Internet Governance Main
Content takedown and users' rights
After Shreya Singhal v Union of India, commentators have continued to question the constitutionality of the content takedown regime under Section 69A of the IT Act (and the Blocking Rules issued under it). There has also been considerable debate around how the judgement has changed this regime: specifically about (i) whether originators of content are entitled to a hearing, (ii) whether Rule 16 of the Blocking Rules, which mandates confidentiality of content takedown requests received by intermediaries from the Government, continues to be operative, and (iii) the effect of Rule 16 on the rights of the originator and the public to challenge executive action. In this opinion piece, we attempt to answer some of these questions.
Comments to the Personal Data Protection Bill 2019
The Personal Data Protection Bill, 2019 was introduced in the Lok Sabha on December 11, 2019.
Internet shutdowns: Its legal and commercial dimensions in Kashmir
This article by Gurshabad Grover appeared on ETVBharat on February 10, 2020. The author would like to thank Kanav Khanna for his research assistance. The article was edited by Arindrajit Basu and translated into various languages by the ETVBharat team. You can also read it in Gujarati, Hindi, Kannada, Odia, and Urdu.
On 4 August 2019, the Central Government ordered the suspension of telecommunication and internet services in Jammu and Kashmir. Suddenly, roughly a crore citizens found themselves unable to exercise their basic freedoms of expression and association online. According to the Software Freedom Law Centre’s Internet Shutdown Tracker, Jammu and Kashmir endured 180 partial or complete internet shutdowns in the last seven years. These astonishing numbers indicate that communication blockades in the state are a common occurrence, but perhaps even Kashmiris did not anticipate that they are entering the longest internet shutdown ever imposed by a democratic country.
It is no secret that the internet has become an essential tool for democratic participation. The loss of the network infrastructure also causes both social and economic harm: students are denied access to critical educational resources, hospitals and emergency services face an administrative catastrophe, and local business can crumble. As recent work by the scholar Jan Rydzak demonstrates, shutting down the internet may not even be ensuring public order and peace, as the government would readily claim. Rydzak argues that access to the internet allows wide coordination that is necessary to demonstrate a peaceful protest, and that internet shutdowns may thus be fueling violent protests rather than curbing them.
When the internet shutdown, among other state action, was challenged by Kashmiri Times editor Anuradha Bhasin, the Supreme Court (SC) did have an opportunity to consider these factors when deciding on the legality of the shutdown. The concerns of civil society were made severe in this particular situation because the Government failed, in a total disregard for the rule of law, failed to publish the internet shutdown orders or present them before the court. In its final order on 10 January this year, the SC did affirm basic constitutional principles and sets progressive precedent for future cases.
First and foremost, the Court affirms that the Constitution, through Article 19, protects the “freedom of speech and expression and the freedom to practice any profession or carry on any [...] occupation over the medium of internet.” Second, the Court recognised that internet shutdowns cannot be imposed indefinitely, must be reviewed by the executive every week and that the orders are subject to judicial review. In that regard, the SC may pave for strengthened challenges to internet shutdowns in the future. However, as several scholars have noted, besides ordering the restoration of some essential services, the Court does fall short of providing relief to Kashmiri citizens in the case. Soon after the SC delivered this judgment, the government of Jammu and Kashmir issued orders to internet service providers to restore 2G internet services but only permit access to 301 websites. Besides the fact that the list arbitrarily includes and excludes services, major communication services were notably from the list. Most importantly, this piece of ‘internet regulation’ makes little sense when you consider either the internet or the regulations governing it.
In the technical sense, the regulations completely misunderstand how the modern web functions. When one connects to a website, the websites in turn often make the system download critical resources from other servers. If internet service providers permit only specific websites, the content from other unwhite listed sources still remains inaccessible. A recent experiment by Rohini Lakshané and Prateek Waghre confirms this empirically: out of the 301 websites in the list, only 126 were usable in some form. While the order seems like a necessary consequence of the SC order, there is also little legislative basis for the order. The order cites the Temporary Suspension of Telecom Services (Public Emergency or Public Safety) Rules issued in 2017 under the colonial-era Indian Telegraph Act. These regulations do permit the Government to shut down telecom and internet services but do not allow the government to issue orders that allow ‘whitelists’ such as this one. The Information Technology (IT) Act, namely through Section 69A, allows the Central Government and courts to order the blocking of certain websites. Even the license agreements issued by the government to internet service providers only allow the Government to order the blocking certain online resources on the grounds of national security. Therefore, the order of a ‘whitelist’ of websites has no basis in law because it turns the logic of only blocking websites on its head.
After Kashmiris found a way to circumvent the ‘whitelist’ by using virtual private networks (VPNs), reports emerged that security forces were forcing Kashmiris to uninstall these applications. All this, of course, despite the fact that there is no law preventing the use of VPNs or the circumvention of internet censorship in general.
