The Centre for Internet and Society
https://cis-india.org
These are the search results for the query, showing results 11 to 25.
Impact of Industrial Revolution 4.0 - IT and Automotive Sector in India by the Dialogue and FES
https://cis-india.org/internet-governance/news/impact-of-industrial-revolution-4-0-it-and-automotive-sector-in-india-by-the-dialogue-and-fes
<b>On August 21, 2019, Aayush Rathi, attended a report launch event and focus group discussion on the "Impact of Industrial Revolution 4.0 - IT and Automotive Sector in India". Research conducted by the Dialogue in collaboration with the Friedrich-Ebert-Stiftung (FES) were being presented. </b>
<p class="moz-quote-pre" style="text-align: justify; ">At CIS, we have previously produced research on the future of work in these sectors. Aayush attended the event to understand how other researchers are approaching the subject of the future of work in terms of the methodological approach and the questions being asked and policy responses being proposed. In what may be treated as validation of our research design, FES and the Dialogue have addressed similar questions and adopted an empirical+desk based approach to do so as well.</p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/news/impact-of-industrial-revolution-4-0-it-and-automotive-sector-in-india-by-the-dialogue-and-fes'>https://cis-india.org/internet-governance/news/impact-of-industrial-revolution-4-0-it-and-automotive-sector-in-india-by-the-dialogue-and-fes</a>
</p>
No publisherAdminIndustry 4.0Internet GovernanceInformation TechnologyArtificial Intelligence2019-08-27T00:13:32ZNews ItemPycon India 2019
https://cis-india.org/internet-governance/news/pycon-india-2019
<b>K. Bhuvana Meenakshi gave a talk at BangPypers organized by Python Software Society in Bangalore on August 25, 2019. She spoke on Let the world experience WebXR!</b>
<p>For more info, <a class="external-link" href="https://www.meetup.com/BangPypers/events/kswpqqyzlbwb/">click here</a></p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/news/pycon-india-2019'>https://cis-india.org/internet-governance/news/pycon-india-2019</a>
</p>
No publisherAdminInternet GovernanceInformation Technology2019-08-27T00:04:03ZNews ItemLeveraging Web Application Vulnerabilities for Reconnaissance and Intelligence Gathering
https://cis-india.org/internet-governance/news/leveraging-web-application-vulnerabilities-for-reconnaissance-and-intelligence-gathering
<b>Karan Saini gave a talk at the JSFoo Conference at the GRD College of Science in Coimbatore, Tamil Nadu on July 5, 2019. The event was organized by Has Geek.</b>
<p>Click to <a class="external-link" href="http://cis-india.org/internet-governance/files/jsfoo-talk">view Karan's presentation</a></p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/news/leveraging-web-application-vulnerabilities-for-reconnaissance-and-intelligence-gathering'>https://cis-india.org/internet-governance/news/leveraging-web-application-vulnerabilities-for-reconnaissance-and-intelligence-gathering</a>
</p>
No publisherAdminInternet GovernanceInformation Technology2019-07-22T01:39:14ZNews ItemWebinar on counter-comments to the draft Intermediary Guidelines
https://cis-india.org/internet-governance/news/webinar-on-counter-comments-to-the-draft-intermediary-guidelines
<b>CCAOI and the ISOC Delhi Chapter organised a webinar on February 11 to discuss the comments submitted to the Information Technology [Intermediary Guidelines (Amendment) Rules] 2018, and counter-comments that were due by February 14. </b>
<p>The agenda of the discussion was:</p>
<ul>
<li>A brief introduction to the counter comment process [Shashank Mishra]</li>
<li>Invited stakeholders comment on key issues and perspectives on the submissions and the points to be countered.</li>
</ul>
<p>The following people participated:</p>
<ul>
<li>Amba Kak, Mozilla</li>
<li>Rajesh Chharia, ISPAI</li>
<li>Gurshabad Grover, CIS</li>
<li>Priyanka Chaudhari, SFLC</li>
<li>Divij Joshi, Vidhi Centre for Legal Policy</li>
</ul>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/news/webinar-on-counter-comments-to-the-draft-intermediary-guidelines'>https://cis-india.org/internet-governance/news/webinar-on-counter-comments-to-the-draft-intermediary-guidelines</a>
</p>
No publisherAdminInternet GovernanceIntermediary LiabilityInformation Technology2019-02-22T01:51:19ZNews ItemIs the new ‘interception’ order old wine in a new bottle?
https://cis-india.org/internet-governance/blog/newslaundry-elonnai-hickok-vipul-kharbanda-shweta-mohandas-and-pranav-bidare-december-27-2018-is-the-new-interception-order-old-wine-in-a-new-bottle
<b>The government could always authorise intelligence agencies to intercept and monitor communications, but the lack of clarity is problematic.</b>
<p style="text-align: justify; ">An opinion piece co-authored by Elonnai Hickok, Vipul Kharbanda, Shweta Mohandas and Pranav M. Bidare was published in <a class="external-link" href="https://www.newslaundry.com/2018/12/27/is-the-new-interception-order-old-wine-in-a-new-bottle">Newslaundry.com</a> on December 27, 2018.</p>
<hr style="text-align: justify; " />
<p style="text-align: justify; ">On December 20, 2018, through an <a href="http://egazette.nic.in/WriteReadData/2018/194066.pdf" target="_blank">order</a> issued by the Ministry of Home Affairs (MHA), 10 security agencies—including the Intelligence Bureau, the Central Bureau of Investigation, the Enforcement Directorate and the National Investigation Agency—were listed as the intelligence agencies in India with the power to intercept, monitor and decrypt "any information" generated, transmitted, received, or stored in any computer under Rule 4 of the Information Technology (Procedure and Safeguards for Interception, Monitoring and Decryption of Information) Rules, 2009, framed under section 69(1) of the IT Act.</p>
<p style="text-align: justify; ">On December 21, the Press Information Bureau published a <a href="http://www.pib.nic.in/PressReleseDetail.aspx?utm_campaign=fullarticle&utm_medium=referral&PRID=1556945" target="_blank">press release</a> providing clarifications to the previous day’s order. It said the notification served to merely reaffirm the existing powers delegated to the 10 agencies and that no new powers were conferred on them. Additionally, the release also stated that “adequate safeguards” in the IT Act and in the Telegraph Act to regulate these agencies’ powers.</p>
<p style="text-align: justify; ">Presumably, these safeguards refer to the Review Committee constituted to review orders of interception and the prior approval needed by the Competent Authority—in this case, the secretary in the Ministry of Home Affairs in the case of the Central government and the secretary in charge of the Home Department in the case of the State government.</p>
<p style="text-align: justify; ">As noted in the press release, the government has always had the power to authorise intelligence agencies to submit requests to carry out the interception, decryption, and monitoring of communications, under Rule 4 of the Information Technology (Procedure and Safeguards for Interception, Monitoring and Decryption of Information) Rules, 2009, framed under section 69(1) of the IT Act.</p>
<p style="text-align: justify; ">When considering the implications of this notification, it is important to look at it in the larger framework of India’s surveillance regime, which is made up of a set of provisions found across multiple laws and operating licenses with differing standards and surveillance capabilities.</p>
<p style="text-align: justify; ">- Section 5(2) of the Indian Telegraph Act, 1885 allows the government (or an empowered authority) to intercept or detain transmitted information on the grounds of a public emergency, or in the interest of public safety if satisfied that it is necessary or expedient so to do in the interests of the sovereignty and integrity of India, the security of the State, friendly relations with foreign states or public order or for preventing incitement to the commission of an offence. This is supplemented by Rule 419A of the Indian Telegraph Rules, 1951, which gives further directions for the interception of these messages.</p>
<p style="text-align: justify; ">- Condition 42 of the <a href="http://www.dot.gov.in/sites/default/files/DOC270613-013.pdf" target="_blank">Unified Licence for Access Services</a>, mandates that every telecom service provider must facilitate the application of the Indian Telegraph Act. Condition 42.2 specifically mandates that the license holders must comply with Section 5 of the same Act.</p>
<p style="text-align: justify; ">- Section 69(1) of the Information Technology Act and associated Rules allows for the interception, monitoring, and decryption of information stored or transmitted through any computer resource if it is found to be necessary or expedient to do in the interest of the sovereignty or integrity of India, defense of India, security of the State, friendly relations with foreign States or public order or for preventing incitement to the commission of any cognizable offence relating to above or for investigation of any offence.</p>
<p style="text-align: justify; ">- Section 69B of the Information Technology Act and associated Rules empowers the Centre to authorise any agency of the government to monitor and collect traffic data “to enhance cyber security, and for identification, analysis, and prevention of intrusion, or spread of computer contaminant in the country”.</p>
<p style="text-align: justify; ">- Section 92 of the CrPc allows for a Magistrate or Court to order access to call record details.</p>
<p style="text-align: justify; ">Notably, a key difference between the IT Act and the Telegraph Act in the context of interception is that the Telegraph Act permits interception for preventing incitement to the commission of an offence on the condition of public emergency or in the interest of public safety while the IT Act permits interception, monitoring, and decryption of any cognizable offence relating to above or for investigation of any offence. Technically, this difference in surveillance capabilities and grounds for interception could mean that different intelligence agencies would be authorized to carry out respective surveillance capabilities under each statute. Though the Telegraph Act and the associated Rule 419A do not contain an equivalent to Rule 4—<a href="https://mha.gov.in/MHA1/Par2017/pdfs/par2013-pdfs/ls-110214/294.pdf" target="_blank">nine Central Government agencies and one State Government agency</a> have previously been authorized under the Act. The Central Government agencies authorised under the Telegraph Act are the same as the ones mentioned in the December 20 notification with the following differences:</p>
<p style="text-align: justify; ">- Under the Telegraph Act, the Research and Analysis Wing (RAW) has the authority to intercept. However, the 2018 notification more specifically empowers the Cabinet Secretariat of RAW to issue requests for interception under the IT Act.</p>
<p style="text-align: justify; ">- Under the Telegraph Act, the Director General of Police, of concerned state/Commissioner of Police, Delhi for Delhi Metro City Service Area, has the authority to intercept. However, the 2018 notification specifically authorises the Commissioner of Police, New Delhi with the power to issue requests for interception.</p>
<p style="text-align: justify; ">That said, the<a href="https://cis-india.org/internet-governance/resources/it-procedure-and-safeguard-for-monitoring-and-collecting-traffic-data-or-information-rules-2009" target="_blank"> IT (Procedure and safeguard for Monitoring and Collecting Traffic Data or Information) Rules, 2009 </a>under 69B of the IT Act contain a provision similar to Rule 4 of the IT (Procedure and Safeguards for Interception, Monitoring and Decryption of Information) Rules, 2009 - allowing the government to authorize agencies that can monitor and collect traffic data. In 2016, the Central Government <a href="http://meity.gov.in/writereaddata/files/69B%20Notification%20-April%202016.pdf" target="_blank">authorised</a> the Indian Computer Emergency Response Team to monitor and collect traffic data, or information generated, transmitted, received, or stored in any computer resource. This was an exercise of the power conferred upon the Central Government by Section 69B(1) of the IT Act. However, this notification does not reference Rule 4 of the IT Rules, thus it is unclear if a similar notification has been issued under Rule 4.</p>
<p style="text-align: justify; ">While it is accurate that the order does not confer new powers, areas of concern that existed with India’s surveillance regime continue to remain including the question of whether 69(1) and 69B and associated Rules are <a href="https://thewire.in/government/narendra-modi-snooping-it-act-home-ministry" target="_blank">constitutionally</a> valid, the lack of t<a href="https://cis-india.org/internet-governance/blog/transparency-in-surveillance" target="_blank">ransparency</a> by the government and the prohibition of transparency by service providers, <a href="https://cis-india.org/internet-governance/blog/yahoo-october-23-2013-what-india-can-learn-from-snowden-revelations" target="_blank">heavy handed </a>penalties on service providers for non-compliance, and a lack of legal backing and <a href="https://cis-india.org/internet-governance/blog/policy-brief-oversight-mechanisms-for-surveillance" target="_blank">oversight</a> mechanisms for intelligence agencies. Some of these could be addressed if the draft Data Protection Bill 2018 is enacted and the Puttaswamy Judgement fully implemented.</p>
<p style="text-align: justify; "><b>Conclusion</b></p>
<p style="text-align: justify; ">The MHA’s order and the press release thereafter have served to publicise and provide needed clarity with respect to the powers vested in which intelligence agencies in India under section 69(1) of the IT Act. This was previously unclear and could have posed a challenge to ensuring oversight and accountability of actions taken by intelligence agencies issuing requests under section 69(1) .</p>
<p style="text-align: justify; ">The publishing of the list has subsequently served to raise questions and create a debate about key issues concerning privacy, surveillance and state overreach. On <a href="https://barandbench.com/ministry-of-home-affairs-surveillance-order-challenged-in-supreme-court/" target="_blank">December 24</a>, the order was challenged by advocate ML Sharma on the grounds of it being illegal, unconstitutional and contrary to public interest. Sharma in his contention also stated the need for the order to be tested on the basis of the right to privacy established by the Supreme Court in Puttaswamy which laid out the test of necessity, legality, and proportionality. According to this test, any law that encroaches upon the privacy of the individual will have to be justified in the context of the right to life under Article 21.</p>
<p style="text-align: justify; ">But there are also other questions that exist. India has multiple laws enabling its surveillance regime and though this notification clarifies which intelligence agencies can intercept under the IT Act, it is still seemingly unclear which intelligence agencies can monitor and collect traffic data under the 69B Rules. It is also unclear what this order means for past interceptions that have taken place by agencies on this list or agencies outside of this list under section 69(1) and associated Rules of the IT Act. Will these past interceptions possess the same evidentiary value as interceptions made by the authorised agencies in the order?</p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/newslaundry-elonnai-hickok-vipul-kharbanda-shweta-mohandas-and-pranav-bidare-december-27-2018-is-the-new-interception-order-old-wine-in-a-new-bottle'>https://cis-india.org/internet-governance/blog/newslaundry-elonnai-hickok-vipul-kharbanda-shweta-mohandas-and-pranav-bidare-december-27-2018-is-the-new-interception-order-old-wine-in-a-new-bottle</a>
</p>
No publisherElonnai Hickok, Vipul Kharbanda, Shweta Mohandas and Pranav M. BidareIT ActPrivacyInternet GovernanceCyber SecurityInformation Technology2018-12-29T16:02:00ZBlog EntryFuture of Work: Report of the ‘Workshop on the IT/IT-eS Sector and the Future of Work in India’
https://cis-india.org/internet-governance/blog/future-of-work-report-of-the-workshop-on-the-it-it-es-sector-and-the-future-of-work-in-india
<b>This report provides an overview of the proceedings and outcomes of the Workshop on the IT/IT-eS Sector and the Future of Work in India (hereinafter referred to as the “Workshop”), organised at Omidyar Networks’ office in Bangalore, on June 29, 2018.</b>
<p style="text-align: justify;"> </p>
<p style="text-align: justify;">This report was authored by Torsha Sarkar, Ambika Tandon and Aayush Rath. It was edited by Elonnai Hickok. Akash Sriram, Divya Kushwaha and Torsha Sarkar provided transcription and research assistance. A PDF of the report can be accessed <a href="https://cis-india.org/internet-governance/pdf-it-sector-workshop" class="internal-link" title="PDF IT Sector Workshop">here</a>.</p>
<hr />
<h3>Introduction</h3>
<p style="text-align: justify;">The Workshop was attended by a diverse group of stakeholders which included industry representatives, academicians and researchers, and civil society. The discussions went over various components of the transition in the sector to Industry 4.0, including the impact of Industry 4.0-related technological innovations on work broadly in India, and specifically in the IT/IT-eS sector (hereinafter referred to as the “<strong>Sector</strong>”). The discussion focused on the reciprocal impact on socio-political dimensions, the structure of employment, and forms of work within workspaces. <br /> <br /> The Workshop was divided into three sessions. The first session was themed around the adoption and impact of Industry 4.0 technologies vis-a-vis the organisation of work. Within this the key questions were: the nature of the technologies being adopted, the causes that are driving the uptake of these technologies, and the ‘tasks’ constituting jobs in the Sector. <br /> <br /> The second session focussed on the role of skilling and re-skilling measures as mitigators to projected displacement of jobs. The issues dealt with included shifts in company, educational, and social competency profiles as a result of Industry 4.0, transformations in the predominant pedagogy of education, vocational, and skill development programmes in India, and their success in creating employable workers and filling skill gaps in the industry. <br /> <br /> The third session looked at social welfare considerations and public policy interventions that may be necessitated in the wake of potential technological unemployment owing to Industry 4.0. The session was designed with a specific focus on the axes of gender and class, addressing questions of precarity, wages, and job security in the future of work for marginalized groups in the workforce.</p>
<h3>Preliminary Comments</h3>
<p style="text-align: justify;">The Workshop opened with a brief introduction on the research the Centre for Internet and Society (CIS) is undertaking on the Future of Work (hereinafter referred to as “<strong>FoW</strong>”) vis-a-vis Industry 4.0. The conception of Industry 4.0 that CIS is looking at is the technical integration of cyber-physical systems in production and logistics on one hand, and the use of internet of things (IoT) and the connection between everyday objects and services in the industrial processes on the other. The scope of the project, including the impact of automation on the organisation of employment and shifts in the nature and forms of work, including through the gig economy, and microwork, was detailed. The historical lens taken by the project, and the specific focus on questions of inequality across gender, class, language, and skill were highlighted.</p>
<p style="text-align: justify;">It was pointed out that CIS’ research, in this regard, comes from the necessity of localising and re-examining the global narratives around Industry 4.0. While new technologies will be developed and implemented globally, the impact of these technologies in the Indian context would be mediated through local, political and socio-economic structures. For instance, the Third Industrial Revolution, largely associated with the massification of computing, telecommunications and electronics, is still unfolding in India, while attempts are already being made to adapt to Industry 4.0. These issues provided a starting point to the discussion on the impact of Industry 4.0 in India.</p>
<h3>Qualifying Technological Change</h3>
<p><strong>Contexualising the narrative with historical perspectives</strong></p>
<p style="text-align: justify;">The panel for the first session commenced with a discussion around a historical perspective on job loss being brought about due to mechanisation. The distinction between Industry 3.0 and 4.0, it was suggested, was largely arbitrary, inasmuch as technological innovation has been a continuous process and has been impacting lives and the way work is perceived. It was argued that the only factor differentiating Industry 4.0 from previous industrial revolutions is ‘intelligent’ technology that is automating routine cognitive tasks. The computer, programmatic logic control (PLC) and data (called the ‘new oil’) were also a part of Industry 3.0, but intelligent technologies are able to provide greater analytical power under Industry 4.0.</p>
