Posts
CIS Para-wise Comments on Draft Reasonable Security Practices Rules, 2011
— by Prashant Iyengar — last modified Dec 14, 2012 10:32 AMOn February 7th 2011, the Department of Information Technology, MCIT published draft rules on its website (The Information Technology (Reasonable security practices and procedures and sensitive personal information) Rules, 2011) in exercise of the powers conferred by Section 87(2)(ob), read with Section 43A of the Information Technology Act, 2000. Comments were invited from the public before February 25th 2011. Accordingly, Privacy India and Centre for Internet and Society, Bangalore have prepared the following para-wise comments for the Ministry’s consideration.
Google Policy Fellowship Program: Asia Chapter
— by Prasad Krishna — last modified Aug 02, 2011 07:34 AMFor the ardent followers of free and open Internet and for those who love to debate on technology, media law and Internet-related policy issues, there is some good news. The Centre for Internet and Society, India is conducting a Google Policy Fellowship program this summer!
Open Letter to the Finance Committee: UID and Transactions
— by Prasad Krishna — last modified Feb 24, 2011 01:35 PMSince official documentation from the UIDAI is very limited, we assume that data pertaining to transactions would comprise of the Aadhaar number, identifier of the authenticating device, date-time stamp, and approval/rejection/error code. Recording and maintaining of data pertaining to transactions is very important because it increases transparency and accountability through an audit trail. However, storage of such sensitive data creates many privacy risks, because more often than not metadata gives you as much intelligence as raw data.
Open Letter to the Finance Committee: UID Budget
— by Prasad Krishna — last modified Feb 17, 2011 11:18 AMThis note presents the aspects of the UID project, which have not been considered or incorporated into the UID’s budget. The costs include re-enrollment, loss in human time, and the cost of the audit function.
Open Letter to the Finance Committee: Operational Design
— by Prasad Krishna — last modified Feb 17, 2011 10:02 AMThe objective of the UID project is to provide identity infrastructure that is not susceptible to fraud or error. This note highlights parts of the operational design of the project, which are flawed. We plead that each point be taken into consideration and that the design be suitably revised.
Open Letter to the Finance Committe: Biometrics
— by Prasad Krishna — last modified Feb 17, 2011 01:12 PMThis note points out the weaknesses inherent in biometrics and the pitfalls in using them. It recommends procedural safeguards that should be adopted by the UID in order to make the use of biometrics more secure and inclusive.
Open Letter to the Finance Committee: Finance and Security
— by Prasad Krishna — last modified Feb 17, 2011 11:57 AMThis note explores the three connections between finance and security and demonstrates the cost implications of operating a centrally designed identity management system as proposed by the UID. In doing so, it shows how the monitoring, storing, and securing of transactional data in a centralized database fall short of meeting the project's objectives of authentication, and thus is an additional cost. Further, it is argued that the blanket monitoring of the transaction database is not an effective method of detecting fraud, and is an expensive component of the project.
Conference Report: 'Privacy Matters' Bangalore
— by Prasad Krishna — last modified Feb 08, 2011 05:13 AMOn February 5th the 'Privacy Matters" conference was held at the TERI Regional Center in Bangalore. The event was a full day and centered around issues of privacy including: privacy rights of minorities, privacy and open government data, and privacy and identity.
Analysing the Right to Privacy and Dignity with Respect to the UID
— by Deva Prasad — last modified Mar 21, 2012 09:54 AMIn the below note, Deva Prasad, LLM Candidate at NLSIU, explores the challenges that the UID project faces from a legal perspective.
Privacy Matters — Conference Report
— by Prasad Krishna — last modified Jan 27, 2011 10:22 AMA one-day conference on Privacy Matters was held on Sunday, 23 January 2011 at the National University of Juridical Sciences (NUJS) Law School in Kolkata. This was the first of a series of eleven conferences on ‘privacy’ that Privacy India is scheduled to host in different Indian cities from January to June this year. Members of Parliament, Sri Manoj Bhattacharya from the Revolutionary Socialist Party (RSP) and Sri Nilotpal Basu from the Communist Party of India (Marxist) CPI (M) spoke in the conference. Students, the civil society and lawyers also participated in it.
Document Actions