Centre for Internet and Society

Criticism mounts over India censorship

praskrishna — 2012-08-27T06:38:51Z

India’s government is facing fierce criticism from privacy groups, political opponents and irate internet users accusing it of an excessive and poorly targeted censorship drive as it seeks to contain social alarm triggered by communal unrest.

This article written by James Crabtree in Mumbai and Tim Bradshaw in San Francisco was published in Financial Times on August 24, 2012. Pranesh Prakash is quoted.

Following panicked scenes among groups from the nation’s troubled north-east and fearing an escalation of urban violence between Muslim and Hindu groups, the administration this week instructed internet companies, including Facebook and Google, to block more than 300 web pages and more than a dozen Twitter accounts it claimed were inflaming communal tensions.

But by Friday the order was being assailed as an example of administrative incompetence, as internet analysts revealed that many of the pages contained seemingly harmless material from foreign media organisations, political columnists and critics of India’s government.

Pranesh Prakash, a legal expert at the Bangalore-based Centre for Internet and Society, said: “I am not questioning their original motives, but I do think this is excessive and incompetent censorship.”

Political opponents also accused the government of over-reach, including Narendra Modi, the controversial chief minister of the state Gujarat and a member of the Hindu nationalist BJP party, who on Friday used a Twitter post to call the moves a “crackdown on freedom of speech”.

The government denies it is being heavy handed. “We are only taking strict action against those accounts or people which are causing damage or spreading rumours,” said Kuldeep Dhatwalia, an Indian home ministry spokesman. “We are not taking action against other accounts, be it on Facebook, Twitter or even SMSes.”

Twitter found itself at the centre of the growing controversy, as government spokespeople accused the US-based social networking site of failing to respond to requests to block users, some of which involved accounts appearing to impersonate Manmohan Singh, the prime minister.

Twitter responded by suspending a number of impersonator accounts and is now in discussions with the prime minister’s office in an attempt to defuse the row, according to people familiar with the matter. A spokesperson for Twitter declined to comment.

Angry users also used the site to attack the restrictions using the hashtags #GOIblocks and #Emergency2012, the latter a highly charged reference to prime minister Indira Gandhi’s two-year period of rule by decree in the late 1970s.

India has a long history of censorship measures designed to prevent communal violence, ranging from restrictions introduced under the British Raj in the early 20th century to more recent edicts banning Salman Rushdie’s novel The Satanic Verses and restricting derogatory portrayals of religious figures in Bollywood movies.

“Blocking content to help mitigate a volatile situation involving civilian security could be justified,” says Meenakshi Ganguly, South Asia director at Human Rights Watch. “But when the government expresses equal concern about fake Twitter handles or criticism of political leaders, it begins to look like censorship.”

The online restrictions followed related measures restricting to five the number of text messages that could be sent from most Indian mobile phones, although this was lifted to 20 on Thursday.

They also came during a week of deepening political crisis in the world’s largest democracy, as opposition leaders repeatedly halted parliamentary proceedings and called for Mr Singh’s resignation in the aftermath of a critical report from India’s government auditor.

“These threats to social harmony are real, but like almost everything the Indian state is doing at present, the restrictions incompetently deal with a few symptoms rather than addressing causes,” says Pratap Bhanu Mehta of the Centre for Policy Research, a think tank in New Delhi. “They are simply exacerbating a crisis of trust, not solving it.”

For more details visit https://cis-india.org/news/www-ft-com-aug-24-2012-james-crabtree-tim-bradshaw-criticism-mounts-over-india-censorship

CPOV : Wikipedia Research Initiative

nishant — 2011-08-23T02:52:25Z

The Second event, towards building the Critical Point of View Reader on Wikipedia, brings a range of scholars, practitioners, theorists and activists to critically reflect on the state of Wikipedia in our contemporary Information Societies. Organised in Amsterdam, Netherlands, by the Institute of Network Cultures, in collaboration with the Centre for Internet and Society, Bangalore, the event builds on the debates and discussions initiated at the WikiWars that launched off the knowledge network in Bangalore in January 2010. Follow the Live Tweets at #CPOV

Second international conference of the CPOV Wikipedia Research Initiative :: March 26-27, 2010 :: OBA (Public Library Amsterdam, next to Amsterdam central station), Oosterdokskade 143, Amsterdam.

Wikipedia is at the brink of becoming the de facto global reference of dynamic knowledge. The heated debates over its accuracy, anonymity, trust, vandalism and expertise only seem to fuel further growth of Wikipedia and its user base. Apart from leaving its modern counterparts Britannica and Encarta in the dust, such scale and breadth places Wikipedia on par with such historical milestones as Pliny the Elder’s Naturalis Historia, the Ming Dynasty’s Wen-hsien ta- ch’ eng, and the key work of French Enlightenment, the Encyclopedie. The multilingual Wikipedia as digital collaborative and fluid knowledge production platform might be said to be the most visible and successful example of the migration of FLOSS (Free/ Libre/ Open Source Software) principles into mainstream culture. However, such celebration should contain critical insights, informed by the changing realities of the Internet at large and the Wikipedia project in particular.

The CPOV Research Initiative was founded from the urge to stimulate critical Wikipedia research: quantitative and qualitative research that could benefit both the wide user-base and the active Wikipedia community itself. On top of this, Wikipedia offers critical insights into the contemporary status of knowledge, its organizing principles, function, and impact; its production styles, mechanisms for conflict resolution and power (re-)constitution. The overarching research agenda is at once a philosophical, epistemological and theoretical investigation of knowledge artifacts, cultural production and social relations, and an empirical investigation of the specific phenomenon of the Wikipedia.

Conference Themes: Wiki Theory, Encyclopedia Histories, Wiki Art, Wikipedia Analytics, Designing Debate and Global Issues and Outlooks.

Follow the live tweets on http://twitter.com/#search?q=%23CPOV

Confirmed speakers: Florian Cramer (DE/NL), Andrew Famiglietti (UK), Stuart Geiger (USA), Hendrik-Jan Grievink (NL), Charles van den Heuvel (NL), Jeanette Hofmann (DE), Athina Karatzogianni (UK), Scott Kildall (USA), Patrick Lichty (USA), Hans Varghese Mathews (IN), Teemu Mikkonen (FI), Mayo Fuster Morell (IT), Mathieu O’Neil (AU), Felipe Ortega (ES), Dan O’Sullivan (UK), Joseph Reagle (USA), Ramón Reichert (AU), Richard Rogers (USA/NL), Alan Shapiro (USA/DE), Maja van der Velden (NL/NO), Gérard Wormser (FR).

Editorial team: Sabine Niederer and Geert Lovink (Amsterdam), Nishant Shah and Sunil Abraham (Bangalore), Johanna Niesyto (Siegen), Nathaniel Tkacz (Melbourne). Project manager CPOV Amsterdam: Margreet Riphagen. Research intern: Juliana Brunello. Production intern: Serena Westra.

The CPOV conference in Amsterdam will be the second conference of the CPOV Wikipedia Research Initiative. The launch of the initiative took place in Bangalore India, with the conference WikiWars in January 2010. After the first two events, the CPOV organization will work on producing a reader, to be launched early 2011. For more information or submitting a reader contribution.

Buy your ticket online (with iDeal), or register by sending an email to: info (at) networkcultures.org. One day ticket: €25, students and OBA members: €12,50. Full conference pass (2 days): €40, students and OBA members: 25.

Organized by the Institute of Network Cultures Amsterdam, in cooperation with the Centre for Internet and Society in Bangalore, India.

For more details visit https://cis-india.org/research/conferences/conference-blogs/cpov

Contestations of Data, ECJ Safe Harbor Ruling and Lessons for India

jyoti — 2015-10-14T14:40:08Z

The European Court of Justice has invalidated a European Commission decision, which had previously concluded that the 'Safe Harbour Privacy Principles' provide adequate protections for European citizens’ privacy rights for the transfer of personal data between European Union and United States. The inadequacies of the framework is not news for the European Commission and action by ECJ has been a long time coming. The ruling raises important questions about how the claims of citizenship are being negotiated in the context of the internet, and how increasingly the contestations of personal data are being employed in the discourse.

The European Court of Justice (ECJ) has invalidated a European Commission (EC) decision¹ which had previously concluded that the 'Safe Harbor Privacy Principles'² provide adequate protections for European citizens’ privacy rights³ for the transfer of personal data between European Union and United States. This challenge stems from the claim that public law enforcement authorities in America obtain personal data from organisations in safe harbour for incompatible and disproportionate purposes in violation of the Safe Harbour Privacy Principles. The court's judgment follows the advice of the Advocate General of the Court of Justice of the European Union (CJEU) who recently opined⁴ that US practices allow for large-scale collection and transfer of personal data belonging to EU citizens without them benefiting from or having access to judicial protection under US privacy laws. The inadequacies of the framework is not news for the Commission and action by ECJ has been a long time coming. The ruling raises important questions about how increasingly the contestations of personal data are being employed in asserting claims of citizenship in context of the internet.

As the highest court in Europe, the ECJ's decisions are binding on all member states. With this ruling the ECJ has effectively restrained US firms from indiscriminate collection and sharing of European citizens’ data on American soil. The implications of the decision are significant, because it shifts the onus of evaluating protections of personal data for EU citizens from the 4,400 companies⁵ subscribing to the system onto EU privacy watchdogs. Most significantly, in addressing the rights of a citizen against an established global brand, the judgement goes beyond political and legal opinion to challenge the power imbalance that exists with reference to US based firms.

Today, the free movement of data across borders is a critical factor in facilitating trade, financial services, governance, manufacturing, health and development. However, to consider the ruling as merely a clarification of transatlantic mechanisms for data flows misstates the real issue. At the heart of the judgment is the assessment whether US firms apply the tests of ‘necessity and proportionality’ in the collection and surveillance of data for national security purposes. Application of necessity and proportionality test to national security exceptions under safe harbor has been a sticking point that has stalled the renegotiation of the agreement that has been underway between the Commission and the American data protection authorities.⁶

For EU citizens the stake in the case are even higher, as while their right to privacy is enshrined under EU law, they have no administrative or judicial means of redress, if their data is used for reasons they did not intend. In the EU, citizens accessing and agreeing to use of US based firms are presented with a false choice between accessing benefits and giving up on their fundamental right to privacy. In other words, by seeking that governments and private companies provide better data protection for the EU citizens and in restricting collection of personal data on a generalised basis without objective criteria, the ruling is effectively an assertion of ‘data sovereignty’. The term ‘data sovereignty’, while lacking a firm definition, refers to a spectrum of approaches adopted by different states to control data generated in or passing through national internet infrastructure.⁷ Underlying the ruling is the growing policy divide between the US and EU privacy and data protection standards, which may lead to what is referred to as the balkanization⁸ of the internet in the future.

US-EU Data Protection Regime

The safe harbor pact between the EU and US was negotiated in the late 1990s as an attempt to bridge the different approaches to online privacy. Privacy is addressed in the EU as a fundamental human right while in the US it is defined under terms of consumer protection, which allow trade-offs and exceptions when national security seems to be under threat. In order to address the lower standards of data protection prevalent in the US, the pact facilitates data transfers from EU to US by establishing certain safeguards equivalent to the requirements of the EU data protection directive. The safe harbor provisions include firms undertaking not to pass personal information to third parties if the EU data protection standards are not met and giving users right to opt out of data collection.⁹

The agreement was due to be renewed by May 2015¹⁰ and while negotiations have been ongoing for two years, EU discontent on safe harbour came to the fore following the Edward Snowden revelations of collection and monitoring facilitated by large private companies for the PRISM program and after the announcement of the TransAtlantic Trade and Investment Partnership (TTIP).¹¹ EU member states have mostly stayed silent as they run their own surveillance programs often times, in cooperation with the NSA. EU institutions cannot intervene in matters of national security however, they do have authority on data protection matters. European Union officials and Members of Parliament have expressed shock and outrage at the surveillance programs unveiled by Snowden's 2013 revelations. Most recently, following the CJEU Advocate General’s opinion, 50 Members of European Parliament (MEP) sent a strongly worded letter the US Congress hitting back on claims of ‘digital protectionism’ emanating from the US¹². In no uncertain terms the letter clarified that the EU has different ideas on privacy, platforms, net neutrality, encryption, Bitcoin, zero-days, or copyright and will seek to improve and change any proposal from the EC in the interest of our citizens and of all people.