<p style="text-align: justify;">The discussion also went over the distinction between the terms ‘job’, ‘task’ and ‘work’. It was argued that the term ‘job’ might be treated as a subset of the term ‘work’, with the latter moving beyond livelihood to encompass questions of dignity and a sense of fulfilment in the worker. With relation to this distinction, it was mentioned that the jobs at the risk of automation would be those that fulfill only the basic level in Maslow’s hierarchy - implying largely routine manual tasks. Additionally, it was explained that although these jobs will continue to use labour through Industry 4.0, it is only the nature of technological enablement that would change to automate more dangerous and hazardous tasks.</p>
<p><strong>Technology as a long-term enabler of job creation</strong></p>
<p style="text-align: justify;">It was argued that technology has historically been associated with job creation. Historical instances cited included that of popular anxiety due to anticipated job loss through the uptake of the spinning machine and the steam engine, whereas the actual reduction in the cost of production led to greater job creation, increased mobility and improved quality of life in the long-term. Such instances were used to further argue that technology has historically not resulted in long-term job reductions.</p>
<p style="text-align: justify;">The platform economy was posited as a model for creating jobs, through the efficient matching of supply and demand through digital platforms. It was indicated that rural to urban migration is aided by such platforms, as labourers voluntarily enrol in skilling initiatives given the certainty of employment through platformization. It was further argued that historically, Indian workers have been educated rather than skilled, and that platformization and automation, coupled with the elasticity of human needs, will provide greater incentives for technically skilled workers by creating desirable jobs.</p>
<p><strong>Factors leading to differential adoption of automation</strong></p>
<p style="text-align: justify;">In relation to the adoption of the technologies Industry 4.0, it was argued that the mere existence of a technology does not necessitate its scalablity at an industrial level. Scalability would be possible only when the cost of labour is high relative to the costs entailed in technological adoption. This was supported by data from a McKinsey Report<a name="_ftnref1" href="#_ftn1"><sup><sup>[1]</sup></sup></a> which indicated that countries like the US and Germany would be impacted in the short term by automation, because their cost of labour is higher. Conversely, since the cost of labour in India is relatively cheap, the reality of technological displacement is still far away and the impact would not be immediate.</p>
<p style="text-align: justify;">Similarly, a distinction was also made to account for the differential impact of automation in various sectors. For instance, it was indicated that since the IT/IT-eS sector in India is based on exporting services and outsourcing of businesses. Accordingly, if Germany automates its automobile industry, that would impact India less than if it automates the IT/IT-eS sector, as the latter is more reliant on exporting its services to developed economies. The IT/IT-eS sector was further broken down into sub-sectors with the intention of highlighting the differential impact of automation and FoW in each of these sub-sectors. It was agreed that the BPO sub-sector would be more adversely impacted than core IT services, given its constitution of routine nature of tasks at a higher risk of automation.</p>
<h3>Disaggregating India’s Skilling Approach</h3>
<p style="text-align: justify;">The discussion around skilling measures was contextualised in the Indian context by alluding to data collected from the National Sample Survey Organisation (NSSO) surveys. The data revealed that around 36% of India’s total population is under the age of seventeen and approximately 13% are between 18 - 24. Additional statistics suggested that only around a quarter of the workforce aged 18-24 years had achieved secondary and higher secondary education and close to 13% of the workforce was illiterate. While these numbers included both male and female workers, it was pointed out that it was an incomplete dataset as it excluded transgender workers. It was suggested it should be this segment of the Indian demographic that is targeted for significant skilling pushes, which could be catalysed through specific vocational training centres. It was also suggested that there was a need for to restructure the role of the National Skill Development Corporation (NSDC) in the Indian skilling framework.</p>
<p style="text-align: justify;">A comprehensive picture was painted by conceptualising the skilling framework in India as 5 distinct pillars. This conceptualisation was used to debunk the narrative around NSDC being the sole entity pushing for skill development in the country. The NSDC’s function in the skilling framework was posited as providing funding to skilling initiatives with programmes lasting for a period of 3 months. These 3- month programmes were critiqued for being insufficient for effective training, especially given the low skill levels of workers going into the programmes. The NSDC’s placement rate of 12% as per their own records was used to support this argument. Further suggestions on making the NSDC more effective were made in a later discussion<a name="_ftnref2" href="#_ftn2"><sup><sup>[2]</sup></sup></a>.</p>
<p style="text-align: justify;">Related to this, the second pillar of vocational skilling was said to be the Industrial Training Institute (ITI). The third pillar was said to be the school system which was critiqued for does not offering vocational education at secondary and senior secondary levels. The fourth pillar comprised of the 16 ministries which governed the labour laws in India - none of whose courses were National Skills Qualifications Framework (NSQF) compliant.</p>
<p style="text-align: justify;">The fifth pillar was construed as the industry itself and the enterprise-based training it conducted. However, it was stated that India’s share of registered companies who did enterprise-based training was dismal. In 2009, the share of enterprise-based training was 16% which rose in 2014 to 36%. Further, most of these 36% were registered large firms as opposed to small and medium sized enterprises. Unregistered companies, it was suggested, were simply doing informal apprenticeships.</p>
<p><strong>Joint public and private skilling initiatives </strong></p>
<p style="text-align: justify;">In addition to government sponsored skilling initiatives, attention was directed to skill development partnerships that took the shape of public-private initiatives. As an example, it was said that that a big player in the ride-hailing economy had worked with NSDC and other skilling entities to ensure that soft skills were being imparted to their driver partners before they were on-boarded onto the platform.</p>
<p style="text-align: justify;">It was also brought forth that innovative forms of skilling and training were gaining traction in the education sector as well in the private sector. This was instantiated through instances of uptake of platforms which apply artificial intelligence, and within that machine learning based techniques, to generate and disseminate easier- to- consume video-based learning.</p>
<h3>Driving Job Growth: Solving for Structural Eccentricities of the Indian Labour Market</h3>
<p><strong>Catalysing manufacturing-led job growth</strong></p>
<p style="text-align: justify;">The discussion began by discussing specific dynamics of the Indian labour markets in the context of the Indian economy. It was pointed out the productivity level of the services sector is not as high as the productivity level of manufacturing, which is problematic for job creation in a developing economy such as India witnessing capital-intensive growth in the manufacturing sector. The underlying argument was that the jobs of the future in the Indian context will have to be created in the manufacturing sector.</p>
<p style="text-align: justify;">Several macroeconomic policy interventions were suggested to reverse the trend of capital-intensive growth in order to make manufacturing the frontier for enhanced job creation. The need for a trade policy in consonance with the industrial policy was stated as imperative. This was substantiated by highlighting the lack of an inverted duty structure governing the automobile sector that has led India to be amongst the biggest manufacturers of automobiles. The inverted duty structure entails finished products having a lower import tariff and a lower customs duty when compared to import of raw materials or intermediates. However, it was highlighted that a dissonant industrial policy failed to acknowledge that at least 50% of india’s manufacturing comes from Micro, Small & Medium Enterprises (MSMEs) and provided no assistance to MSMEs in obtaining credit, market access or technology upgradation. On the other hand, it was asserted that large corporates get 77% of the total bank credit.</p>
<p style="text-align: justify;">Another challenge that was highlighted was with the Government of India’s severely underfunded manufacturing cluster development programs under the aegis of the Ministry of Textiles and the Ministry of MSMEs. For sectors that contribute majorly towards India’s manufacturing output, it was asserted that these programmes were astonishingly bereft of any governing policy and suffer from several foundational issues. Moreover, it was observed that these clusters are located around the country in Tier 2, 3 and 4 cities where the quality of infrastructure is largely lacking. The Atal Mission for Rejuvenation and Urban Transformation (AMRUT) program devised for the development of these cities is also myopic as the the target cities are not the ones where these manufacturing clusters are located. The rationale behind such an approach was that building infrastructure at geographical sites of job creation would lead to an increase in productivity which would in turn attract greater investment. This would have to necessarily be accompanied by hastening the setting up of industrial corridors - the lackadaisical approach to which was stated as a key component of India being outpaced by other developing economies in the South East Asian region.</p>
<p style="text-align: justify;">An additional policy intervention that was suggested was from the lens of setting up of skilling centres by NSDC in proximity to these manufacturing clusters where the job creation is being evidenced as opposed to larger metropolitan cities.</p>
<p><strong>Carving out space for a vocational training paradigm</strong></p>
<p style="text-align: justify;">It was asserted that the focus of skilling needs to be on the manufacturing rather than services sector, given the centrality of manufacturing to a developing economy undergoing an atypical structural transformation<a name="_ftnref3" href="#_ftn3"><sup><sup>[3]</sup></sup></a> - as outlined above. Further compounding the problem of jobless growth, it was stated that 50% of the manufacturing workforce have 8 or less years of education and only 5% of the workforce including those that have technical education are vocationally trained, according to the NSS, 62nd Round on Employment and Unemployment.</p>
<p style="text-align: justify;">A gulf in primary and secondary education vis-a-vis vocational training was pointed as one of the most predominant causes behind the much touted ‘skills gap’ that the Indian workforce is said to be battling with. Using data to further cull out the argument, it was said that in 2007, the net enrollment in India for primary education had already reached 97% and that between 2010 - 2015, the secondary education enrollment rate went from 58% to 85%.<a name="_ftnref4" href="#_ftn4"><sup><sup>[4]</sup></sup></a> It was hypothesised that the latter may have risen to 90% levels since. Furthermore, the higher education enrollment rate also commensurately went up from 11% in 2006 to 26-27% in 2017.<a name="_ftnref5" href="#_ftn5"><sup><sup>[5]</sup></sup></a> It was argued that this is impossible to achieve without gender parity in higher education. This gender parity in education was contrasted with the systematic decline in the women’s labour force participation that India has been witnessing in the last 30 years.</p>
<p style="text-align: justify;">Consequently, the ‘massification’ of higher education in India over the past 10 years was critiqued as ineffectual in comparison to the Chinese model, as the latter focused on engaging students in vocational training, which the Indian education system had failed to do. The role of the gig economy in creating job opportunities despite this gap between educational and vocational training was regarded as important, especially given the lack of growth in the traditional job markets.</p>
<h3>Accounting for the Margins</h3>
<p style="text-align: justify;">With relation to the profiles of workers within sectors, it was indicated that factors such as gender, class, skill, income, and race must be accounted for to determine the ‘winners’ and ‘losers’ of automation. Several points were discussed with relation to this disaggregation.</p>
<p><strong>Technology as an equaliser? Gender and skill-biased technological change</strong></p>
<p style="text-align: justify;">First, the idea of technology and development as objective and neutral forces was questioned, with the assertion that human decision-makers, who more often than not tend to be male, allow inherent biases to creep into outputs, processes, and objectives of automation. Data from the Belong Survey in IT services<a name="_ftnref6" href="#_ftn6"><sup><sup>[6]</sup></sup></a> indicated that the proportion of women in core engineering was 26% of the workforce, while that in software testing was 33%. Coupled with the knowledge that automation and technology would automate software testing first, it was argued that jobs held by female workers were positioned at a higher immediate risk of automation than male workers.</p>
<p style="text-align: justify;">The ‘Leaky Pipe Problem’ in STEM industries i.e. the observation that female workers tend to be concentrated in entry level jobs, while senior management is largely male dominated was also brought to the fore. This was used to bolster the argument that female workers in the Sector will lose out in the shorter term, when automation adversely impacts the lower level jobs.</p>
<p style="text-align: justify;">A survey conducted by Aspiring Minds<a name="_ftnref7" href="#_ftn7"><sup><sup>[7]</sup></sup></a> which tracked the employability of the engineering graduates was utilised to further flesh out skill biased technological change. As per the survey, 40% of the graduating students are employable in the BPO sector, while only 3% of the students are employable in the sector for software production. With the BPO sector likelier to be impacted more adversely than core IT services, it was emphasised that policy considerations should be very specific in their ambit.</p>
<p><strong>Social security and the platform economy</strong></p>
<p style="text-align: justify;">The discussion around the platform economy commenced with a focus on how it had created economic opportunities in the formal sector by matching demand and supply on one hand, and by reducing inefficiency in the system through technology on the other. It was pointed out that these newer forms of work were creating millions of entrepreneurship opportunities that did not exist previously. These opportunities, it was suggested, were in themselves flexible and contributing the greater push towards enhancing the numbers of those that come within the ambit of India’s formal economy.</p>
<p style="text-align: justify;">This discussion was countered by suggesting that the shift of the workforce from the informal sector to the formal sector, which companies in the gig economy claimed they contributed to, have instead restricted the kind of lives gig workers have been living historically. As an instance, it was pointed out that a farmer who had been working with a completely different set of skills was now being asked to shift to a new set of skills which would be suited for a very specific role and not transposable across occupations. In other words, it would not be meaningful skilling. It was also pointed out that what distinguishes formal work from informal is whether the worker has social security net or not - mere access to banking services or filing of tax returns was not sufficient for characterising a workforce as being formal in nature.</p>
<p style="text-align: justify;">Relatedly, the possibility of social security was discussed for the unorganised sector and microworkers. One of the possibilities discussed was to ensure state subsidised maternity, disability, and death security, and pensions for workers below the poverty line. The fiscal brunt borne by the government for such a scheme was anticipated to not be above 0.4% of the GDP. It was suggested that this would move forward the conversation on minimum wage and fair work, which would be of great importance in broader conversations around working conditions in the platform economy.</p>
<p><strong><em> </em>The interplay of gender and platformisation</strong></p>
<p style="text-align: justify;">It was highlighted that trends in automation are going to change the occupational structure in the digital economy - the effect of which will especially be felt in cognitive routine jobs given their increased propensity to platformisation. A World Economic Forum report<a name="_ftnref8" href="#_ftn8"><sup><sup>[8]</sup></sup></a> was cited which indicated the disproportional risk of unemployment faced by women given their concentration in cognitive routine jobs was also brought up.</p>
<p style="text-align: justify;">The discussion logically undertook a deeper look at the platformisation of work with a specific focus on freelance microwork and its impact on the female labour force and culled out certain positive mandates arising from such newer forms of work. It was suggested that industries are more likely to employ female workers in microwork due to lower rates of attrition, and flexible labour. It was reiterated that freelancing in India extends beyond data entry and other routine jobs, to include complex work - thereby also catering to skilled workers desirous of flexibility. Platforms designing systems to meet the demand for flexible work were also discussed, such as platforms geared towards female workers undertaking reskilling measures and counselling for females returning from maternity leave or sabbaticals. Additionally, the difficulty of defining freelancing under existing frameworks of employment, compounded by the lack of legal structures for such work, was outlined.</p>
<h3>Systemic challenges within the Indian labour law framework</h3>
<p><strong>Static design of legal processes</strong></p>
<p style="text-align: justify;">Labour law was, naturally, acknowledged as a key determinant in the conversation around both the uptake and impact of automative technologies encapsulated within Industry 4.0.</p>
<p style="text-align: justify;">The archaic nature of India’s labour law framework was highlighted as a major impediment to ensuring both worker rights as well as the ease of conducting commerce. It was pointed out that organised labour continues to be under the ambit of the Industrial Disputes Act, which was made effective in 1947, has undergone minimal amendments since. This was critiqued on the basis that the framework for the law is embedded in its historical context, and while the industrial landscape in the country has transformed drastically since the implementation of the Industrial Disputes Act, the legal framework has not evolved. Similarly, the Karnataka Shops and Establishments Act, 1961 which regulates the Sector today was enacted much before the Sector even opened up in India in the 1990s.</p>
<p style="text-align: justify;">Additionally, it was pointed out that the consolidation of the fragmented extant framework of labour laws in India was being consolidated into 4 labour codes without any wholesale modernisation push reforming the laws being consolidated. Consequently, it was argued that the government has to drive changes through policies alone as the legal framework remains static. Barriers to implementation of adequate policies were also discussed, such as the political impact of labour policies, lack of state initiative to deal with the impact of the future of work, apart from the historic inability of the law to keep up with the state of labour and economy.</p>
<p><strong>Labour law arbitrage </strong></p>
<p style="text-align: justify;">One of the reasons behind the increasing contractualizing of labour in India was attributed to over-regulation. There was consensus that the labour law regime was not conducive to industry in India leading to greater opportunistic behaviours from industry participants. It was acknowledged that the political clout that a lot of contractors (of labourers) enjoy along with providing primary employers greater flexibility to hire and fire employees at will has led to a widespread utilisation of contract labour entities.</p>