It has now been around seven months since internet and telecom services were suspended in Kashmir. This long-standing deprivation of basic rights to Kashmiris is wrong that perhaps even the future cannot correct. After months of a complete shutdown, the Government can make better amends than restoring only limited and partial access. As we march onto the next decade, the world is watching. History will not judge kindly those who occluded civil liberties through a facile ritual incantation of ‘public order’ and ‘national security’.
How India Censors The Web
An empirical study of web censorship in India
Comments to National Security Council on National Cybersecurity Strategy 2020
CIS submitted brief comments to the National Security Council on the National Cybersecurity Strategy within the 5000 character limit provided. CIS will continue producing outputs building on these ideas.
Automated Facial Recognition Systems and the Mosaic Theory of Privacy: The Way Forward
Arindrajit Basu and Siddharth Sonkar have co-written this blog as the third of their three-part blog series on AI Policy Exchange under the parent title: Is there a Reasonable Expectation of Privacy from Data Aggregation by Automated Facial Recognition Systems?
Automated Facial Recognition Systems (AFRS): Responding to Related Privacy Concerns
Arindrajit Basu and Siddharth Sonkar have co-written this blog as the second of their three-part blog series on AI Policy Exchange under the parent title: Is there a Reasonable Expectation of Privacy from Data Aggregation by Automated Facial Recognition Systems?
Decrypting Automated Facial Recognition Systems (AFRS) and Delineating Related Privacy Concerns
Arindrajit Basu and Siddharth Sonkar have co-written this blog as the first of their three-part blog series on AI Policy Exchange under the parent title: Is there a Reasonable Expectation of Privacy from Data Aggregation by Automated Facial Recognition Systems?
Pegasus snoopgate, an opportune moment to revisit legal framework governing state surveillance framework
Revelations of hacking call for a relook at India’s surveillance regime
Extra-Territorial Surveillance and the Incapacitation of Human Rights
This paper was published in Volume 12 (2) of the NUJS Law Review.
ICANN takes one step forward in its human rights and accountability commitments
Akriti Bopanna and Ephraim Percy Kenyanito take a look at ICANN's Implementation Assessment Report for the Workstream 2 recommendations and break down the key human rights considerations in it. Akriti chairs the Cross Community Working Party on Human Rights at ICANN and Ephraim works on Human Rights and Business for Article 19, leading their ICANN engagement.
Call for Comments: Model Security Standards for the Indian Fintech Industry
The Centre for Internet and Society is pleased to make available the Draft document of Model Security Standards for the Indian Fintech Industry, for feedback and comments from all stakeholders. The objective of this document which was first published in November 2019, is to ensure that the data of users is dealt with in a secure and safe manner by the Fintech Industry, and that smaller businesses in the Fintech industry have a specific standard to look at in order to limit their liabilities for any future breaches.
We invite any parties interested in the field of technology policy, including but not limited to lawyers, policy researchers, and engineers, to send in your feedback/comments on the draft document by the 16th of January 2020. We intend to publish our final draft by the end of January 2020. We look forward to receiving your contributions to make this document more comprehensive and effective. Please find a copy of the draft document here.
In Twitter India’s Arbitrary Suspensions, a Question of What Constitutes a Public Space
A discussion is underway about the way social media platforms may have to operate within the tenets of constitutional protections of free speech.
RTI Application to the Ministry of Information and Broadcasting on content code violations by radio stations
Background
In 1995, the Supreme Court of India, in the case of The Secretary, Ministry of Information and Broadcasting v Cricket Association of Bengal, declared airwaves to be public property. The judgment formed the stepping stones to liberalizing the broadcasting media, and freeing up the sector from government monopoly.
Despite the fact that more than two decades have passed since the judgment, community and private FM channels continue to face a government embargo from curating and broadcasting news and content on current affairs. The Phase III FM Policy and the Grant of Permission Agreement (GoPA) for community radios broadly restrict these radio channels from broadcasting news, with two exceptions. FM and community radio stations can still broadcast updates on a few categories of content that the regulations classify as “non-news”, such as sports, …, etc. Additionally, they can rebroadcast the All India Radio (AIR) news bulletin verbatim.
Application under the Right to Information Act
To further our research, we sought information on the extent of radio stations’ compliance with the content code and the use of Government’s oversight mechanism (examination of recordings of their broadcasts). On October 23rd, I filed an RTI with the Ministry of Information and Broadcasting (MI&B) asking for information regarding instances where these channels had violated the content restrictions placed on them.
