Centre for Internet and Society

The Privacy Rights of Whistleblowers

elonnai — 2012-03-22T05:47:16Z

The recent disclosures from Wikileaks have shown that the right to information, whistle-blowing, and privacy are interconnected. This note looks at the different ways in which the three are related, as well as looking at the benefits and drawbacks to Wikileaks in terms of privacy.

Introduction

In a recent interview, the Canadian Privacy Commissioner was quoted as saying “Information and the manipulation of information is the key to power. Those who can control the information can influence society enormously.” History and present-day society have both proven the truth in this statement. It is one among many reasons that the right to information is important to uphold. In India, and in other countries, there are statutes – in India, the Right To Information Act – that entitles the public to request and receive information that pertains to public bodies and their conduct, information that is publicly available because it is intrinsically related to the public interest. An entirely separate but equally critical way in which the public is kept informed is through whistle-blowing. Traditionally, whistle-blowing is any disclosure made in the name of public interest. Recent events such as the Ratan Tata case and the leaks of US diplomatic cables have brought to light the relationship between the public’s right to information, the rights of whistleblowers, and the rights of individuals to privacy. These recent cases have shown that the right to information, whistle-blowing, and the right to privacy are interconnected, because privacy can provide individuals with the means to sustain autonomy against potentially overwhelming forces of government and persons who might have mixed motivations. The right to information and whistle-blowing are means by which the government is held accountable to the public if they violate the law or the public trust. The Wikileaks case and the Ratan Tata case raise important questions about when those two interests need to give way to private interests. One of the key questions that Wikileaks raises is: if whistleblowing is supposed to be disclosure in the public interest -- i.e., to protect the public – should disclosure of personal information be permissible only if a person can demonstrate that he/she is trying to remedy or avoid actual wrongdoing rather than simply publishing information that is "interesting to the public?"

What is a Whistleblower and how does a Whistleblower Benefit from Wikileaks?

Whistleblowing is the modern counterpart to “informers” – people who reveal others’ wrongdoing. Much whistleblowing occurs by going "up the chain" in a person's own department or agency or company. If the person is reporting wrongdoing and the person ultimately goes to the authorities about illegal activity, the individual reporting the leak can sometimes get immunity for his or her own actions, can sometimes collect part of the penalties, and can under certain statutes in some countries even bring suit if the company retaliates against him -- for example, by firing him. In this way traditional whistleblowing places the responsibility for legal and ethical conduct on employees who are better situated to see wrongdoing than outsiders would be. In many countries, a person may present information of a whistleblowing nature to a judicial body. The judicial body then determines the validity of the information, the degree of public interest involved, and the proper form of redress to be taken. The judicial body offers legal protection to the whistleblower. Another method of whistleblowing is to leak information to the press. Once information is in the public domain – at least if there is freedom of press -- the information can no longer be covered up. Neither the right to free press, nor the right to protection as a whistleblower is universal. The current critique of the Indian Whistle Blowing Bill is that the right to protection will not be ensured. A Times of India article issued in September 2010 pointed out that the Whistle Blowing Act’s biggest weakness is that the Bill’s Central Vigilance Commission is designated to play both the role as competent authority to deal with complaints file by whistleblowers and as the tribunal to protect whistleblowers. Structuring the power to allow one body to fulfil both functions runs the risk of bias and could breed distrust that would cause people to avoid the system altogether. The article complained that the Bill has no teeth, and that even if the Commission believes that the whistleblowing is valid, it is able only to give advice rather than actually to prosecute individuals. The article recites extreme instances in which individuals have blown the whistle and paid for it with their lives. For example: in 2005 a manager of the Indian Oil Corporation was killed after exposing a scheme in adulterated petrol, and in 2010 an RTI activist was killed after exposing land scams in Mahrashtra. In these situations, Wikileaks is an interesting and powerful tool for individuals who either do not want to leak their information to a judicial body or are not protected if they do so in their own country. Leaking information to Wikileaks is in one sense analogous to leaking information to the press, but it is not precisely the same because it is not a news media outlet, but instead is a way for a person to post information on a mass media outlet. It should be noted, however, that informants who leak to Wikileaks are not afforded the same immunity that individuals who leak to authorities are granted. When an individual shares documents or information with Wikileaks, the site in turn acts as a platform to publish the information on the web and with the press. Being an independent entity that is neither tied down to a certain territory, government, or entity – Wikileaks has the pull of non-bias. But the strength of Wikileaks is also its weakness. When 250,000 diplomatic cables were posted, there was no one who understood the context of the content to monitor to ensure that everything was appropriate to post. As a result, the information was transmitted to an audience who normally would not be entitled to it. By doing so, the leaked information placed individual diplomats in precarious positions that could potentially put them in harm’s way and unnecessarily damage their reputations, as well as putting the reputation of the United States on the line.

Privacy and Whistleblowing

As a result the United States is looking to press charges against Julian Assange, founder of Wikileaks, for espionage. The way in which Wikileaks leaked information and the nature of the leak has brought privacy into the picture. When looking at the act of whistleblowing through the lens of privacy, there are obvious privacy concerns for the whistleblower, for the person or entity whose information has been leaked, and for possible third parties involved. Paul Chadwick, the Victorian Privacy Commissioner, pointed out that for the whistleblower the main privacy concerns include the individual’s identity, safety, and reputation. For the alleged wrongdoer the privacy concerns include: identity, safety, employment, and liberty (where sanctions may include imprisonment). For third parties, reputation and safety can both be jeopardized by disclosures by whistleblowers. The Wikileaks leaks squarely present the question whether intent should be brought into the analysis of privacy and whistleblowers. If a whistleblower is disclosing with the intent protect the public, the protections afforded to this person should weigh differently against the privacy interests of alleged wrongdoers and third parties than for someone who is simply defining the public interest as “interesting to the public,” or, worse, as seen in the false leak by Pakistan against India, is looking to leak information to disrupt public interest. Even though Wikileaks works to protect the anonymity of individuals who leak information, it is not bound by any law to protect the privacy of individuals involved in the leak. The concept behind Wikileaks is important. By interacting with government information, it has the ability to bring accountability and transparency to governments, but the only regulation over Wikileaks is internal (and thus inherently subjective). Wikileaks needs to change its structure to take into account leaks shared without the intent of protecting the public interest and even then needs to monitor to prevent leaks that could place individuals in precarious situations or damage reputations with no validating information.

Sources:

http://www.ctv.ca/generic/generated/static/business/article1833688.html

Chadwick, Paul. Whistleblowing, Transparency, and Privacy: Aspects of the relationship between Victoria’s Whistleblowers Protection Act and the Information Privacy Act.

For more details visit https://cis-india.org/internet-governance/blog/privacy/privacy-wikilileaks-whistleblowers

'Pakistan' hackers target India's top police agency

praskrishna — 2011-04-02T01:26:57Z

Cyber-attackers who identified themselves as the "Pakistan Cyber Army" have hacked the website of India's top police agency, officials said on Saturday. The website of the Central Bureau of Investigation (CBI) was hacked by programmers who left a message saying that the attack was in revenge for similar Indian assaults on Pakistani sites, Press Trust of India said. The hackers signed their message on the Indian police website: "Long Live Pakistan."

CBI authorities said they were working to restore the site, which offered information to the public.

The spokeswoman said she could not comment on Indian media reports that more than 200 other Indian sites had also been attacked by Pakistani hackers.

"We came to know the CBI site had been compromised Friday night," the spokeswoman told AFP, asking not to be named. "It will take us a couple of days to restore the site."

She said she could not immediately say who was responsible for the attack.

The CBI has "registered a case" and is investigating the attack, she said.

The message posted on the CBI site said the attack was "in response to the Pakistani websites hacked by 'Indian Cyber Army'," the Press Trust of India (PTI) reported.

"Hacked hahaa funny," the message said. "Let us see what you investigating agency so called CBI can do" (sic).

Hackers had also infiltrated the server of the National Informatics Centre (NIC), which maintains most of the government's websites, PTI reported.

In August, a group also calling itself the "Pakistan Cyber Army" hacked into the website of independent Indian MP Vijay Mallya, a flamboyant liquor baron, who is also head of Kingfisher Airlines.

The group claims to have hacked a number of Indian websites in recent years, including India's state-run Oil and Natural Gas Corporation, in retaliation for Indian hackers accessing Pakistan sites.

Indian IT specialists have long lamented what they say is a lack of awareness about Internet security across the country, including in the corridors of power.

Sunil Abraham, executive director of the Bangalore-based Centre for Internet and Society, said it would have been easy for attackers to get into the CBI public site as it was "not a particularly sensitive" one.

The Indian government "has a very low level of cyber awareness and cyber security. We don't take cyber security as seriously as the rest of the world," he said.

He added that the government needed to "make at least 10 times the current level of investment to get their standards to match the rest of the world."

According to the Indian Computer Emergency Response Team, a government agency that tracks IT security issues, more than 3,600 Indian websites were hacked in the first six months of this year.