<p style="text-align: justify;">It was further stated that industry behaviour has adopted several other tools of arbitrage to not consider labour law as a key impediment in the ease of scaling business. Empirical evidence of labour law arbitrage was cited to drive home the point - according to national surveys, 80-85% of enterprises employ less than 99 workers as the law mandates stricter compliance requirements for enterprises employing 100 or more workers<a name="_ftnref9" href="#_ftn9"><sup><sup>[9]</sup></sup></a>. This was acknowledged a serious hurdle to scaling businesses.</p>
<p style="text-align: justify;">Problems behind other apparently well-intentioned legislation from a public policy lens having counterproductive consequences was also highlighted. In the space of labour laws, the example of the recently enacted Maternity Benefit (Amendment) Act, 2017 was cited. By enhancing maternity benefits, without accounting for other provisioning such as a paternity benefit inclusion, it was anticipated that companies may entirely shy away from hiring women.</p>
<p><strong>Policy Paralysis</strong></p>
<p style="text-align: justify;">The discussion progressed towards a high-level discussion around the efficacy of law vis-a-vis state policy as a means to create a system of checks and balances in the context of Industry 4.0. It was highlighted that law, by design, would be outpaced by technological change. The common law system of law operating in India is premised on a time-tested emphasis on post-facto regulation. In other words, it is reactionary. While policy making in India suffers from a similar plague of playing catch-up, it is in large part due to a bureaucratic structure premised on generalism - a pressing need for domain expertise in policy making was emphasised upon. Having said that, it was stated that it is the institutional design of policy making institutions that needs rectification. What was acknowledged was the success, albeit scant, that individual states have had in policy making catering to specific yet diverse domains. A greater push towards clear and progressive evidence-based policy pushes was stressed upon with the anticipation that it would lead to self-regulation by the industry itself - be it in terms of the future of employment or of the economic direction that the industry will embark on.</p>
<h3>Concluding Remarks</h3>
<p style="text-align: justify;">The discussions during the course of the Workshop situated the discourse around Industry 4.0 within the contours of the Indian labour realities and the IT sector within that.</p>
<p style="text-align: justify;">As a useful starting point, various broader perspectives around the impact of technological change on the quantum of jobs were brought forth. While the industry perspective was that of technology as an enabler of job creation in the long-run, it was sufficiently tempered by concerns around those impacted adversely in the short to medium-term time frames. These concerns coalesced towards understanding the potential impact of Industry 4.0 on the nature of work, as well as mitigation tools to ease the impact of technological disruption on labour.</p>
<p style="text-align: justify;">Important facets of technological adoption within the Sector were highlighted, such as potential for scalability as well as the distinct eccentricities of the various sub-sectors the IT sector subsumed. The differential impact within the various sub-sectors was pegged to the differential composition of automatable tasks (routine, rule-based) within each sub-sector. However, questions regarding the exact contours of task composition were left unanswered signalling a potential area for further research. On the other hand, the primary challenge to technological adoption faced from the labour-supply side was skilling, or the lack thereof. This was contextualised in the larger scheme of structural issues plaguing the skilling machinery operating in the country, which lead to inadequate dispensation of technical and vocational education and training (TVET). In terms of additional structural issues that would potentially have an impact on how Industry 4.0 plays out in the Indian context, attention was directed towards overdue reform of the labour law framework which has already struggled with incorporating newer forms of working engagements such as platform and gig work, that are being evidenced as a part of Industry 4.0.</p>
<p style="text-align: justify;">An underlying theme that found mention across sessions was the need to devote attention to prevent further marginalisation as a consequence of technological disruption of the already marginalised. Evidence from government datasets as well as from literature around concepts such as skill biased technological change, the leaky pipe problem, and the U-shaped curve of female labour force participation were cited to explicate these issues. The merits of different policy measures to address these concerns, such as social security, living wages, and maternity benefits were also discussed.</p>
<p style="text-align: justify;">While the Workshop touched upon several facets of the discourse around Industry 4.0 in the Sector, it also sprung up areas that require further inquiry. Questions around where in the value chain use-cases for Industry 4.0 technologies were emerging needed a more comprehensive understanding. Moreover, the impact of Sector Skill Councils (SSCs), a central aspect of the skilling ecosystem in India, wasn’t touched upon. An additional path of inquiry that emerged pertained to evolving constructive reforms to legal and economic policy frameworks as top-down interventions within the Sector that could be anticipated to play a significant role in the uptake and impact of Industry 4.0 technologies.</p>
<hr />
<p style="text-align: justify;"><a name="_ftn1" href="#_ftnref1"><sup><sup>[1]</sup></sup></a> McKinsey Global Institute, <em>A future that works: Automation, employment, and productivity</em>, https://www.mckinsey.com/~/media/mckinsey/featured%20insights/Digital%20Disruption/Harnessing%20automation%20for%20a%20future%20that%20works/MGI-A-future-that-works-Executive-summary.ashx, (accessed 10 August 2018).</p>
<p><a name="_ftn2" href="#_ftnref2"><sup><sup>[2]</sup></sup></a> See discussion under ‘Catalysing manufacturing-led job growth‘.</p>
<p><a name="_ftn3" href="#_ftnref3"><sup><sup>[3]</sup></sup></a> R. Verma, Structural Transformation and Jobless Growth in the Indian Economy, <em>The Oxford Handbook of the Indian Economy</em>, 2012.</p>
<p style="text-align: justify;"><a name="_ftn4" href="#_ftnref4"><sup><sup>[4]</sup></sup></a> S. Mehrotra, ‘The Indian Labour Market: A Fallacy, Two Looming Crises and a Tragedy’, <em>CSE Working Paper</em>, April 2018.</p>
<p><a name="_ftn5" href="#_ftnref5"><sup><sup>[5]</sup></sup></a> ibid.</p>
<p style="text-align: justify;"><a name="_ftn6" href="#_ftnref6"><sup><sup>[6]</sup></sup></a> Mohita Nagpal, ‘Women in tech: There are 3 times more male engineers to females’, <em>belong.co</em>, http://blog.belong.co/gender-diversity-indian-tech-companies, (accessed 10 August 2018).</p>
<p style="text-align: justify;"><a name="_ftn7" href="#_ftnref7"><sup><sup>[7]</sup></sup></a> Aspiring Minds, <em>National Programming Skills Report - Engineers 2017</em>, <a href="https://www.aspiringminds.com/sites/default/files/National%20Programming%20Skills%20Report%20-%20Engineers%202017%20-%20Report%20Brief.pdf">https://www.aspiringminds.com/sites/default/files/National%20Programming%20Skills%20Report%20-%20Engineers%202017%20-%20Report%20Brief.pdf</a>, (accessed 11 August 2018).</p>
<p style="text-align: justify;"><a name="_ftn8" href="#_ftnref8"><sup><sup>[8]</sup></sup></a> World Economic Forum, <em>The Future of Jobs Employment, Skills and Workforce Strategy for the Fourth Industrial Revolution: Global Challenge Insight Report</em>, January 2016.</p>
<p><a name="_ftn9" href="#_ftnref9"><sup><sup>[9]</sup></sup></a> Ministry of Statistics and Programme Implementation, <em>All India Report of Sixth Economic Census</em>, Government of India, 2014.</p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/future-of-work-report-of-the-workshop-on-the-it-it-es-sector-and-the-future-of-work-in-india'>https://cis-india.org/internet-governance/blog/future-of-work-report-of-the-workshop-on-the-it-it-es-sector-and-the-future-of-work-in-india</a>
</p>
No publisherambikaInternet GovernanceInformation TechnologyICT2020-03-05T19:03:07ZBlog EntryThe National Health Stack: An Expensive, Temporary Placebo
https://cis-india.org/internet-governance/blog/bloomberg-quint-august-6-2018-murali-neelakantan-swaraj-barooah-swagam-dasgupta-torsha-sarkar-national-health-stack-an-expensive-temporary-placebo
<b>The year 2002 saw the introduction of a very ambitious National Program for Information Technology in the United Kingdom with the goal to transform the National Health Service — a pre-existing state-sponsored universal healthcare program. This would include a centralised, digital healthcare record for patients and secure access for 30,000 professionals across 300 hospitals.</b>
<blockquote class="pullquote">The article was published by <a class="external-link" href="https://www.bloombergquint.com/opinion/2018/08/06/the-national-health-stack-an-expensive-temporary-placebo#gs.HBtyGYA">Bloomberg Quint</a> on August 6, 2018.</blockquote>
<hr />
<p style="text-align: justify; ">However, the next ten years would see the scheme meet with constant criticism about its poor management and immense expenditure; and after a gruelling battle for survival, including spending £20 billion and having top experts on board, the NPfIT finally met its end in 2011.</p>
<p style="text-align: justify; ">Fast forward eight years — the Indian government’s public policy think tank, NITI Aayog, is proposing an eerily similar idea for the much less developed, and much more populated Indian healthcare sector. On July 6, the NITI Aayog released a <a href="http://niti.gov.in/writereaddata/files/document_publication/NHS-Strategy-and-Approach-Document-for-consultation.pdf" target="_blank">consultation paper</a> to discuss “a digital infrastructure built with a deep understanding of the incentive structures prevalent in the Indian healthcare ecosystem”, called the National Health Stack. The paper identifies four challenges that previous government-run healthcare programs ran into and that the current system hopes to solve. These include:</p>
<ul>
<li>low enrollment of entitled beneficiaries of health insurance,</li>
<li>low participation by service providers of health insurance,</li>
<li>poor fraud detection,</li>
<li>lack of reliable and timely data and analytics.</li>
</ul>
<p style="text-align: justify; ">The current article takes a preliminary look at the goals of the NHS and where it falls behind. Subsequent articles will break down the proposed scheme with regard to safety, privacy and data security concerns, the feasibility of data analytics and fraud detection, and finally, the role of private players within the entire structure.</p>
<p>The primary aim of any digital health infrastructure should be to compliment an existing, efficient healthcare delivery system.</p>
<blockquote>As seen in the U.K., even a very well-functioning healthcare system doesn’t necessarily mean the digitisation efforts will bear fruit.</blockquote>
<p style="text-align: justify; ">The NHS is meant to be designed for and beyond the Ayushman Bharat Yojana — the government’s two-pronged healthcare regime that was introduced on Feb. 1. Unfortunately, though, India’s healthcare regime has long been in the need of severe repair, and even if the Ayushman Bharat Yojana works optimally, there are no indications to show that this will miraculously change by their stated target of 2022. Indeed, experts predict it would take at least a ten-year period to successfully implement universal health coverage. A 2013 report by EY-FICCI stated that we must consider a ten-year time frame as well as allocating 3.5-4.7 percent of the GDP to health expenditure to achieve universal health coverage.</p>
<p>However, as per the current statistics, the centre’s allocation for health in the 2017-18 budget is Rs 47,353 crore, which is 1.15 percent of India’s GDP.</p>
<p><img src="https://cis-india.org/home-images/Patient.jpg" alt="Patient" class="image-inline" title="Patient" /></p>
<p>Patients wait for treatment in the corridor of the Acharya Tulsi Regional Cancer Treatment & Research Institute in Bikaner, Rajasthan, India. (Photographer: Prashanth Vishwanathan/Bloomberg)</p>
<p style="text-align: justify; ">Along with the state costs, India’s current expenditure in the health sector comes to a meagre 1.4 percent of the total GDP, far short of what the target should be. Yet, the government aims to attain universal health coverage by 2022.</p>
<p>In the first of its two-pronged strategy, the Ayushman Bharat Yojana aims to establish 1.5 lakh ‘Health and Wellness Centres’ across the country by 2022, which would provide primary healthcare services free of cost.</p>
<blockquote>However, the total fund allocated for ’setting up’ these centres is only Rs 1,200 crore, which comes down to a meagre Rs 80,000 per centre.</blockquote>
<p style="text-align: justify; ">It is unclear whether the government plans to establish new sub-centres, or improve the existing ones. Either way, a pittance of Rs 80,000 is grossly insufficient. As per reports, among the 1,56,231 current health centres, only 17,204 (11 percent) have met Indian Public Health Standards as of March 31, 2017. Shockingly, basic amenities like water and electricity are scarce, if not, absent in a substantial number of these centres.</p>
<p>At least 6,000 centres do not have a female health worker, and at least 1,00,000 centres do not have a male health worker.</p>
<p><img src="https://cis-india.org/home-images/Woman.jpg" alt="Woma" class="image-inline" title="Woma" /></p>
<p>A woman holds a child in the post-delivery ward of the district hospital in Jind, Haryana, India. (Photographer: Prashanth Vishwanathan/Bloomberg)</p>
<p>Even taking the generous assumption that the existing 17,204 centres are in top condition, the future of the rest of these health and wellness centres continues to be bleak.</p>
<p style="text-align: justify; ">In truth, both limbs of the Ayushman Bharat strategy remain oblivious to the reality of the situation. The goals do not take into account the existing problems within access to healthcare, nor the relevant economic and social indicators that depict a contrasting reality.</p>
<blockquote>Therefore, the fundamental question remains: if there is no established, well-functioning healthcare delivery system to support, what will the NHS help?</blockquote>
<p><img src="https://cis-india.org/home-images/BitterPill.jpg" alt="Bitter Pill" class="image-inline" title="Bitter Pill" /></p>
<h3>NHS: What Purpose Does It Serve?</h3>
<p style="text-align: justify; ">The ambitious scope of the National Health Stack consultation paper aside, the central problem plaguing the Indian healthcare system, i.e, delivery, and access to healthcare, remains unaddressed. The first two problems that the NHS aims to solve focus solely on increasing health insurance coverage. However, very problematically, the document does not explicitly mention how a digital infrastructure would lead to rising enrollment of both beneficiaries and service providers of insurance.</p>
<p>This goal of increasing enrollment without a functioning healthcare system could result in two highly problematic scenarios.</p>
<blockquote>Either health and wellness centres will effectively act as enrollment agencies rather than providers of healthcare, or the government would fall back on its ‘Aadhar approach’ and employ external enrollment agents.</blockquote>
<p style="text-align: justify; ">The former approach runs a very real risk of the health and wellness centres losing focus on their primary purpose even while statistics show them as functioning centres – thus negatively impacting even the working centres. The latter approach is at a higher risk of running into problems akin to the case of Aadhaar enrollment, such as potential data leakages, identity thefts and a market for fake IDs. Even if we somehow overlook this and assume that the NHS would help increase insurance coverage without additional problems, the larger question still stands: should health insurance even be the primary goal of the government, over and above providing access to healthcare? And what effect will this have on the actual delivery of healthcare services to the common citizen?</p>
<p><img src="https://cis-india.org/home-images/LonePatient.jpg" alt="Lone Patient" class="image-inline" title="Lone Patient" /></p>
<p>A lone patient sleeps in the post operation recovery ward of the district hospital in Jind, Haryana, India. (Photographer: Prashanth Vishwanathan/Bloomberg)</p>
<h3>Should Insurance Be A Primary Objective Of The Indian Government?</h3>
<p style="text-align: justify; ">Simply put, the answer is no, because greater insurance coverage need not necessitate better access to healthcare. In recent years, health insurance in India has been rising rapidly due to government-sponsored schemes. In the fiscal year 2016-17, the health insurance market was prized to be worth Rs 30,392 crore. Even with such large investments in insurance premiums, the insurance market accounts for lesser than 5 percent of the total health expenditure.</p>
<blockquote>Furthermore, previous experiences with government-sponsored health insurance schemes have proven that there is little merit to such an expensive task.</blockquote>
<p style="text-align: justify; ">For instance, the government’s earlier health insurance scheme, Rashtriya Swasthya Bima Yojana, was predicted to be unable to completely provide ‘accessible, affordable, accountable and good quality health care’ if it focussed only on “increasing financial means and freedom of choice in a top-down manner”.</p>
<p style="text-align: justify; ">These traditional insurance-based models are characterised by problems of information asymmetry such as ‘moral hazard’ — patients and healthcare providers have no incentive to control their costs and tend to overuse, resulting in an unsustainable insurance system and cost inflation. Any attempt to regulate providers is met with harsh, cost-cutting steps which end up harming patients.</p>
<p style="text-align: justify; ">On another note, some diseases which are responsible for the most number of deaths in the country — including ischaemic heart diseases, lower respiratory tract infections, chronic obstructive pulmonary disease, tuberculosis and diarrhoeal diseases — are usually chronic conditions that need outpatient consultation, resulting in out-of-pocket expenses.</p>
<p><img src="https://cis-india.org/home-images/CancerHospital.jpg" alt="Cancer Hospital" class="image-inline" title="Cancer Hospital" /></p>
<p>Patients wait at the Head and Neck Cancer Out Patient department of Tata Memorial Hospital in Mumbai, India. (Photographer: Prashanth Vishwanathan/Bloomberg News)</p>
<p style="text-align: justify; ">Even though the government has added non-communicable diseases under the ambit of the health and wellness centres, there are still reports stating that for some of the most impoverished, their reality is that 80 percent of the time, they have to cover their expenses from their pocket. This issue in all probability will continue to exist since the status and likelihood for these centres to be successful itself is questionable.</p>
<blockquote>It is clear, that in the current scheme of things, this traditional insurance model of healthcare cannot benefit those it is meant for.</blockquote>
<p style="text-align: justify; ">If this is the case, why has the NHS built its main objectives around insurance coverage rather than access to healthcare? It is imperative that we question the legitimacy of these goals, especially if they indicate the government's intentions to push health insurance via the NHS above its responsibility of delivering healthcare. The government's thrust for a digital infrastructure shows tremendous foresight, but at what cost? Even the clear goal of healthcare data portability has very little benefit when one understands that this becomes an important goal only when one has given up on ensuring widespread accessible healthcare. Once the focus shifts from using technology needlessly to developing an efficient and universally accessible healthcare delivery system, the need for data portability dramatically reduces. The temptation of digitisation and insurance coverage cannot and should not blind us from the main goal — access to healthcare. The one lesson that we must learn from the case of the U.K. is that even with a well-functioning healthcare delivery system, a digital infrastructure must be introduced very thoughtfully and carefully. In our eagerness to leapfrog with technology, we must not mistake a placebo for a panacea.</p>
<hr />
<p><i>Murali Neelakantan is an expert in healthcare laws. Swaraj Barooah is Policy Director at The Centre for Internet and Society. Swagam Dasgupta and Torsha Sarkar are interns at The Centre for Internet and Society.</i></p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/bloomberg-quint-august-6-2018-murali-neelakantan-swaraj-barooah-swagam-dasgupta-torsha-sarkar-national-health-stack-an-expensive-temporary-placebo'>https://cis-india.org/internet-governance/blog/bloomberg-quint-august-6-2018-murali-neelakantan-swaraj-barooah-swagam-dasgupta-torsha-sarkar-national-health-stack-an-expensive-temporary-placebo</a>