Towards Harmonization

In November 2013, as an attempt to minimize the loss of trust following the Snowden revelations, the European Commission (EC) published recommendations in its report on 'Rebuilding Trust is EU-US Data Flows'.¹³ The recommendations revealed two critical initiatives at the EU level—first was the revision of the EU-US safe harbor agreement¹⁴ and second the adoption of the 'EU-US Umbrella Agreement¹⁵'—a framework for data transfer for the purpose of investigating, detecting, or prosecuting a crime, including terrorism. The Umbrella Agreement was recently initialed by EU and US negotiators and it only addresses the exchange of personal data between law enforcement agencies.¹⁶ The Agreement has gained momentum in the wake of recent cases around issues of territorial duties of providers, enforcement jurisdictions and data localisation.¹⁷ However, the adoption of the Umbrella Act depends on US Congress adoption of the Judicial Redress Act (JRA) as law.¹⁸

Judicial Redress Act

The JRA is a key reform that the EC is pushing for in an attempt to address the gap between privacy rights and remedies available to US citizens and those extended to EU citizens, including allowing EU citizens to sue in American courts. The JRA seeks to extend certain protections under the Privacy Act to records shared by EU and other designated countries with US law enforcement agencies for the purpose of investigating, detecting, or prosecuting criminal offenses. The JRA protections would extend to records shared under the Umbrella Agreement and while it does include civil remedies for violation of data protection, as noted by the Center for Democracy and Technology, the present framework does not provide citizens of EU countries with redress that is at par with that which US persons enjoy under the Privacy Act.¹⁹

For example, the measures outlined under the JRA would only be applicable to countries that have outlined appropriate privacy protections agreements for data sharing for investigations and ‘efficiently share’ such information with the US. Countries that do not have agreements with US cannot seek these protections leaving the personal data of their citizens open for collection and misuse by US agencies. Further, the arrangement leaves determination of 'efficiently sharing' in the hands of US authorities and countries could lose protection if they do not comply with information sharing requests promptly. Finally, JRA protections do not apply to non-US persons nor to records shared for purposes other than law enforcement such as intelligence gathering. JRA is also weakened by allowing heads of agencies to exercise their discretion to seek exemption from the Act and opt out of compliance.

Taken together the JRA, the Umbrella Act and the renegotiation of the Safe Harbor Agreement need considerable improvements. It is worth noting that EU’s acceptance of the redundancy of existing agreements and in establishing the independence of national data protection authorities in investigating and enforcing national laws as demonstrated in the Schrems and in the Weltimmo²⁰ case point to accelerated developments in the broader EU privacy landscape.

Consequences

The ECJ Safe Harbor ruling will have far-reaching consequences for the online industry. Often, costly government rulings solidify the market dominance of big companies. As high regulatory costs restrict the entrance of small and medium businesses the market, competition is gradually wiped out. Further, complying with high standards of data protection means that US firms handling European data will need to consider alternative legal means of transfer of personal data. This could include evolving 'model contracts' binding them to EU data protection standards. As Schrems points out, “Big companies don’t only rely on safe harbour: they also rely on binding corporate rules and standard contractual clauses.”²¹

The ruling is good news for European consumers, who can now approach a national regulator to investigate suspicions of data mishandling. EU data protection regulators may be be inundated with requests from companies seeking authorization of new contracts and with consumer complaints. Some are concerned that the ruling puts a dent in the globalized flow of data²², effectively requiring data localization in Europe.²³ Others have pointed out that it is unclear how this decision sits with other trade treaties such as the TPP that ban data localisation.²⁴ While the implications of the decision will take some time in playing out, what is certain is that US companies will be have to restructure management, storage and use of data. The ruling has created the impetus for India to push for reforms to protect its citizens from harms by US firms and improve trade relations with EU.

The Opportunity for India

Multiple data flows taking place over the internet simultaneously and that has led to ubiquity of data transfers o ver the Internet, exposing individuals to privacy risks. There has also been an enhanced economic importance of data processing as businesses collect and correlate data using analytic tools to create new demands, establish relationships and generate revenue for their services. The primary concern of the Schrems case may be the protection of the rights of EU citizens but by seeking to extend these rights and ensure compliance in other jurisdictions, the case touches upon many underlying contestations around data and sovereignty.

Last year, Mr Ram Narain, India Head of Delegation to the Working Group Plenary at ITU had stressed, “respecting the principle of sovereignty of information through network functionality and global norms will go a long way in increasing the trust and confidence in use of ICT.”²⁵ In the absence of the recognition of privacy as a right and empowering citizens through measures or avenues to seek redressal against misuse of data, the demand of data sovereignty rings empty. The kind of framework which empowered an ordinary citizen in the EU to approach the highest court seeking redressal based on presumed overreach of a foreign government and from harms abetted by private corporations simply does not exist in India. Securing citizen’s data in other jurisdictions and from other governments begins with establishing protection regimes within the country.

The Indian government has also stepped up efforts to restrict transfer of data from India including pushing for private companies to open data centers in India.²⁶ Negotiating data localisation does not restrict the power of private corporations from using data in a broad ways including tailoring ads and promoting products. Also, data transfers impact any organisation with international operations for example, global multinationals who need to coordinate employee data and information. Companies like Facebook, Google and Microsoft transfer and store data belonging to Indian citizens and it is worth remembering that the National Security Agency (NSA) would have access to this data through servers of such private companies. With no existing measures to restrict such indiscriminate access, the ruling purports to the need for India to evolve strong protection mechanisms. Finally, the lack of such measures also have an economic impact, as reported in a recent Nasscom-Data Security Council of India (DSCI) survey²⁷ that pegs revenue losses incurred by the Indian IT-BPO industry at $2-2.5 billion for a sample size of 15 companies. DSCI has further estimated that outsourcing business can further grow by $50 billion per annum once India is granted a “data secure” status by the EU.²⁸ EU’s refusal to grant such a status is understandable given the high standard of privacy as incorporated under the European Union Data Protection Directive a standard to which India does not match up, yet. The lack of this status prevents the flow of data which is vital for Digital India vision and also affects the service industry by restricting the flow of sensitive information to India such as information about patient records.

Data and information structures are controlled and owned by private corporations and networks transcend national borders, therefore the foremost emphasis needs to be on improving national frameworks. While, enforcement mechanisms such as the Mutual Legal Assistance Treaty (MLAT) process or other methods of international cooperation may seem respectful of international borders and principles of sovereignty,²⁹ for users that live in undemocratic or oppressive regimes such agreements are a considerable risk. Data is also increasingly being stored across multiple jurisdictions and therefore merely applying data location lens to protection measures may be too narrow. Further it should be noted that when companies begin taking data storage decisions based on legal considerations it will impact the speed and reliability of services.³⁰ Any future regime must reflect the challenges of data transfers taking place in legal and economic spaces that are not identical and may be in opposition. Fundamentally, the protection of privacy will always act as a barrier to the free flow of information even so, as the Schrems case ruling points out not having adequate privacy protections could also restrict flow of data, as has been the case for India.

The time is right for India to appoint a data controller and put in place national frameworks, based on nuanced understanding of issues of applying jurisdiction to govern users and their data. Establishing better protection measures will not only establish trust and enhance the ability of users to control data about themselves it is also essential for sustaining economic and social value generated from data generation and collection. Suggestions for such frameworks have been considered previously by the Group of Experts on Privacy constituted by the Planning Commission.³¹ By incorporating transparency in mechanisms for data and access requests and premising requests on established necessity and proportionality Indian government can lead the way in data protection standards. This will give the Indian government more teeth to challenge and address both the dangers of theft of data stored on servers located outside of India and restrain indiscriminate access arising from terms and conditions of businesses that grant such rights to third parties.

1 Commission Decision of 26 July 2000 pursuant to Directive 95/46/EC of the European Parliament and of the Council on the adequacy of the protection provided by the safe harbour privacy principles and related frequently asked questions issued by the US Department of Commerce (notified under document number C(2000) 2441) (Text with EEA relevance.) Official Journal L 215 , 25/08/2000 P. 0007 -0047 2000/520/EC: http ://eur -lex .europa .eu /LexUriServ /LexUriServ .do ?uri =CELEX :32000 D 0520:EN :HTML

2 Safe Harbour Privacy Principles Issued by the U.S. Department of Commerce on July 21, 2000 http ://www .export .gov /safeharbor /eu /eg _main _018475.asp

3 Megan Graham, Adding Some Nuance on the European Court ’s Safe Harbor Decision , Just security

https ://www .justsecurity .org /26651/adding -nuance -ecj -safe -harbor -decision /

4 Advocate General’s Opinion in Case C-362/14 Maximillian Schrems v Data Protection Commissioner Court of Justice of the European Union, Press Release, No 106/15 Luxembourg, 23 September 2015 http ://curia .europa .eu /jcms /upload /docs /application /pdf /2015-09/cp 150106 en .pdf

5 Jennifer Baker, ‘EU desperately pushes just-as-dodgy safe harbour alternatives’, The Register, October 7, 2015 http ://www .theregister .co .uk /2015/10/07/eu _pushes _safe _harbour _alternatives /

6 Draft Report, General Data Protection Regulation, Committee on Civil Liberties, Justice and Home Affairs, European Parliament, 2009-2014 http ://www .europarl .europa .eu /meetdocs /2009_2014/documents /libe /pr /922/922387/922387 en .pdf

7 Dana Polatin-Reuben, Joss Wright, ‘An Internet with BRICS Characteristics: Data Sovereignty and the Balkanisation of the Internet’, University of Oxford, July 7, 2014 https ://www .usenix .org /system /files /conference /foci 14/foci 14-polatin -reuben .pdf

8 Sasha Meinrath, The Future of the Internet: Balkanization and Borders, Time, October 2013 http ://ideas .time .com /2013/10/11/the -future -of -the -internet -balkanization -and -borders /

9 Safe Harbour Privacy Principles, Issued by the U.S. Department of Commerce, July 2001 http ://www .export .gov /safeharbor /eu /eg _main _018475.asp

10 Facebook case may force European firms to change data storage practices, The Guardian, September 23, 2015 http ://www .theguardian .com /us -news /2015/sep /23/us -intelligence -services -surveillance -privacy

11 Privacy Tracker, US-EU Safe Harbor Under Pressure, August 2, 2013 https ://iapp .org /news /a /us -eu -safe -harbor -under -pressure

12 Kieren McCarthy, Privacy, net neutrality, security, encryption ... Europe tells Obama, US Congress to back off, The Register, 23 September, 2015 http ://www .theregister .co .uk /2015/09/23/european _politicians _to _congress _back _off /

13 Communication from the Commission to the European Parliament and the Council, Rebuilding Trust in EU-US Data Flows, European Commission, November 2013 http ://ec .europa .eu /justice /data -protection /files /com _2013_846_en .pdf

14 Safe Harbor on trial in the European Union, Access Blog, September 2014 https ://www .accessnow .org /blog /2014/11/13/safe -harbor -on -trial -in -the -european -union

15 European Commission - Fact Sheet Questions and Answers on the EU-US data protection "Umbrella agreement", September 8, 2015 http ://europa .eu /rapid /press -release _MEMO -15-5612_en .htm

16 McGuire Woods, ‘EU and U.S. reach “Umbrella Agreement” on data transfers’, Lexology, September 14, 2015 http ://www .lexology .com /library /detail .aspx ?g =422 bca 41-2 d 54-4648-ae 57-00 d 678515 e 1 f

17 Andrew Woods, Lowering the Temperature on the Microsoft-Ireland Case, Lawfare September, 2015 https ://www .lawfareblog .com /lowering -temperature -microsoft -ireland -case

18 Jens-Henrik Jeppesen, Greg Nojeim, ‘The EU-US Umbrella Agreement and the Judicial Redress Act: Small Steps Forward for EU Citizens’ Privacy Rights’, October 5, 2015 https ://cdt .org /blog /the -eu -us -umbrella -agreement -and -the -judicial -redress -act -small -steps -forward -for -eu -citizens -privacy -rights /

19 Ibid 18.

20 Landmark ECJ data protection ruling could impact Facebook and Google, The Guardian, 2 October, 2015 http ://www .theguardian .com /technology /2015/oct /02/landmark -ecj -data -protection -ruling -facebook -google -weltimmo

21 Julia Powles, Tech companies like Facebook not above the law, says Max Schrems, The Guardian, Octover 9, 2015 http ://www .theguardian .com /technology /2015/oct /09/facebook -data -privacy -max -schrems -european -court -of -justice

22 Adam Thierer, Unintended Consequences of the EU Safe Harbor Ruling, The Technology Liberation Front, October 6, 2015 http ://techliberation .com /2015/10/06/unintended -consequenses -of -the -eu -safe -harbor -ruling /#more -75831

23 Anupam Chander, Tweeted ECJ #schrems ruling may effectively require data localization within Europe, https ://twitter .com /AnupamChander /status /651369730754801665

24 Lokman Tsui, Tweeted, “If the TPP bans data localization, but the ECJ ruling effectively mandates it, what does that mean for the internet?” https ://twitter .com /lokmantsui /status /651393867376275456