Read the original news here

For more details visit https://cis-india.org/news/police-agency-targetted

Self-regulation in media and society meet to gain legal perspectives

praskrishna — 2011-04-02T01:22:15Z

With electronic media generally expressing its opposition to government imposed regulations, a two-day workshop is being organised here from tomorrow on 'Comparative Perspectives on Media Self-Regulation and Society'.

The workshop will explore international and comparative perspectives on media regulation as it affects current and the future role of information in society, Star India said in a statement.

The workshop will explore contemporary issues around media self-regulation in India from the differing perspectives of academics, bureaucrats and politicians, industry leaders, civil society and legal experts. In light of the current controversies in the media, including growing demands for content regulation on India's entertainment channels, as well as debates over media ethics, this will be a highly relevant and contemporary workshop.

The University of Oxford's Programme in Comparative Media Law and Policy (PCMLP) in collaboration with the National Law University- New Delhi, the National University of Juridical Sciences- Kolkata, and the Annenberg School for Communication, University of Pennsylvania, with support from Star India .

Information and Broadcasting Minister Ambika Soni, Ministry Joint Secretary Arvind Kumar, and National Commission for Women member Secretary Zohra Chatterjee will be speaking at the workshop.

Among other expected speakers are ex-chief justice of India JS Verma who had drawn up a code for the electronic media on behalf of the News Broadcasters Association, academician Professor Satish Deshpande, former Central Board of Film Certification chairperson Anupam Kher, Centre for Internet and Society's Sunil Abraham, senior columnist Sevanti Ninan, BAG Films and Media CMD and President of the Association of Radio Operators of India (AROI) Anurradha Prasad, senior advocates Prashant Bhushanand Siddharth Luthra, TV Today Executive Director and CEO and IBF Vice President G Krishnan and NDTV CEO KVL Narayan Rao.

Leading international researchers and experts in media regulation, Professor Monroe E Price from the University of Pennsylvania, Jonathan Blake of Covington and Burling, and Professor Wolfgang Shulz from the Hans Bredow Institute will be a part of this Seminar.

Star India will be represented by COO Sanjay Gupta, EVP and General Counsel Deepak Jacob and EVP (Marketing and Communications) Anupam Vasudev.

The workshop is aimed at bringing together diverse views of academics, bureaucrats, policy makers, industry leaders, civil society and legal experts.

"In light of the current controversies in the media fraternity around the world, this workshop will deal with increased demands for content regulation on entertainment channels in India, as well as current debates on media ethics," the Star India release said.

Read the original news here

For more details visit https://cis-india.org/news/self-regulation

UID & Privacy - A Call for Papers

elonnai — 2012-03-21T10:03:44Z

Privacy India is inviting individuals to author short papers focused on Unique Identity (UID) and Privacy. Selected candidates will have their papers published on the CIS website, and their transportation and accommodation provided for the “Privacy Matters” conference being held in Kolkata on 22 January 2010.

Topic

Privacy and the UID

Submission Deadline

By 15 January 2010 to admin@privacyindia.org

Word Length

3,000-5,000 words

Topic Summary

The Aadhaar scheme, or Unique Identity (UID) scheme is a plan to provide citizens identity cards that are tied to their unique biometric data – such as their fingerprints or retinal scans. Although the most frequently cited justification for this project is to ensure the secure delivery of relief to beneficiaries of government aid schemes, it is clear that the uses to which it will be put exceed this narrow mandate.

As India embarks on one of its most ambitious techno-administrative projects to date, there is surprisingly little clarity or introspection into the implications of having such a concentrated identity locked into a single card. In particular it appears that the grave threats to privacy the scheme poses have not received due attention. Although the final draft UID Bill circulated by the UIDAI in October 2010 contains some provisions that reference privacy, there seems to be a tacit assumption that privacy is an expendable or at least a less-desirable privilege that can be attended to fully once the scheme is in fully in place.

We invite individuals to author short inter-disciplinary papers that engage various topics on the theme of Privacy and the UID, including but not limited to the following:

Comparative studies on privacy and national identity card schemes in other countries

Privacy and the UID Bill

How will a project such as the UID change the relationship between the state, the individual, and the market?

Selected candidates will have their papers published on the CIS website, and their transportation and accommodation provided for the “Privacy Matters” conference being held in Kolkata on January 22nd 2010.

Who We Are

Privacy India was set up with the collaboration of the Centre for Internet and Society (CIS) and Society in Action Group (SAG), under the auspices of the international organization ‘Privacy International’. Privacy International is a non-profit group that provides assistance to civil society groups, governments, international and regional bodies, the media and the public in a number of countries (see www.privacyinternational.org). Privacy India's objective is to raise awareness, spark civil action and promoting democratic dialogue around privacy challenges and violations in India. In furtherance of this goal we aim to draft and promote an over-arching privacy legislation in India by drawing upon legal and academic resources and consultations with the public.

For more details visit https://cis-india.org/internet-governance/blog/privacy/privacy_callforpapers

DSCI Information Security Summit 2010 – A Report

elonnai — 2012-03-21T10:04:22Z

On 2 and 3 December 2010, the DSCI Information Security Summit 2010 took place in the Trident Hotel, Chennai. The two day summit included a broad spectrum of speakers/panels and topics, ranging from Securing Data & Systems to how to leverage the Cloud. The key speakers were Mr. Gulshan Rai, Director General, CERT-In, DIT, Mr. Rajeev Kapoor, Joint Secretary, DoPT, Govt. of India, Mr. Vakul Sharma, Advocate, Supreme Court of India and Dr. Kamlesh Bajaj, CEO, DSCI. Elonnai Hickok attended the summit.

Day one commenced with keynote address given by Jeffery Carr, Principal, GreyLogic, US who spoke about the gravity and risk that businesses and countries are facing in the digital age. A prominent theme in every presentation throughout the day was that India is facing both serious changes and challenges in light of evolving technology and global standards. A few specific challenges addressed were: encryption standards, the cloud, and securing business transactions. During the panel on encryption standards it was pointed out that India desperately needs a clear and comprehensive policy on encryption standards. Not only will this serve to facilitate transactions in India, but it will increase trade as foreign countries will have an enforced policy to ensure them that India is a safe destination to export to. The panel addressing the cloud focused on the challenges that businesses are facing in terms of the cloud in the Indian context. The three main challenges to the Cloud are:

data security and privacy
compliance requirements
legal and contractual requirements

It was pointed out that in particular the Indian legal environment is serving as an obstacle to businesses wishing to move to the cloud, because of policies such as 40 bit encryption, and the Indian Telecom licensing policy which do not permit data transfer outside the cloud. Discussed also were measures that organisations have adopted to address data protection challenges in the cloud including: Including security & privacy clauses in the contractual agreement, making the Cloud service provider liable for a data breach, and auditing the services of Cloud service providers. Further information about the Cloud in the Indian context can be found in the DSCI report on Data Protection Challenges in Cloud Computing: An Indian Perspective. In the session on Securing Business Transactions, the challenge of protecting data and transactions was addressed. Many approaches were presented which explained how securing systems has moved away from using security enables software to security embedded hardware. The first day concluded with a presentation of DSCI Study Reports, including their recent study on the State of Data Security and Privacy in the Indian BPO Industry, Service Provider Assessment Framework – A Study Report, and the DSCI Security Framework.

The second day included presentations and panel discussions on privacy, the economics of security, and security technologies. The presentation on privacy presented many different viewpoints which ranged from the stance that India has been taking the right steps towards securing individuals privacy, and in contrast, that India has seen a dilution of privacy standards in the recent years. Contributing to the panel on privacy, Vakul Sharma, Supreme Court Advocate created a timeline of privacy in India, dispelling the popular belief that India does not have a history of privacy. Mr. Sharma closed his presentation with a challenge to those who believe that India does not have adequate privacy protections - to return to the clauses in the ITA, see if they are indeed being followed, and then assess if India does not have adequate privacy protection. The panel on the Economics of Security spoke about the rising costs of security in the wake of cyber crime, and the rising cost of not adequately protecting one’s business. In the session on Technology Challenges to Fight Data Breaches and Cyber Crimes a debate evoked on current measures taken by industry and government to fight cyber crime, and steps that still need to be taken. Opening the session was a presentation by Mr. West, member of the National Cyber Forensics Training and Alliance. His presentation introduced a new approach taken by the States in which key stakeholders including students and local law enforcement were engaged when tracking down cyber criminals. Mr. West demonstrated the success of the program, and explained how such an approach could be easily adapted in India. From different comments made by the panel and audience it was clear from this session that there is a need for the Indian government to be more invested in funding and supporting smaller cybercrime initiatives. Closing the day was a panel on E-Security for the next five years including the application and enforcement of DSCI’s best practices for a Security and Privacy Framework.

The event was sponsored by: Trusted Computing Group, Computer Associates, McAfee, Verizon Business, Tata Consultancy Services, Deloitte, (ISC)2, BlackBerry, ACS, CSC, Microsoft, RSA, and Intel.

For more details visit https://cis-india.org/internet-governance/blog/dsci-information-summit

Public Statement to Final Draft of UID Bill

elonnai — 2012-03-22T05:48:00Z

The final draft of the UID Bill that will be submitted to the Lok Sabha was made public on 8 November 2010. If the Bill is approved by Parliament, it will become a legal legislation in India. The following note contains Civil Society's response to the final draft of the Bill.