</p>
No publisherMurali Neelakantan, Swaraj Barooah, Swagam Dasgupta, and Torsha SarkarInternet GovernanceInformation Technology2018-08-13T15:13:10ZBlog EntryComments on Information Technology (Security of Prepaid Payment Instruments) Rules, 2017
https://cis-india.org/internet-governance/blog/comments-on-information-technology-security-of-prepaid-payment-instruments-rules-2017
<b>The Centre for Internet and Society submitted comments on the Information Technology (Security of Prepaid Payment Instruments) Rules, 2017. The comments were prepared by Udbhav Tiwari, Pranesh Prakash, Abhay Rana, Amber Sinha and Sunil Abraham. </b>
<h3 style="text-align: justify; ">1. Preliminary</h3>
<p style="text-align: justify; ">1.1. This submission presents comments by the Centre for Internet and Society<a href="#_ftn1" name="_ftnref1"><sup>[1]</sup></a> in response to the Information Technology (Security of Prepaid Payment Instruments) Rules 2017 (“the Rules”).<a href="#_ftn2" name="_ftnref2"><sup>[2]</sup></a> The Ministry of Electronics and Information Technology (MEIT) issued a consultation paper (pdf) which calls for developing a framework for security of digital wallets operating in the country on March 08, 2017. This proposed rules have been drafted under provisions of Information Technology Act, 2000, and comments have been invited from the general public and stakeholders before the enactment of these rules.</p>
<h3 style="text-align: justify; ">2. The Centre for Internet and Society</h3>
<p style="text-align: justify; ">2.1. The Centre for Internet and Society, (“CIS”), is a non-profit organisation that undertakes interdisciplinary research on internet and digital technologies from policy and academic perspectives. The areas of focus include digital accessibility for persons with diverse abilities, access to knowledge, intellectual property rights, openness (including open data, free and open source software, open standards, and open access), internet governance, telecommunication reform, digital privacy, and cyber-security.</p>
<p style="text-align: justify; ">2.2. This submission is consistent with CIS’ commitment to safeguarding general public interest, and the interests and rights of various stakeholders involved, especially the privacy and data security of citizens. CIS is thankful to the MEIT for this opportunity to provide feedback to the draft rules.</p>
<h3 style="text-align: justify; ">3. Comments</h3>
<h4 style="text-align: justify; ">3.1 General Comments</h4>
<p style="text-align: justify; ">Penalty</p>
<p style="text-align: justify; ">There is no penalty for not complying with these rules. Even the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 doesn’t have penalties. Under section 43A of the Information Technology Act (under which the 2011 Rules have been promulgated), a wrongful gain or a wrongful loss needs to be demonstrated. This should not be a requirement for financial sector.</p>
<p style="text-align: justify; ">Expansion to Contractual Parties.</p>
<p style="text-align: justify; ">A majority of these rules, in order to be effective and realistically protect consumer interest, should also be expanded to third parties, agents, contractual relationships and any other relevant relationship an e-PPI issuer may delegate as a part of their functioning.</p>
<h4 style="text-align: justify; ">3.2 Rule 2: Definitions</h4>
<p style="text-align: justify; ">Certain key words relevant to the field of e-PPI based digital payments such as authorisation, metadata, etc. are not defined in the rules and should both be defined and accounted for in the rules to ensure modern developments such as big data and machine learning, digital surveillance, etc. do not violate human rights and consumer interest.</p>
<h4 style="text-align: justify; ">3.2 Rule 7: Definition of personal information</h4>
<p style="text-align: justify; ">Rule 7 provides an exhaustive list of data that will be deemed to be personal information for the purposes of the Rules. While <b>information collected</b> at the time of issuance of the pre-paid payment instrument and during its use is included within the scope of Rule 7, it makes no reference to metadata generated and collected by the e-PPI issuer.</p>
<h4 style="text-align: justify; ">3.3 Rule 4: Inadequate privacy protections</h4>
<p style="text-align: justify; ">Rule 4(2) specifies the details that the privacy policies of each e-PPI issuer must contain. However, these specifications are highly inadequate and fall well below the recommendations under the National Privacy Principles in Report of the Group of Experts on Privacy chaired by Justice A P Shah.</p>
<p style="text-align: justify; ">Suggestions: The Rules should include include clearly specified rights to access, correction and opt in/opt out, continuing obligations to seek consent in case of change in policy or purpose and deletion of data after purpose is achieved. Additionally, it must be required that a log of each version of past privacy policies be maintained along with the relevant period of applicability.</p>
<h4 style="text-align: justify; ">3.4 Rule 10: Reasonable security practices</h4>
<p style="text-align: justify; ">Problem: Financial information (“such as bank account or credit card or debit card or other payment instrument details”) is already invoked in an inclusive manner in the definition of ‘personal information’ in Rule 7. Given this there is no need to make the Reasonable Security Practices Rules applicable to financial data through this provisions: it already is, and it is best to avoid unnecessary redundancy.</p>
<p style="text-align: justify; ">Solution: This entire rule should be removed.</p>
<h4 style="text-align: justify; ">3.5 Rule 12: Traceability</h4>
<p style="text-align: justify; ">Problem: There is a requirement created under this rule that payment-related interactions with customers or other service providers be “appropriately trace[able]”. But it is unclear what that would practically mean: would IP logging suffice? would IMEI need to be captured for mobile transactions? what is “appropriately” traceable? — none of those questions are answered.</p>
<p style="text-align: justify; ">Suggestion: The NPCI’s practices and RBI regulations, for instance, seek to limit the amount of information that entities like e-PPI providers have. These rules need to be brought in line with those practices and regulations.</p>
<h4 style="text-align: justify; ">3.6 Rule 5: Risk Assessment</h4>
<p style="text-align: justify; ">Rule 5 requires e-PPI issuers to carry out risk assessments associated with the security of the payments systems at least once a year and after any major security incident. However, there are no transparency requirements such as publications of details of such review, a summary of the analysis, any security vulnerabilities discovered etc.</p>
<p style="text-align: justify; ">Suggestion:</p>
<ul style="text-align: justify; ">
<li>Broaden the scope of this provision to include not just risk assessments but also security audits.</li>
<li>Mandate publication of risk assessment and security audit reports.</li>
</ul>
<p style="text-align: justify; "> </p>
<h4 style="text-align: justify; ">3.7 Rule 11: End-to-End Encryption</h4>
<p style="text-align: justify; ">The rule concerning end-to-end encryption (E2E) needs significantly greater detailing to be effective in ensuring the the protection of information at both storage and transit.</p>
<p style="text-align: justify; ">Suggestions: Elements such as Secure Element or a Secured Server and Trusted User Interface, both concepts to enable secure payments, can be detailed in the rule and a timeline can be established to require hardware, e-PPI practices and security standards to realistically account for such best practices to ensure modern, secure and industry accepted implementation of the rule.</p>
<h4 style="text-align: justify; ">3.8 Rule 13: Retention of Information</h4>
<p style="text-align: justify; ">Problem: Rule 13 leaves the question of retention entirely unanswered by deferring the future rulemaking to the Central Government.</p>
<p style="text-align: justify; ">Suggestions: Rule 13 should be expanded to include the various categories of information that can be stored, guidelines for the short-term (fast access) and long-term storage of the information retained under the rule and other relevant details. The rule should also include the security standards that should be followed in the storage of such information, require access logs be maintained for whenever this information is accessed by individuals, detail secure destruction practices at the end of the retention period and finally mandate that end users be notified by the e-PPI issuer of when such retained information is accessed in all situations bar exceptional circumstances such as national security, compromising an ongoing criminal investigations, etc.</p>
<h4 style="text-align: justify; ">3.9 Rule 14: Reporting of Cyber Incidents</h4>
<p style="text-align: justify; ">Rule 14 is an excellent opportunity to uphold transparency, accountability and consumer rights by mandating time- and information-bound notification of cyber incidents to customers, including intrusions, database breaches and any other compromise of the integrity of the financial system. While the requirement of reporting such incidents to CERT-In is already present in the Rule 12 of the CERT Rules, the rule retains the optional nature of notifying customers. The rule should include an exhaustive list of categories or kinds of cyber incidents that should be reported to affected end users without compromising the investigation of such breaches by private organisations and public authorities. Further, the rule should also include penalties for non-compliance of this requirement (both to CERT-In and the consumer) to serve as an incentive for e-PPI issuers to uphold consumer public interest. The rule should be expanded to include a detailed mechanism for such reporting, including when e-PPI issuers and the CERT-In can withhold information from consumers as well as requiring the withheld information be disclosed when the investigation has been completed. Finally, the rule should also require that such disclosures be public in nature and consumers not be required to not disseminate such information to enable informed choice by the end user community.</p>
<p style="text-align: justify; ">Suggestion:</p>
<p style="text-align: justify; ">(1) In Rule 14(3) “may” should be substituted by “shall”.</p>
<p style="text-align: justify; ">(2) Penalties of up to 5 lakh rupees may be imposed for each day that the e-PPI issuer fails to report any severe vulnerability that could likely result in harm to customers.</p>
<h4 style="text-align: justify; ">3.10 Rule 15: Customer Awareness and Education</h4>
<p style="text-align: justify; ">Problem: Rule 15 on Customer Awareness and Education by e-PPI issuers does not take into account the vast lingual diversity and varied socio-economic demographic that makes up the end users of e-PPI providers in India, by mandating the actions under the rule must account for these factors prior to be propagated.</p>
<p style="text-align: justify; ">Solutions: The rule must ensure that e-PPI issuers track record in carrying out awareness is regularly held accountable by both the government and public disclosures on their websites. Further, the rule can be made more concrete and effective by including mobile operating systems in their scope (along with equipments), mandating awareness for best practices for inclusive technologies like USSD banking, specifying notifications to include SMS reports of financial transactions, etc.</p>
<h4 style="text-align: justify; ">3.11 Rule 16: Grievance Redressal</h4>
<p style="text-align: justify; ">Problem: Rule 16 lays down the requirement of grievance redressal, without specifying appellate mechanisms (both within the organisation and at the regulatory level), accountability (via penalties) for non-compliance of the rule nor requiring a clear hierarchy of responsibility within the e-PPI organisation. These factors seriously compromise the efficacy of a grievance redressal framework.</p>
<p style="text-align: justify; "> </p>
<p style="text-align: justify; ">Solutions: Similar rules for grievance redressal that have been enacted by the Insurance Regulatory and Development Authority for the insurance sector and the Telecom Regulatory Authority of India for the telecom sector can and should serve as a reference point for this rule. Their effectiveness and real world operation should also be monitored by the relevant authorities while ensuring sufficient flexibility exists in the rule to uphold consumer rights and the public interest. Proper appellate mechanisms at the regulatory level are essential along with penalties for non-compliance.</p>
<h4 style="text-align: justify; ">3.12 Rule 17: Security Standards</h4>
<p style="text-align: justify; ">Problem: Rule 17 empowers the Central Government to mandate security standards to be followed by e-PPI issuers operating in India. While appreciable in its overall outlook on ensuring a minimum standard of security, the Rule needs be improved upon to make it more effective. This can be in done by specifying certain minimum security standards to ensure all e-PPI issuers have a minimal level of security, instead of leaving them open to being intimated at a later date.</p>
<p style="text-align: justify; ">Solutions: Standards that can either be made mandatory or be used as a reference point to create a new standard under Rule 17(2) are ISO/IEC 14443, IS 14202, ISO/IEC 7816, PCI DSS, etc. Further, the Rule should include penalties for non-compliance of these standards, to make them effectively enforceable by both the government and end users alike. Additional details like the maximum time period in which such security standards should be implemented post their notification, requiring regular third party audits to ensure continuing compliance and effectiveness and requiring updated standards be used upon their release will go a long way in ensuring e-PPI issuers fulfil their mandate under these Rules.</p>
<hr style="text-align: justify; " />
<p style="text-align: justify; "><a href="#_ftnref1" name="_ftn1"><sup>[1]</sup></a> <a href="http://cis-india.org/">http://cis-india.org/</a></p>
<p style="text-align: justify; "><a href="#_ftnref2" name="_ftn2"><sup>[2]</sup></a> <a href="http://meity.gov.in/sites/upload_files/dit/files/draft-rules-security%20of%20PPI-for%20public%20comments.pdf">http://meity.gov.in/sites/upload_files/dit/files/draft-rules-security%20of%20PPI-for%20public%20comments.pdf</a></p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/comments-on-information-technology-security-of-prepaid-payment-instruments-rules-2017'>https://cis-india.org/internet-governance/blog/comments-on-information-technology-security-of-prepaid-payment-instruments-rules-2017</a>
</p>
No publisheramberInternet GovernanceInformation Technology2017-03-23T01:54:28ZBlog EntryISO/IEC JTC 1 SC 27 Working Group Meetings - A Summary
https://cis-india.org/internet-governance/blog/iso-iec-jtc-1-sc-27-working-group-meetings-a-summary
<b>The Centre for Internet & Society attended the ISO/IEC JTC 1 SC 27 Working Group Meetings from 22 to 27 October 2016 in Abu Dhabi at Abu Dhabi National Exhibition Centre.</b>
<p style="text-align: justify; ">Being a member of Working Group 5: Information technology - Security techniques – Identity management and privacy technologies, we attended the following meetings:</p>
<ol style="text-align: justify; ">
<li>WD 29184 Guidelines for online privacy notices and consent- As technological advancement and wider availability of communication infrastructures has enabled collection and analysis of information regarding an individuals' activities, along with people becoming aware about privacy implications of the same, this standard aims to provides a framework for organizations to provide clear and easily under information to consumers about how the organization will process their PII.</li>
<li>SP PII Protection Considerations for Smartphone App providers - Being a 1-year long project proposed during the ISO/IEC SC 27 JTC 1 Working Group Meetings in Jaipur in the year 2015. This group aims to build off a privacy framework for mobile applications to guide app developers on the lines of ISO/IEC 29100 international standard (which defines a broad privacy framework for information technologies) in light of excessive data collection by apps in absence of consent or justification, lack of comprehensive policies, Non transparent practices, Lack of adequate choice and consent, to ensure protection of rights of the individuals, etc. and will work towards ensuring a harmonized and standardized privacy structure for mobile application data policies and practices. </li>
<li>WD 20889 Privacy enhancing data de-identification techniques- Given the importance of Data de-identification techniques when it comes to PII to enable the exploitation of the benefits of data processing while maintaining compliance with regulatory requirements and the relevant ISO/IEC 29100 privacy principles, the selection, design, use and assessment of these techniques needs to be performed appropriately in order to effectively address the risks of re-identification in a given context.</li>
<li>SP Privacy in Smart Cities- Being a 1-year long project proposed during the ISO/IEC SC 27 JTC 1 Working Group Meetings in Jaipur this group saw contributions from Japan, India, PRIPARE in EU, to name a few. The scope for the group was proposed to produce a framework in light of data ownership, communication channels, privacy risk and impact assessment in smart cities, data lifecycle privacy governance for smart cities, and Develop use cases and contexts for Privacy Controls w.r.t the data lifecycle in Smart Cities, along with detailed documentation of Privacy Controls for Smart Cities aligned to the primary controls and associated sub controls. </li>
</ol>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/iso-iec-jtc-1-sc-27-working-group-meetings-a-summary'>https://cis-india.org/internet-governance/blog/iso-iec-jtc-1-sc-27-working-group-meetings-a-summary</a>
</p>
No publishervanyaInternet GovernanceInformation Technology2016-12-16T23:53:19ZBlog EntryConference on the Digitalization of the Indian Legal System
https://cis-india.org/internet-governance/blog/conference-on-the-digitalization-of-the-indian-legal-system
<b>On Legal Services Day, November 9, 2016, LegalDesk.com collaborated with iSPIRT to host a conference on the “Digitalization of the Indian Legal System”. The event invited prominent speakers to present their organizations’ work and to participate in a panel discussion followed by a Q&A period for the audience.</b>
<p style="text-align: justify; ">The co-founder of DAKSH Society of India, Kishore Mandyam, opened the event with a thought-provoking presentation on the efficiency levels of the current legal system and the kinds of progress that can be brought about by technological reforms. Members of LegalDesk.com then presented their ideas and then introduced their newest white paper on Legal Digitalization, providing a brief overview of the study and summarizing the most relevant sections. The panel discussion then proceeded, moderated by Sanjay Khan Nagra, a policy expert at iSPIRT Foundation. He facilitated an insightful and conducive discussion around the advantages, disadvantages, risks and incentives of digitalizing the Indian legal system. On the discussion panel was Kishore Mandyam from DAKSH Society and Prabhuling K Navadgi, the Additional Solicitor General of India.</p>
<p style="text-align: justify; ">The objectives to the conference, as per its website, were to: (1) examine the current legal framework and the possibility of amendments in laws to facilitate digitalization of the system, (2) asses the potential of India Stack in digitalizing the legal system, (3) to identify statutes which require amendment, (4) identify the hurdles and roadblocks in the path towards digital reform of the legal ecosystem, and (5) suggest amendments to the act and potential areas of improvement. With those objectives in mind, this blog post intends to provide a brief overview of the main narratives shared in the conference and to identify some of the loopholes and unanswered questions that I was left with by the end.</p>
<p style="text-align: justify; ">Improved efficiency is the dominant narrative used to advocate for the digitalization of the Indian legal system. According to LegalDesk.com, the current Indian legal system relies mostly on paperwork, resulting in thousands of courts and over a million advocates accumulating lackhs of ongoing cases and an enormous pile of pending cases, mostly due to insufficient information. It is stated that the traditional methods of legal documentation, paperwork and court work must change through awareness, technology and pursuance by the government, as it needs to be implemented throughout the country. The key idea here is that digital transactions are faster and simplify the process of storing information. The ultimate desired outcome here, then, is increased efficiency and transparency.</p>