25 Statement from Indian Head of Delegation, Mr Ram Narain for WGPL, Indian statement on ITU and Internet at the Working Group Plenary November 4, 2014 https ://ccgnludelhi .wordpress .com /author /asukum 87/page /2/

26 Sounak Mitra, Xiaomi bets big on India despite problems, Business Standard, December 2014 http ://www .business -standard .com /article /companies /xiaomi -bets -big -on -india -despite -problems -114122201023_1.html

27 Neha Alawadi, Ruling on data flow between EU & US may impact India’s IT sector, Economic Times,October 7, 2015 http ://economictimes .indiatimes .com /articleshow /49250738.cms ?utm _source =contentofinterest &utm _medium =text &utm _campaign =cppst

28 Pranav Menon, Data Protection Laws in India and Data Security- Impact on India and Data Security-Impact on India - EU Free Trade Agreement, CIS Access to Knowledge, 2011 http ://cis -india .org /a 2 k /blogs /data -security -laws -india .pdf

29 Surendra Kumar Sinha, India wants Mutual Legal Assistance treaty with Bangladesh, Economic Times, October 7, 2015 http ://economictimes .indiatimes .com /articleshow /49262294.cms ?utm _source =contentofinterest &utm _medium =text &utm _campaign =cppst

30 Pablo Chavez, Director, Public Policy and Government Affairs, Testifying before the U.S. Senate on transparency legislation, November 3, 2013 http ://googlepublicpolicy .blogspot .in /2013/11/testifying -before -us -senate -on .htm

31 Report of the Group of Experts on Privacy (Chaired by Justice A P Shah, Former Chief Justice, Delhi High Court), Planning Commission, October 2012 http ://planningcommission .nic .in /reports /genrep /rep _privacy .pdf

For more details visit https://cis-india.org/internet-governance/blog/contestations-of-data-ecj-safe-harbor-ruling-and-lessons-for-india

Collaborative Projects Programme

nishant — 2011-08-23T03:04:56Z

The Centre for Internet and Society recognises collaboration and consultation as its primary mode of engaging with research and intervention. The Collaborative Projects Programme (CPP) is CIS’ platform for partnering (intellectually, logistically, financially, and administratively) with other organisations, individuals and practitioners in projects which are of immediate concern to the work that CIS is committed to.

The Collaborative Projects Programme also expands the scope of research to produce a synergy between research and praxis. The CPP is, in many ways, the in-house research that CIS undertakes, in collaboration and consultation with other organisations, institutions and individuals who have a stake and a say in the field of Internet and Society. The CPP is not bound by any theme of programmatic modalities and is envisioned more as a way for CIS to extend its field and establish a strong network with other exciting spaces in the Global South.

The Collaborative Projects Programme can include, but is not limited to, organising of large conferences or workshops; developing tools for better research and advocacy; data mining towards a specific goal that complements CIS’ vision; producing original monographs/publications/books targeted at different audiences; experimenting with new technologies to affect policy and usage; implementing pilot studies and instances of existing ideas; developing schemes to integrate education and technology; public intervention and awareness campaigns geared towards particular outcomes; celebrating certain aspects of internet technologies; engaging with digital natives; and creating new environments of learning and participation online.

The CPP is NOT a grant making programme. However, we are interested in partnering on new and innovative ideas and would welcome conversations with people and organisations in the field. If you have an interesting idea that you think fits our larger vision, please contact us and we can begin the discussions.

List of Projects under the Collaborative Projects Programme:

1. The Promise of Invisibility: Technology and the City - A seven month research project initiated by Nishant Shah, in collaboration with the Centre for Contemporary Cultural Studies, Shanghai University, enabled by a grant from the Asia Scholarship Foundation, Bangkok.

2. Disability, Learning and Digital Participation - in partnership with Inclusive Planet

For more details visit https://cis-india.org/research/grants/collaborative-projects-programme

Clash of the cyberworlds

praskrishna — 2013-01-15T06:57:48Z

In an increasingly digital world, the issue of Internet freedom and governance has become hugely contested. Censorship and denial of access occur across the political spectrum of nations, even in liberal democracies.

The article by Latha Jishnu, Dinsa Sachan and Moyna was published in Down to Earth magazine's January 15, 2013 issue. Pranesh Prakash is quoted.

In run-up to the just-concluded World Conference on International Telecommunications in Dubai, there was a frenzied campaign to ensure that governments kept their hands off the Internet. It was feared the International Telecommunications Union, a UN body, was aiming to take control of the Internet. That hasn’t happened. But the outcome in Dubai has highlighted once again the double speak on freedom by countries that claim to espouse it and by corporations interested in protecting their interests, says Latha Jishnu, who warns that the major threat to the Internet freedom comes from the wide-ranging surveillance measures that all governments are quietly adopting. Dinsa Sachan speaks to institutions and officials to highlight the primacy of cyber security for nations, while Moyna tracks landmark cases that will have a bearing on how free the Net remains in India.

For months now a little-known UN agency, the International Telecommunication Union (ITU), has been looming large in cyberspace, portrayed as an evil force plotting to take over the Internet and threatening to destroy its freedom by rewriting archaic regulations. ITU, set up in 1865, is primarily a technical body that administers a 24-year-old treaty, International Telecommunication Regulations (ITRs), which are basic principles that govern the technical architecture of the global communication system.

	How did the 193-nation ITU, which regulates radio spectrum, assigns satellite orbits and generally works to improve telecom infrastructure in the developing world, turn into everyone’s favourite monster in the digital world? The provocation was ITU’s World Conference on International Telecommunications (WCIT) in Dubai, where ITRs were proposed to be revised. Leaked documents of the proposals made to ITU had shown that statist countries like Russia and China, known for their crackdown on Internet freedom, had put forward proposals to regulate digital “crime” and “security” aspects that are currently not regulated at the global level for want of consensus on balancing enforcement with protection of individual rights.

Other proposals were about technical coordination and the setting up of standards that enable all the devices, networks and software across the Internet to communicate and connect with one another. Although ITU secretary general Hamadoun I Touré had emphasised that the Dubai WCIT was primarily attempting to chart “a globally agreed-upon roadmap that offers future connectivity to all, and ensures sufficient communications capacity to cope with the exponential growth in voice, video and data”, there was widespread scepticism among developed countries.

Online subversion in India AT the seventh annual meeting of the Internet Governance Forum in Baku, Azerbaijan, last November, Minister for Communications and Information Technology Kapil Sibal was a star turn. He made an elevating speech about the need to put in place a “collaborative, consultative, inclusive and consensual” system for dealing with policies involving the Internet. India, with 125 million Internet users—a number that “is likely to grow to about half a billion over the next few years”—would be a key player in the cyberworld of tomorrow, he promised. According to the minister, Internet governance was an oxymoron because the concept of governance was for dealing with the physical world and had no relevance in cyberspace. These were high sounding words that crashed against the reality of India’s paranoia over online subversion. For starters, Sibal flew into a media blitz over Google’s transparency Report which ranked India second globally in accessing private details of its citizens. Even if it was a far second behind the US, it was an embarrassing revelation for the government which appears to have been rather enthusiastic in seeking information on the users of its various services. Such user data would include social networking profiles, complete gmail accounts and search terms used. In the first half of 2012, India made 2,319 requests related to 3,467 users compared with 7,969 requests by the US. Globally, Google clocked a total of 20,938 requests for user data. A few days down the line there was a public explosion over the arrest of two young women in Palghar, near Mumbai, for posting a prosaic comment on Facebook over Bal Thackeray’s death. Thanks to the deliberately vague wording of Section 66A of the IT Act, such arrests have become common and Rajya Sabha devoted a whole afternoon to discuss the impugned legislation and seek its withdrawal. Sibal’s response has been to issue guidelines on the use of this Section which civil society organisations say will do nothing to sort out matters. Then there are the IT (Intermediaries Guidelines) Rules, 2011, issued under Section 79 of the IT Act, which have been used indiscriminately by business interests to shut down websites, resulting in unbridled censorship of the Internet time and again. Although a motion for its annulment was moved in Parliament by Rajya Sabha member P Rajeeve, it was withdrawn after Sibal promised to talk to all stakeholders. A host of MPs have termed the rules a violation of right to freedom of speech besides going against the laws of natural justice. The promised meeting of stakeholders has not yielded any results and censorship on grounds of possible online piracy continues. In this regard, India is more restrained than the US which has pulled down huge numbers of domains on the ground they were violating intellectual property by selling pirated goods.

Western global powers, behemoth Internet companies, private telecom corporations and almost the entire pack of civil liberties organisations came together in a frenzied campaign to ensure that ITU kept its hands off the Internet. Massive online petitions were launched, backed by Internet companies such as search engine Google and social networking service Facebook. The Internet, they said, should not become an ITU remit because it would change the multi-stakeholder approach, which currently marks the way the Internet is governed, and replace it with government control that would curb digital freedom. Not only did the US administration oppose the revision of ITRs, the US Congress also passed a rare unanimous resolution against the WCIT proposals.

In the end, it was an anti-climax: nothing much came of these proposals. Although WCIT was marked by high drama—a walkout by the US and six European countries, a show of hands on a contested but innocuous resolution and an unexpected vote—the “final acts” (http://www.itu.int/en/wcit-12/Documents/final-acts-wcit-12.pdf) or the changes in ITRs make no mention of the I word. Not once. The 30-page document states at the outset that “these regulations do not address the content-related aspects of telecommunications” —an indirect reference to the Internet.

	Ultimately, it was a triumph of the US-led position even if 89 of the 144 eligible countries signed it. Most of the developed countries refused to sign it. Nor, unexpectedly, did India, and thereby hangs a curious tale. Officials who were privy to the negotiations told Down To Earth that India was all set to sign the new ITRs when its delegation got last-minute instructions from Delhi not to endorse them. “It was unexpected and a let-down for India and our global allies,” confesses an official of the Ministry of Communications & IT. “There was nothing in the final document that we had objections to.” According to the grapevine, Minister for Communications and Information Technology Kapil Sibal was facing pressure from two sides: the US Administration and domestically from civil society, Internet service providers and the private telecom players who had objected to India’s proposals on ITRs. The US is known to be keeping a close eye on what India decides to do on the new treaty which it can still ratify. In the Dubai treaty, the only ITR that does impinge on the Net is (Article 5B) on unsolicited bulk electronic communications or spam. But even here, what it merely states is that member-states should endeavour to take necessary measures to prevent the “propagation of unsolicited bulk electronic communications and minimize its impact on international telecommunication services.”

In many ways, what took place during the hectic days before and during the December 3-14 WCIT was in a broad sense a replay of the Cold War scenario of the good (freedom-loving countries) versus evil (authoritarian or autocratic regimes), although alliance may have shifted in the two blocs. What is clear is that a larger geopolitical fight is playing out with the Internet as disputed terrain. American analysts themselves have pointed out that the “US got most of what it wanted. But then it refused to sign the document and left in a huff.”

Even the innocuous Article 5A, which calls on members “to ensure the security and robustness of international telecommunication networks”, was interpreted by US delegation head Terry Kramer as a means that could be used by some governments to curb free speech!

As an outraged Saudi delegate said, “It is unacceptable that one party to the conference gets everything they want and everybody else must make concessions. And after having made many concessions, we are then asked to suppress the language which was agreed to. I think that that is dangerous. We are on a slippery slope.” The final outcome: all the contentious issues were relegated to resolutions, which have no legal basis.

Indeed, the US has managed to get its way on most issues: protecting the mammoth profits of its Internet companies and ensuring that control of the Internet address system, now done by a group based in the US, will not be shared with other ITU members. And, the likes of Google (2011 profit: $37.9 billion) and Facebook will not have to pay telecom companies for use of their networks to deliver content.

Challenges of securing cyberworld

E-commerce in India, where every tenth person is online, is on the rise—and, consequently, crime on the Internet. In 2011, the country’s nodal agency for handling cyber crime, Indian Computer Emergency Response Team, tackled 13,301 incidences of security breach. The incidents ran the gamut from website intrusions, phishing to network probing and virus attacks. Further, in 2009, 2010, 2011 and 2012 (until October), there were 201, 303, 308 and 294 cyber attacks respectively on sites owned by the Indian government. Most notably, hacker group Anonymous defaced the website of Union Minister of Communications and Information Technology, Kapil Sibal.

To beef up cyber security, the Union ministry plans to pump in Rs 45 crore in 2012-13. It also put up a draft cyber security policy for public comments in 2011. Currently, cases involving cyber security and crime are handled under the IT Act of 2000 (Amendment 2008) and the Indian Penal Code.

But will the government go about its business of securing the Net in a responsible manner? There is scepticism. Section 69 of the Act gives any government agency the right to “intercept, monitor or decrypt” information online. Chinmayi Arun, assistant professor of law at National Law University in Delhi, said at the Internet Governance Conference held at FICCI in October that crimes like defamation are not on the same page as cyber terrorism, and “we have to question whether they warranty invasion of privacy”. She added that the workings of the surveillance system has to be made more open to build public trust.