On 8 November 2010, the UID Authority issued the final draft of the UID Bill that will be submitted to the Lok Sabha for review and approval. Earlier this year in June 2010 the Authority issued a draft UID Bill to the public for comment and review. Civil Society responded with a detailed summary and high summary of points that amended the draft or were missing in the draft Bill. We are disappointed that none of the concerns raised by Civil Society, including those listed below, were addressed.

Architecture

The centralized architecture of the UID project is unnecessary. A federated and decentralized structure to the UID project would achieve the same goal of providing identity, authentication, and delivery of benefits.

Scope

The scope of the Bill is overboard. Though the main purpose of the Bill is to facilitate the delivery of benefits to residents, the loose language and intermixing of terms creates a threat that data will be collected and used beyond delivery of benefits

Voluntary and not Mandatory

The Bill should prohibit the denial of goods, services, entitlements, and benefits for lack of a UID number- provided that an individual furnishes equivalent ID, thus ensuring that the Aadhaar number is truly voluntary.

Inadequate Privacy Safeguards

The Bill inadequately elaborates on the principles of privacy relating to identity and transaction data. The protections needed should be self-contained within the Bill. Thus, the UID Bill itself should be clear and concise about data collection, transfer, retention, security, and dissemination.

Unwarranted Data Retention

The Bill does not provide adequate privacy protection for transaction data. In particular section 32(2) empowers the Authority to determine the duration that data is to be retained for.

Lack of accountability for all Actors

The Bill holds only the Authority accountable for violations. Rather the Bill needs to hold enrolling agencies, registrars, and other service providers accountable. Furthermore, the Bill does not provide adequate regulations or accountability for the data that are outsourced.

Lack of Exceptions

The Bill does not detail the circumstances and categories of people who will be excused or accommodated with respect to the issuing of Aadhaar numbers or authentication of transactions.

Lack of Anonymity

The Bill does not provide adequate specificity as to the situations in which anonymity will be preserved and/or an Aadhaar number should not be requested.

Inadequacy of Penalties

The penalties provided in the Bill are inadequate, because they do not cover several types of misuse.

Unaffordability of Fees

It is incompatible with the Bill’s stated purpose of inclusion to require an individual to pay to be authenticated.

Lack of Rollback and Ombudsman Office

The Bill does not provide adequate redress for system/transaction errors and fraud.

Inappropriate Structure and Governance

The Bill does not provide appropriate judicial and parliamentary oversight.

Upon comparison of the draft Bill and the final Bill, CIS finds the following changes the most significant:

Definition of Resident

Section 2 (q): “resident” means an individual usually residing in a village or rural area or town or ward or demarcated area (demarcated by the Registrar General of Citizen Registration) within ward in a town or urban area”

Comment: This section clarifies the definition of ‘resident’ from the draft Bill, which defined resident as an “individual usually residing within the territory of India”. By specifying that individuals in demarcated areas will not receive UID numbers, the definition of resident is brought into line with the scope of the Bill as laid out in the preamble. We see this change as a positive revision.

Prohibition of Dissemination of Information

Section 30 (3): “Notwithstanding anything contained in any other law and save as otherwise provided in this Act, the Authority or any of its officer or other employee or any agency who maintains the Central Identities Data Repository shall not, whether during his service as such or thereafter, reveal any information stored in the Central Identities Data Repository to any person”

Comment: This section prohibits the dissemination of any information that is stored in the Central Identities Data Repository. This prohibition extends to anyone or any entity that handles information, and supersedes other laws that might permit dissemination of information. We see this change as a positive revision.

Disclosure of Information in the Case of a National Security

Section 33 (b):“Any disclosure of information (including identity information) made in the interests of national security in pursuance of a direction to that effect issued by an officer or officers not below the rank of Joint Secretary or equivalent in the Central Government specifically authorised in this behalf by an order of the Central Government”

Comment: This section is a minor improvement on the previous draft since it requires specific authorization from the Central Government (rather than from a Minister in charge). Unfortunately, however, it retains the undesirable language of "national security" from the previous draft which, as we had previously pointed out, is not currently clearly defined under Indian law. An alternative phrase that we recommend instead is the Constitutional vocabulary of "public emergency" which already has a considerable volume of judicial reasoning that has elaborated what it means. Eg. in Hukam Chand v. Union of India (AIR 1976 SC 789) it was held that a public emergency "is one which raises problems concerning the interest of public safety", the sovereignty and integrity of India, the security of the State, friendly relations with foreign States or public order, or the prevention of incitement to the commission of an offence."

For more details visit https://cis-india.org/internet-governance/blog/privacy/privacy-publicstatement-UID

UID elicits mixed response

praskrishna — 2011-04-02T06:32:44Z

Which is the root cause for pilferage of welfare funds in India: fake identity or corruption?

Can the Unique Identity Card (UID) project solve this problem or will it create other more serious issues like infringement of constitutional rights, etc? These were the points fiercely debated at a panel discussion on UID organised by the Centre for Internet Society and Citizens' Action forum.

Chief Electoral Officer M N Vidyashankar, who made a presentation on the progress of the UID project in the State, at times, struggled to convince the audience on the necessity and feasibility of the project.

According to Mathews Thomas of the Citizens' Action Forum, the UID project creates more problems than it is expected to resolve.

“First, it was launched bypassing Parliament. It will only store biometric and other data of all citizens. This could result in illegal migrants claiming citizenship. Further, it will not prevent corruption in Public Distribution System or other schemes. The huge expenditure it will incur is also a matter of grave concern,” he said.

Defending the project, Vidyashankar said it was necessary to weed out discrepancies in multiple identity documents.

“It's well known that inconsistencies in a person's name, father's name, address, etc, creep in multiple documents. For instance, there will be different spellings of a person on a voter ID card, a driving Licence, a passport, and a PAN card. The UID will help in checking such discrepancies,” he asserted.

No operator will be able to tamper with the data. The laptops will have two screens to help the applicant see the entries. Data will first go to the Grameen Business Centre from where it will head to the Central Identity Database Repository which will issue a randomly generated number, he added.

Former Minister Prof B K Chandrashekhar said that there were several concerns in the UID project which need to be addressed properly.

Read the original in Deccan Herald

For more details visit https://cis-india.org/news/uid-mixed-response

Information Security Summit 2010

praskrishna — 2011-04-02T06:33:18Z

The Information Security Summit 2010 will be held between 2-3 December 2010 in Chennai. The following is the agenda for the event.