<p style="text-align: justify; ">One must question, however, if this narrative may be overly generous with the credit it gives to technology. IT systems, like many other manmade structures, are always bound to glitch and crash. It would be useful, then, to question whether the legal system is a department that can afford the complications that inevitably accompany a digital transformation. If portals or servers fail at critical times (i.e. when a person needs to confirm their trial date, submit a document before a deadline, or any other pressing procedures), the consequences may in fact outweigh the convenience brought about by overall digitalization. This is not to imply that the legal system cannot or should not undergo a digital transformation. Rather, it is to pose the question of whether the government will dedicate sufficient funds and expertise towards developing a resilient and reliable IT system for the courts. The conference was strongly centered on the concept that <i>technology is always the way forward</i>. This is a positive idea but one must pay special attention to the complications that may arise with the digitalization of a system that must function in a particularly time-sensitive manner – and to ensure that these complications can be managed efficiently and effectively should they arise. This then, requires more than a mere push for digitalization. Introducing new technological platforms is a positive step towards digitalization. However, there is a need for a detailed, government-authorized plan on how the judicial system will efficiently and smoothly undergo this digital transformation in a sustainable and resilient manner.</p>
<p style="text-align: justify; ">A presenter from LegalDesk.com mentioned Estonia’s model of complete digital governance as an example of successful digitalization: “If a small country like Estonia can do it, why can’t we?” While it is useful to draw examples and lessons from other countries, it is also crucial to recognize the contextual differences between countries. The presenter’s point was that Estonia is small in both size and population and has just recently gained independence in 1991—and has nonetheless been able to undergo technological reform and completely digitalize governance systems. India’s case is extremely different as one can logically argue that digital inclusion is more difficult to accomplish for large, spatially dispersed populations. Furthermore, the socioeconomic disparities in India, particularly in income and literacy, contribute to an immense digital divide that Estonia did not, to any comparable extent, face in order to digitalize governance over 1.3 million individuals. This is not to suggest that India cannot become a world leader in digital governance, or become comparable to Estonia. Rather, this is to highlight the importance of recognizing historical, political and sociocultural differences between countries when comparing governance models and digitalization processes. There is a need to indigenize digital reform strategies and platforms in India to cater to its unique context and vast diversity. This can be done by focusing on issues such as the language of digital governance, ensuring sufficient distribution of access to public digital platforms, and prioritizing the inclusion of all socioeconomic classes. I would argue that digitalization could come at a greater cost than benefit if it perpetuates the exclusion of the underprivileged members of society, especially from a system as critical as the judiciary. These topics were alarmingly overlooked in the conference.</p>
<p style="text-align: justify; ">The topic of privacy was also quite overlooked in the conference. As a step towards digital transformation, LegalDesk.com presented the new eNotary technology, which would be implemented by utilizing a combination of Adhaar based authentication, eSign, digilocker systems such as India Stack and video/audio recorded interviews. With the eNotary system, attestation, authentication and verification of legal instruments can be done remotely. This is expected to make paperwork easier, faster and more secure, as individuals would log into digital platforms using their Adhaar numbers to perform their judiciary procedures. A member of the audience asked about privacy concerns associated with digitalizing the legal records or property ownership information of individuals. Kishore Mandyam, from DAKSH, answered confidently with a statement that privacy is not a pressing issue here. He asserted that privacy concerns are a western construct that we have adopted in urban parts of India but that is not a concern for the majority of locals. It is clear, however, from examples such as the United States’ predictive policing practices, that accumulating data regarding the legal affiliations of individuals can result in discriminatory practices if this data does not remain strictly confidential to protect the privacy rights of citizens. This is not to mention the other forms of discrimination that can arise from the accumulation of such data, such as the targeting of certain demographics by corporate marketing and credit scoring practices that rely on trends in big data. To keep citizens’ legal records and affairs out of these databases, a digital legal system must be securely encrypted and protected by rigid privacy policies. India may have a varying context that leads to different privacy concerns with regards to a digital legal system. In any case, special attention must be given to privacy and security rights of individuals as their Adhaar numbers become attached to all their online personal data, including their legal records and judicial affairs.</p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/conference-on-the-digitalization-of-the-indian-legal-system'>https://cis-india.org/internet-governance/blog/conference-on-the-digitalization-of-the-indian-legal-system</a>
</p>
No publisherLeilah ElmokademInternet GovernanceInformation TechnologyPrivacy2016-11-16T15:34:36ZBlog EntryBig Data in India: Benefits, Harms, and Human Rights - Workshop Report
https://cis-india.org/internet-governance/big-data-in-india-benefits-harms-and-human-rights-a-report
<b>The Centre for Internet and Society held a one-day workshop on “Big Data in India: Benefits, Harms and Human Rights” at India Habitat Centre, New Delhi on the 1st of October, 2016. This report is a compilation of the the issues discussed, ideas exchanged and challenges recognized during the workshop. The objective of the workshop was to discuss aspects of big data technologies in terms of harms, opportunities and human rights. The discussion was designed around an extensive study of current and potential future uses of big data for governance in India, that CIS has undertaken over the last year with support from the MacArthur Foundation.</b>
<p> </p>
<p><strong>Contents</strong></p>
<p><a href="#1"><strong>Big Data: Definitions and Global South Perspectives</strong></a></p>
<p><a href="#2"><strong>Aadhaar as Big Data</strong></a></p>
<p><a href="#3"><strong>Seeding</strong></a></p>
<p><a href="#4"><strong>Aadhaar and Data Security</strong></a></p>
<p><a href="#5"><strong>Aadhaar’s Relational Arrangement with Big Data Scheme</strong></a></p>
<p><a href="#6"><strong>The Myths surrounding Aadhaar</strong></a></p>
<p><a href="#7"><strong>IndiaStack and FinTech Apps</strong></a></p>
<p><a href="#8"><strong>Problems with UID</strong></a></p>
<hr />
<h2 id="1">Big Data: Definitions and Global South Perspectives</h2>
<div style="text-align: justify;" dir="ltr"> </div>
<p style="text-align: justify;" dir="ltr">“Big Data” has been defined by multiple scholars till date. The first consideration at the workshop was to discuss various definitions of big data, and also to understand what could be considered Big Data in terms of governance, especially in the absence of academic consensus. One of the most basic ways to define it, as given by the National Institute of Standards and Technology, USA, is to take it to be the data that is beyond the computational capacity of current systems. This definition has been accepted by the UIDAI of India. Another participant pointed out that Big Data is not only indicative of size, but rather the nature of data which is unstructured, and continuously flowing. The Gartner definition of Big Data relies on the three Vs i.e. Volume (size), Velocity (infinite number of ways in which data is being continuously collected) and Variety (the number of ways in which data can be collected in rows and columns).</p>
<p style="text-align: justify;" dir="ltr">The presentation also looked at ways in which Big Data is different from traditional data. It was pointed out that it can accommodate diverse unstructured datasets, and it is ‘relational’ i.e. it needs the presence of common field(s) across datasets which allows these fields to be conjoined. For e.g., the UID in India is being linked to many different datasets, and they don’t constitute Big Data separately, but do so together. An increasingly popular definition is to define data as “Big Data” based on what can be achieved through it. It has been described by authors as the ability to harness new kinds of insight which can inform decision making. It was pointed out that CIS does not subscribe to any particular definition, and is still in the process of coming up with a comprehensive definition of Big Data.</p>
<p style="text-align: justify;" dir="ltr">Further, discussion touched upon the approach to Big Data in the Global South. It was pointed out that most discussions about Big Data in the Global South are about the kind of value that it can have, the ways in which it can change our society. The Global North, on the other hand, has moved on to discussing the ethics and privacy issues associated with Big Data.</p>
<p style="text-align: justify;" dir="ltr">After this, the presentation focussed on case studies surrounding key Central Government initiatives and projects like Aadhaar, Predictive Policing, and Financial Technology (FinTech).</p>
<h2 id="2">Aadhaar as Big Data</h2>
<p style="text-align: justify;" dir="ltr">In presenting CIS’ case study on Aadhaar, it was pointed out that initially, Aadhaar, with its enrollment dataset was by itself being seen as Big Data. However, upon careful consideration in light of definitions discussed above, it can be seen as something that enables Big Data. The different e-governance projects within Digital India, along with Aadhaar, constitute Big Data. The case study discussed the Big Data implications of Aadhaar, and in particular looked at a ‘cradle to grave’ identity mapping through various e-government projects and the datafication of various transaction generated data.</p>
<h2 id="3">Seeding</h2>
<p style="text-align: justify;" dir="ltr">Any digital identity like Aadhaar typically has three features: 1. Identification i.e. a number or card used to identify yourself; 2. Authentication, which is based on your number or card and any other digital attributes that you might have; 3. Authorisation: As bearers of the digital identity, we can authorise the service providers to take some steps on our behalf. The case study discussed ‘seeding’ which enables the Big Data aspects of Digital India. In the process of seeding, different government databases can be seeded with the UID number using a platform called Ginger. Due to this, other databases can be connected to UIDAI, and through it, data from other databases can be queried by using your Aadhaar identity itself. This is an example of relationality, where fractured data is being brought together. At the moment, it is not clear whether this access by UIDAI means that an actual physical copy of such data from various sources will be transferred to UIDAI’s servers or if they will just access it through internet, but the data remains on the host government agency’s server. An example of even private parties becoming a part of this infrastructure was raised by a participant when it was pointed out that Reliance Jio is now asking for fingerprints. This can then be connected to the relational infrastructure being created by UIDAI. The discussion then focused on how such a structure will function, where it was mentioned that as of now, it cannot be said with certainty that UIDAI will be the agency managing this relational infrastructure in the long run, even though it is the one building it.</p>
<h2 id="4">Aadhaar and Data Security</h2>
<p style="text-align: justify;" dir="ltr">This case study also dealt with the sheer lack of data protection legislation in India except for S.43A of the IT Act. The section does not provide adequate protection as the constitutionality of the rules and regulations under S.43A is ambivalent. More importantly, it only refers to private bodies. Hence, any seeding which is being done by the government is outside the scope of data protection legislation. Thus, at the moment, no legal framework covers the processes and the structures being used for datasets. Due to the inapplicability of S.43A to public bodies, questions were raised as to the existence of a comprehensive data protection policy for government institutions. Participants answered the question in the negative. They pointed out that if any government department starts collecting data, they develop their own privacy policy. There are no set guidelines for such policies and they do not address concerns related to consent, data minimisation and purpose limitation at all. Questions were also raised about the access and control over Big Data with government institutions. A tentative answer from a participant was that such data will remain under the control of the domain specific government ministry or department, for e.g. MNREGA data with the Ministry of Rural Development, because the focus is not on data centralisation but rather on data linking. As long as such fractured data is linked and there is an agency that is responsible to link them, this data can be brought together. Such data is primarily for government agencies. But the government is opening up certain aspects of the data present with it for public consumption for research and entrepreneurial purposes.The UIDAI provides you access to your own data after paying a minimal fee. The procedure for such access is still developing.</p>
<h2 id="5">Aadhaar’s Relational Arrangement with Big Data Scheme</h2>
<p style="text-align: justify;" dir="ltr">The various Digital India schemes brought in by the government were elucidated during the workshop. It was pointed out that these schemes extend to myriad aspects of a citizen’s daily life and cover all the essential public services like health, education etc. This makes Aadhaar imperative even though the Supreme Court has observed that it is not mandatory for every citizen to have a unique identity number. The benefits of such identity mapping and the ecosystem being generated by it was also enumerated during the discourse. But the complete absence of any data ethics or data confidentiality principles make us unaware of the costs at which these benefits are being conferred on us. Apart from surveillance concerns, the knowledge gap being created between the citizens and the government was also flagged. Three main benefits touted to be provided by Aadhaar were then analysed. The first is the efficient delivery of services. This appears to be an overblown claim as the Aadhaar specific digitisation and automation does not affect the way in which employment will be provided to citizens through MNREGA or how wage payment delays will be overcome. These are administrative problems that Aadhaar and associated technologies cannot solve. The second is convenience to the citizens. The fallacies in this assertion were also brought out and identified. Before the Aadhaar scheme was rolled in, ration cards were issued based on certain exclusion and inclusion criteria.. The exclusion and inclusion criteria remain the same while another hurdle in the form of Aadhaar has been created. As India is still lacking in supporting infrastructure such as electricity, server connectivity among other things, Aadhaar is acting as a barrier rather than making it convenient for citizens to enroll in such schemes.The third benefit is fraud management. Here, a participant pointed out that this benefit was due to digitisation in the form of GPS chips in food delivery trucks and electronic payment and not the relational nature of Aadhaar. Aadhaar is only concerned with the linking up or relational part. About deduplication, it was pointed out how various government agencies have tackled it quite successfully by using technology different from biometrics which is unreliable at the best of times.</p>
<h2 id="6">The Myths surrounding Aadhaar</h2>
<p style="text-align: justify;" dir="ltr">The discussion also reflected on the fact that Aadhaar is often considered to be a panacea that subsumes all kinds of technologies to tackle leakages. However, this does not take into account the fact that leakages happen in many ways. A system should have been built to tackle those specific kinds of leakages, but the focus is solely on Aadhaar as the cure for all. Notably, participants who have been a part of the government pointed out how this myth is misleading and should instead be seen as the first step towards a more digitally enhanced country which is combining different technologies through one medium.</p>
<h2 id="7">IndiaStack and FinTech Apps</h2>
<h3 id="71">What is India Stack?</h3>
<p style="text-align: justify;" dir="ltr">The focus then shifted to another extremely important Big Data project, India Stack, being conceptualised and developed by a team of private developers called iStack, for the NPCI. It builds on the UID project, Jan Dhan Yojana and mobile services trinity to propagate and develop a cashless, presence-less, paperless and granular consent layer based on UID infrastructure to digitise India.</p>
<p style="text-align: justify;" dir="ltr">A participant pointed out that the idea of India Stack is to use UID as a platform and keep stacking things on it, such that more and more applications are developed. This in turn will help us to move from being a ‘data poor’ country to a ‘data rich’ one. The economic benefits of this data though as evidenced from the TAGUP report - a report about the creation of National Information Utilities to manage the data that is present with the government - is for the corporations and not the common man. The TAGUP report openly talks about privatisation of data.</p>
<h3 id="72">Problems with India Stack</h3>
<p style="text-align: justify;" dir="ltr">The granular consent layer of India Stack hasn’t been developed yet but they have proposed to base it on MIT Media Lab’s OpenPDS system. The idea being that, on the basis of the choices made by the concerned person, access to a person’s personal information may be granted to an agency like a bank. What is more revolutionary is that India Stack might even revoke this access if the concerned person expresses a wish to do so or the surrounding circumstances signal to India Stack that it will be prudent to do so. It should be pointed out that the the technology required for OpenPDS is extremely complex and is not available in India. Moreover, it’s not clear how this system would work. Apart from this, even the paperless layer has its faults and has been criticised by many since its inception, because an actual government signed and stamped paper has been the basis of a claim.. In the paperless system, you are provided a Digilocker in which all your papers are stored electronically, on the basis of your UID number. However, it was brought to light that this doesn’t take into account those who either do not want a Digilocker or UID number or cases where they do not have access to their digital records. How in such cases will people make claims?</p>
<h3 id="73">A Digital Post-Dated Cheque: It’s Ramifications</h3>
<p style="text-align: justify;" dir="ltr">A key change that FinTech apps and the surrounding ecosystem want to make is to create a digital post-dated cheque so as to allow individuals to get loans from their mobiles especially in remote areas. This will potentially cut out the need to construct new banks, thus reducing the capital expenditure , while at the same time allowing the credit services to grow. The direct transfer of money between UID numbers without the involvement of banks is a step to further help this ecosystem grow. Once an individual consents to such a system, however, automatic transfer of money from one’s bank accounts will be affected, regardless of the reason for payment. This is different from auto debt deductions done by banks presently, as in the present system banks have other forms of collateral as well. The automatic deduction now is only affected if these other forms are defaulted upon. There is no knowledge as to whether this consent will be reversible or irreversible. As Jan Dhan Yojana accounts are zero balance accounts, the account holder will be bled dry. The implication of schemes such as “Loan in under 8 minutes” were also discussed. The advantage of such schemes is that transaction costs are reduced.The financial institution can thus grant loans for the minimum amount without any additional enquiries. It was pointed out that this new system is based on living on future income much like the US housing bubble crash. Interestingly, in Public Distribution Systems, biometrics are insisted upon even though it disrupts the system. This can be seen as a part of the larger infrastructure to ensure that digital post-dated cheques become a success.</p>
<h3 id="74">The Role of FinTech Apps</h3>