Pranesh Prakash, policy director at Centre for Internet and Society (CIS) in Bengaluru, draws attention to a fundamental flaw in the section. “Government is allowed to wire tap under the Telegraph Act, 1885. But the Act lays out specific guidelines for such an action. For example, you can only tap phones in the case of a ‘public emergency’ or ‘public safety’ situation. The IT Act does not put such limitations on interception of information,” he says.

Cyber security and ITU

A few months prior to the controversial World Conference on International Telecommunications in Dubai, countries, including Russia and Arab states, had proposed measures that would, through International Telecommunication Union (ITU), grant disproportional power to countries to control the Internet in the name of security measures. Several proposals, most notably those of India and Arab States, explicitly stated in the proposed Article 5A that countries should be able to “undertake appropriate measures, individually or in cooperation with other Member States” to tackle issues relating to “confidence and security of telecommunications/ICTs”. It raised alarm among civil society. US-based think tank Center for Democracy and Technology (CDT) said in its report dated September, 2012, that cyber security does not fall under the ambit of International Telecom Regulations, and some countries would misuse such privileges for “intrusive or repressive measures”.

The proposal by African member states recommended that nations should “harmonise their laws” on data retention. In other words, intermediaries would have to retain public data for a long period so that governments can access it whenever they please. With regard to this, CDT noted, “Not only do national laws on data retention vary greatly, but there is ongoing controversy about whether governments should impose data retention mandates at all.”

A clause in the Arab proposal on routing said, “A Member State has the right to know how its traffic is routed.” Currently, the way Internet works, senders and recipients do not know how data between their computers travels or is routed. However, enabling countries to have control over routing has its dangers. CDT notes, “(This) would simply not work and could fundamentally disrupt the operation of the Internet.” Internet traffic travels over an IP network. While travelling, it is fragmented into small packets. Packets generally take a different path across interconnected networks in many different countries before reaching the recipient’s computer. CDT notes providing routing information to countries would require “extensive network engineering changes, not only creating huge new costs, but also threatening the performance benefits and network efficiency of the current system”. Although routing was not part of India’s proposal, Ram Narain, deputy director general at the department of telecommunications, told Down To Earth it was one of the country’s concerns.

However, to civil society’s partial relief, such draconian cyber security clauses were not adopted in the new itr treaty. Two clauses added to the treaty, Article 5A and 5B, address some cyber security concerns. Titled “Security and robustness of networks”, Article 5A urges countries to “individually and collectively endeavour to ensure the security and robustness of international telecommunication networks”. Article 5B talks about keeping tabs on spam.

Prasanth Sugathan, senior advocate with Software Freedom Law Centre, an international network of lawyers, says while he would have preferred that the two clauses were kept out of the new treaty, they do not seem harmful. “They are a much toned down version of what Arab states and Russia had suggested,” he says.

This is one reason India, Brazil and other democracies from the developing world also want a change in ITRs. They want the Internet behemoths to pay for access to their markets so that such revenues can be used to build their own Internet infrastructure.

In the furious debate on keeping the Net free of international control even hawk-eyed civil society organisations prefer to ignore the monetary aspects of Net control. Some analysts believe that maintaining the status quo is not so much about protecting the values of the Internet as about safeguarding interests, both monetary and hegemonistic. Such an assessment may not be wide of the mark if one joins the dots. Google, says a Bloomberg report of December 10, “avoided about $2 billion in worldwide income taxes in 2011 by shifting $9.8 billion in revenues into a Bermuda shell company, almost double the total from three years before”. It also said that the French, Italian, British and Australian governments are probing Google’s tax avoidance in its borderless operations.

	What is clear, however, is that a number of countries for reasons springing from different motivations, appear determined to undermine America’s control of the outfits that now define how the Internet works. Although the US maintains that ICANN (Internet Corporation for Assigned Names and Numbers) is a private, non-profit corporation, it is overseen by the US Commerce Department. According to People’s Daily, what the US spouts about Net freedom is so much humbug. In an August 2012 report, the leading Chinese daily claimed the US “controls and owns all cyberspaces in the world, and other countries can only lease Internet addresses and domain names from the US, leading to American hegemonic monopoly over the world’s Internet”. It also highlighted a fact that has slipped below the radar. During the Iraq invasion, the US government asked ICANN to terminate services to Iraq’s top-level domain name “.iq” and thereafter all websites with the domain name “.iq” disappeared overnight. It charges the US with having “taken advantage of its control over the Internet to launch an invisible war against disobedient countries and to intimidate and threaten other countries”. While this may be true, the irony is that China, with its great firewall of censorship, is in no shape to position itself as a champion of freedom. Like other authoritarian countries, it will do everything to police the Net and control it.

The right of countries and peoples to access the Net was highlighted in Dubai when some African countries raised the issue of US control of the global Internet. Some of these, such as Sudan, have long been complaining about Washington’s sanctions that entail denial of Internet services. ITU officials point out that Resolution 69, first passed in the 2008 meeting, invoked again in 2010 and dusted off once again for the WCIT negotiations, invoked “human rights” to argue for “non-discriminatory access to modern telecom/ ICT facilities, services and applications”. Says Paul Conneally, head of Communications & Partnership Promotion at ITU, “The real target of these resolutions are US sanctions imposed on nations that are deemed bad actors. These sanctions mean that people in those countries—not just the government, mind you, but everyone, innocent and guilty alike—are denied access to Internet services such as Google, Sourceforge, domain name registrars such as GoDaddy, software and services from Oracle, Windows Live Messenger, etc.”

The catalogue of Sudan’s complaints shows at least 27 instances in 2012 when companies from Google to Microsoft and Paypal to Oracle cut off their services to the African country. This might explain why major companies would be opposed to the resolution on a right to access Internet services. Such a right would allow countries to use ITRs to compel them to provide services they might otherwise have preferred not to. But so far all such sanctions appear to have been a decision of the US Administration.

The problem of the digital divide, in fact, did not get the headlines it should have. Africa accounts for just 7 per cent of the 2.4 billion people who use the Net worldwide and penetration in the region is just 15.6 per cent of the population. Compare this with North America where over 78 per cent are linked to the digital world and Touré’s logic about the ITU’s mandate appears reasonable.

When Apple censors the drone war NETIZENS know that the Internet suffers from the depredations of government, hackers and viruses. But not many are aware that companies are as prone to taking legitimate stuff off the Net on the flimsiest grounds. In the case of Apple it could have been misplaced patriotism or plain business sense that prompted it to block an app which monitors drone strike locations in November last year. The App Store rejected the product, calling it “objectionable and crude”. Drones+ (see photo) is an application that simply adds a location to a map every time a drone strike is reported in the media and added to a database maintained by the UK’s Bureau of Investigative Journalism. Josh Begley, a graduate student at New York University, who developed the app, says it shows no visuals of war or classified information. All it does is to keep its users informed about when and where drone attacks are taking place in Pakistan and Afghanistan. “This is behavior I would expect of a company in a repressive country like China, not an iconic American company in the heart of Silicon Valley,” says a petition to the company CEO. Did Apple’s censorship have anything to do with the fact that it received huge contracts from the Pentagon? US legislators have joined the protests against Apple. The most brazen act of corporate censorship occurred in August 2012 with NASA’s livestream coverage of the Curiosity rover’s landing on Mars in the space agency’s $2.5 billion mission. A news agency, Scripps, coolly claimed as its own the public domain video posted on NASA’s official YouTube channel that documented the epic landing (see our opening visuals). “This video contains content from Scripps Local News, who has blocked it on copyright grounds. Sorry about that,” said a message on NASA’s blackened screen. So much for the strict US laws aimed at curbing online piracy!

Touré noted that the revised ITRs would see greater transparency in global roaming charges, lead to “more investment in broadband infrastructure” and help those with disabilities. But he was hopeful that the new treaty signed in Dubai would make it possible for the 4.5 billion people still offline to be connected. “When all these people come online, we hope they will have enough infrastructure and connectivity so that traffic will continue to flow freely,” Touré said.

But should ITU govern the Net? Not in its entirety, according to experts. For one, ITU until the Dubai meeting was far from being transparent and does not allow participation of civil society or other stakeholders in its negotiations unless they are part of the official delegation of the member-states. In fact, even critics of the current system, who think the system is lopsided and hypocritical, believe ITU needs to reform itself and confine to the carrier/infrastructure layer of the Internet. Nor should it get into laying down standards which is done by Internet Engineering Task Force (IETF) and the naming and numbering that is managed by ICANN.

But Conneally counters this by asking what would happen if the US decided to deny domain name root zone to Iran because of its bad human rights record. “Suppose it ordered Verisign to remove .IR from the DNS root and make it non-functional. Would we want ICANN/the Internet governance regime to be used as a political/strategic tool to reform Iran? What happens to global interoperability when the core infrastructure gets used in that way?”

Who then should ensure that the Internet is run in a free and open manner? Should it be the Internet Governance Forum (IGF)? But IGF is to be an open consultative forum that cannot by itself govern. It brings in participation for any or all Internet-related policy processes but it by itself was never supposed to do policy or governance.

Parminder Jeet Singh, executive director of ItforChange, says whoever governs is the government for that purpose. “This truism is significant in the present context, because there is an attempt by those who really control/ govern the Internet at present, largely through illegitimate and often surreptitious ways, to confuse issues around Internet governance in all ways possible, including through abuse of established language and political principles and concepts.”

ITforChange is a Bengaluru institution working on information society theory and practice, especially from the standpoint of equity, social justice and gender equality, and it is that perspective which informs Singh’s suggestions. “What we need are safeguards as, for instance, with media regulation. The Internet, of course, is much more than media. It is today one of the most important factors that can and will influence distribution of economic, social and political power. Without regulation it will always be that those who currently dominate it will take away the biggest pie.

Surveillance club

Eight Indian companies are among the 700 members of European Telecommunications Standards Institute. The group works with government and law enforcement agencies to integrate surveillance capabilities into communications infrastructure. It also hosts regular meetings on lawful interception

Wipro Technologies	Associate Service Providers
• HCL Technologies Limited	• Associate Consultancy for Co./Partnership
• Accenture Services Pvt Ltd	• Observers
• CEWiT	• Associate Research Body
• Saankhya Labs Pvt Ltd	• Associate Manufacturers
• Sasken Communication	• Associate Manufacturers
• Technologies
• SmartPlay Technologies	Associate Consultancy for Co./Partnership
• TEJAS NETWORKS LTD	• Associate Manufacturers

Other critics of the current system concede that bringing governments on board, especially authoritarian and statist powers which the digital world threatens, would give them perverse incentives to control it. But this threat should be met not by insisting that the Internet needs no governance or regulation, but by safeguards that ensure equitable access and benefits, Singh stresses.

While the jury is out on the question whether the new ITRs will make any material difference to the way, and if at all, the Net will come under added government oversight and intervention, developments elsewhere show that ITU is not the main threat to digital freedom.

The irony is that while cyber security is contentious in ITU, other international organisations, such as the UN Office on Drugs and Crime (UNODC) and a clutch of influential telecom industry associations, are pushing for surveillance programmes that ensure policing of a high order with sophisticated infrastructure to monitor online communications. A host of countries already have such systems in place and are pressuring countries like India to fall in line.

A UNODC report, titled ‘The use of the Internet for terrorist purposes’, has detailed how countries can and should use new technology for online surveillance—all in the name of anti-terrorism. The report discusses sensitive issues such as blocking websites and using spyware to bypass encryption and also urges countries to cooperate on an agreed framework for data retention.

At the same time, powerful industry bodies, such as ATIS (Alliance for Telecommunications Industry Solutions) and the European Telecommunications Standards Institute (ETSI), are reported to be working with government and law enforcement agencies to integrate surveillance capabilities into communications infrastructure, according to Future Tense, a project which looks at emerging technologies and how these affect society, policy and culture. It says India is under pressure from another industry organisation, the Telecommunications Industry Association (TIA), “to adopt global standards for surveillance”, calling on the country’s government to create a “centralized monitoring system” and “install state-of-the-art legal intercept equipment”.

TIA is a Washington-based trade group which brings together companies such as Nokia, Siemens Networks and Verizon Wireless, and is focused on issues related to electronic surveillance and is developing standards for intercepting VOIP and data retention alongside with ETSI and ATIS. At least seven Indian companies are members of ETSI, which is said to hold international meetings on data interception thrice a year.

Add to this chilling list the International Chamber of Commerce. It is reported to be seeking the establishment of surveillance centre hubs of several countries to help governments intercept communications and obtain data that is stored in cloud servers in foreign jurisdictions. Given this backdrop why are the US and its cohorts creating a ruckus on ITRs?