Day 1		2-Dec-10
TIME	SESSION	AGENDA
9:30am to 10:30am	Inaugural Session	Summit Theme Dr. Kamlesh Bajaj, CEO, DSCI Welcome Address Mr. Som Mittal, President, NASSCOM Keynote Address Mr. Jeffrey Carr, Principal, GreyLogic, United States
10:30am to 11:15am	Plenary Session	Encryption – No more a paradox Secure Business Transaction v/s National security Role of Policy Makers Session Chair Dr. P.K. Saxena, Director – SAG, DRDO Panelists Mr. Hitesh Barot, Director, Intel Dr. Kamlesh Bajaj, CEO, DSCI Dr. Sachin Lodha, TCS Mr. Ashutosh Saxena, Principal Research Scientist, SETLabs, Infosys
11:15am to 11:30am		Tea/Coffee Break
11:30am to 11:50am	Session I A	Securing Data & Systems with Trusted Computing Now and in the Future Mr. Brian Berger, TCG Promoter Board Member, Executive Vice President Marketing & Sales, Wave Systems Corp.
11:50am to 12:10pm	Session I B	Take Control of Identities & Data Loss Mr. Vipul Kumra, Consultant, CA Technologies
12:10pm to 12:30pm	Session I C	Security and the Cloud Ms. Smitha Murthy, Head of Product Management, McAfee India
12:30pm to 1:15pm	Session II	DSCI Data-Centric Approach: Information Visibility Moderator Ms. Nandita Mahajan, CISO &CPO, India & South-Asia, IBM & IBM Daksh Presentation Mr. Vinayak Godse, Director – Data Protection, DSCI Panelists Mr. Pradeep Verma, CISO, FirstSource Solutions Mr. Bhaskar Parashuram, Head – Information Security CoreLogic Mr. Agnelo D’souza, CISO, Kotak Mahindra Bank
1:15pm to 2:15pm		Networking Lunch
2:15pm to 2:30pm	Session III	DSCI – KPMG Annual Security Survey 2010 Mr. Akhilesh Tuteja, Executive Director, KPMG
2:30pm to 3:15pm	Session IV	Leveraging Cloud to deliver Security Services Session Chair Mr. Felix Mohan, CSO, Bharti Group Panelists Mr. Geoff Charron, VP Software Engineering, CA Technologies Mr. Prashant Gupta, Head of Solutions – India, Verizon Business Ms. Smitha Murthy, Head of Product Management, McAfee India
3:15pm to 4:00pm	Session V	Security 3.0 – Embedding Security in Design – Trusted Computing, Trusted Environment Session Chair Mr. P.S. Venkat Subramanyan, Head – Data Protection & Privacy, CSC India Panelists Mr. Mark Schiller, TCG Promoter Board Member, Director of HP Security Technology, Hewlett Packard Corp. Mr. Sanjay Bahl, CSO, Microsoft India Mr. Avinash Kadam, Lead Instructor, (ISC)2 and Director, MIEL e-Security Mr. Chris Leach, CISO, ACS Inc
4:00pm to 4:45pm	Session VI	Securing Business Transactions Session Chair Mr. B. Sambamurthy, Director, IDRBT Panelists Ms. Smitha Murthy, Head of Product Management, McAfee India Mr. Shankara Narayanan, Head – Professional Services, Verizon Business Mr. Kartik Shahani, Country Manager – India and SAARC, RSA
4:45pm to 5:00pm		Tea/Coffee Break
5:00pm to 6:00pm	Session VII	DSCI Study Reports Session Chair Mr. B J Srinath, DIT Presentations Theme Introduction – Rahul Jain, Sr. Consultant, DSCI Insider Threats – Sivarama K, Executive Director, PwC Service Provider Assessment Framework – Terry Thomas, Partner, E&Y Reasonable Security Practices – PVS Murthy, Global Head IRM Consulting Practice, TCS Security and Privacy Issues in Cloud Computing – Sai Lakshmi, General Manager, Information Security, Wipro
:30pm onwards		Networking Cocktail and Dinner
DAY 2		3-Dec-10
TIME	SESSION	AGENDA
9:30am to 10:30am	Session I	Economics of Security – ‘Business Flexibility’ and ‘Security & Investment’ in the wake of Cyber crime and expanding compliance regimes Session Chair Mr. Brian J. Manning, President and Managing Director, CSC India Panelists Mr. Laxmikanth Venkatraman, Head – India Operations, Broadridge Financial Solutions Mr. Kumar Rao, Global Head, Cards & Payments Practice, Tata Consultancy Services Prof. Anjali Kaushik, MDI Gurgaon
0:30am to 11:15am	Session II	Panel Discussion – DSCI Best Practices Advisory Group Session Chair Dr. Kamlesh Bajaj, CEO, DSCI Panelists Mr. B.J. Srinath, DIT Ms. Nandita Jain Mahajan, IBM Mr. Abhay Gupte, Deloitte Mr. Anurana Saluja, Infosys Mr. Rahul Biswari, HP Mr. Chalam Peddada, Fidelity
11:15am to 11:30am		Tea/Coffee Break
11:30am to 12:15pm	Session III	Evolution of Privacy in India – ITAA, UIDAI, Privacy Laws, Global Regulations Session Co-chairs Dr. Gulshan Rai, Director General, CERT-In Mr. Rajeev Kapoor, Joint Secretary, DoPT, Govt. of India Speakers Mr. Hitesh Barot, Director – Global Public Policy, Intel Corporation Mr. Sunil Abraham, Executive Director, Centre for Internet and Society Mr. Vakul Sharma, Advocate, Supreme Court of India Mr. Vikram Asnani, Sr. Consultant – Security Practices, DSCI
12:15pm to 12:30pm	Session IV	Deloitte’s India Security Survey Mr. Sundeep Nehra, Sr. Director, Deloitte
12:30pm to 1:30pm	Session V	Technology Challenges To Fight Data Breaches and Cyber Crimes: Collaboration through Public Private Partnerships – The Way Forward Moderator Mr. Pratap Reddy, Director, Cyber Security, NASSCOM Principal Speaker Mr. Michael West, Member of the Board, NCFTA (National Cyber-Forensics Training and Alliance), USA and Strategic Technology Investigator, Fidelity Investments Panelists Mr. Krishna Sastry Pendyala, Cyber Forensics Expert at GEQD, Central Forensics Sciences Laboratory, MHA, Government of India Dr. Srinivas Mukkamala, Sr. Research Scientist Institute for Complex Additive Systems Analysis (ICASA) Adjunct Faculty New Mexico Tech., USA and Advisor Cyber Security Works Pvt. Ltd. Mr. Anil Kona, Specialist and Sr. Manager, Analytics and Forensics Technologies, Deloitte Mr. Samir Datt, Founder CEO, Foundation Futuristic Technologies
1:30pm to 2:30pm		Networking Lunch
2:30pm to 3:15pm	Session VI	Security Technologies in Focus Session Chair Mr. Srikant Vissamsetti, Vice President – Network Security, McAfee India Panelists Mr. Prashant Gupta, Head of Solutions – India, Verizon Business Mr. Kartik Shahani, Country Manager – India and SAARC, RSA Ms. Rashmi Chandrashekar, Vice President, Accenture India
3:15pm to 4:00pm	Session VII	Making their Presence felt in the Security Market: Indian Vendors Session Chair Dr. Gulshan Rai, Director General – Cert-In, DIT Panelists Mr. Prakash Baskaran, CEO, Pawaa Software Mr. Ajay Data, CEO, Data Infosys Ltd Mr. Arnab Chattopadhyay, VP Technology, iViz Technosolutions Mr. Tushar Sighat, Vice President, Cyberoam – India and SAARC, Elitecore Technologies
4:00pm to 4:15pm		Tea/Coffee Break
4:15pm to 5:00pm	Session VIII	E-Security Strategy for the next 5 years – The Way Forward Session Chair Prof. N. Balakrishnan, Chairman, DSCI Panelists Dr. Gulshan Rai, Director General, CERT-In, DIT Mr. Kumar Ranganathan, Principal Engineer and Manager, Intel Labs Mr. Sanjay Bahl, CSO, Microsoft India Mr. Y.D. Wadaskar, Managing Director, WYSE Biometrics Systems Dr. Kamlesh Bajaj, CEO, DSCI
5:00pm to 5:15pm		Closing Remarks by DSCI

See the original here

For more details visit https://cis-india.org/news/security-summit

This Is All India Radia

praskrishna — 2011-04-02T07:28:26Z

Our news media blanked it out, but the Internet forced the issue, says Debarshi Dasgupta in an article published in the Outlook Magazine.

If you depend on just the Times of India or Hindustan Times for your daily news fix, chances are you have missed the story that has put Indian journalism under its fiercest gaze ever. For it turns out that a majority of Indian journalism censors news about its own indiscretions. After Open and Outlook magazine published transcripts of conversations between Niira Radia and high-profile journalists, much of the mainstream media erased the coverage about the controversy. Even the few papers and TV stations that covered the issue in the days to follow did not name names and avoided the meat of the story, hiding behind the sophistry of the transcripts being “unauthenticated”.

Among the few that did, The New Indian Express and Mail Today (it did not name a former editor at the group though) picked up pieces of the conversations and the Deccan Herald carried an editorial on November 22. Among the vernacular papers, Sakshi and Andhra Jyoti in Andhra carried some excerpts. The Malayalam news channel Asianet picked up the story, but the English news channels were deafeningly quiet. CNN-IBN had a show on November 22 that claimed to “break the silence” but neither identified the people involved nor featured the transcripts; instead it pontificated on where to draw the line between lobbying and journalism. G. Sampath, deputy editor at Daily News & Analysis, Mumbai, wrote on his blog, “What is really scary is that, despite living in a ‘democracy’ that boasts of a ‘free press’, if you were dependent only on TV and the big newspapers for the biggest news developments of the day, you would never have known about the Niira Radia tapes, and the murky role of media as political power brokers.”

Sevanti Ninan of The Hoot, an online media watch website, latched on to this “great media blackout”. “The list of those who took no note is long and illustrious: The Indian Express, always quick off the mark on sensational disclosures. The Hindu, The Times of India, Hindustan Times, India Today, all those Hindi news channels,” Sevanti wrote. “Not a story that three prominent journalists were trying to help a lobbyist get A. Raja a ministerial berth in the second upa government.” Filling the gap, the site has opened a forum to debate the ethical transgressions in the Radia tapes.

Despite its blackout in print, the story has largely survived because of the tremendous interest among India’s netizens. The news was also carried prominently online in The Wall Street Journal, The Washington Post and The Huffington Post. Blogs are abuzz with indignant reactions to this censorship. The ‘Radia Tapes Controversy’ is now even a rapidly evolving and fairly detailed Wikipedia entry. YouTube throws up 35 matches for Radia and Barkha (Dutt), with one video (a transcript of one of the conversations) viewed close to 72,000 times. There are also numerous Facebook groups with discussions on how to “fix” the media. Google Barkha Dutt and the engine throws up Niira Radia as a prompt. And there’s no dearth of tweets about “Barkhagate”—there are several every minute asking for these journalists to resign and some even call for them to be jailed. For some, especially among the Right, the controversy has come as a boon, lending credence to their argument that the “pseudo-secular” English media has sold its soul.

Finally, when the ToI reported online on November 25 about how the internet had kept the story alive, there were bursts of self-congratulatory messages and tweets exchanged online. For Sunil Abraham, executive director, Centre for Internet and Society, the Radia tapes controversy illustrates the “tension and disconnect” that exists between the internet and traditional media. “This is unlike on 26/11 when there was a kind of synergy between the two in their coverage,” he says. Yet Net users deserve some credit for having made the debate interactive and infusing it with a much-needed spunk and pluralism. “For me, the most exciting thing about the ‘Barkhagate’ controversy is not the internet’s influence on the attention economy,” adds Abraham. “It’s actually been its crowd-sourcing ability to bring together the intelligence of many amateurs from across the world and to put their insights into one collective analysis of the controversy.” While the Net, with just about 20 million users, is yet to rival the traditional media’s hold on India, the latter undoubtedly have a force it must now reckon with.