<p style="text-align: justify;" dir="ltr">FinTech ‘apps’ are being presented with the aim of propagating financial inclusion. The Technology Advisory Group for Unique Projects report stated that as managing such information sources is a big task, just like electricity utilities, a National Information Utilities (NIU) should be set up for data sources. These NIUs as per the report will follow a fee based model where they will be charging for their services for government schemes. The report identified two key NIUs namely the National Payments Corporation of India (NPCI) and the Goods and Services Tax Network (GSTN). The key usage that FinTech applications will serve is credit scoring. The traditional credit scoring data sources only comprised a thin file of records for an individual, but the data that FinTech apps collect - a person’s UID number, mobile number. and bank account number all linked up, allow for a far more comprehensive credit rating. Government departments are willing to share this data with FinTech apps as they are getting analysis in return. Thus, by using UID and the varied data sources that have been linked together by UID, a ‘thick file’ is now being created by FinTech apps. Banking apps have not yet gone down the route of FinTech apps to utilise Big Data for credit scoring purposes.</p>
<p style="text-align: justify;" dir="ltr"> </p>
<p style="text-align: justify;" dir="ltr">The two main problems with such apps is that there is no uniform way of credit scoring. This distorts the rate at which a person has to pay interest. The consent layer adds another layer of complication as refusal to share mobile data with a FinTech app may lead to the app declaring one to be a risky investment thus, subjecting that individual to a higher rate of interest .</p>
<div style="text-align: justify;" dir="ltr"> </div>
<h3 id="75">Regulation of FinTech Apps and the UID Infrastructure</h3>
<p style="text-align: justify;" dir="ltr"> India Stack and the applications that are being built on it, generate a lot of transaction metadata that is very intimate in nature. The privacy aspects of the UID legislation doesn't cover such data. The granular consent layer which has been touted to cover this still has to come into existence. Also, Big Data is based on sharing and linking of data. Here, privacy concerns and Big Data objectives clash. Big Data by its very nature challenges privacy principles like data minimisation and purpose limitation.The need for regulation to cover the various new apps and infrastructure which are being developed was pointed out.</p>
<h2 id="8">Problems with UID</h2>
<p style="text-align: justify;" dir="ltr">It has been observed that any problem present with Aadhaar is usually labelled as a teething problem, it’s claimed that it will be solved in the next 10 years. But, this begs the question - why is the system online right now?</p>
<div style="text-align: justify;" dir="ltr"> </div>
<p style="text-align: justify;" dir="ltr">Aadhaar is essentially a new data condition and a new exclusion or inclusion criteria. Data exclusion modalities as observed in Rajasthan after the introduction of biometric Point of Service (POS) machines at ration shops was found to be 45% of the population availing PDS services. This number also includes those who were excluded from the database by being included in the wrong dataset. There is no information present to tell us how many actual duplicates and how many genuine ration card holders were weeded out/excluded by POS.</p>
<div style="text-align: justify;" dir="ltr"> </div>
<p style="text-align: justify;" dir="ltr">It was also mentioned that any attempt to question Aadhaar is considered to be an attempt to go back to the manual system and this binary thinking needs to change. Big Data has the potential to benefit people, as has been evidenced by the scholarship and pension portals. However, Big Data’s problems arise in systems like PDS, where there is centralised exclusion at the level of the cloud. Moreover, the quantity problem present in the PDS and MNREGA systems persists. There is still the possibility of getting lesser grains and salary even with analysis of biometrics, hence proving that there are better technologies to tackle these problems. Presently, the accountability mechanisms are being weakened as the poor don’t know where to go to for redressal. Moreover, the mechanisms to check whether the people excluded are duplicates or not is not there. At the time of UID enrollment, out of 90 crores, 9 crore were rejected. There was no feedback or follow-up mechanism to figure out why are people being rejected. It was just assumed that they might have been duplicates.</p>
<div style="text-align: justify;" dir="ltr"> </div>
<p style="text-align: justify;" dir="ltr">Another problem is the rolling out of software without checking for inefficiencies or problems at a beta testing phase. The control of developers over this software, is so massive that it can be changed so easily without any accountability.. The decision making components of the software are all proprietary like in the the de-duplication algorithm being used by the UIDAI. Thus, this leads to a loss of accountability because the system itself is in flux, none of it is present in public domain and there are no means to analyse it in a transparent fashion..</p>
<div style="text-align: justify;" dir="ltr"> </div>
<p style="text-align: justify;" dir="ltr">These schemes are also being pushed through due to database politics. On a field study of NPR of citizens, another Big Data scheme, it was found that you are assumed to be an alien if you did not have the documents to prove that you are a citizen. Hence, unless you fulfill certain conditions of a database, you are excluded and are not eligible for the benefits that being on the database afford you.</p>
<div style="text-align: justify;" dir="ltr"> </div>
<p style="text-align: justify;" dir="ltr">Why is the private sector pushing for UIDAI and the surrounding ecosystem?</p>
<p style="text-align: justify;" dir="ltr">Financial institutions stand to gain from encouraging the UID as it encourages the credit culture and reduces transaction costs.. Another advantage for the private sector is perhaps the more obvious one, that is allows for efficient marketing of products and services..</p>
<div style="text-align: justify;" dir="ltr"> </div>
<p style="text-align: justify;" dir="ltr">The above mentioned fears and challenges were actually observed on the ground and the same was shown through the medium of a case study in West Bengal on the smart meters being installed there by the state electricity utility. While the data coming in from these smart meters is being used to ensure that a more efficient system is developed,it is also being used as a surrogate for income mapping on the basis of electricity bills being paid. This helps companies profile neighbourhoods. The technical officer who first receives that data has complete control over it and he can easily misuse the data. This case study again shows that instruments like Aadhaar and India Stack are limited in their application and aren’t the panacea that they are portrayed to be.</p>
<div style="text-align: justify;" dir="ltr"> </div>
<p style="text-align: justify;" dir="ltr">A participant pointed out that in the light of the above discussions, the aim appears to be to get all kinds of data, through any source, and once you have gotten the UID, you link all of this data to the UID number, and then use it in all the corporate schemes that are being started. Most of the problems associated with Big Data are being described as teething problems. The India Stack and FinTech scheme is coming in when we already know about the problems being faced by UID. The same problems will be faced by India Stack as well.</p>
<div style="text-align: justify;" dir="ltr"> </div>
<p style="text-align: justify;" dir="ltr">Can you opt out of the Aadhaar system and the surrounding ecosystem?</p>
<div style="text-align: justify;" dir="ltr"> </div>
<p style="text-align: justify;" dir="ltr">The discussion then turned towards whether there can be voluntary opting out from Aadhaar. It was pointed out that the government has stated that you cannot opt out of Aadhaar. Further, the privacy principles in the UIDAI bill are ambiguously worded where individuals only have recourse for basic things like correction of your personal information. The enforcement mechanism present in the UIDAI Act is also severely deficient. There is no notification procedure if a data breach occurs. . The appellate body ‘Cyber Appellate Tribunal’ has not been set up in three years.</p>
<div style="text-align: justify;" dir="ltr"> </div>
<p style="text-align: justify;" dir="ltr">CCTNS: Big Data and its Predictive Uses</p>
<div style="text-align: justify;" dir="ltr"> </div>
<p style="text-align: justify;" dir="ltr">What is Predictive Policing?</p>
<p style="text-align: justify;" dir="ltr">The next big Big Data case study was on the Crime and Criminal Tracking Network & Systems (CCTNS). Originally it was supposed to be a digitisation and interconnection scheme where police records would be digitised and police stations across the length and breadth of the country would be interconnected. But, in the last few years some police departments of states like Chandigarh, Delhi and Jharkhand have mooted the idea of moving on to predictive policing techniques. It envisages the use of existing statistical and actuarial techniques along with many other tropes of data to do so. It works in four ways: 1. By predicting the place and time where crimes might occur; 2. To predict potential future offenders; 3. To create profiles of past crimes in order to predict future crimes; 4. Predicting groups of individuals who are likely to be victims of future crimes.</p>
<div style="text-align: justify;" dir="ltr"> </div>
<p style="text-align: justify;" dir="ltr">How is Predictive Policing done?</p>
<p style="text-align: justify;" dir="ltr">To achieve this, the following process is followed: 1. Data collection from various sources which includes structured data like FIRs and unstructured data like call detail records, neighbourhood data, crime seasonal patterns etc. 2. Analysis by using theories like the near repeat theory, regression models on the basis of risk factors etc. 3. Intervention</p>
<div style="text-align: justify;" dir="ltr"> </div>
<div style="text-align: justify;" dir="ltr"> </div>
<p style="text-align: justify;" dir="ltr">Flaws in Predictive Policing and questions of bias</p>
<p style="text-align: justify;" dir="ltr">An obvious weak point in the system is that if the initial data going into the system is wrong or biased, the analysis will also be wrong. Efforts are being made to detect such biases. An important way to do so will be by building data collection practices into the system that protect its accuracy. The historical data being entered into the system is carrying on the prejudices inherited from the British Raj and biases based on religion, caste, socio-economic background etc.</p>
<div style="text-align: justify;" dir="ltr"> </div>
<p style="text-align: justify;" dir="ltr">One participant brought about the issue of data digitization in police stations, and the impact of this haphazard, unreliable data on a Big Data system. This coupled with paucity of data is bound to lead to arbitrary results. An effective example was that of black neighbourhoods in the USA. These are considered problematic and thus they are policed more, leading to a higher crime rate as they are arrested for doing things that white people in an affluent neighbourhood get away with. This in turn further perpetuates the crime rate and it becomes a self-fulfilling prophecy. In India, such a phenomenon might easily develop in the case of migrants, de-notified tribes, Muslims etc. A counter-view on bias and discrimination was offered here. One participant pointed out that problems with haphazard or poor quality of data is not a colossal issue as private companies are willing to fill this void and are actually doing so in exchange for access to this raw data. It was also pointed out how bias by itself is being used as an all encompassing term. There are multiplicities of biases and while analysing the data, care should be taken to keep it in mind that one person’s bias and analysis might and usually does differ from another. Even after a computer has analysed the data, the data still falls into human hands for implementation.</p>
<p style="text-align: justify;" dir="ltr">The issue of such databases being used to target particular communities on the basis of religion, race, caste, ethnicity among other parameters was raised. Questions about control and analysis of data were also discussed, i.e. whether it will be top-down with data analysis being done in state capitals or will this analysis be done at village and thana levels as well too. It was discussed as topointed out how this could play a major role in the success and possible persecutory treatment of citizens, as the policemen at both these levels will have different perceptions of what the data is saying. . It was further pointed out, that at the moment, there’s no clarity on the mode of implementation of Big Data policing systems. Police in the USA have been seen to rely on Big Data so much that they have been seen to become ‘data myopic’. For those who are on the bad side of Big Data, in the Indian context, laws like preventive detention can be heavily misused.There’s a very high chance that predictive policing due to the inherent biases in the system and the prejudices and inefficiency of the legal system will further suppress the already targeted sections of the society. A counterpoint was raised and it was suggested that contrary to our fears, CCTNS might lead to changes in our understanding and help us to overcome longstanding biases.</p>
<p style="text-align: justify;" dir="ltr">Open Knowledge Architecture as a solution to Big Data biases?</p>
<p style="text-align: justify;" dir="ltr">The conference then mulled over the use of ‘Open Knowledge’ architecture to see whether it can provide the solution to rid Big Data of its biases and inaccuracies if enough eyes are there. It was pointed out that Open Knowledge itself can’t provide foolproof protection against these biases as the people who make up the eyes themselves are predominantly male belonging to the affluent sections of the society and they themselves suffer from these biases.</p>
<p style="text-align: justify;" dir="ltr">Who exactly is Big Data supposed to serve?</p>
<p style="text-align: justify;" dir="ltr">The discussion also looked at questions such as who is this data for? Janata Information System (JIS), is a concept developed by MKSS where the data collected and generated by the government is taken to be for the common citizens. For e.g. MNREGA data should be used to serve the purposes of the labourers. The raw data as is available at the moment, usually cannot be used by the common man as it is so vast and full of information that is not useful for them at all. It was pointed out that while using Big Data for policy planning purposes, the actual string of information that turned out to be needed was very little but the task of unravelling this data for civil society purposes is humongous. By presenting the data in the right manner, the individual can be empowered. The importance of data presentation was also flagged. It was agreed upon that the content of the data should be for the labourer and not a MNC, as the MNC has the capability to utilise the raw data on it’s own regardless.</p>
<p style="text-align: justify;" dir="ltr">Concerns about Big Data usage</p>
<ol><li style="list-style-type: decimal;" dir="ltr">
<p style="text-align: justify;" dir="ltr">Participants pointed out that privacy concerns are usually brushed under the table due to a belief that the law is sufficient or that the privacy battle has already been lost. </p>
</li><li style="list-style-type: decimal;" dir="ltr">
<p style="text-align: justify;" dir="ltr">In the absence of knowledge of domain and context, Big Data analysis is quite limited. Big Data’s accuracy and potential to solve problems needs to be factually backed.</p>
</li><li style="list-style-type: decimal;" dir="ltr">
<p style="text-align: justify;" dir="ltr">The narrative of Big Data often rests on the assumption that descriptive statistics take over inferential statistics, thus eliminating the need for domain specific knowledge. It is claimed that the data is so big that it will describe everything that we need to know.</p>
</li><li style="list-style-type: decimal;" dir="ltr">
<p style="text-align: justify;" dir="ltr">Big Data is creating a shift from a deductive model of scientific rigour to an inductive one. In response to this, a participant offered the idea that troves of good data allow us to make informed questions on the basis of which the deductive model will be formed. A hybrid approach combining both deductive and inductive might serve us best.</p>
</li><li style="list-style-type: decimal;" dir="ltr">
<p style="text-align: justify;" dir="ltr">The need to collect the right data in the correct format, in the right place was also expressed.</p>
</li></ol>
<div style="text-align: justify;" dir="ltr"> </div>
<p style="text-align: justify;" dir="ltr">Potential Research Questions & Participants’ Areas of Research</p>
<p style="text-align: justify;" dir="ltr">Following this discussion, participants brainstormed to come up with potential areas of research and research questions. They have been captured below:</p>
<div style="text-align: justify;" dir="ltr"> </div>
<p style="text-align: justify;" dir="ltr">Big Data, Aadhaar and India Stack:</p>
<div style="text-align: justify;" dir="ltr"> </div>
<ol><li style="list-style-type: decimal;" dir="ltr">
<p style="text-align: justify;" dir="ltr">Has Aadhaar been able to tackle illegal ways of claiming services or are local negotiations and other methods still prevalent?</p>
</li><li style="list-style-type: decimal;" dir="ltr">
<p style="text-align: justify;" dir="ltr">Is the consent layer of India Stack being developed in a way that provides an opportunity to the UID user to give informed consent? The OpenPDS and its counterpart in the EU i.e. the My Data Structure were designed for countries with strong privacy laws. Importantly, they were meant for information shared on social media and not for an individual’s health or credit history. India is using it in a completely different sphere without strong data protection laws. What were the granular consent layer structures present in the West designed for and what were they supposed to protect?</p>
</li><li style="list-style-type: decimal;" dir="ltr">
<p style="text-align: justify;" dir="ltr">The question of ownership of data needs to be studied especially in context of a globalised world where MNCs are collecting copious amounts of data of Indian citizens. What is the interaction of private parties in this regard?</p>
</li></ol>
<div style="text-align: justify;" dir="ltr"> </div>
<p style="text-align: justify;" dir="ltr">Big Data and Predictive Policing:</p>
<div style="text-align: justify;" dir="ltr"> </div>
<ol><li style="list-style-type: decimal;" dir="ltr">
<p style="text-align: justify;" dir="ltr">How are inequalities being created through the Big Data systems? Lessons should be taken from the Western experience with the advent of predictive policing and other big data techniques - they tend to lead to perpetuation of the current biases which are already ingrained in the system.</p>
</li><li style="list-style-type: decimal;" dir="ltr">
<p style="text-align: justify;" dir="ltr">It was also pointed out how while studying these topics and anything related to technology generally, we become aware of a divide that is present between the computational sciences and social sciences. This divide needs to be erased if Big Data or any kind of data is to be used efficiently. There should be a cross-pollination between different groups of academics. An example of this can be seen to be the ‘computational social sciences departments’ that have been coming up in the last 3-4 years.</p>
</li><li style="list-style-type: decimal;" dir="ltr">
<p style="text-align: justify;" dir="ltr">Why are so many interim promises made by Big Data failing? A study of this phenomenon needs to be done from a social science perspective. This will allow one to look at it from a different angle.</p>
</li></ol>
<div style="text-align: justify;" dir="ltr"> </div>
<p style="text-align: justify;" dir="ltr">Studying Big Data:</p>
<div style="text-align: justify;" dir="ltr"> </div>
<ol><li style="list-style-type: decimal;" dir="ltr">
<p style="text-align: justify;" dir="ltr">What is the historical context of the terms of reference being used for Big Data? The current Big Data debate in India is based on parameters set by the West. For better understanding of Big Data, it was suggested that P.C. Mahalanobis’ experience while conducting the Indian census, (which was the Big Data of that time) can be looked at to get a historical perspective on Big Data. This comparison might allow us to discover questions that are important in the Indian context. It was also suggested that rather than using ‘Big Data’ as a catchphrase to describe these new technological innovations, we need to be more discerning.</p>
</li><li style="list-style-type: decimal;" dir="ltr">
<p style="text-align: justify;" dir="ltr">What are the ideological aspects that must be considered while studying Big Data? What does the dialectical promise of technology mean? It was contended that every time there is a shift in technology, the zeitgeist of that period is extremely excited and there are claims that it will solve everything. There’s a need to study this dialectical promise and the social promise surrounding it.</p>