It would also mean that by focusing on ITRs and ITU as a major threat to Internet freedom civil society may be jousting at windmills.

Malice and freedom of speech

Two suits highlight the challenge of treading between the two

Among the many legal cases in India related to the use and misuse of the world wide web, two stand out for involving web giants and provoking sharp reaction. These are the cases registered in Delhi district courts in December 2011, objecting to chunks of content—portraying prominent political figures and religious places among others in a certain light—hosted on websites. One was filed by a Delhi journalist, Vinai Rai, requesting the court to press criminal charges against 21 web agencies, including Google, Facebook and Yahoo! India. The other, filed by a social activist, M A A Qasmi, was a civil suit requesting action against 22 web agencies. Both mentioned that the content on the websites was inflammatory, threat to national integrity, unacceptable, and created enmity, hatred and communal discord.

A year on, tangible impact has not been much. The number of accused in the civil case has come down to seven web agencies and in the criminal case the government is yet to issue summons to the companies concerned (see ‘The case so far’). However, these litigations are seen as landmarks in the recent history of the Internet and its interaction with societies and governments. The cases—especially off-the-record comments by the judiciary suggesting blanket ban and pre-screening of all content—provoked a debate on the freedom of expression and Indian cyber laws.

The case so far

JANUARY 13, 2012: Delhi High Court dismisses petition by Google and Facebook asking to be absolved of criminal charges filed in district court

JANUARY 20: High Court asks for reply from Delhi Police in response to plea by Yahoo! India challenging district court summons

FEBRUARY 16: Court refuses to stay proceedings against Facebook and Google but allows them to be represented by counsel

MARCH: Court dismisses criminal charges against Yahoo! India and Microsoft but says the charges can be revived if new evidence comes to light. Sets aside summons

Malicious content exists on the web and may even need to be taken down, but the laws used to remove malicious content can also be used to curb political speech, thus, infringing on the right to freedom of expression, says Prasanth Sugathan, senior advocate with Software Freedom Law Centre, an international network of lawyers.

Some like Pranesh Prakash of non-profit Centre for Internet and Society believe the IT Rules are at odds with the IT Act and give powers for censorship. He explains that the IT Act, 2000, provides for protection of intermediaries; web browsers, social networking sites and websites cannot be held responsible for what a third party publishes on their forums—“similar to the way in which we cannot sue a telephone agency or a post office for someone else making use of these platforms to harass or defame another person”. But the IT rules of 2011 watered down this protection.

Supreme Court advocate and cyber law expert Pavan Duggal explains how. The Act states once a complaint is made against certain content, the web agency hosting it must notify the person who put up the content, verify the content and judge whether it needs to be removed. But the rules state that once the web agency is notified it must remove the content within 36 hours or it could be prosecuted for not acting on the complaint. The rules have gone beyond the Act’s scope, especially vis-a-vis privacy and data protection, leaving no scope for hearing out the accused, he says.

The disjunct between the Act and the rules is being contested in various spheres, including Parliament. But there is a bright side too. Duggal believes the cases have brought pertinent issues, like free speech and privacy concerns, into the public domain. Ramanjeet Chima, policy adviser for Google, says freedom of expression is paramount for Google but the recognition of local sentiments is also being given equal weightage.

Senior advocate Sidharth Luthra, who was representing Facebook in the Delhi High Court, wonders whether the existing Indian laws are in tune with the ever-changing online world. Unwilling to comment on the case, he says the law is limited in its scope, while technology is not. Refusing to comment on the cases, the Google adviser emphasised the need to use the existing provisions of big web agencies to address grievances regarding content.

The Internet “is not the wild wild west”; all content, users and viewers can be traced, Duggal cautions. Since the Internet can impact political issues government is increasingly looking for ways to control it. “There is no ideal solution but it is evident that some monitoring and regulation are required, and in all parts of the world all regimes are in the process of addressing this,” he says.

For more details visit https://cis-india.org/news/down-to-earth-latha-jishnu-dinsa-sachan-moyna-january-15-2013-clash-of-the-cyber-worlds

Chilling Effects and Frozen Words

Lawrence Liang — 2012-04-30T07:32:17Z

What if the real danger is not that we lose our freedom of speech and expression but our sense of humour as a nation? Lawrence Liang's op-ed was published in the Hindu on April 30, 2012.

While freedom of speech and expression is an individual right, its actualisation often relies on a vast infrastructure of intermediaries.

In the offline world, this includes newspapers, television channels, public auditoriums, etc. It is often assumed that the internet has created a more robust public sphere of speech by doing away with many structural barriers to free speech. But the fact of the matter is that even if the internet enables a shift from a ‘few to many' to a ‘many to many' model of communication, intermediaries continue to remain important players in facilitating free speech. Can one imagine free speech on the internet being the same without Twitter, social networks or Youtube?

One way of thinking of the infrastructure of communication is in terms of ecology, and in the ecology of speech — as in the environment — an adverse impact on any component threatens the well-being of all. The idea of cyberspace as a commons is a much cherished myth and in the early days of the internet we were perhaps given a glimpse into its utopian possibility. But we would be deluding ourselves if we believed that the problems that plague free speech in the offline world (including ownership of the avenues of speech) are absent in cyberspace. Recall in recent times that one of the most effective ways in which various governments retaliated to the leaking of official secrets on WikiLeaks was by freezing Julian Assange's PayPal account.

Direct & Indirect Controls

It may be useful to distinguish between direct controls on free speech and indirect or structural controls on free speech. India has had a long history of battling direct and indirect controls on free speech and with a few exceptions the interests of the press have often coincided with the interests of a robust public sphere of debate and criticism.

In the late 1950s and early 1960s, a number of large media houses battled restrictions imposed on the press by way of control of the number of pages of a newspaper, regulation of the size of advertisements and the price of imported newsprint. On the face of it, some of these restrictions may have seemed like commercial disputes but the Supreme Court rightly recognised that indirect controls could adversely impact the individual's right to express himself or herself as well as to receive information freely.

In the online context, there has also been a similar recognition of the role of intermediaries in providing platforms of speech and it is with this view in mind that a number of countries have incorporated safe harbour provisions in their information technology laws.

Section 79 of the Information Technology Act is one such safe harbour provision in India which provides that intermediaries shall not be liable for any third party action if they are able to prove that the offence or contravention was committed without their knowledge or that they had exercised due diligence to prevent the commission of such offence or contravention. But this safe harbour has effectively been undone with the passing of the Information Technology (Intermediaries guidelines) Rules, 2011.

The rules clarify what standard of due diligence has to be met by intermediaries and Sec. 3(2) of the rules obliges intermediaries to have rules and conditions of usage which ensure that users do not host, display, upload, modify, publish, transmit, update or share any information that is in contravention of the Section. This includes the all too familiar ones (defamatory, obscene, pornographic content) but also a whole host of new categories which could be invoked to restrict speech (“grossly harmful,” “blasphemous,” “harassing,” “hateful”).

As is well known, any restriction on speech in India has to comply with both the test of reasonableness under Article 19(2) of the Constitution, as well as ensuring that the grounds of censorship are located within 19(2). Even though there are laws regulating hate speech in India, blasphemy is not a category under Art. 19(2) and has hitherto not been a part of Indian law. Some of the other categories such as “grossly harmful” suggest the people who drafted the rules seem to have taken a constitutional nap at the drafting board.

Sec. 3(4) of the rules provides that any intermediary who receives a notice by an aggrieved person about any violation of sub rule (2) will have to act within 36 hours and where applicable will ensure that the information is disabled. In the event that it fails to act or to respond, the intermediary cannot claim exemption for liability under Sec. 70 of the IT Act. It is worth noting that most intermediaries receive from hundreds to thousands of requests from individuals on a daily basis asking for the removal of objectionable material. The Centre for Internet and Society conducted a “sting operation” to determine whether the criteria, procedure and safeguards for administration of the takedowns as prescribed by the Rules lead to a chilling effect on free expression.

In the course of the study, frivolous takedown notices were sent to seven intermediaries and their response to the notices was documented. Different policy factors were permuted in the takedown notices in order to understand at what points in the process of takedown, free expression is being chilled. The takedown notices which were sent by the researcher were intentionally defective as they did not establish how they were interested parties, did not specifically identify and discuss any individual URL on the websites, or present any cause of action, or suggest any legal injury. Of the seven intermediaries to which takedown notices were sent, six over-complied with the notices, despite the apparent flaws in them.

Caution

Even in cases where the intermediaries challenged the validity of the takedowns, they erred on the side of caution and took down the material. While a number of intermediaries would see themselves as allies in the fight against censorship, more often than not intermediaries are also large commercial organisations whose primary concern is the protection of their business interests. In the face of any potential legal threat, especially from the government, they prefer to err on the side of caution. The people whose content was removed were not told, nor was the general public informed that the content was removed.

The procedural flaws (subjective determination, absence of the right to be heard, the short response time) coupled with the vague grounds on which such takedowns can be claimed, clearly point to a highly flawed situation in which we will see many more trigger happy demands for offending materials to be taken down.

We have already slipped into a state of being a republic of over sensitivity where any politician, religious group or individual can claim their sentiments have been hurt or they have been portrayed disparagingly, as evidenced by the recent attack and subsequent arrest of Professor Ambikesh Mahapatra of Jadavpur University for posting cartoons lampooning Mamata Banerjee.

Nervous State

In the era of global outsourcing it was inevitable that the state censorship machinery would also learn a lesson or two from the global trends and what better way of ensuring censorship than outsourcing it to individuals and to corporations. The renowned anthropologist, Michael Taussig, once compared the state to a nervous system and it seems that the Intermediary rules live up to the expectations of a nervous state ever ready to respond to criticism and disparaging cartoons.

What if the real danger is not even that we lose our freedom of speech and expression but we lose our sense of humour as a nation?

The evident flaws of the rules have been acknowledged even by lawmakers, with P. Rajeeve, the CPI(M) M.P., introducing a motion for the annulment of the rules. The annulment motion is going to be debated in the coming weeks and one hopes that the parliamentarians will seriously reconsider the rules in their current form.

When faced with conundrums of the present it is always useful to turn to history and there is reason to believe that while censorship has a very respectable genealogy in Indian thought, it has also been accompanied in equal measure by a tradition of the right to offend.

In his delightful reading of the Arthashastra, Sibaji Bandyopadhay alerts us to the myriad restrictions that existed to control Kusilavas (the term for entertainers which included actors, dancers, singers, storytellers, minstrels and clowns). These regulations ranged from the regulation of their movement during monsoon to prohibitions placed on them, ensuring that they shall not “praise anyone excessively nor receive excessive presents”. While some of the regulations appear harsh and unwarranted, Bandyopadhay says that in contrast to Plato's Republic, which banished poets altogether from the ideal republic, the Arthashastra goes so far as to grant to Kusilavas what we could now call the right to offend. Verse 4.1.61 of the Arthashastra says, “In their performances, [the entertainers] may, if they so wish, make fun of the customs of regions, castes or families and the practices or love affairs (of individuals)”. One hopes that our lawmakers, even if they are averse to reading the Indian Constitution, will be slightly more open to the poetic licence granted by Kautilya.

Click for the original published in the Hindu on April 30, 2012. Lawrence Liang is a lawyer and researcher based at Alternative Law Forum, Bangalore. He can be contacted at lawrence@altlawforum.org

For more details visit https://cis-india.org/internet-governance/chilling-effects-frozen-words

Censorship makes India fall two places on global internet freedom chart

praskrishna — 2012-09-27T10:37:47Z

A recently released global report on the internet freedom rated India 39th in 2012, a slip from two places last year.

The article by Dilnaz Boga was published in DNA on September 27, 2012.

The report titled, Freedom on the net 2012 (FOTN): A global assessment of internet and digital media by Freedom House, a Washington-based monitoring group conducted a comprehensive study of internet freedom in 47 countries.

Quoting Bangalore-based Centre for Internet and Society, the report said 309 specific items (URLs, Twitter accounts, img tags, blog posts, blogs, and a handful of websites) have been blocked by the government. But officially, the government has admitted to blocking 245 web pages for inflammatory content hosting of provocative content.

Ketan Tanna, India analyst for Freedom House told DNA, “A reflection of the downward spiral in the freedom on the net that Indians enjoy is evident in the upward revision of scores for India in the FOTN 2012 report. India was one of the only 4 of the 20 countries that “recently experienced declines” and are democracies. The other three are Mexico, Turkey and South Korea.”

Internet usage in India continues to increase, with tens of millions of new users getting online each year. According to the International Telecommunications Union, internet penetration was 10% — or about 120 million people at the end of 2011. Among internet users, 90 million were ‘active,’ accessing it at least once a month (70 million urban and 20 million rural).