Read the original article in the Outlook

For more details visit https://cis-india.org/news/all-india-radia

The Niira Radia Tapes: Scrutinizing the Snoopers

praskrishna — 2011-04-02T07:29:21Z

There’s been plenty of outrage in India over taped phone calls between corporate lobbyist Niira Radia and local journalists, revealing what some people believe is evidence that star reporters at the country’s newspapers and TV channels are too cozy with the subjects they’re supposed to be reporting on.

Amid that firestorm, though, there’s been much less scrutiny of why and how the wiretaps happened in the first place, whether they were justified or a governmental overreach, and how these infamous tapes got from the government into the hands of media companies.

Here are just a few questions that merit more consideration: Who orders telephone surveillance in India and on what grounds? How often is it done? What protections are in place to ensure government officials don’t abuse their surveillance authority to settle scores with journalists, corporate officials or ordinary citizens they have a beef with?

The quick answer to all of these: India trusts its bureaucrats to do the right thing. The central government’s Home Secretary, along with some intelligence agencies and state officials, has the authority to approve wiretaps. Unlike in the U.S. and other countries, where investigators must generally obtain court warrants for surveillance to pursue matters ranging from drug-trafficking to insider trading, in India there is no such legal tradition or rule.

“There is no oversight infrastructure, either in parliament or in the judiciary,” said Sunil Abraham, executive director of the Bangalore-based Center for Internet and Society. There is only “post facto” protection in the sense that you can sue the government later if you feel you were wrongly wiretapped, he said.

According to local media reports, industrial giant Ratan Tata on Monday petitioned the Supreme Court over the leaking of the tapes, on which he is heard bantering with Ms. Radia (his lobbyist) about a range of topics related to the $70 billion Tata Group. The reports say he feels the episode violated his privacy and wants the leakers to be punished. (While there’s no explicit constitutional protection of privacy in India, the Supreme Court in some cases has held it is covered by Article 21 of the Constitution, which says, “No person shall be deprived of his life or personal liberty except according to procedure established by law.”)

A report in the Economic Times Monday said government is going to investigate the leak. A Home Ministry spokesman declined to comment on whether an inquiry has been launched but said India’s system of allowing a handful of security and intelligence officials to approve or deny wiretaps sufficiently guards Indian citizens’ privacy. “It isn’t an unchecked kind of thing, that anyone can just do it,” the spokesman said.

India draws its wiretap authority from a few laws, including the 1885 Telegraph Act and a separate information technology law enacted in 2000 and amended in 2008. The government can tap phones or intercept emails for reasons such as “any public emergency” or “in the interest of the public safety” – pretty broad language that gives a lot of leeway to bureaucrats, critics say.

A report in the Hindu last week claimed that more than 5,000 Indian phones are being bugged daily, citing anonymous sources. Mr. Abraham, of the Center for Internet and Society, says that breadth of surveillance in a country of 1.2 billion people wouldn’t be unreasonable. But his organization is planning a Right to Information request to find out more about the scope of government wiretapping.

The government may have had good reasons to conduct the wiretaps of Ms. Radia, which local media reports say were done by the income tax department for two four-month stints in 2008 and 2009, during which time they reportedly logged 5,851 calls.

The income tax agency hasn’t stated publicly what the rationale was and its officials declined to comment Monday.

Media reports suggest that the material was supposed to help probe the irregular allocation of mobile phone spectrum in 2008 to several Indian telecom firms. (The official in charge of that allocation, A. Raja, resigned as telecom minister Nov. 14 amid charges that he rigged the process to favor some companies over others.)

But much of the content in the several hours of so-called “2G tapes” that have leaked to Indian news organizations has little or nothing to do with taxes or 2G spectrum. There’s talk of the billionaire Ambani brothers’ natural gas pricing dispute, mining policy, a dog who is named Google because he is good at finding things, which corporate honchos are easy to get on the phone, and plenty of titillating exchanges between New Delhi’s power brokers on the politics of cabinet appointments. Some pretty top-notch gossip, in other words.

To be sure, the content on the tapes does raise disturbing and serious questions about whether some elements of the Indian media carry water for particular government ministers or corporations. And it pulls the veil back on how the titans of Indian business and politics shape policy away from the public spotlight, as Siddharth Varadarajan explained in Monday’s edition of the Hindu when he made a clever analogy to the movie The Matrix. (We’ve separately parsed the contents of some of the tapes for their potential significance.)

But it’s still worth asking tough questions about the legal and ethical foundations of wiretapping citizens, because, as Indian civil liberties expert Lawrence Liang said in an email, “if this can happen to a Nira Radia, then it can easily be used for a Nida Nobody.”

Update, 5:09 p.m.: “A Home Ministry spokesman confirmed the ministry has asked the Intelligence Bureau and Central Board of Direct Taxes to conduct a probe into the leak.”

Read the original in Wall Street Journal

For more details visit https://cis-india.org/news/niira-radia-tapes

Time to bury e-mail?

praskrishna — 2011-04-02T07:30:10Z

Earlier this week, Mark Zuckerberg, founder of Facebook, had a simple message to the world: email is outdated since it can no longer handle the sort of digital communication that we’ve got used to. Facebook Messages, which integrates email, SMS, instant messaging and social networking, is the way forward, he claimed.

Zuckerberg isn’t the first one to point out the limitations of email. Last year Google too said that email, a technology invented in the ’60s, was not equipped to serve our current needs. “Wave is what email would look like if it were invented today,” Google proclaimed during the launch of Google Wave.

As it turned out, Wave was a great product but served an entirely different purpose — collaboration. While this made sense at the enterprise level, it didn’t offer much added value to email users engaging in one-to-one conversations. Google Wave today is defunct since users didn’t buy into Google’s argument. Will Facebook Messages suffer the same fate?

The answer depends a lot on whether users face the problem that Zuckerberg claims they do. “A lot of people are trying to solve the problem of email. But I don’t know what that problem is,” says Mahesh Murthy, CEO, Pinstorm, a digital marketing agency. According to Murthy, there are three main issues with email: storage space, spam filtering and prioritising messages. And modern email services such as Gmail have evolved to address these concerns.

Facebook obviously thinks otherwise. According to the company we need one inbox for all our digital communication, which includes emails, chats and SMS. Second, messages from your Facebook contacts will be considered more important and will go into Social Inbox. All other messages will go into a separate folder. Third, messages will be threaded according to people and not subject lines as is the case with Gmail and other email services.

According to Gaurav Mishra, head, social media practise, MS&L Group, these are compelling reasons to start using Facebook Messages. But enough to ditch your email account? Not quite, say experts.

“Integration is a marketing myth,” says Nishant Shah, director, Centre for Internet and Society, a Bangalore-based research organisation, “Many of us like to keep our information in different silos. We have heard of young people getting fired from their jobs because they were not able to keep personal information compartmentalised.”

Secondly, giving greater priority to messages from people in your contact list may be misplaced. “The nature of conversation on Facebook is casual and the criticality of a message and hence the need for an immediate response may not be that high,” points out Murthy. An email from, say, a client or a prospective recruiter who may not be on your friends list, may be more critical.

There’s no doubting that Facebook Messages could change the way we conduct our casual conversations. But email serves basic and universal needs. For example, while introducing the new service, Zuckerberg pointed out how school kids felt email was too slow. According to Shah, however, it is important to understand what the kids found email slow for. A movie plan can be made quicker through SMS, but the same kids might submit their assignments via email.

Of course, Zuckerberg has not claimed that Facebook Messages will be an email — or more specifically Gmail — killer. But Facebook’s PR machinery would have known how the media would react. By undermining the very concept of email — one of Google’s strongest products — Facebook has managed to make Google look like the hero of yesteryears.

Analysts agree that Facebook Messages is really about retaining users on its website — if Facebook can give its users a reason to spend more time on its website rather than that of an email service, it can serve more ads. “It is about economics. But Facebook is trying to turn it into a cultural argument,” says Shah.

Still, one thing is certain; Facebook Messages will not suffer the same fate as Google Wave, partly because it is simply an update (and a rather good one) to an existing feature within Facebook. But it is far from a replacement to email. As Mishra puts it, “I will not close down my existing email ids. But I will start using Facebook to message my relatives and friends. It is going to be the future of messaging, not the future of email.”

Read the original in DNA

For more details visit https://cis-india.org/news/bury-email

November 2010 Bulletin

praskrishna — 2012-08-07T11:46:10Z

Greetings from the Centre for Internet and Society!