</li><li style="list-style-type: decimal;" dir="ltr">
<p style="text-align: justify;" dir="ltr">Apart from the legitimate fears that Big Data might lead to exclusion, what are the possibilities in which it improve inclusion too?</p>
</li><li style="list-style-type: decimal;" dir="ltr">
<p style="text-align: justify;" dir="ltr">The diminishing barrier between the public and private self, which is a tangent to the larger public-private debate was mentioned.</p>
</li><li style="list-style-type: decimal;" dir="ltr">
<p style="text-align: justify;" dir="ltr">How does one distinguish between technology failure and process failure while studying Big Data? </p>
</li></ol>
<div style="text-align: justify;" dir="ltr"> </div>
<div style="text-align: justify;" dir="ltr"> </div>
<div style="text-align: justify;" dir="ltr"> </div>
<p style="text-align: justify;" dir="ltr">Big Data: A Friend?</p>
<p style="text-align: justify;" dir="ltr">In the concluding session, the fact that the Big Data moment cannot be wished away was acknowledged. The use of analytics and predictive modelling by the private sector is now commonplace and India has made a move towards a database state through UID and Digital India. The need for a nuanced debate, that does away with the false equivalence of being either a Big Data enthusiast or a luddite is crucial.</p>
<div style="text-align: justify;" dir="ltr"> </div>
<p style="text-align: justify;" dir="ltr">A participant offered two approaches to solving a Big Data problem. The first was the Big Data due process framework which states that if a decision has been taken that impacts the rights of a citizen, it needs to be cross examined. The efficacy and practicality of such an approach is still not clear. The second, slightly paternalistic in nature, was the approach where Big Data problems would be solved at the data science level itself. This is much like the affirmative algorithmic approach which says that if in a particular dataset, the data for the minority community is not available then it should be artificially introduced in the dataset. It was also suggested that carefully calibrated free market competition can be used to regulate Big Data. For e.g. a private personal wallet company that charges higher, but does not share your data at all can be an example of such competition. </p>
<div style="text-align: justify;" dir="ltr"> </div>
<p style="text-align: justify;" dir="ltr">Another important observation was the need to understand Big Data in a Global South context and account for unique challenges that arise. While the convenience of Big Data is promising, its actual manifestation depends on externalities like connectivity, accurate and adequate data etc that must be studied in the Global South.</p>
<div style="text-align: justify;" dir="ltr"> </div>
<p style="text-align: justify;" dir="ltr">While the promises of Big Data are encouraging, it is also important to examine its impacts and its interaction with people's rights. Regulatory solutions to mitigate the harms of big data while also reaping its benefits need to evolve.</p>
<div style="text-align: justify;" dir="ltr"> </div>
<div style="text-align: justify;" dir="ltr"> </div>
<p><span id="docs-internal-guid-90fa226f-6157-27d9-30cd-050bdc280875"></span></p>
<div style="text-align: justify;" dir="ltr"> </div>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/big-data-in-india-benefits-harms-and-human-rights-a-report'>https://cis-india.org/internet-governance/big-data-in-india-benefits-harms-and-human-rights-a-report</a>
</p>
No publisherVidushi Marda, Akash Deep Singh and Geethanjali JujjavarapuHuman RightsUIDBig DataPrivacyArtificial IntelligenceInternet GovernanceMachine LearningFeaturedDigital IndiaAadhaarInformation TechnologyE-Governance2016-11-18T12:58:19ZBlog EntryPrivacy after Big Data: Compilation of Early Research
https://cis-india.org/internet-governance/blog/privacy-after-big-data-compilation-of-early-research
<b>Evolving data science, technologies, techniques, and practices, including big data, are enabling shifts in how the public and private sectors carry out their functions and responsibilities, deliver services, and facilitate innovative production and service models to emerge. In this compilation we have put together a series of articles that we have developed as we explore the impacts – positive and negative – of big data. This is a growing body of research that we are exploring and
is relevant to multiple areas of our work including privacy and surveillance. Feedback and comments on the compilation are welcome and appreciated.</b>
<p> </p>
<h4><a href="https://github.com/cis-india/website/raw/master/docs/CIS_PrivacyAfterBigData_CompilationOfEarlyResearch_2016.11.pdf">Download the Compilation</a> (PDF)</h4>
<hr />
<h3><strong>Privacy after Big Data</strong></h3>
<p>Evolving data science, technologies, techniques, and practices, including big data, are enabling shifts in how the public and private sectors carry out their functions and responsibilities, deliver services, and facilitate innovative production and service models to emerge. For example, in the public sector, the Indian government has considered replacing the traditional poverty line with targeted subsidies based on individual household income and assets. The my.gov.in platform is aimed to enable participation of the connected citizens, to pull in online public opinion in a structured manner on key governance topics in the country. The 100 Smart Cities Mission looks forwards to leverage big data analytics and techniques to deliver services and govern citizens within city sub-systems. In the private sector, emerging financial technology companies are developing credit scoring models using big, small, social, and fragmented data so that people with no formal credit history can be offered loans. These models promote efficiency and reduction in cost through personalization and are powered by a wide variety of data sources including mobile data, social media data, web usage data, and passively collected data from usages of IoT or connected devices.</p>
<p>These data technologies and solutions are enabling business models that are based on the ideals of ‘less’: cash-less, presence-less, and paper-less. This push towards an economy premised upon a foundational digital ID in a prevailing condition of absent legal frameworks leads to substantive loss of anonymity and privacy of individual citizens and consumers vis-a-vis both the state and the private sector. Indeed, the present use of these techniques run contrary to the notion of the ‘sunlight effect’ - making the individual fully transparent (often without their knowledge) to the state and private sector, while the algorithms and means of reaching a decision are opaque and inaccessible to the individual.</p>
<p>These techniques, characterized by the volume of data processed, the variety of sources data is processed from, and the ability to both contextualize - learning new insights from disconnected data points - and de-contextualize - finding correlation rather than causation - have also increased the value of all forms of data. In some ways, big data has made data exist on an equal playing field as far as monetisation and joining up are concerned. Meta data can be just as valuable to an entity as content data. As data science techniques evolve to find new ways of collecting, processing, and analyzing data - the benefits of the same are clear and tangible, while the harms are less clear, but significantly present.</p>
<p>Is it possible for an algorithm to discriminate? Will incorrect decisions be made based on data collected? Will populations be excluded from necessary services if they do not engage with certain models or do emerging models overlook certain populations? Can such tools be used to surveil individuals at a level of granularity that was formerly not possible and before a crime occurs? Can such tools be used to violate rights – for example target certain types of speech or groups online? And importantly, when these practices are opaque to the individual, how can one seek appropriate and effective remedy.</p>
<p>Traditionally, data protection standards have defined and established protections for certain categories of data. Yet, data science techniques have evolved beyond data protection principles. It is now infinitely harder to obtain informed consent from an individual when data that is collected can be used for multiple purposes by multiple bodies. Providing notice for every use is also more difficult – as is fulfilling requirements of data minimization. Some say privacy is dead in the era of big data. Others say privacy needs to be re-conceptualized, while others say protecting privacy now, more than ever, requires a ‘regulatory sandbox’ that brings together technical design, markets, legislative reforms, self regulation, and innovative regulatory frameworks. It also demands an expanding of the narrative around privacy – one that has largely been focused on harms such as misuse of data or unauthorized collection – to include discrimination, marginalization, and competition harms.</p>
<p>In this compilation we have put together a series of articles that we have developed as we explore the impacts – positive and negative – of big data. This includes looking at India’s data protection regime in the context of big data, reviewing literature on the benefits of harms of big data, studying emerging predictive policing techniques that rely on big data, and analyzing closely the impact of big data on specific privacy principles such as consent. This is a growing body of research that we are exploring and is relevant to multiple areas of our work including privacy and surveillance. Feedback and comments on the compilation are welcome and appreciated.</p>
<p><em>Elonnai Hickok</em><br />Director - Internet Governance</p>
<p> </p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/privacy-after-big-data-compilation-of-early-research'>https://cis-india.org/internet-governance/blog/privacy-after-big-data-compilation-of-early-research</a>
</p>
No publisherSaumyaa NaiduHuman RightsIT ActBig DataPrivacyInternet GovernanceSmart CitiesData ProtectionInformation TechnologyPublications2016-11-12T01:37:03ZBlog EntryAccessing pirated content might lead to prison term & Rs 3-lakh fine
https://cis-india.org/internet-governance/news/business-standard-august-22-2016-accessing-pirated-content-might-lead-to-prison-term-and-rs-3-lakh-fine
<b>India puts onus of downloading and viewing pirated content on individuals.
</b>
<p align="justify">The article by Alnoor Peermohammed was published in the <a href="http://www.business-standard.com/article/technology/accessing-pirated-content-might-lead-to-prison-term-rs-3-lakh-fine-116082201042_1.html">Business Standard</a> on August 22, 2016. Sunil Abraham was quoted.</p>
<hr align="justify" size="2" width="100%" />
<div align="justify">The central government is putting the onus of downloading and viewing of copyrighted content from sites it has blocked (with the help of internet service providers) on users.</div>
<div align="justify"></div>
<div align="justify">Visiting torrent (a particular type of files) websites while on Tata Communications’ network recently had users being shown a message that viewing or downloading content on those sites could land them in prison for up to three years and a fine of up to Rs 3 lakh.</div>
<div align="justify"></div>
<div align="justify">“There is not enough room in our prisons to keep these infringers and enough time in our courts to try them. It might sound very exciting as a message to put out but, essentially, they’re trying to scare people into good behaviour,” said Sunil Abraham, executive director at research firm Centre for Internet and Society.
<div id="div-gpt-ad-1466593210966-0"></div>
</div>
<div align="justify"></div>
<div align="justify">There has been no change to the Copyright Act of 1957 or the Information Technology Act of 2000 for the updated notice being shown to users upon visiting blocked sites. Under these provisions, visiting a site, which is blocked is not illegal, unless it is child pornography.<br /> <br />
<div>“Copyright infringement happens all the time and even in developed countries, the rates are very high. Crackdowns on individuals and consumers are never going to solve the problem,” added Abraham.</div>
<div>Experts say the most the government could do is prosecute a couple of people and make examples of them, to dissuade others. This practice is followed globally. There are no examples, though, in India of prosecution for copyright infringement of online content.<br /> <br />
<div>The recent alteration of the statement seen by users on Tata networks was done on the directives of the Bombay High Court, after the company appealed that showing individual messages for why each website was blocked was not feasible. The resulting message sparked media frenzy that visitors of blocked websites could now be imprisoned.</div>
<div>Other media reports revealed that the recent blocking of websites by internet service providers was prompted by court orders to prevent piracy of <i>Dishoom</i>, the Bollywood movie. <br /> <br /> <span class="p-content">Globally, there’s been a move to clamp on torrent websites which host pirated content, aided by large information technology entities such as Apple or Facebook. Last month, the US authorities arrested Kickass Torrents’ founder, Arten Vaulin, and blocked all the domains of the website, only to have it resurface a day later.</span></div>
</div>
</div>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/news/business-standard-august-22-2016-accessing-pirated-content-might-lead-to-prison-term-and-rs-3-lakh-fine'>https://cis-india.org/internet-governance/news/business-standard-august-22-2016-accessing-pirated-content-might-lead-to-prison-term-and-rs-3-lakh-fine</a>
</p>
No publisherpraskrishnaIT ActInternet GovernanceInformation TechnologyCopyright2016-08-23T02:47:52ZNews ItemPolicy Shaping in the Indian IT Industry: Recommendations by NASSCOM, 2006-2012
https://cis-india.org/raw/policy-shaping-in-the-indian-it-industry-recommendations-by-nasscom-2006-2012
<b>This is the first of a series of three blog posts, authored by Pavishka Mittal, tracking the engagements by NASSCOM and iSPIRT in suggesting and shaping the IT industry policies in India during 2006-2016. This posts focuses on the policy activities of NASSCOM in 2006-2012 with specific reference to Special Economic Zones, E-Commerce Industry and Transfer Pricing, along with a few other miscellaneous important recommendations.</b>
<p> </p>
<p><strong>1.</strong> <a href="#1">Introduction</a></p>
<p><strong>2.</strong> <a href="#2">Tax Reforms in Special Economic Zones (SEZs)</a></p>
<p><strong>3.</strong> <a href="#3">E-Commerce Industry</a></p>
<p><strong>4.</strong> <a href="#4">Transfer Pricing Issues</a></p>
<p><strong>5.</strong> <a href="#5">Other Recommendations</a></p>
<p><strong>5.1.</strong> <a href="#5-1">Concerns with the Union Budget Proposals</a></p>
<p><strong>5.2.</strong> <a href="#5-2">Request for Clarity in Classification of Transactions and Guidelines</a></p>
<p><strong>5.3.</strong> <a href="#5-3">New Retrograde Obligations under Law</a></p>
<p><strong>6.</strong> <a href="#6">Endnotes</a></p>
<p><strong>7.</strong> <a href="#7">Author Profile</a></p>
<hr />
<h2 id="1">1. Introduction</h2>
<p>The National Association of Software and Services Companies (NASSCOM) was established in 1988 as a non-profit, global trade association registered under the Indian Societies Act 1860 representing the interests of the IT Industry, now with over 1500 members. Its objective is to facilitate trade in the software development and services, software products, IT enabled/BPO services and e-commerce. It also undertakes research projects for facilitating innovation in advanced software and maintains data on industry trends, even a national database of registered and verified knowledge workers in the industry. Nevertheless, its role of policy advocacy cannot be over emphasized. It regularly interacts with the Government of India to bring about a favourable business environment for the IT Industry.</p>
<p>This blog post, the first part in a series, discusses NASSCOM’s major issues with policies of the Government of India in the period 2006-2012. The concerns of the IT industry, as highlighted by NASSCOM in the period aforementioned are with reference to the Special Economic Zones, E-Commerce Industry and Transfer Pricing broadly along with other miscellaneous important recommendations. The subsequent blog posts will focus on specific tax issues post 2012 and will elaborately discuss transfer pricing related concerns.</p>
<h2 id="2">2. Tax Reforms in Special Economic Zones (SEZs)</h2>
<p>The ITes and BPO industry constitutes a sizable portion of the number of SEZs in the country <strong>[1]</strong> so much so that it has been argued that the IT industry alone reaps the benefits of the SEZs and STPIs to the exclusion of the other sectors <strong>[2]</strong>.</p>
<p>The most salient incentive in the SEZ Act enacted by the Government of India in 2005 had been income tax exemption of export profits which contributed to the scheme’s success in attracting major investments <strong>[3]</strong>. Further, exemption from minimum alternate tax had been provided under section 115JB of the Income Tax Act. However, in 2011, the government decided to impose a Minimum Alternate Tax upto the rate of 18.5% on the book profits of SEZ’s developers and units through the Finance Act 2012 by introducing amendments to the Income Tax Act 1961, to be effective from April 2012 <strong>[4]</strong>. NASSCOM took a strong stance against equality in corporate tax liability as such tax is sought to be imposed upon income derived from investments made with a commitment of tax exemption. The intention of the government in making such policies having regressive outcomes will be judged if key promised characteristics of SEZs were differential economic laws from the remaining domestic territory. For all practical purposes, they are deemed to be foreign territories for the levy of trade duties and tariffs <strong>[5]</strong>. In the case of Mindtree Limited v. Union of India <strong>[6]</strong>, software company Mindtree argued that the imposition of MAT in SEZs was against the concept of promissory estoppel and the doctrine of legitimate expectation, which rendered such taxes constitutionally invalid <strong>[7]</strong>. Even though a time limit was not prescribed for the above tax exemption, it was argued that SEZ policy was predicated on tax relief and the subsequent change in policy was arbitrary and unfair. Individual taxpayers and undertakings should not be affected by subsequent laws if they make sizable investments, modify business models and bear the added expenses of moving into or developing a SEZ. It cannot be disputed that this argument is untenable keeping in mind that the legislature cannot be bound by past promises in line with practical considerations and their independence with regard to the effective discharge of public functions. It was held that the legislature cannot be bound by the doctrine of promissory estoppel <strong>[8]</strong>.</p>
<p>The Adani group had also challenged the imposition of MAT in the Gujarat HC in 2011 on the ground that that any amendments to the SEZ Act can only be brought about by amendments to the SEZ Act itself, and not through the Finance Act <strong>[9]</strong>. The SC in Madurai District Central Cooperative Bank Ltd. <strong>[10]</strong> held that the parliament has the authority to introduce a new charge of tax even by incorporating it in any other statute other than the act. However, the fact remains that such policies lead to a volatile business environment and the importance of stable business policies cannot be overemphasized. In 2011, NASSCOM recommended that MAT be withdrawn as it is opposed to the government’s long term policy of SEZ’s growth <strong>[11]</strong>. Alternatively, it stated that the imposition of MAT be withdrawn to ensure the continued economic viability of the SEZs which have already been notified by the government <strong>[12]</strong>. It also stated that international norms should be applied for the determination of the MAT rate, which was 1/3rd of the corporate tax rates <strong>[13]</strong>.</p>
<p>Another concern highlighted by other stakeholders was the prescribed period of ten years for the setting of the MAT against regular tax liability. This MAT credit may expire or be on the verge of expiration for participants in SEZs who enjoy tax holiday for a prescribed number of years when they start operations due to absence of initial tax liability. Foreign investors will face difficulties in claiming tax benefits in their home jurisdictions for MAT paid in India. Further, the exemption granted to SEZ developers as to the levy of Dividend Distribution Tax @ 15% has been revoked by the Finance Ministry in 2011 severely affecting the IT industry.</p>
<p>The government finally took note of the increased disinvestment as a consequence of such taxes and proposed to make the imposition of MAT and Dividend Distribution Tax inapplicable to SEZ’s in 2015 <strong>[14]</strong>.</p>
<h2 id="3">3. E-Commerce Industry</h2>