The report has mentioned that in India, “amid several court cases regarding intermediaries’ responsibility for hosting illegal content, much evidence has surfaced that intermediaries are taking down content without fully evaluating or challenging the legality of the request”.

Citing an example, Tanna said in December 2011, the website Cartoons against Corruption was suspended by its hosting company after a complaint filed with the Mumbai police alleged that the site’s cartoons ridiculed parliament and national emblems. “As a result of such dynamics, large swaths of online content are disappearing, and the losses are far more difficult to reverse than the mere blocking of a website,” he added.

More common than website blocking is the removal of content based on judicial orders, government directives, and citizen complaints. This phenomenon that has increased in recent years and in some cases, targeted content on political, social, and religious topics, the report said.

The Indian authorities had submitted 68 removal requests covering 358 items between January and June 2011. According to Google, 255 items related to what it categorised as “government criticism,” while 39 involved defamation and 8 pertained to hate speech.

In January, responding to a freedom of information request, the home ministry reported that the government orders 7,500 to 9,000 phone interceptions per month, the report disclosed. Criticising this practice and the government’s disregard for the Constitution, the data revealed, “Established guidelines regulate the ability of state officials to intercept communications, but India lacks an appropriate legal framework and procedures to ensure proper oversight of Intelligence agencies’ growing surveillance and interception capabilities, opening the possibility of misuse and unconstitutional invasion of citizens’ privacy.”

As another method of controlling speech and activism online, governments have imposed temporary shutdowns of the internet or mobile phone networks during protests or other sensitive times. Localised internet shutdowns and mobile phone shutdowns occurred in India due to security concerns, the report said.

For more details visit https://cis-india.org/news/dna-india-sep-27-2012-dilnaz-boga-censorship-makes-india-fall-two-places-on-global-internet-freedom-chart

Censoring the Internet: A brief manual

sunil — 2012-08-24T09:39:03Z

Blocking websites on the Internet should be proportionate to harm they intend. However, the government of India's approach is against the principles of natural justice.

Published in Tehelka on August 23, 2012.

When: Speech should be regulated when there is harm, or when there is clear and imminent harm. The extent of regulation must be in proportion to the harm.

The mass exodus of people from the Northeast, from certain Indian-cities is clear indication of a ‘public order’ crisis. The government of India, for the very first time, has legitimate reasons for cracking down on intermediaries such as Google and Facebook and their users, unlike in the past when only the egos of politicians, bureaucrats and others in public office or public life were at stake. In most cases temporary restrictions on speech are sufficient to mitigate harm. When potential for harm has dissipated the restrictions should be lifted. Whilst videos and images related to the violations of the human-rights to the Rohingya community might be sensitive material today, there is no reason why such content should be blocked forever, unlike, for example, in the case of child pornography.

How: Does this mean that the Internet rules that were notified in April last year were future-looking policies justified in retrospect? No. When a block is implemented, or a takedown is complied with, three types of notices are required — either immediately or after the imminent harm has been prevented. First, the censored individuals/groups should be informed, so that they can seek redressal and reinstatement; second, those trying to consume the censored material must be warned; and third, the general public has a right to know either immediately or in due course.

Even in authoritarian states like Saudi Arabia, visitors to blocked websites are given clear reasons why the website was blocked along with contact details to seek redressal. There are, also, safe harbour provisions for intermediaries, meaning that they absolve themselves of liability in exchange for acting upon takedown orders sent by non-state actors. Suitable safeguards are required to prevent over-compliance by intermediaries, and the resulting chilling effect on free speech as demonstrated by CIS's research. The intermediary liability rules under the Indian IT Act 2008 have no such safeguards and therefore does not comply with principles of natural justice.

Who: Block and takedown orders need to be very specific. The advisory note issued to Internet intermediaries by the Department of Electronics and Information Technology, Ministry of Communications & Information Technology on the 17 August did not mention details such as URLs, user accounts, group names and content identifiers. Most of the censored material at first glance, appears to be communal in nature. Unfortunately, there are several URLs from mainstream media publications, a few Wikipedia pages and also at least two blog entries debunking rumours in the list, perhaps because of oversight. Images of unrelated human rights violations featuring people with similar racial features are being used to fuel the current rumours. However, blocking all websites featuring such images will not stop such rumour mongering. Censorship must be targeted and proportionate to the potential harm.

Why: Speaking aloud just once in the analog world could either result in harm or good. Imagine shouting “bomb” in a crowded airport. The network effect of technologies such as SMS, social media and micro-blogging amplifies the impact of speech. Article 19(2) of the Constitution of India lists eight reasons for which reasonable restrictions may be applied to the right to free speech. This applies to both analog and speech mediated via networked technologies. Some of these restrictions such as 'public order' and 'incitement to discrimination, hostility or violence' are part of international treaties such as the International Covenant on Civil and Political Rights. Fringe phenomenon and exceptional circumstances should not be the basis for formulating policy. For example — knives used as murder weapons does not necessitate regulations on cutlery. Similarly, criminalising rumour mongering will not prevent false information from going viral, online, and disrupting public order. Videos and photos are doctored and manipulated for a wide variety of legitimate reasons. The existing law regulating speech in the interests of public order are sufficient to deal with the circulation of falsehoods on social media.

Sunil Abraham is the Executive Director of Bangalore based research organisation, the Centre for Internet and Society.

For more details visit https://cis-india.org/internet-governance/www-tehelka-com-sunil-abraham-august-23-2012-censoring-the-internet

Campaign against curbs on websites gathers steam

praskrishna — 2012-04-25T11:19:29Z

For political cartoonist Aseem Trivedi and his blogger-cum-journalist friend Alok Dixit, who both ran a website against corruption, a tryst with the blind side of law triggered their mission against “gagging” of the new-age Indian Internet user.

The blog post by Arpan Daniel Varghese was published by IBN Live on April 23, 2012.

It all started when they were in Mumbai, taking part in the first public protest seeking a strong Lokpal led by social activist Anna Hazare. “During the course of the protest, we got word that our website had been taken off,” recalls Alok.

The Mumbai Police had banned the website without any prior notice, apparently after a complaint was filed by a Congress leader that some content on the site, CartoonsAgainstCorruption, was objectionable, he says.

“We then contacted Bigrocks, the domain provider, but they did not divulge the exact procedure to restore our website,” he adds.

Kerala High Court lawyer P Jacob, who has a masters in cyber law and is a researcher in the field, clarifies. “Let’s say that you are a website, blog or domain owner... As per the intermediary rules incorporated into the IT laws, introduced through an amendment in 2011, if a third person sends a complaint, be it a frivolous one, to you (the intermediary ) about some objectionable content, you will have to take off the said content within 36 hours.”

This could happen to any one and could be quite dangerous, points out Sunil Abraham, the executive director of The Centre for Internet and Society (CIS-India).� “If a company wants to target your organization’s social media network, they can keep sending fraudulent emails to you and you will have to keep deleting it unless you are ready to face litigation or government action. And then there is no penalty for abusing the provision. There is no transparency, the people who comment will not be told,” says Sunil.

It was this realization that drove Alok, who then quit his job as a reporter, and Aseem Trivedi to start a movement against such blind curbs. ‘Save Your Voice’ was thus born.

A research conducted by the CIS gave further credence to their fears that it was very “easy to ban any website in India.”

“We call it a policy sting operation,” details Sunil. “We sent out fraudulent take- down notices (or complaints) to seven of the largest intermediaries in India. They gladly over-complied and promptly took off the material in question. You can try this. You could look at a legitimate comment and complain that this is blasphemous, offensive or plain annoying. And without questioning your locus standi, the intermediary sites will have to take it off.”

For more details visit https://cis-india.org/news/campaign-against-curbs-on-websites

Breaking Down Section 66A of the IT Act

pranesh — 2012-12-14T09:51:17Z

Section 66A of the Information Technology Act, which prescribes 'punishment for sending offensive messages through communication service, etc.' is widely held by lawyers and legal academics to be unconstitutional. In this post Pranesh Prakash explores why that section is unconstitutional, how it came to be, the state of the law elsewhere, and how we can move forward.

Back in February 2009 (after the IT Amendment Act, 2008 was hurriedly passed on December 22, 2008 by the Lok Sabha, and a day after by the Rajya Sabha[1] but before it was notified on October 27, 2009) I had written that s.66A is "patently in violation of Art. 19(1)(a) of the Constitution of India":

Section 66A which punishes persons for sending offensive messages is overly broad, and is patently in violation of Art. 19(1)(a) of our Constitution. The fact that some information is "grossly offensive" (s.66A(a)) or that it causes "annoyance" or "inconvenience" while being known to be false (s.66A(c)) cannot be a reason for curbing the freedom of speech unless it is directly related to decency or morality, public order, or defamation (or any of the four other grounds listed in Art. 19(2)). It must be stated here that many argue that John Stuart Mill's harm principle provides a better framework for freedom of expression than Joel Feinberg's offence principle. The latter part of s.66A(c), which talks of deception, is sufficient to combat spam and phishing, and hence the first half, talking of annoyance or inconvenience is not required. Additionally, it would be beneficial if an explanation could be added to s.66A(c) to make clear what "origin" means in that section. Because depending on the construction of that word s.66A(c) can, for instance, unintentionally prevent organisations from using proxy servers, and may prevent a person from using a sender envelope different from the "from" address in an e-mail (a feature that many e-mail providers like Gmail implement to allow people to send mails from their work account while being logged in to their personal account). Furthermore, it may also prevent remailers, tunnelling, and other forms of ensuring anonymity online. This doesn't seem to be what is intended by the legislature, but the section might end up having that effect. This should hence be clarified.

I stand by that analysis. But given that it is quite sparse, in this post I will examine s.66A in detail.

Here's what s. 66A of the IT (Amendment) Act, 2008 states:

66A. Punishment for sending offensive messages through communication service, etc.,
Any person who sends, by means of a computer resource or a communication device,—
(a) any information that is grossly offensive or has menacing character;
(b) any information which he knows to be false, but for the purpose of causing annoyance, inconvenience, danger, obstruction, insult, injury, criminal intimidation, enmity, hatred, or ill will, persistently by making use of such computer resource or a communication device,
(c) any electronic mail or electronic mail message for the purpose of causing annoyance or inconvenience or to deceive or to mislead the addressee or recipient about the origin of such messages

shall be punishable with imprisonment for a term which may extend to three years and with fine.

Explanation: For the purposes of this section, terms "electronic mail" and "electronic mail message" means a message or information created or transmitted or received on a computer, computer system, computer resource or communication device including attachments in text, images, audio, video and any other electronic record, which may be transmitted with the message.[2]

A large part of s.66A can be traced back to s.10(2) of the UK's Post Office (Amendment) Act, 1935:

If any person —
(a) sends any message by telephone which is grossly offensive or of an indecent, obscene, or menacing character; or
(b) sends any message by telephone, or any telegram, which he knows to be false, for the purpose of causing annoyance, inconvenience, or needless anxiety to any other person; or
(c) persistently makes telephone calls without reasonable cause and for any such purposes as aforesaid;
he shall be liable upon summary conviction to a fine not exceeding ten pounds, or to imprisonment for a term not exceeding one month, or to both such fine and imprisonment.

Section 66A bears a striking resemblance to the three parts of this law from 1935, with clauses (b) and (c) being merged in the Indian law into a single clause (b) of s.66A, with a whole bunch of new "purposes" added. Interestingly, the Indian Post Office Act, 1898, was never amended to add this provision.

The differences between the two are worth exploring.

Term of Punishment

The first major difference is that the maximum term of imprisonment in the 1935 Act is only one month, compared to three years in s.66A of the IT Act. It seems the Indian government decided to subject the prison term to hyper-inflation to cover for the time. If this had happened for the punishment for, say, criminal defamation, then that would have a jail term of up to 72 years! The current equivalent laws in the UK are the Communications Act, 2003 (s. 127) and the Malicious Communications Act 1988 (s.1) for both of which the penalty is up to 6 months' imprisonment or to a maximum fine of £5000 or both. What's surprising is that in the Information Technology (Amendment) Bill of 2006, the penalty for section 66A was up to 2 years, and it was changed on December 16, 2008 through an amendment moved by Mr. A. Raja (the erstwhile Minister of Communications and IT) to 3 years. Given that parts of s.66A(c) resemble nuisance, it is instructive to note the term of punishment in the Indian Penal Code (IPC) for criminal nuisance: a fine of Rs. 200 with no prison term.

"Sending" vs. "Publishing"

J. Sai Deepak, a lawyer, has made an interesting point that the IT Act uses "send" as part of its wording, and not "publish". Given that, only messages specifically directed at another would be included. While this is an interesting proposition, it cannot be accepted because: (1) even blog posts are "sent", albeit to the blog servers — s.66A doesn't say who it has to be sent to; (2) in the UK the Communications Act 2003 uses similar language and that, unlike the Malicious Communication Act 1988 which says "sends to another person", has been applied to public posts to Twitter, etc.; (3) The explanation to s.66A(c) explicitly uses the word "transmitted", which is far broader than "send", and it would be difficult to reconcile them unless "send" can encompass sending to the publishing intermediary like Twitter.

