practices intersect with computation. (Schreibman et al 2004)

One of the popular and most quoted definitions, however, is an early one that appeared in the Digital Humanities Manifesto 2.0 (Institute for the Future of the Book 2009). This describes DH as an array of convergent practices, and is also reproduced in the book Digital Humanities (Burdick et al 2012):

Digital Humanities refers to new modes of scholarship and institutional units for collaborative, transdisciplinary, and computationally engaged research, teaching, and publication. Digital Humanities is less a unified field than an array of convergent practices that explore a universe in which print is no longer the primary medium in which knowledge is produced and disseminated. (Ibid., 122)

The notion that DH is a “less a unified field than an array of convergent practices” seems to be the most useful way to describe the observations and more so the conditions that led to this mapping exercise, which also seeks to outline some kind of a trajectory of practices that converge at this contemporary moment to engender new meanings of and around the digital, rather than produce a conceptual history of the term in the Indian context or even imagine an extant field of some sort. This notion of a convergence, as stated in the last definition, although not apparent or expressed by anyone in India, seems to be the best possible way to describe the manner in which certain practices and a discourse has grown around the intersection of humanities and digital technologies in India. This rather organic growth of DH projects, practices and coursework in the absence of a meta-theory that would drive its epistemological concerns is an important conceptual question for the field itself, and a challenge for the study. Thus while the broader conversation around DH spans everything from instructional technology, new media and art practices, integrated science education to cultural analytics, the core concerns often remain the same, that of the intersection of previously separate domains of knowledge that are now coming together, and the crucial role played by the internet and digital technologies in bringing them together.

Further, three immediate experiences in engaging with digital technologies and questions of knowledge production in India shaped the intellectual concerns of this study. The first of these is the series of monographs produced as part of the ‘Histories of Internets in India’ project at the Researchers at Work (RAW) programme in CIS, during 2008-2011. A key point foregrounded in these monographs was the critical need to approach the internet, as a plural technology, available in and actualised through different forms, practices, and experiences. The second one was the collaborative project on the quality of access to higher education in undergraduate educational institutions at the Higher Education Innovation and Research Applications programme at the Centre for the Study of Culture and Society, Bangalore.The project was conducted in nine undergraduate institutions across three states in India, and included interaction with students and teachers through workshops and campus projects.The experience of working with students – who ranged from those who could barely use a computer to students proficient with the latest software, multimedia tools and internet applications – led to many insightful learnings about the teaching-learning environment, and prevalence of digital technologies and the internet in these spaces. The third one, of course, is the consultation on DH held in Bangalore, which provided an immediate set of questions and a network of people to begin the mapping with.

In this study, the fieldwork consisted of in-depth and semi-structured interviews with key people involved in the DH-like initiatives in India, and allied areas such as media, archives, art, and higher education. The sample size being small, the conversations were by no means exhaustive, but they were insightful in terms of the present nature of practice and the questions that they further pointed towards. The interviews were largely open-ended conversations focussing on, where possible, questions about DH: its emergence, theory, practice and pedagogy, but emphasising the notion of the ‘digital’ and is diverse perception and formulations. With respondents who were not from an academic space or not involved with DH directly, the questions were more related to the nature of changes that the digital has brought about in their practice, specifically the shifts in content and method. The crisis of disciplines and the move away from more traditional concerns of humanistic enquiry were also discussed. Issues of access, exclusivity and the move towards collaborative spaces of knowledge production and the democratic potential of the internet and digital technologies also came up quite prominently as points of discussion.