The text of the application is reproduced below:
To:
Shri Yogendra Trehan
Central Public Information Officer (RTI)
Dy. Director (FM)
Director (DS II), Room No 116, A Wing,
Shastri Bhawan, New Delhi, 110001
Sir,
Subject: Information on private FM radio licenses and violations
This is to request you to provide the following information under the Right to Information 2005.
Period of information requested: 10 years (2010 to 2019)
1. Number of instances where an FM radio channel was suspended from broadcasting due to violation of conditions 11.1, 11.2 or 12.1 of the Phase 3 FM Policy (i.e content related violations)
2. Number of instances where an FM radio channel permission was revoked due to violation of conditions 11.1, 11.2 or 12.1 of the Phase 3 FM Policy (i.e content related violations).
3. Number of instances where the 5 year or 10 year license renewal application of an FM radio channel was rejected due to content related violations.
4. Number of examinations of the recordings of content broadcast on FM radio stations.
[...]
To the best of my belief, the details sought for fall within your authority. Further, as provided under section 6(3) of the Right to Information Act (RTI Act), in case this application does not fall within your authority, I request you to transfer the same in the designated time (5 days) to the concerned authority and inform me of the same immediately.
To the best of my knowledge, the information sought does not fall within the restrictions contained in sections 8 and 9 of the RTI Act, and any provision protecting such information in any other law for the time being in force is inapplicable due to section 22 of the RTI Act.
Please provide me this information in electronic form, via the e-mail address provided above. This to certify that I, Torsha Sarkar, am a citizen of India.
Date: 23rd October, 2019
Place: Bengaluru, Karnataka
The FM Cell of Ministry of Information and Broadcasting (MIB) responded to the application on November 21st with information regarding the same. Their response is reproduced below:
In so far as FM Cell of this Ministry is concerned, it is stated that,no channel was suspended from broadcasting or permission was revoked due to violation of conditions 11.1, 11.2 or 12.1 of the Phase -lll FM policy. No instances ln so far as FM Cell of this Ministry is concerned, it is stated where the 5 year or 10 year license renewal application of an FM radio channel or 12.1 of the Phase -lll FM policy. 17 instances of complaints regarding violation of content code by private FM radio stations were received and suitable action in terms of the Grant of Permission Agreement has been taken by the Government after examination of the recordings of broadcast.
Conclusion
As the MIB’s records show, there are nearly 380 private FM channels and 185 community FM channels in India as of August 2019. In the face of such numbers, there have been mere seventeen instances of the private FM channels violating the content code in the last ten years, and none of these were serious enough for their broadcasting licenses to be revoked or them to face suspension.
The low number of complaints against radio stations can be interpreted in a number of ways: However, coupled with the fact there is an onerous process of obtaining a license and permissions for broadcasting, one interpretation can be that the numbers are generally indicative of the fact that radio station operators are generally compliant with the content code.
--
The text of the RTI Application was drafted by Raouf Kundil Peedikayil, who interned with CIS. This blogpost was edited by Gurshabad Grover and Elonnai Hickok.
A Deep Dive into Content Takedown Timeframes
Since the 1990s, internet usage has seen a massive growth, facilitated in part, by growing importance of intermediaries, that act as gateways to the internet. Intermediaries such as Internet Service Providers (ISPs), web-hosting providers, social-media platforms and search engines provide key services which propel social, economic and political development. However, these developments are also offset by instances of users engaging with the platforms in an unlawful manner. The scale and openness of the internet makes regulating such behaviour challenging, and in turn pose several interrelated policy questions.
Project on Gender, Health Communications and Online Activism with City University
CIS is a partner on the project 'Gender, Health Communications and Online Activism in the Digital Age'. The project is lead by Dr. Carolina Matos, Senior Lecturer in Sociology and Media in the Department of Sociology at City University.
Blockchain: A primer for India
This report is presently being updated.
Draft Security Standards for The Financial Technology Sector in India
Information security standards provide a framework for the secure development, implementation and maintenance of information systems and technology architecture. This document includes draft information security standards, which seek to ensure that not only the data of users is dealt with in a secure and safe manner but also that the smaller businesses in the fintech industry have a specific standard to look at in order to limit their liabilities for any future breaches.
Introducing the Cybersecurity Visuals Media Handbook
The need for intervention in the cybersecurity imagery in media publications was realised during a brainstorming workshop that was conducted by CIS with illustrators, designers, and cybersecurity researchers.
Guest post: Before cyber norms, let’s talk about disanalogy and disintermediation
In a guest post in relation to CIS’s recently held roundtable onIndia’s cyber defense strategy, Pukhraj Singh looks at the critical fissures – at the technical and policy levels – in global normative efforts to secure cyberspace. By charting out the key vectors and power asymmetries among key stakeholders – both leading state actors and private actors like Microsoft – Singh posits that there is much to be done before we circumscribe cyber operations within legal strictures.
Document Actions