Part of the narrowing down of s.66A should definitely focus on making it applicable only to directed communication (as is the case with telephones, and with the UK's Malicious Communication Act), and not be applicable to publishing.

Section 66A(c)

Section 66A(c) was also inserted through an amendment moved by Mr. Raja on December 16, 2008, which was passed by the Lok Sabha on December 22, 2008, and a day after by the Rajya Sabha. (The version introduced in Parliament in 2006 had only 66A(a) and (b).) This was done in response to the observation by the Standing Committee on Information Technology that there was no provision for spam. Hence it is clear that this is meant as an anti-spam provision. However, the careless phrasing makes it anything but an anti-spam provision. If instead of "for the purpose of causing annoyance or inconvenience or to deceive or to mislead the addressee or recipient about the origin of such messages" it was "for the purpose of causing annoyance and inconvenience and to deceive and to mislead the addressee or recipient about the origin of such messages", it would have been slightly closer to an anti-spam provision, but even then doesn't have the two core characteristics of spam: that it be unsolicited and that it be sent in bulk. (Whether only commercial messages should be regarded as spam is an open question.) That it arise from a duplicitous origin is not a requirement of spam (and in the UK, for instance, that is only an aggravating factor for what is already a fine-able activity).

Curiously, the definitional problems do not stop there, but extend to the definitions of "electronic mail" and "electronic mail message" in the 'explanation' as well. Those are so vast that more or less anything communicated electronically is counted as an e-mail, including forms of communication that aren't aimed at particular recipients the way e-mail is.

Hence, the anti-spam provision does not cover spam, but covers everything else. This provision is certainly unconstitutional.

Section 66A(b)

Section 66A(b) has three main elements: (1) that the communication be known to be false; (2) that it be for the purpose of causing annoyance, inconvenience, danger, obstruction, insult, injury, criminal intimidation, enmity, hatred or ill will; (3) that it be communicated persistently. The main problem here is, of course, (2). "Annoyance" and "inconvenience", "insult", "ill will" and "hatred" are very different from "injury", "danger", and "criminal intimidation". That a lawmaker could feel that punishment for purposes this disparate belonged together in a single clause is quite astounding and without parallel (except in the rest of the IT Act). That's akin to having a single provision providing equal punishment for calling someone a moron ("insult") and threatening to kill someone ("criminal intimidation"). While persistent false communications for the purpose of annoying, insulting, inconveniencing, or causing ill will should not be criminalised (if need be, having it as a civil offence would more than suffice), doing so for the purpose of causing danger or criminal intimidation should. However, the question arises whether you need a separate provision in the IT Act for that. Criminal intimidation is already covered by ss. 503 and 506 of the IPC. Similarly, different kinds of causing danger are taken care of in ss.188, 268, 283, 285, 289, and other provisions. Similarly with the other "purposes" listed there, if, for instance, a provision is needed to penalise hoax bomb threats, then the provision clearly should not be mentioning words like "annoyance", and should not be made "persistent". (At any rate, s. 505(1) of the IPC suffices for hoax bomb threats, so you don't need a separate provision in the IT Act).

I would argue that in its current form this provision is unconstitutional, since there is no countervailing interest in criminalising false and persistent "insults", etc., that will allow those parts of this provision to survive the test of 'reasonableness' under Art.19(2). Furthermore, even bits that survive are largely redundant. While this unconstitutionality could be cured by better, narrower wording, even then one would need to ensure that there is no redundancy due to other provisions in other laws.

Section 66A(a)

In s.66A(a), the question immediately arises whether the information that is "grossly offensive" or "menacing" need to be addressed at someone specific and be seen as "grossly offensive" or "menacing" by that person, or be seen by a 'reasonable man' test.

Additionally, the term "grossly offensive" will have to be read in such a heightened manner as to not include merely causing offence. The one other place where this phrase is used in Indian law is in s.20(b) of the Indian Post Office Act (prohibiting the sending by post of materials of an indecent, obscene, seditious, scurrilous, threatening, or grossly offensive character). The big difference between s.20(b) of the IPO Act and s.66A of the IT Act is that the former is clearly restricted to one-to-one communication (the way the UK's Malicious Communication Act 1988 is). Reducing the scope of s.66A to direct communications would make it less prone to challenge.

Additionally, in order to ensure constitutionality, courts will have to ensure that "grossly offensive" does not simply end up meaning "offensive", and that the maximum punishment is not disproportionately high as it currently is. Even laws specifically aimed at online bullying, such as the UK's Protection from Harassment Act 1997, can have unintended effects. As George Monbiot notes, the "first three people to be prosecuted under [the Protection from Harassment Act] were all peaceful protesters".

Constitutional Arguments in Importing Laws from the UK

The plain fact is that the Indian Constitution is stronger on free speech grounds than the (unwritten) UK Constitution, and the judiciary has wide powers of judicial review of statutes (i.e., the ability of a court to strike down a law passed by Parliament as 'unconstitutional'). Judicial review of statutes does not exist in the UK (with review under its EU obligations being the exception) as they believe that Parliament is supreme, unlike India. Putting those two aspects together, a law that is valid in the UK might well be unconstitutional in India for failing to fall within the eight octagonal walls of the reasonable restrictions allowed under Art.19(2). That raises the question of how they deal with such broad wording in the UK.

Genealogy of UK Law on Sending 'Indecent', 'Menacing', 'Grossly Offensive' Messages

Quoting from the case of DPP v. Collins [2006] UKHL 40 [6]:

The genealogy of [s. 127(1) of the Communication Act] may be traced back to s.10(2)(a) of the Post Office (Amendment) Act, 1935, which made it an offence to send any message by telephone which is grossly offensive or of an indecent, obscene or menacing character. That subsection was reproduced with no change save of punctuation in s.66(a) of the Post Office Act 1953. It was again reproduced in s.78 of the Post Office Act 1969, save that "by means of a public telecommunication service" was substituted for "by telephone" and "any message" was changed to "a message or other matter". Section 78 was elaborated but substantially repeated in s.49(1)(a) of the British Telecommunications Act 1981 and was re-enacted (save for the substitution of "system" for "service") in s.43(1)(a) of the Telecommunications Act 1984. Section 43(1)(a) was in the same terms as s.127(1)(a) of the 2003 Act, save that it referred to "a public telecommunication system" and not (as in s.127(1)(a)) to a "public electronic communications network". Sections 11(1)(b) of the Post Office Act 1953 and 85(3) of the Postal Services Act 2000 made it an offence to send certain proscribed articles by post.

While the above quotation talks about s.127(1) it is equally true about s.127(2) as well. In addition to that, in 1988, the Malicious Communications Act (s.1) was passed to prohibit one-to-one harassment along similar lines.

The UK's Post Office Act was eclipsed by the Telecommunications Act in 1984, which in turn was replaced in 2003 by the Communications Act. (By contrast, we still stick on to the colonial Indian Post Office Act, 1898.) Provisions from the 1935 Post Office Act were carried forward into the Telecommunications Act (s.43 on the "improper use of public telecommunication system"), and subsequently into s.127 of the Communications Act ("improper use of public electronic communications network"). Section 127 of the Communications Act states:

127. Improper use of public electronic communications network
(1) A person is guilty of an offence if he —
(a) sends by means of a public electronic communications network a message or other matter that is grossly offensive or of an indecent, obscene or menacing character; or
(b) causes any such message or matter to be so sent.
(2) A person is guilty of an offence if, for the purpose of causing annoyance, inconvenience or needless anxiety to another, he —
(a) sends by means of a public electronic communications network, a message that he knows to be false,
(b) causes such a message to be sent; or
(c) persistently makes use of a public electronic communications network.
(3) A person guilty of an offence under this section shall be liable, on summary conviction, to imprisonment for a term not exceeding six months or to a fine not exceeding level 5 on the standard scale, or to both.
(4) Subsections (1) and (2) do not apply to anything done in the course of providing a programme service (within the meaning of the Broadcasting Act 1990 (c. 42)).

Currently in the UK there are calls for repeal of s.127. In a separate blog post I will look at how the UK courts have 'read down' the provisions of s.127 and other similar laws in order to be compliant with the European Convention on Human Rights.

Comparison between S. 66A and Other Statutes

Section 144, IPC, 1860

Power to issue order in urgent cases of nuisance or apprehended danger

...obstruction, annoyance or injury to any person lawfully employed, or danger to human life, health or safety, or a disturbance of the public tranquillity

Babulal Parate v. State of Maharastra and Ors. [1961 AIR SC 884] (Magistrates order under s. 144 of the Cr. PC, 1973 was in violation of Art.19(1)(a) of the Constitution).

A special thanks is due to Snehashish Ghosh for compiling the below table.

Section	Term(s)/phrase(s) used in 66A	Term(s)/ phrase(s) used in similar sections
Section 66A (heading)	Punishment for sending offensive messages through communication service, etc	Section 127, CA, 2003, "Improper use of public electronic communications network"
Section 66A(a)	Any person who sends, by means of a computer resource or a communication device	Section 1(1), MCA 1988, "Any person who sends to another person..."
Section 66A(a)	Grossly offensive	Section 1(1)(a)(i), MCA 1988; Section 127(1)(a),CA, 2003; Section 10(2)(a), Post Office (Amendment) Act, 1935; Section 43(1)(a), Telecommunications Act 1984; Section 20, India Post Act 1898
Section 66A(a)	Menacing character	Section127(1)(a),CA, 2003
Section 66A(b)	Any information which he knows to be false	Section 1(1)(a)(iii), MCA 1988 "information which is false and known or believed to be false by the sender"; Section 127(2)(a), CA, 2003, "a message that he knows to be false"
Section 66A(b) “purpose of...”	Causing annoyance	Section127(2), CA, 2003
	Inconvenience	Section 127 (2), CA, 2003
	Danger
	Insult	Section 504, IPC, 1860
	Injury	Section 44 IPC, 1860, "The word 'injury' denotes any harm whatever illegally caused to any person, in body, mind, reputation or property."
	Criminal intimidation	Sections 503 and 505 (2), IPC, 1860
	Enmity, hatred or ill-will	Section 153A(1)(a), IPC, 1860
	Persistently by making use of such computer resource or a communication device	Section 127(2)(c), CA, 2003, "persistently makes use of a public electronic communications network."
Section 66A(c)	Deceive or to mislead	-

Notes
MCA 1988: Malicious Communications Act (s.1)
CA: Communications Act 2003 (s.127)
*Replaced by Communications Act 2003

[1]. The Information Technology (Amendment) Bill, 2008, was one amongst the eight bills that were passed in fifteen minutes on December 16, 2008.
[2]. Inserted vide Information Technology Amendment Act, 2008.

This was re-posted in Outlook (November 28, 2012)

For more details visit https://cis-india.org/internet-governance/blog/breaking-down-section-66-a-of-the-it-act

Blocking Twitter: How Internet Service Providers & telcos were caught between tweets and tall egos

praskrishna — 2012-08-25T07:36:04Z

Long derided as 'dumb pipes' to the Web, Internet service providers (ISPs) are discovering these days that insult is being increasingly followed up by injury.

Joji Thomas Philip and Harsimran Julka's article was published in the Times of India on August 25, 2012. Pranesh Prakash is quoted.

In the fight between netizens who spare no effort at lampooning the powers that be and alarmingly frequent government flashes of rage at comments that can range from the mildly disrespectful to downright defamatory, telcos and ISPs find themselves much like the grass in the age-old Swahili saying "When two elephants fight, it's the grass that suffers".

The latest reminder of the hard place they find themselves in came earlier this week when news first broke that the government had asked for some accounts on social media site Twitter to also be part of websites and Internet pages it wanted blocked by ISPs. The news triggered a wave of outrage across cyberspace, with many users venting their rage at the first entity they associate the web with - their ISP, which in many cases is also their telecom operator.

"We acted immediately to the government's orders, but ended up being targetted and criticised wrongly only because we acted first," explained one official, who sought anonymity for himself and the company to avoid offending bureaucrats.

It's a common feeling. Telcos and ISPs are increasingly finding themselves in a 'Damned if you do, Damned if you don't' predicament these days, having to walk a tightrope between government orders and a restive netizenry.

And government orders can range from the super-urgent to arbitrary to sometimes ill-conceived. Very often, its 'one ban fits all' makes little allowance for differences between social networking sites and regular websites.

Executives in telecom companies recounted the instance when the government on August 18 ordered a ban on bulk SMSes and restricted text messages to five per day as part of efforts to combat the large-scale migration of people of north-eastern origins from other states to their home provinces fearing reprisal attacks.