The fieldwork tried to cover not just a range of people from different disciplines and areas of practice, but also institutions: Prof. Amlan Dasgupta, Prof. Sukanta Chaudhuri and Purbasha Auddy, (School of Cultural Texts and Records and Dept. of English), Dr. Moinak Biswas and Dr. Madhuja Mukherjee (Media lab and Dept. of Film Studies); Dr. Abhijit Roy (School of Communication and Culture) at Jadavpur University, Kolkata; Dr. Souvik Mukherjee (Dept. of English) and Dr. Milinda Banerjee (Dept. of History) at Presidency University, Kolkata; Abhijit Bhattacharya (Media Archives) at Centre for the Studies in Social Sciences, Kolkata; Dr. Ravi Sundaram (the Sarai Programme) at Centre for the Study of Developing Societies, New Delhi; Dr. Indira Chowdhury and Dr. Padmini Ray-Murray (Centre for Public History) at Srishti School of Art, Design and Technology, Bangalore; Dr. C. S Lakshmi at the Sound and Picture Archives for Research on Women, Mumbai; Shaina Anand, Namita Malhotra, Lawrence Liang, Jan Gerber, Sebastian Lutgert and Ashish Rajadhyaksha, who have all worked with CAMP, Mumbai and are part of the team behind Indiancine.ma and Pad.ma; Vikram Vincent at the Indian Institute of Technology, Mumbai and S.V. Srinivas, Azim Premji University, who was previously associated with the Centre for the Study of Culture and Society. The individuals and institutions mentioned here have been engaged with these concerns within their respective fields of research and practice. Three institutions - Jadavpur University, Presidency University and the Centre for Public History – have actively adopted the term DH for some of the work they have been doing, whereas the remaining have been working with digital technologies as part of research, pedagogy, and practice. The report presents some part of these conversations and in doing so provides a snapshot of the operational context of the term ‘DH’ in India as well. The attempt was to understand the nature of existing and possible institutional investment in the term, as well as digital technologies (beyond tools, platforms and processes) and their stake in taking these questions further.

Notes

[1] This one-day event was organized by the Higher Education Innovation and Research Applications (HEIRA) programme at the Centre for the Study of Culture and Society, in collaboration with the Access to Knowledge (A2K) Programme at the Centre for Internet and Society, and other institutions. See: http://cis-india.org/digital-natives/digital-humanities-for-indian-higher-education.

[2] See: https://sctrdhci.wordpress.com/

[3] See: http://www.tezu.ernet.in/notices/ResearchMethodology.pdf.

[4] See: http://www.digitalindia.gov.in/.

[5] See: http://www.nmeict.ac.in/.

[6] See http://www.prsindia.org/uploads/media/Higher%20education/Legislative%20Brief%20-%20Higher%20Education%20and%20Research%20Bill.pdf.

[7] See: http://mhrd.gov.in/sites/upload_files/mhrd/files/document-reports/YPC-Report.pdf

[8] See: http://nptel.ac.in/

[9] See: http://gadgets.ndtv.com/tablets/news/government-for-providing-aakash-tablet-at-rs-1500-329578.

[10] See: http://www.ignou.ac.in/.

[11] See: http://www.inflibnet.ac.in/.

[12] See: http://nkn.in/.

[13] See: http://www.namami.org/.

[14] See: http://www.dli.ernet.in/.

[15] See: http://www.nationallibrary.gov.in/.

[16] See: http://www.southasiaarchive.com/.

[17] See: http://www.aaa.org.hk/.

References

Burdick, Anne, Johanna Drucker, Peter Lunefeld, Todd Presner, and Jeffrey Schnapp, Digital_Humanities, Massachusetts Institute of Technology Press, 2012, https://mitpress.mit.edu/books/digitalhumanities.

Digital Humanities Quarterly, "About DHQ," 2010, http://www.digitalhumanities.org/dhq/about/about.html

Gutting, Gary. "The Real Humanities Crisis," The New York Times, November 30, 2013, accessed July 14, 2015. http://opinionator.blogs.nytimes.com/2013/11/30/the-real-humanities-crisis/.

Institute for the Future of the Book, "The Digital Humanities Manifesto 2.0," 2009, http://manifesto.humanities.ucla.edu/2009/05/29/the-digital-humanities-manifesto-20/

Jay, Paul, and Gerald Duff, "The Fear of Being Useful," Inside Higher Ed. January 5. 2012. Accessed September 22, 2015. https://www.insidehighered.com/views/2012/01/05/essay-new-approach-defend-value-humanities.

Schreibman, Susan, Ray Siemens, and John Unsworth, "The Digital Humanities and Humanities Computing: An Introduction," A Companion to Digital Humanities, Oxford: Blackwell, 2004, http://www.digitalhumanities.org/companion/.

Snow, C.P. "The Two Cultures," Leonardo, Vol. 23, No. 2/3, New Foundations: Classroom Lessons in Art/Science/Technology for the 1990s. 1990. Pp. 169-173.

For more details visit https://cis-india.org/raw/digital-humanities-in-india