News Updates

The internet’s new billion: New web users — in countries like Brazil and China — are changing the culture of the internet.
http://bit.ly/hKUb5n

‘Piracy is now a mainstream political phenomenon': “Piracy has become a mainstream political phenomenon,” said Sunil Abraham, executive director of the Centre for Internet and Society in the city. The piracy that he was referring to was not the piracy of the high seas but the piracy of intellectual property.
http://bit.ly/gMC1Br

Open standards policy in India: A long, but successful journey: Last week, India became another major country to join the growing, global open standards movement. After three years of intense debate and discussion, India's Department of IT in India finalized its Policy on Open Standards for e-Governance, joining the ranks of emerging economies like Brazil, South Africa and others. This is a historic moment and India's Department of Information Technology (DIT) deserves congratulations for approving a policy that will ensure the long-term preservation of India's e-government data.
http://bit.ly/dGo6Qo

Information, the world's new capital - Digital Natives: Information is the new capital and currency of the world, Nishant Shah, of the India-based Digital Natives with a Cause, told Bizcommunity.com yesterday, 10 November 2010, as the three-day workshop on digital and internet technologies that brought together young delegates from nine African countries ended in Johannesburg, South Africa. "If the 20th century was the age of the industrial revolution, the 21st century is now actually the age of the knowledge information," Shah said.
http://bit.ly/dpXIKY

What it means to be a child today: They move seamlessly between reality and virtual reality. The digital landscape they inhabit comprises generations — not of family — but of technology such as Web 2.0, 3G, PS4 and iPhone5. Their world has moved beyond their neighbourhood, school and childhood friends to encompass a 500-channel television universe, the global gaming village, the endless internet. These are the children born in the last decade and half — possibly the first generation that has never known a world without hi-tech.
http://bit.ly/cz3nBJ

Report: Digitally Open: Innovation and Open Access Forum, 23 Oct 2010, Doha, Qatar: A summary of the event "Digitally Open: Innovation and Open Access Forum" held in Doha.
http://bit.ly/catHoi

DOC 2.0: A Resources Sharing Mela by NGO Documentation Centres: A Resource Sharing Mela and Meet of DCM (Document Centres Meet) at the Centre for Education & Documentation in Domlur, Bangalore.
http://bit.ly/dnwQMf

Wi-Fi Direct promises range, bandwidth higher than Bluetooth: Sharing, printing and connecting for Wi-Fi devices is going to be more convenient than ever with soon-to-be-launched technology Wi-Fi Direct, which enables devices to connect to each other without a conventional Wi-Fi hub. This article by Ramkumar Iyer was published in the Hindu on 31 October 2010.
http://bit.ly/aUul9f
Access to Knowledge in the Age of Intellectual Property: Access to Knowledge in the Age of Intellectual Property charts the rise of the access to knowledge movement, a movement in which Open Society Foundations have played a key role. It maps the vast terrain of legal, cultural, and technical issues that activists and thinkers aligned to the movement negotiate every day.
http://bit.ly/9nkQFM

Social Mashup!: Save the Date Join us to meet India’s most passionate, innovative, and curious start-up social entrepreneurs for two groundbreaking days of conversations, connections and inspiration. This event will be held on 2-3 December 2010 at the Indian School of Business in Hyderabad.
http://bit.ly/bKKcar

Digitally Open: Innovation and Open Access Forum: Promoting Openness in Today's Digital World
http://bit.ly/961Ieg

Crisis for identity or identity crisis?: The hurry with which the government is pushing its most ambitious project to assign a number (UID) to every citizen without any feasibility study or public debate has raised many questions. http://bit.ly/8Zt9mf

Upcoming Event

Identity, Identification and Media Representation in Video Game Play: An Audience Reception Study: Adrienne Shaw from the Annenberg School of communications, who is a visiting fellow at MICA is giving a public talk on research on representation in video games on 27 November 2010 at the Centre for Internet and Society in Bangalore.
http://bit.ly/909xkU

Research

My Bubble, My Space, My Voice Workshop - Perspective and Future
The second workshop for the “Digital Natives with a Cause?” research project named “My Bubble, My Space, My Voice” took place at the Link Center of Wits University, in Johannesburg, South Africa from 6 November 2010 to 9 November 2010. Samuel Tettner, Digital Natives Co-cordinator shares his perspective on the workshop.
http://bit.ly/bPX6Xd

Archive and Access: Call for Review
The Archive and Access research project by Rochelle Pinto, Aparna Balachandran and Abhijit Bhattacharya is a part of the Researchers @ Work Programme at the Centre for Internet and Society, Bangalore. The project that attempts to look at the ways in which the notion of the archive, the role of the archivist and the relationship between the state and private archives that has undergone a transition with the emergence of Internet technologies in India has been put up for public review. http://bit.ly/d4o809

Just Where We Like It
The micro space for status updates might become the new public space for discussion. Nishant Shah's column on Digital Natives was published in the Sunday Eye of the Indian Express on 21 November 2010.
http://bit.ly/96cK8q

Taking It to the Streets
The previous posts in the Beyond the Digital series have discussed the distinct ways in which young people today are thinking about their activism. The fourth post elaborates further on how this is translated into practice by sharing the experience of a Blank Noise street intervention: Y ARE U LOOKING AT ME?
http://bit.ly/ciyiiR

Talking Back without "Talking Back"
The activism of digital natives is often considered different from previous generations because of the methods and tools they use. However, reflecting on my conversations with The Blank Noise Project and my experience in the ‘Digital Natives Talking Back’ workshop in Taipei, the difference goes beyond the method and can be spotted at the analytical level – how young people today are thinking about their activism.
http://bit.ly/bHAvDE

The 'Beyond the Digital' Directory
For the past few months, Maesy Angelina has been sharing the insights gained from her research with Blank Noise on the activism of digital natives. The ‘Beyond the Digital’ directory offers a list of the posts on the research based on the order of its publication.
http://bit.ly/b3TK3C

First Thing First
Studies often focus on how digital natives do their activism in identifying the characteristics of youth digital activism and dedicate little attention to what the activism is about. The second blog post in the Beyond the Digital series reverses this trend and explores how the Blank Noise Project articulates the issue it addresses: street sexual harassment.
http://bit.ly/cM1HFf

Change has come to all of us
The general focus on a digital generational divide makes us believe that generations are separated by the digital axis, and that the gap is widening. There is a growing anxiety voiced by an older generation that the digital natives they encounter — in their homes, schools and universities and at workplaces — are a new breed with an entirely different set of vocabularies and lifestyles which are unintelligible and inaccessible. It is time we started pushing the boundaries of what it means to be a digital native.
http://bit.ly/9J82YY

Accessibility

e-Accessibility Policy Handbook for Persons with Disabilities
The Centre for Internet and Society is proud to announce the launch of its first publication, the “e-Accessibility Policy Handbook for Persons with Disabilities" in collaboration with the G3ict (Global Initiative for Inclusive Information Communication Technologies) and ITU (International Telecommunications Union), and sponsored by the Hans Foundation. The handbook is compiled and edited by Nirmita Narasimhan. Dr. Hamadoun I. Toure, Secretary-General, International Telecommunication Union has written the preface, Dr. Sami Al-Basheer, Director, ITU-D has written the introduction and Axel Leblois, Executive Director, G3ict has written the foreword.
http://bit.ly/gfKNYO

Intellectual Property

Statement of CIS on the Work of the Committee in the 21st SCCR
The twenty-first session of the Standing Committee on Copyright and Related Rights was held in Geneva from 8 to 12 November 2010. Nirmita Narasimhan attended the conference and represented the Centre for Internet and Society.
http://bit.ly/fJVNPI

We’ve All Got Some Baggage
America’s newest trade agreement is not going to kill only iPods. The article appeared in the Tehelka Magazine Vol 7, Issue 45, Dated November 13, 2010
http://bit.ly/cVrpWd

Internet Governance

Consumer Privacy - How to Enforce an Effective Protective Regime?
In a typical sense, when people think of themselves as consumers, they just think about what they purchase, how they purchase and how they use their purchase. But while doing this exercise we are always exchanging personally identifiable information, and thus our privacy is always at risk. In this blog post, Elonnai Hickok and Prashant Iyengar through a series of questions look through the whole concept of consumer privacy at the national and international levels. By placing a special emphasis on Indian context, this post details the potential avenues of consumer privacy in India and states the important elements that should be kept in mind when trying to find at an effective protective regime for consumer privacy.
http://bit.ly/eEs5Qx

CIS Responds to Privacy Approach Paper
A group of officers was created to develop a framework for a privacy legislation that would balance the need for privacy protection, security, sectoral interests, and respond to the domain legislation on the subject. Shri Rahul Matthan of Tri Legal Services prepared an approach paper for the legal framework for a proposed legislation on privacy. The approach paper is now being circulated for seeking opinions of the group of officers and is also being placed on the website of the Department of Personnel and Training for seeking public views on the subject. The Privacy India team at CIS responded to the approach paper and has called for the need for a more detailed study of statutory enforcement models and mechanisms in the creation of privacy legislation.
http://bit.ly/eVTwVC
Privacy and Banking: Do Indian Banking Standards Provide Enough Privacy Protection
Banking is one of the most risky sectors as far as privacy is concerned due to the highly sensitive and personal nature of information which is often exchanged, recorded and retained. Although India has RBI guidelines and legislations to protect data, this blog post looks at the extent of those protections, and what are the areas that still need to be addressed.
http://bit.ly/flq09V