"Within an hour of the directive, we started getting calls seeking compliance," said a top executive with a leading telco. But as the Centre was demanding compliance reports, operators were busy trying to decipher its notification, which read: "(a) Block bulk SMS (more than 5) for the next 15 days in the entire country across all states/UTs (b) Block bulk MMS (more than 5) and all MMS with attachment more than 25 KB for the next 15 days in the entire country across all states/UTs."

Shoot first, talk later

Telecom operators were nonplussed by the notification. Did it apply only to senders of bulk text messages who use this facility for commercial purposes? Or, did it mean customers could not send SMSes to more than five people simultaneously?

"When we sought clarification, the explanation was completely different and took a new dimension. It was five text messages per day per customer," said the regulatory head of a GSM operator, requesting anonymity as he did not want to offend the government.

Mobile phone companies then approached the department of telecom explaining that they did not have any technology with which they could impose a five SMSes a day limit for postpaid users. "The home and telecom ministries had not even realised that a facility did not exist before issuing the directive," said the marketing head of a leading telco.

In this case, the government accepted the operator's arguments and relented, but still told the companies not to highlight the limitation. "This time around, our arguments were accepted. Going by past instances, some operators had feared that the government would slap a hefty penalty for non-compliance without considering what we had to say," the marketing head said.

Industry officials say the tendency of 'shoot first, talk later' among bureaucrats and ministers long used to having their orders followed, especially when it came to the world of social networking which very few of them had any idea about, meant that it was safer to obey first and correct later.

"We don't even do any application of mind to the government's notices on requests. We wholesale block them. We can't even question the government's requests. A notice is a law in effect. Violation means a potential penalty which can go up to the cancellation of my licence and thus end to my business," said the head of a Delhi-based ISP that serves business users.

Executives with several ISPs and telcos say most often, court orders, government notifications and directives are not in public domain, and these result in angry consumers assuming that their service provider is up to some mischief.

ISPs say public clarifications by the government would go a long way in addressing the issue. "There has to be transparency. The government should have proactively disclosed the names of the websites it wanted blocked. The persons and intermediaries hosting the content should have been notified and provided with 48 hours to respond as required by the IT Act," said Pranesh Prakash of the Centre for Internet and Society, a research organisation.

For more details visit https://cis-india.org/news/times-of-india-aug-25-2012-blocking-twitter

Blocked websites: Where India flawed

praskrishna — 2012-08-27T03:00:16Z

Apart from not giving 48 hours response time, the Indian government has blocked some websites which don't exist or don't have web addresses, says an analyst.

Published in CIOL on August 23, 2012. Pranesh Prakash's analysis is quoted.

India is threatening to block Twitter as the latter has allegedly failed to respond to the government's order to remove some inflammatory posts.

That has come to light as it is being widely covered in media, but there are hundreds of websites which have already been shut, apparently without due notice to the owners.

Apart from Facebook, Twitter and YouTube accounts, the blocked websites include which are sympathetic to Hindu and Muslim radical groups.

In an analysis of 309 websites blocked in the wake of exodus of North eastern people from Bangalore, Pranesh Prakash of the Centre for Internet and Society (CIS), says the government has blocked these sites under the Information Technology Act, but it failed to provide the mandatory 48 hours to respond (under Rule 8 of the Information Technology Procedure and Safeguards for Blocking for Access of Information by Public, Rules 2009).

He writes in his post: "The persons and intermediaries hosting the content should have been notified. Even if the emergency provision (Rule 9) was used, the block issued on August 18, 2012, should have been introduced before the "Committee for Examination of Request" by August 20, 2012 (within 48 hours), and that committee should have notified the persons and intermediaries hosting the content.

Internet censorship is acceptable as long as it is in the purview of the law and doesn't encroach one's freedom. In this case, some people and posts debunking rumours have been blocked, says Pranesh.

He points to some discrepancies in the way the websites are blocked:

Some of the items are not even web addresses (e.g., a few HTML img tags were included). Some of the items they have tried to block do not even exist (e.g., one of the Wikipedia URLs).
An entire domain was blocked on Sunday, and a single post on that domain was blocked on Monday.
For some YouTube videos, the 'base' URL of YouTube videos is blocked, but for other the URL with various parameters (like the "&related=" parameter) is blocked. That means that even nominally 'blocked' videos will be freely accessible.

He concludes: "All in all, it is clear that the list was not compiled with sufficient care."

For more details visit https://cis-india.org/news/www-ciol-com-aug-23-2012-blocked-websites

Ayodhya trending on Twitter sparks censorship concerns

praskrishna — 2012-12-12T10:38:01Z

On the 20th anniversary of the Babri Masjid demolition, the ShauryaDiwas, Ayodhya and Babri Masjid hashtags were trending on Twitter all day, with almost 2,500 messages sent over 48 hours.

Surabhi Agarwal's article was published in LiveMint on December 6, 2012. Sunil Abraham is quoted.

The tag ShauryaDiwas was used by supporters of the demolition and was used in half the total number of tweets.

Experts said the public display of extreme views on a social networking platform has the potential to create social unrest, leaving the government with few options but to regulate content, in turn fuelling the Internet censorship debate further.

A senior government official said that in a situation in which there are serious national security implications, the government has no option but to "block content" in order to stop communal sentiment from flaring up.

According to social web analytics firm Social Hues, the tweets reached an audience of 456,000 followers. However, according to Vinita Ananth, chief executive of Social Hues, there were also messages that "condemned the call for ShauryaDiwas” tagging it ShameDiwas. "New platforms like Twitter are providing real-time feedback on public sentiment, which is unprecedented."

Ashis Nandy, political and social analyst, said that even though very few Indians are on platforms such as Twitter, communications over them give a hint of what a certain section of the society is thinking about.

"It is a small representation of the middle class, which is driven by ideology and some of the people with extreme opinions may also belong to this group, so perhaps it could have some security implications," he said.

Fringe groups such as those above tend to take extreme positions to get attention, said Sunil Abraham, executive director of Bangalore-based research organization, the Centre for Internet and Society.

Having learnt their lessons after the recent Assam-related panic, intelligence agencies are now keeping a close watch on the Internet, another government official said.

"If necessary, posts will be removed through legitimate ways," the official said, adding that a debate was underway about how to strike a balance between freedom of speech and the lawful requirement of agencies. "Mischief by a few people creates nuisance in society. The government is now looking for ways through which it can regionally block or remove inflammatory tweets. We don’t want to curb freedom of speech and the government doesn’t have any such intentions either," the official said.

Hate messages on social media had sparked a panic exodus of people from the north-east from cities such as Bangalore, Pune and Chennai in August.

For more details visit https://cis-india.org/news/livemint-december-6-2012-surabhi-agarwal-ayodhya-trending-on-twitter-sparks-censorship-concerns

Arrests over Facebook posts: Why we’re on a dangerous slide

praskrishna — 2012-11-20T11:47:43Z

The most bizarre thing about the arrest of Shaheen Dhada and Renu Srinivasan on Monday over a Facebook post that questioned the wisdom of a bandh to mark Shiv Sena leader Bal Thackeray‘s death is that no laws were actually violated by the post.

Venky Vembu's article was published in FirstPost on November 20, 2012. Pranesh Prakash is quoted.

In tone and in content, the post is remarkably restrained, particularly when compared to the rather more incendiary messages that are commonplace on social media platforms. Nor was it even halfways defamatory in the way that many rants on Twitter and Facebook have unfortunately come to be.

Yet, the Mumbai police appear to have cravenly capitulated in the face of some arm-twisting by a local Sena strongman and gone ahead to arrest the two young women on charges that seem laughable even given the extraordinarily sweeping, catch-all clauses of the Information Technology Act.

It is hard to see how Shaheen Dhada violated the two sections of the law under which she has been charged – Section 295A of the Indian Penal Code (“outraging religous feelings of any class”) or even the draconian Section 66A of the IT Act (“sending offensive messages through communication service, etc.”) – with her contemplative post, or what crimes Renu Srinivasan committed in merely ‘liking’ the post.

But it is a sign of the disquieting nature of the provision of the law, and the perverse manner in which it is being implemented, that there weren’t adequate checks and balances to inhibit the wilful deployment of the law on such frivolous grounds. Ironically, the goons who actually wrecked the clinic of Dhada’s uncle haven’t been called to account.

If that is bad enough, it is doubly perverse for Kapil Sibal to claim in all innocence that he is “deeply saddened” by the arrest of the two young women and to insinuate that the IT Act, which he was instrumental in passing, was being misused on grounds of improper implementation.

The fact of it is that the IT Act that he fathered, and particularly the notorious Section 66A, was deliberately worded to give maximum potential for mischief. There have been far too many egregious instances of its misuse by discredited governments and politicians for Sibal to claim that these are random incidents of misuse of the law. Just last month, Finance Minister P Chidambaram’s son Karti had a Puducherry businessmen and anti-corruption activist hauled up by the police for a Twitter post in which the businessman alleged that Karti had “amassed more wealth” than Sonia Gandhi‘s son-in-law.

It’s important to get a sense of why the latest arrests take us further on the slippery slope towards curtailing free speech. Justice Markandeya Katju has repeatedly pointed to the egregious encroachment on the freedom of speech by this provision of law, and has been vocal in calling both politicians and policemen to account whenever the law is abused in this manner.

“It is absurd to say that protesting against the bandh hurts religious sentiments,” Katju observed in a letter to the Maharashtra Chief Minister. “Under Article 19 of our Constitution, freedom of speech is guaranteed fundamental right. We are living in a democracy, not a fascist dictatorship.”

If anything, Katju argued, “this arrest itself appears to be a criminal act since under Sections 341 and 342, it is a crime to wrongfully arrest or wrongfully confine someone who has committed no crime.”

As Pranesh Prakash at the Centre for Internet and Society points out, in the context of Monday’s arrests, “This should not be seen merely as ‘social media regulation’, but as a restriction on freedom of speech and expression by both the law and the police.” Section 66A, he says, makes certain kinds of speech-activities (“causing annoyance”) illegal if communicated online, but legal if that same speech-activity is published in a newspaper.

This distinction is important, Prakash notes, since the mere fact that it was a Facebook status update “should not grant Shaheen Dhada any special immunity”. If anything, it is the fact that her update is not punishable under Section 295 of the IPC or of Section 66A of the IT Act that should give her the immunity, he adds.

With each instance in which Section 66A of the IT Act is being invoked, the potential for mischief embedded in the law is being exposed. Monday’s arrests – of two young women for crimes they did not even commit – are the most brazen instance of their abuse.

Of course, the perverse provision of law has been abused in the real world through selective and arbitrary invocation of the law. But the original sin lies in the law itself. It is the most potent threat to free speech online, and if the law isn’t amended to throw out these perverse provisions, India can kiss goodbye to any lingering pretensions to being a democracy of any sort.

For more details visit https://cis-india.org/news/first-post-politics-venky-vembu-nov-20-2012-arrests-over-facebook-posts-why-were-on-a-dangerous-slide

Arrest of girl over Thackeray FB update a clear misuse of Sec 295A

praskrishna — 2012-11-20T12:00:53Z

The arrest of 21-year-old Shaheen Dhada over her Facebook status update questioning the shutdown of Mumbai over Shiv Sena supremo Bal Thackeray‘s death, is a clear misapplication of section 295 A of the Indian Penal Code (“outrage religious feelings of any class”), according to Pranesh Prakash of the Centre for Internet and Society.

The article was published in FirstPost on November 19, 2012. Pranesh Prakash is quoted.

In comments to Firstpost, Prakash said that this law had been misused numerous times in the state of Maharashtra.

“Even the banning of James Laine’s book Shivaji happened under section 295 A, and the ban was subsequently held to have been unlawful. What makes this seem ironic, and almost a parodic news report, is the fact that Bal Thackeray probably violated this provision more times than most other politicians, but was only charged under it once or twice”, he said.

Dhada’s status update reportedly read, “People like Thackeray are born and die daily and one should not observe a bandh for that.” A friend of hers who ‘liked’ the comment was also arrested.

Prakash said that the arrest called for a discussion on the regulation of speech and expression. “It being a Facebook status update should not grant it any special immunity; the fact of that update not being punishable under s.295 A should! It isn’t regulation of social media that needs to be discussed, but regulation of speech and expression”, he said.

News of the arrest has understandably drawn a lot of attention on social media, and forums like Facebook and Twitter reflected outrage at the news.

The Times of India also reported that a mob of Shiv Sena workers attacked and ransacked the girl’s uncle’s orthopaedic clinic at Palghar, even though she withdrew her comment and apologised.

For more details visit https://cis-india.org/news/first-post-india-nov-19-2012-arrest-of-girl-over-thackeray-fb-update-clear-misuse-of-sec-295a