<p>NASSCOM in 2012 suggested the lowering of the interchange tax rate on debit cards transactions by the RBI. Debit cards possess lower risk in comparison to credit cards, the transactions being concluded immediately and the same should be reflected in the form of differential taxes. A standard 1-2% interchange/transaction fees were generally levied by banks. NASSCOM also recommended the introduction of a 2% tax incentive on the purchase of products online to facilitate increased purchases and encourage consumers to even undertake small value transactions online. Further, it emphasized that the base of e-commerce users have to be expanded. It commented on the differences in the Internet usage costs between China and India, USD 10 and USD 15-20 respectively. High internet usage costs can only be indicative of reduced Internet access. However, this is not to state that the E-commerce industry is unsuited for India due to infrastructural inefficiencies. NASSCOM has stated that India as of 2012 possesses over 100 million Internet users. Technology has to be developed which would reduce dropout rates of transactions. Further it suggested the creation of an online receipt repository which would store all online transaction receipts, accessible through mobile phones or the internet. It would contribute in increasing customer confidence by enabling tracking of payment, delivery etc.</p>
<p>The RBI in response to the recommendations of NASSCOM and the Online Payment Advisory Group <strong>[15]</strong> and in consultation with all concerned stakeholders, decided to put a maximum limit on the Merchant Discount Rate (MDR) for transactions undertaken with a debit card [16].</p>
<h2 id="4">4. Transfer Pricing Issues</h2>
<p>Transfer Pricing has become the dominant international tax issue affecting multinational corporations operating in India [17]. As noted by NASSCOM, a steep rise in litigation and the number of transfer pricing adjustments with the Indian Revenue Authority (IRA) has been observed due to ‘increased scrutiny’ by the IRA who has been rejecting the profit declared by foreign companies accruing to Indian subsidiaries by applying very high markups in this sector. Increased complications in setting valid prices through this process have arisen due to the rising presence of ‘highly complex transactions’ involving intangibles and multi-tiered services across the world. The Finance Act 2012 extended the applicability of domestic party transactions to certain related domestic parties, if the aggregate value of such transactions exceeds INR 5 crore, to any expenditure with respect to which deduction is claimed while calculating profits and to transactions related to businesses eligible for profit-linked tax incentives, including SEZ units under section 10AA <strong>[18]</strong>.</p>
<p>NASSCOM has proposed a three pronged approach to the problem of backlog of cases and absence of certainty of price of transactions:</p>
<ol><li>Implementation of Safe Harbour provisions to resolve existing disputes.</li>
<li>Introduction of Advance Pricing Agreements <strong>[19]</strong> to set fair and transparent prices.</li>
<li>Initiation of review of the structure and procedure of the Dispute Resolution Panel <strong>[20]</strong>.<br /></li></ol>
<p>The Finance Act 2009 introduced section 92CB <strong>[21]</strong> in the Income Tax Act 1961 which provided for the subjection of the arms length price determined under section 92C or section 92CA to Safe Harbour Rules, to be declared by the Central Board of Direct Taxes (CBDT). For the valid determination of such a transfer price, the minimum transfer price that a taxpayer is expected to earn for international transactions is prescribed along with certain specific norms for particular transactions. The safe harbour transfer price for eligible transactions is subject to certain prescribed minimum ceilings <strong>[22]</strong>. A price determined in accordance with such guidelines would be deemed to be an Arms Length Price (ALP). To that extent the safe Harbour Rules are in the nature of ‘presumptive taxation’ and incentivises IT firms to avoid unnecessary litigation by opting for the same. Unilateral, bilateral and multilateral Advance Pricing Agreements, binding on the taxpayer and the revenue authorities for five consecutive years have been introduced with effect from 1 July 2012. Certain domestic transactions are inapplicable for APA’s in the absence of other monetary conditions/stipulations under law for entering into an APA. Documentation on comparables is required to be maintained to substantiate compliance with arms length principle.</p>
<p>The concerns of the prescribed rates include non-representation of industry benchmarks and economic realities in as much as the prescribed rates exceed the actual arms length prices, often leading to the risk of double taxation in foreign jurisdictions. The division of IT services into two components has also been criticized as many of the activities might overlap. NASSCOM has stated that it is not clear how the existing current issues are proposed to be resolved. The introduction of domestic parties as applicable parties to be subject to the transfer pricing regulations will only increase the complexity in the law. There has been subsequent judicial development involving the establishment of some principles for the valid determination of comparables for the purpose of identifying an acceptable transfer price which will be discussed in the next blog post.</p>
<h2 id="5">5. Other Recommendations</h2>
<h3 id="5-1">5.1. Concerns with the Union Budget Proposals</h3>
<p>NASSCOM summarized that the Union Budget Proposals 2012-13 focus on the reduction of the fiscal deficit through higher taxation rather than expenditure management. More specifically, it focuses on the following concerns of the IT Industry:</p>
<ul><li>The issues of tax simplification have not been resolved as no roadmap for the implementation of the Direct Taxes Code and the Goods and Services Tax Bill has been provided.</li>
<li>The increase in the Current Account Deficit should have incentivized the government to introduce measures which facilitate high value exports, which has been wholly ignored from the budget.</li>
<li>Increase in indirect taxes, namely excise duty and service tax is a retrograde policy measure.</li>
<li>Restrictive conditions in the SEZ Act 2005 which do not facilitate the setting up of small companies, have to be modified.</li>
<li>There is no mention of reduction of Tax Deducted at Source (TDS) for SMEs and introduction of non-profit linked incentives in the form of employment benefits etc. in the proposal.</li>
<li>Similar provisions should also be introduced for Tier II and III cities in the country.</li>
<li>Some announcements as to the simplification of service tax refund and the removal of the provisions involving dual levy of service tax and VAT are not sufficient to resolve ambiguities in law. NASSCOM, in light of the increasing delays of service tax, suggested exemption of export activity from such tax and the applicability of a simplified mechanism similar to CENVAT wherein exemption will be provided to exporters in proportion of their exports to total sales.</li></ul>
<h3 id="5-2">5.2. Request for Clarity in Classification of Transactions and Guidelines</h3>
<p>NASSCOM in its pre-budget recommendations had suggested that in light of the confusion of the characterization of software as goods or services and the resultant dual taxation, in the form of taxes paid to both the Central and the State Governments, the provision of software, whether customized or packaged should be treated as a service irrespective of the media and mode of transfer with the assurance from the States that no VAT shall be leviable on software. Further, guidelines have to be outlined for various e-commerce transactions like database subscription, cloud computing, webhosting and data warehousing. Onsite exporter of services are being denied the benefits of certain tax exemptions due to the sunset of STPI provisions, thus forming the need for a formal clarification by the government deeming these activities to be an integral component of the IT services industry.</p>
<h3 id="5-3">5.3. New Retrograde Obligations under Law</h3>
<p>NASSCOM emphasized that the introduction of certain provisions, related to GAAR, related party transactions and the withholding of tax in the Finance Bill, some of these retrospective in nature, enhance the difficulties faced by the IT industry. Increased obligations on the corporate tax payers in the form of imposition of additional taxes will only increase the scope of multiple interpretations of the provisions which will lead to the exercise of discretionary powers by the tax authorities.</p>
<h2 id="6">6. Endnotes</h2>
<p><strong>[1]</strong> As of September 2011, a significant majority of the 143 operational SEZs in the country belonged to the IT/ITeS and electronic hardware as per data released by the Ministry of Commerce and Industry.</p>
<p><strong>[2]</strong> See: <a href="http://articles.economictimes.indiatimes.com/2012-02-25/news/31099874_1_sez-unit-sez-promoters-multi-product">http://articles.economictimes.indiatimes.com/2012-02-25/news/31099874_1_sez-unit-sez-promoters-multi-product</a>.</p>
<p><strong>[3]</strong> Section 10AA of the Income Tax Act provides for 100% income tax exemption on export income for SEZ units for the first five years, 50% for the next five years and 50% of the ploughed back export profit for the next five years.</p>
<p><strong>[4]</strong> See: <a href="http://www.business-standard.com/article/economy-policy/govt-imposes-18-5-mat-on-sez-developers-units-111022800153_1.html">http://www.business-standard.com/article/economy-policy/govt-imposes-18-5-mat-on-sez-developers-units-111022800153_1.html</a>.</p>
<p><strong>[5]</strong> See: <a href="http://articles.economictimes.indiatimes.com/2005-07-08/news/27506703_1_special-economic-zone-act-sez-act-sez-bill">http://articles.economictimes.indiatimes.com/2005-07-08/news/27506703_1_special-economic-zone-act-sez-act-sez-bill</a>.</p>
<p><strong>[6]</strong> (2013)260CTR(Kar)146.</p>
<p><strong>[7]</strong> The doctrines of promissory estoppel and legitimate expectation, arising from legal relationships and reasonable expectation, respectively, are flexible equitable reliefs not defined in any statute. Judicial decisions have held that a party would not be entitled to go back on a clear and unequivocal promise which was intended to create legal relations, knowing or intending that it would be acted upon by the other party to whom the promise was made and acted upon by the other party under the doctrine of promissory estoppel. Legitimate expectation of a certain treatment arises against representation by an administrative authority, whether express (through promises), or implied (through consistent past practice) despite absence of any right otherwise.</p>
<p><strong>[8]</strong> It was held that the action of the government is legal as every tax exemption provision should also incorporate a sunset clause. The deletion of the exemption under law would only reduce the erosion of the tax base.</p>
<p><strong>[9]</strong> See: <a href="http://articles.economictimes.indiatimes.com/2011-05-11/news/29532409_1_sez-act-minimum-alternative-tax-mat">http://articles.economictimes.indiatimes.com/2011-05-11/news/29532409_1_sez-act-minimum-alternative-tax-mat</a>.</p>
<p><strong>[10]</strong> Madurai District Central Cooperative Bank Ltd. v. ITO (1975) 101 ITR 24(SC), the form and method of introduction of a legislation is not of importance provided the requirement of competence by the legislature to pass the deemed law with respect to its subject matter is satisfied. An amendment of a taxing statute, by an unconventional method of incorporation through an act of a different pith and substance is not unconstitutional. The primary purpose of the Finance Acts is to prescribe tax rates for taxes specified in the Income Tax Act. However, the above fact does not restrain the freedom of the legislature to impose an altogether new tax through the Finance Act or any other deemed legislation besides the Income Tax Act.</p>
<p><strong>[11]</strong> See: <a href="http://www.nasscom.in/nasscom-prebudget-recommendations">http://www.nasscom.in/nasscom-prebudget-recommendations</a>.</p>
<p><strong>[12]</strong> Ibid.</p>
<p><strong>[13]</strong> Ibid.</p>
<p><strong>[14]</strong> See: <a href="http://articles.economictimes.indiatimes.com/2015-02-13/news/59119589_1_sez-developers-and-units-minimum-alternate-tax-special-economic-zones">http://articles.economictimes.indiatimes.com/2015-02-13/news/59119589_1_sez-developers-and-units-minimum-alternate-tax-special-economic-zones</a>.</p>
<p><strong>[15]</strong> Formed in 2012 to examine the challenges faced by the E-commerce Industry in India and to recommend changes needed to facilitate the creation of a vibrant online payment sector.</p>
<p><strong>[16]</strong> Not exceeding 1 percent for transaction amount for value above 2,000. The directive was issued under section 18 of the Payments and Settlement Systems Act, with effect from July 1, 2012.</p>
<p><strong>[17]</strong> See: <a>http://www.pwc.com/gx/en/international-transfer-pricing/assets/india.pdf</a>.</p>
<p><strong>[18]</strong> This amendment would extend to any other transaction as may be specified and would be applicable for FY 2012-13 and subsequent years.</p>
<p><strong>[19]</strong> An Advance Pricing Agreement, generally covering multiple years, entered into between a taxpayer and at least one tax authority lays down the method of transfer pricing to be applicable to the taxpayer’s inter-company transactions which eliminates the need for transfer pricing adjustments for enclosed transactions provided the terms of the agreement are complied with.</p>
<p><strong>[20]</strong> The Finance Act 2009 inserted section 144C in the Income Tax Act which provides for the constitution of an alternative dispute resolution mechanism for transfer pricing taxation matters, namely a DRP (Dispute Resolution Panel) consisting of three commissioners rank officers.</p>
<p><strong>[21]</strong> Section 92CB defines Safe Harbour to be ‘circumstances under which the income tax authorities shall accept the transfer pricing declared by the assessee.’ The procedure for adopting safe harbour, the transfer price to be adopted, the compliance procedure upon adoption of safe harbours and circumstances in which a safe harbour adopted may be held to be invalid is specified in the new rules in 10TA to 10AG issued by the CBDT on 18th September 2013.</p>
<p><strong>[22]</strong></p>
<ul><li>Provision of software development services and information technology enabled services with insignificant risks- upto rs 500 crore- 20% or more on total operating costs, above rs 500 crore- 22% or more on total operating costs.</li><li>Provision of knowledge processes outsourcing services with insignificant risks-25% or more on total operating costs.</li><li>Provision of specified contract R & D services wholly or partly relating to software development with insignificant risks- 30% or more on total operating costs.</li></ul>
<p> </p>
<h2 id="7">7. Author Profile</h2>
<p>Pavishka Mittal is a law student at West Bengal National University of Juridical Sciences, Kolkata and has completed her second year. She takes contemporary dance very seriously and hopes to contribute to the dance community in India. Other than dancing, she indulges in binge-watching in her spare time.</p>
<p> </p>
<p>
For more details visit <a href='https://cis-india.org/raw/policy-shaping-in-the-indian-it-industry-recommendations-by-nasscom-2006-2012'>https://cis-india.org/raw/policy-shaping-in-the-indian-it-industry-recommendations-by-nasscom-2006-2012</a>
</p>
No publisherPavishka MittalSpecial Economic ZonesTransfer Pricing PolicyNASSCOMResearchE-CommerceNetwork EconomiesIndustrial PolicyResearchers at WorkInformation Technology2016-07-04T08:11:05ZBlog EntryReply to RTI filed with BSNL regarding Network Neutrality and Throttling
https://cis-india.org/internet-governance/blog/reply-to-rti-filed-with-bsnl-regarding-network-neutrality-and-throttling
<b>As part of its work on Network Neutrality, the Centre for Internet and Society through Tarun Krishnakumar had filed a Right To Information (RTI) application with Bharat Sanchar Nigam Ltd. (BSNL), a state-owned teleco holding a market share of 65 per cent in the Indian land line and broadband markets — regarding its position on and adherence to Network Neutrality principles.
</b>
<p style="text-align: justify; ">The application — targeted at easing the information asymmetry between internet service providers (ISPs) and consumers — elicited responses that provide interesting insights into the functioning of ISPs in India.</p>
<p>The application queried BSNL about its:</p>
<ul>
<li>Adherence to net neutrality / non-discrimination principles</li>
<li>Throttling on the basis of content</li>
<li>Throttling on the basis of protocol</li>
<li>Limiting traffic / speeds for pornographic websites</li>
<li>Limiting traffic / speeds for P2P / torrent connection</li>
</ul>
<ul>
</ul>
<p style="text-align: justify; ">In its reply, BSNL denied all forms of throttling on the basis of content and reaffirmed that it is bound by the terms of its ISP license granted by the Department of Telecommunications. The application and response are below:</p>
<p> </p>
<h3 style="text-align: center; "><a name="application"></a><b><span>Application</span>:</b></h3>
<p align="center" style="text-align: center; "><b><span>Request for Information under the Right to Information Act, 2005</span></b></p>
<p>To,</p>
<p>Sh. Suresh Kumar<br />Addl.GM (MIS) & CPIO ,BSNL Co.<br />R. No. -29, IR Hall<br />Eastern Court, Janpath<br />New Delhi – 110001</p>
<p><b>Date of application</b>: 08-10-2014</p>
<p align="center" style="text-align: center; "><span style="text-decoration: underline;"><b>Subject: Network Neutrality / Throttling / Data discrimination policies of BSNL</b></span></p>
<p style="text-align: justify; ">Please provide information as to the policies of BSNL / decisions taken in respect of the following questions. Please supply where possible a copy of the relevant documents, minutes of meeting, position papers etc.</p>
<ol>
<li>Does BSNL support the principle of net neutrality and non-discrimination of data?</li>
<li>Does BSNL regulate internet traffic flows depending on the type of content being accessed by the user on its broadband connections?</li>
<li>Does BSNL regulate internet traffic flows depending on the type of protocol being used by the user on its broadband connections?</li>
<li>Please provide details of the various types of content/protocols for which BSNL regulates traffic and the nature of such regulations, restrictions as the case may be.</li>
<li>Please provide a list of traffic for which BSNL engages in limiting internet speed or throttling.</li>
<li>Does BSNL limit internet traffic or upload/download speeds for pornographic websites and content?</li>
<li>Does BSNL limit internet traffic or upload/download speeds for Peer-to-peer or torrent connections?</li>
</ol>
<p>Please provide copies of all documents that pertain to BSNL’s policies and decisions in this regard.</p>
<p style="text-align: justify; ">It is certified that I am a citizen of India and that I do not fall within the BPL category. I am enclosing Rupees thirty (Rs. 30) towards the application fee and photocopying costs under the RTI Act for the information and documents requested. Kindly inform me at the address stated below if any further fees are required to be paid.</p>
<p><b>Applicant</b>:</p>
<p>Tarun Krishnakumar<br />Centre for Internet and Society<br />No.194, 2nd C Cross Road, Domlur II Stage,<br />Bangalore - 560071</p>
<p> </p>
<h3 style="text-align: center; "><span>RESPONSE FROM BSNL:</span></h3>
<div style="text-align: center; "><span><br /></span></div>
<p>To,</p>
<p>Sh. Tarun Krishnakumar<br />Centre for Internet and Society<br />No. 194, 2<sup>nd</sup> C Cross Road, Domulur II stage,<br />Bengaluru – 560071</p>
<p><span style="text-decoration: underline;">Subject: Supply of Information under RTI ACT – 2005</span></p>
<p>Case of Shri. Tarun Krishnakumar – reg.</p>
<p>Ref: - 1. No. BSNL/BBNW/RTI Act/Vol II/2012-13/52 dtd 28.10.2014</p>
<p>2. No. 23-744/14-RTI dtd 21.10.2014</p>
<p>With reference to the above subject, for the point wise information furnished as below:</p>
<ol>
<li>BSNL is following the guidelines as per the ISP License Agreement of DOT.</li>
<li>NO, BSNL is NOT regulating the Internet traffic flow based on content.</li>
<li>NO, BSNL is not regulating the Internet traffic flow based on the type of protocol.</li>
<li>Not Applicable</li>
<li>Not Applicable</li>
<li>NO</li>
<li>NO</li>
<li>The documents relating to above are available on DOT’s website http://dot.gov.in</li>
</ol>
<p>(Sd/-)</p>
<p>DE Admin and APIO<br />O/o General Manager<br />BBNW, BSNL,<br />5<sup>th</sup> floor, BG (E), TE Building,<br />Lazar Road, Fraser Town,<br />Bengaluru – 560005<br />Tel No. 080 - 25808878</p>
<p>Copy to:</p>
<ol>
<li>The Addl. GM (A) & CPIP O/o CGM, BBNW, New Delhi for information pl.</li>
</ol>
<p>The scanned version of the reply is available <a class="external-link" href="https://www.scribd.com/doc/250739602/BSNL-Reply-on-Net-Neutrality">here</a>.</p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/reply-to-rti-filed-with-bsnl-regarding-network-neutrality-and-throttling'>https://cis-india.org/internet-governance/blog/reply-to-rti-filed-with-bsnl-regarding-network-neutrality-and-throttling</a>
</p>
No publishertarunInternet AccessNet NeutralityInternet GovernanceInformation Technology2014-12-22T14:45:03ZBlog Entry