Privacy and Telecommunications: Do We Have the Safeguards?
All of you often come across unsolicited and annoying telemarketing calls/ SMS's, prank calls, pestering calls for payment, etc. Do we have any safeguards against them? This blog post takes a look at the various rules and regulations under Indian law to guard our privacy and confidentiality.
http://bit.ly/hnTwKp

Privacy, Free/Open Source, and the Cloud
A look into the questions that arise in concern to privacy and cloud computing, and how open source plays into the picture.
http://bit.ly/awpCyF

Privacy Concerns in Whole Body Imaging: A Few Questions
Security versus Privacy...it is a question that the world is facing today when it comes to using the Whole Body Imaging technology to screen a traveller visually in airports and other places. By giving real life examples from different parts of the world Elonnai Hickok points out that even if the Government of India eventually decides to advocate the tight security measures with some restrictions then such measures need to balanced against concerns raised for personal freedom. She further argues that privacy is not just data protection but something which must be viewed holistically and contextually when assessing new policies.
http://bit.ly/9rvQPt

American Bar Association Online Privacy Conference: A Report
On 10 November 2010, I attended an American Bar Association online conference on 'Regulating Privacy Across Borders in the Digital Age: An Emerging Global Consensus or Vive la Difference'. The panelists addressed many important global privacy challenges and spoke about the changes the EU directive is looking to take.
http://bit.ly/dy41zc

Telecom

3G Life
You can video chat, stream music and watch TV on your phone. Offering high-speed internet access, 3G would change the world of mobile computing. Nishant Shah's article was published in the Indian Express on 14 November 2010.
http://bit.ly/gyxaW2

Ideology and ICT Policies
For better policies, decision-makers need to know their own and others’ biases, and consider what others are doing, writes Shyam Ponappa in an article published in the Business Standard on 4 November 2010.
http://bit.ly/dbl3Ai

Looking forward to your feedback. Please feel free to write to us for any queries or details required. If you do not wish to receive these emails, please do write to us and we will unsubscribe your mail ID from the mailing list.

For more details visit https://cis-india.org/about/newsletters/november-2010-bulletin

The internet’s new billion

praskrishna — 2011-04-02T07:31:19Z

New web users — in countries like Brazil and China — are changing the culture of the internet.

The harried mother had little wish to visit an internet cafe with two squirmy boys in tow, but she said there was no choice.

New to this potholed neighborhood on the city’s northern edge, Fabina da Silva, 31, needed to enroll her sons in school. Registering online was the only way.

“If it wasn’t a necessity, I wouldn’t be here,” da Silva said on a recent afternoon as her 6-year-old, Lucas, thumped his toy Sponge Bob on the mouse pad beside her. “Nowadays, internet in Brazil is a necessity.”

Brazil has long been a bellwether nation for emerging-market internet trends and it’s riding a wave that will soon sweep the globe. The newest billion people to venture online are doing so in developing countries rather than North America or Europe.

And whether those newcomers are getting online for fun or because they must, they’re doing so en masse. For businesses nimble enough to serve markets as diverse as Brazil, Russia, India, China and Indonesia, the shift promises a staggering number of new customers.

But internet trend-watchers say there’s more at stake than the emergence of a worldwide class of digital consumers. The new users are changing the culture of the internet itself. Researchers say the web as it was originally, if idealistically, conceived — a largely free, monolingual space where a shared digital culture prevailed — may soon be a distant memory. And it’s happening remarkably fast.

“Potentially explosive” is how Marcos Aguiar describes the growth. He’s a senior partner at the Boston Consulting Group’s Sao Paulo office who co-authored a report released in September called “The Internet’s New Billion.” It concludes the number of web users in developing-world “BRICI” countries — Brazil, Russia, India, China and Indonesia — will jump from 610 million this year to 1.2 billion by 2015.

When the internet crossed the billion-user threshold just five years ago, the developed world commanded a 60-40 majority online, according to the United Nations’ International Telecommunications Union. Today, that proportion has roughly reversed.

The new users are younger, poorer and more numerous than ever before, BCG’s analysts said, and increasing numbers will need web access and won't be able to afford broadband in their living room.

As Fabina da Silva pecked away on a keyboard to register her sons for school, she was in many ways typical of low-income Brazilian users. Those who don’t have web access at home often pay small fees to use ad hoc cybercafes known here as “LAN houses.” Many began as rooms full of connected computers, or local area networks, for multi-player gaming, but their customer base has since broadened.

In India, those following the trend say a huge portion of the new billion will enter the web via mobile devices.

“If you look at our broadband figures in India, it’s quite pathetic,” said Sunil Abraham, director of the Centre for Internet and Society, a think tank in Bangalore. “And less than 1 percent of the population has ever accessed the internet.”

But recently, many Indian telecommunication firms have begun giving out free data plans with their mobile devices — a move Sunil said will instantly send millions of Indians onto the internet. “The moment an end user acquires a smart phone they become a data user because they’re not paying for it,” he said. “But they’re not coming onto the internet like you and I know.”

Instead, phone companies only provide access to a few sites, such as Wikipedia and Facebook Zero, a stripped-down mobile version of the social networking site that omits photos but allows messaging and status updates. “They’re coming onto a network that, from the beginning, is a complete walled garden,” he said.

The new walls dividing regions of the internet aren’t likely to stop there. Even as more users join the web worldwide, they are increasingly separated by language. What the nearly 400 million users in China experience as the internet is vastly different than the web surfed by Americans. Much of the software and websites on the Chinese web are produced domestically in the local language. That’s also how it works in Russia and Indonesia.

Some observers say this difference has political consequences. “Many of the local companies provide far better service than the likes of Google and Facebook in those markets,” said Evgeny Morozov, a digital technology researcher at Stanford University. “But also those local websites are much easier to censor because the corporate entities behind those sites all have some domestic presence.”

Morozov is author of an up-coming book “The Net Delusion: The Dark Side of Internet Freedom,” and he said there’s a dark side to be found in the internet’s new billion, too. Because poorer users resort to more centralized methods for getting online — cybercafes, cell-phone towers — their activity will be much easier to monitor.

“The fact that so much of this is happening in cybercafes and mobile devices actually empowers the government because those two things are much easier to control than a desktop computer in your house,” Morozov said.

Morozov is also skeptical of notions that greater diversity of cultures online will lead to more cultural dialogue. “There is very little interaction between communities and it’s not because the tools are lacking. It’s just that modern-day Indians and modern-day Russians have nothing to talk about most of the time,” he said. “There may simply be no demand for joining that global village.”

More optimistic web scholars argue there will be cultural conversations, but bridging the gaps between communities will take effort. “The internet has become a bunch of interlinked but linguistically distinct and culturally specific spaces,” said Ethan Zuckerman, a senior researcher at Harvard University’s Berkman Center for Internet and Society. “There’s some interface between them but there’s a lot less than there was years back when we were sort of pretending that this was one great global space.”

Instead of becoming the world’s biggest tool for cultural exchange, Zuckerman said the web could become its principal medium for mutual misunderstanding. “We’re mostly talking to people like ourselves rather than talking across cultural boundaries,” Zuckerman said. “And when we do cross cultural boundaries, it’s often in a way where we’re overhearing something that really pisses us off.”

Take for example the 2005 scandal after a Danish newspaper posted cartoons depicting the prophet Mohammed, sparking riots across the Muslim world. Zuckerman said such incidents may become routine. “It’s a problem of unseen audiences,” he said. “We always have to be aware there are other audiences out there listening, and they’re particularly listening for mentions of themselves.”

For a more amusing and recent online snafu, Zuckerman prefers citing a topic that went viral on the micro-blogging site Twitter this summer. The topic, the Brazilian Portuguese phrase “Cala boca, Galvao,” was mysterious to many English-speaking users. Asked to explain, a few mischievous Brazilians claimed the Galvao was a rare Amazon bird being slaughtered to extinction for its colorful feathers. For everyone who re-tweeted the phrase, so the pranksters claimed, 10 cents would be donated to a global effort to save the bird.

The encouragement helped catapult the phrase into the ranks of Twitter’s top-trending topics, or most-repeated phrases worldwide last June. But in reality, Galvao was the first name of Galvao Bueno, a Brazilian sports commentator on the Globo network, whose pronouncements during the World Cup had irritated many of his compatriots. In Brazilian Portuguese, “Cala boca” roughly means, “shut up.”

“There’s an entirely different conversation going on that’s so incomprehensible to Americans that the Brazilians make fun of us when we try to understand,” Zuckerman said. “In many ways that sort of characterizes for me what’s going on with the contemporary ‘net.'”

But Zuckerman still believes virtual borders can be crossed. In 2005, he co-founded Global Voices, an aggregator and translator of blogs from around the world, in part to help the next billion web users communicate.

“These billion users are sort of proxy for the global middle class,” he said. “They’re an increasing economic force, an increasing cultural force, and they are the people we need to negotiate with and have a conversation with if we want to address problems like climate change.”

In the run-down Engenho da Rainha neighborhood in Rio de Janeiro, some of the LAN house customers seemed more interested in using the web to play games than solve the world’s problems.

One wiry teen in a blue baseball cap barely glanced away from his screen to answer questions. “I’ll spend all day, all night on the internet if I’m allowed,” said Carlos Wallace Cruz, 16. “I’d say I’m 98 percent addicted.”

Cruz’s drug of choice isn’t likely to ring a bell with Americans his age. It’s a video game available only on Orkut, a Google social networking site, wildly popular in Brazil and India but less so in the United States.

When a visitor asked if he ever spent time on Orkut’s much more famous rival site, Cruz responded with earnest puzzlement.

“What’s Facebook?” he asked.

Read the original in the Global Post

For more details visit https://cis-india.org/news/internet-new-billion

Privacy, Free/Open Source, and the Cloud

elonnai — 2012-03-22T05:50:10Z

A look into the questions that arise in concern to privacy and cloud computing, and how open source plays into the picture.

Introduction

Cloud computing, in basic terms, is internet-based computing where shared resources and services are taken from the primary infrastructure of the internet and provided on demand. Cloud computing creates a shared network between major corporations like Google, Microsoft, Amazon and Yahoo. In this way, cloud systems are related to grid computing systems/service- oriented architectures, and create the potential for the entire I.T. infrastructure to be programmable. Because of this, cloud computing establishes a new consumption and delivery standard for IT services based on the internet. It is a new consumption and delivery model, because it is made up of services delivered through common centers and built on servers which act as a point of access for the computing needs of consumers. The access points facilitate the tailoring and delivering of targeted applications and services to consumers. Details are taken from the users, who no longer need to have an understanding of, or control over the technology infrastructure in the cloud that supports their desired application.

There are both corporate and consumer implications for such a system. For example, according cloud computing lowers the barriers to entry for corporations and new services. It also enables innovative enterprise in locations where there is an insufficient supply of human or other resources through the provision of inexpensive hardware, software, and applications. The consumer, in turn, is provided with information that he or she is projected to be interested in based on information he or she has already “consumed.” Thus, for example: Google has the ability to monitor a person’s consuming habits through searches and to reduce those habits to a pattern which selects applications to display – and consumption of those reinforces the pattern.

Privacy Concerns:

Though cloud computing can be a useful tool for consumers, corporations, and countries, cloud computing poses significant privacy concerns for all actors involved. For the consumer, a major concern is that future business models may rely on the use of personal data from consumers of cloud services for advertising or behavioral targeting. This concern brings to light the fundamental problem of cloud computing which is that consumers consent to the secondary use of their personal data only when they are signing up for services, and that “consent” is almost automatically generated. How can the cloud assure users that their private data will be properly protected? It is true that high levels of encryption can be (and are) used, and that many companies also take other precautionary measures, but protective measures vary, and the secondary sources that gain access to information may not protect it as well as the initial source. Moreover, even strong protection measures are vulnerable to hackers. As well, what happens if a jurisdiction, like the Indian government, gains access to information about a foreign national? India still does not have a comprehensive data protection law, nor does it have many forms of redress for violations of privacy. How is that individuals information protected?

These questions give rise to other privacy concerns with respect to the data that is circulated and stored on the cloud, which are the questions of territory, sovereignty, and regulation. Many of these were brought up at the Internet Governance Forum, which took place on the 16th of September including: Which jurisdiction has authority in cases of dispute or digital crime? If you lose data or your data is damaged, stolen, or manipulated, where do you go? Is the violation enforced under local laws, and, if so, under the law of the violator or the law of the violated? If international law, who can access the tribunals, and which tribunals have this jurisdiction? What if a person's data is replicated in two data centres in two different countries? Are the data subject to scrutiny by the officials of all three? Is there a remedy against abuse by any of them? Does it matter whether the country in which the data centre resides does not require a warrant for government access? And how will a consumer know any of that up front? As a corollary, if content is being sent to one country but resides on a data centre in another country, whose data protection standards apply? For example, certain governments in Europe require data retention for limited amount of time for purposes for law enforcement, but other countries may allow retention of data for shorter or longer periods of time.

How are privacy, free/open source, and the cloud related ?

Eben Moglen, a professor from Columbia law school, and founder and chairman of the Software Freedom Law Center who spoke on cloud computing, privacy, and free/open software at the Indian Institute for science on Thursday September 25, had another solution to the privacy concerns that arise out of the cloud. His lecture explains how the internet has moved from a tool that once promoted equality between people – no servants and no masters – to a tool that reinforces social hierarchies. The reinforcement of these hierarchies is directly related to the language used and communication facilitated between the computer and the individual. Professor Moglen describes how initially, when computers were first introduced to the public, humans spoke directly to computers, and computers responded directly to humans. This open, two-way communication changed when Microsoft, Apple, and IBM removed the language between humans and computers and created proprietary software based on a server-client computing relationship. By removing the language between humans and computers, these corporations dis-empowered individuals. Professor Moglen used this as a springboard to address the privacy concerns that come up in cloud computing. Privacy at its base is the ability of an individual to control access to various aspects of self, such as decisional, informational, and locational. In having the ability to control these factors, privacy consists of a relation between a person and another person or an entity. Professor Moglen postulated that free/open access to code would make the internet an environment where choices over that relationship were still in the hands of an individual, and, among other protections, the individuals could build up their desired levels of privacy.

Is free/open software the solution?

Eben Moglen's solution to the many privacy concerns that arise out of cloud computing is the application and use of free software/open source by individuals. Unlike some applications on the cloud, open source is free, and once an individual has access to the code, that person can control how a program functions, including how a program uses personal information, and thus the person would be able to protect their privacy. Of course, this presumes that the consumer of the internet is sophisticated enough to access and manipulate code. But even putting that presumption aside, is the ability to write code enough to protect data (will help you protect data better – add more security)? Perhaps if a person could create his own server and bypass the cloud, but this does not seem like an ideal (or practical) solution. Though free/open source is an important element that should be incorporated into cloud computing, free/open source depends on open standards. According to Pranesh Prakash, in his presentation at the Internet Governance Forum, the role of standards in ensuring interoperability is critical to allowing consumers to choose between different devices to access the cloud, to choose between different software clients, and to shift between one service and another. This would include moving information, both the data and the metadata, from one cloud to another. Clouds would need to be able to talk to one another to enable data sharing, and open source is key to this, though it is important to note that if one uses free/open source, they must set up their own infrastructure.

Conclusion

Even though Moglen believes that free/open source software brings freedom and provides the solution to protect an individual’s privacy in the context of cloud computing, he was not speaking to the specific context of India. To do that, it is important to expand the definitions that one uses of free/open source and privacy, and then to contextualize them. Looking closely at the words “free/open source,” they are not limited to access to a software's code, even though that is free/open source’s base. For the ideology of free/open source to work, access to code is just a key to the puzzle. A person, community, culture and state must understand the purpose of free/open source, know how to use it, and know how it can be applied in order for it to be transformative, liberating, and protective. There needs to be a shared understanding that free/open source is not just about being able to change code, but about a shared commitment to sharing code and making it transparent and accessible. In the United States and other countries, free/open source did not just enter into American society and immediately fix issues of privacy by bringing freedom, as it seems Professor Moglen is suggesting free/open source will do in India. Though Professor Moglen promises freedom and privacy protection through free/open source, perhaps this is not an honest appraisal of the technology. Free/open source, if not equally accessed or misapplied, protects neither freedom nor privacy. As noted above, even if a person has access to code, he can protect data only to a certain extent. Thus, he might think that he has created a privacy wall around information that actually is readily accessible. In other words, free/open source cannot be the only answer to freedom, but instead a piece to a collective answer.

For more details visit https://cis-india.org/internet-governance/blog/privacy/privacy-cloud-computing

DOC 2.0: A Resources Sharing Mela by NGO Documentation Centres

praskrishna — 2011-04-02T08:13:51Z

A Resource Sharing Mela and Meet of DCM (Document Centres Meet) at the Centre for Education & Documentation in Domlur, Bangalore.

Programme

18th Nov: 9.30 am to 20th Nov. 2 pm

Draft 3 ( to be finalised )

For DCMers
9.30 pm to 12 noon
CED Terrace

Interaction
2 pm to 4 pm
CED Exhibition Hall

Public Session
5 pm to 7 pm
CED Terrace

18th Nov.	Multi-Media/New Media. AVs, Photos, Internet - blogs	Managing Data Akshara Class.; Mapping Data: Timbaktu experience- Anne Marie.	Knowledge in an Internet Era: Role of DCs in Info-digital Society: Avinash Jha - KICS Sharing Session: Chair: Ashish Rajadhaksha
19th Nov.	Print Media Training Manuals, Newsletters, Posters etc	Producing Data: Data generation tools used by Aalochana in PC4D, Jagori safety audit	Internet : Reclaiming Civil society on the Internet. Public domain V/s copyright: Sunil Abraham:
20th Nov.	Interactive Media: Theatre, Melas?; Yuvati Mela:	Dissemination Marketing issues: Alvito; Mobile Libraries (Aalochana)	Ends

Workshop Banner

See the original here

For more details visit https://cis-india.org/news/doc-2.0